Help

Suspected SIP issue - User Folders

tim_rees
Contributor

Posted on ‎01-14-2016 08:01 PM

Hi All,

I'm trying to run the following script on El Cap to do user folder redirection:

#!/bin/sh

# Determine USERNAME variable

username=$(ls -l /dev/console | awk '{print $3}')

# Determine NETHOME variable

netvol=$(dscl '/Active Directory/DOMAIN/All Domains' -read /Users/$username SMBHome | cut -d'' -f4)
netfolder=$(dscl '/Active Directory/DOMAIN/All Domains' -read /Users/$username SMBHome | cut -d'' -f5)
nethome=$(echo "/Volumes/"$netvol"/"$netfolder)

# Redirect the Documents folder

if [ ! -d $nethome/Documents ]
    then
        mkdir $nethome/Documents
fi

rm -Rf /Users/$username/Documents
ln -s $nethome/Documents $HOME/Documents

# Redirect the Desktop folder

if [ ! -d $nethome/Desktop ]
then
mkdir $nethome/Desktop
fi

rm -Rf /Users/$username/Desktop
ln -s $nethome/Desktop $HOME/Desktop

# Redirect the Downloads folder

if [ ! -d $nethome/Downloads ]
then
mkdir $nethome/Downloads
fi

rm -Rf /Users/$username/Downloads
ln -s $nethome/Downloads $HOME/Downloads

exit 0

The issue I have is with the rm command lines, I get permission denied. Has anyone else seen this with deleting User folders? and if so, is it a SIP issue, and is there a way around it?

I have a lot of Multiuser lab machines for students, and I'm trying to stay away from Portable Home Directories.

Thanks,
Tim

0 Kudos
3 REPLIES 3

thoule
Valued Contributor II

Posted on ‎01-15-2016 06:42 AM

That's not SIP. I suspect you have a locked filed in the folder or something. Try deleting manually and see where you run into the error.

0 Kudos

Swift
New Contributor II

Posted on ‎01-15-2016 09:57 AM

This is probably due to ACLs on the folders. You can remove all ACLS with chmod -N as follows:

/bin/chmod -fN /Users/$username/Desktop

Also, I'm guessing that you have "Force Local home directory on startup disk" enabled.
If so, as far as I'm aware - the network home is not available until after you have logged in. I don't know how you are implementing the script, but if this is part of some kind of LoginHook then

mkdir $nethome/Desktop - isn't going to succeed

Finally, I don't want to confuse matters, but if your not in charge of the shares, you can never be sure how the network home will be mounted.

I have the following SMBHome: MyServerDataStudent HomesActiveSiteB eststudent

...That the mount command show is mounted as follows:
//teststudent@MyServer/Data/Student%20Homes/Active/SiteB/teststudent on /Volumes/Data

...Meaning that network home for teststudent would be:
/Volumes/Data

If you are in charge of the shares - then you'll know exactly how they mount and this won't be an issue.

Hope this helps.

0 Kudos

tim_rees
Contributor

Posted on ‎02-11-2016 03:34 PM

Finally got back to this!!

Thanks @Swift the chmod -fN does the trick!!

0 Kudos