Skip to main content
Question

Suspected SIP issue - User Folders

  • January 15, 2016
  • 3 replies
  • 16 views
T
Forum|alt.badge.img+7

Hi All,

I'm trying to run the following script on El Cap to do user folder redirection:

#!/bin/sh

# Determine USERNAME variable

username=$(ls -l /dev/console | awk '{print $3}')

# Determine NETHOME variable

netvol=$(dscl '/Active Directory/DOMAIN/All Domains' -read /Users/$username SMBHome | cut -d'' -f4)
netfolder=$(dscl '/Active Directory/DOMAIN/All Domains' -read /Users/$username SMBHome | cut -d'' -f5)
nethome=$(echo "/Volumes/"$netvol"/"$netfolder)

# Redirect the Documents folder

if [ ! -d $nethome/Documents ]
    then
        mkdir $nethome/Documents
fi

rm -Rf /Users/$username/Documents
ln -s $nethome/Documents $HOME/Documents

# Redirect the Desktop folder

if [ ! -d $nethome/Desktop ]
then
mkdir $nethome/Desktop
fi

rm -Rf /Users/$username/Desktop
ln -s $nethome/Desktop $HOME/Desktop

# Redirect the Downloads folder

if [ ! -d $nethome/Downloads ]
then
mkdir $nethome/Downloads
fi

rm -Rf /Users/$username/Downloads
ln -s $nethome/Downloads $HOME/Downloads

exit 0

The issue I have is with the rm command lines, I get permission denied. Has anyone else seen this with deleting User folders? and if so, is it a SIP issue, and is there a way around it?

I have a lot of Multiuser lab machines for students, and I'm trying to stay away from Portable Home Directories.

Thanks,
Tim

    3 replies

    T
    Forum|alt.badge.img+15
    • thoule
    • Contributor
    • January 15, 2016

    That's not SIP. I suspect you have a locked filed in the folder or something. Try deleting manually and see where you run into the error.

    S
    Forum|alt.badge.img+4
    • Swift
    • Contributor
    • January 15, 2016

    This is probably due to ACLs on the folders. You can remove all ACLS with chmod -N as follows:

    /bin/chmod -fN /Users/$username/Desktop

    Also, I'm guessing that you have "Force Local home directory on startup disk" enabled.
    If so, as far as I'm aware - the network home is not available until after you have logged in. I don't know how you are implementing the script, but if this is part of some kind of LoginHook then

    mkdir $nethome/Desktop - isn't going to succeed

    Finally, I don't want to confuse matters, but if your not in charge of the shares, you can never be sure how the network home will be mounted.

    I have the following SMBHome: MyServerDataStudent HomesActiveSiteB eststudent

    ...That the mount command show is mounted as follows:
    //teststudent@MyServer/Data/Student%20Homes/Active/SiteB/teststudent on /Volumes/Data

    ...Meaning that network home for teststudent would be:
    /Volumes/Data

    If you are in charge of the shares - then you'll know exactly how they mount and this won't be an issue.

    Hope this helps.

    T
    Forum|alt.badge.img+7
    • tim_rees
    • Author
    • Contributor
    • February 11, 2016

    Finally got back to this!!

    Thanks @Swift the chmod -fN does the trick!!

    Terms & ConditionsCookie settingsAccessibility statement