Using "defaults write..." post pkg install

dooley_do
New Contributor

Hi,

Bit of a noob here. I'm deploying a PKG via Self Service which works fine. I then want to run a "defaults write" command afterwards to set a default for the app.

In my policy I added the app and then a script to run the command. Both show as successful but on the system I see no evidence of the defaults command actually doing anything. If I run the command via terminal it does what I expect.

Any clues as to what I am doing wrong?

Thanks

8 REPLIES 8

mm2270
Legendary Contributor III

@dooley_do I can take an educated guess, but it would help if you posted the defaults command you're trying to use.
I suspect it doesn't include the full plist path, maybe just the domain, which doesn't work when the defaults command isn't being run as the user account you're looking to effect. This is true because scripts and other shell commands in packages get run as root in most cases when they are called from a Jamf Pro policy.

dooley_do
New Contributor

defaults write com.ivanti.filedirector server "server.domain.com"

What would the path be to set it for the user who is running the policy?

Thanks

steve_summers
Contributor III

Just to be another helpful voice, @dooley_do , in the policy you created for the install, look on the left hand side of the policy, all the way toward the bottom for "Files and Processes". When you click on it and select "Configure", the last entry there is Execute Command. I put my defaults write entries there, especially if it's just a one liner. Hope that helps....as with most of what we do, there are multiple ways to do the same thing. That's just how I do it.

dooley_do
New Contributor

Thanks Steve, nice! I see it runs as root. Does running defaults write commands as root set them globally for all users?

mm2270
Legendary Contributor III

As I suspected, when you run something like defaults write com.ivanti.filedirector etc. you are telling defaults to only write these settings to the domain for the account running the command, which is root. That's why its not affecting your user account. You'll need to either get the full path to the plist and include that in the command, or, you need to run the command itself as the user and not as root.

You could also look at setting this up as a Configuration Profile, but that may depend on if it's something you want to enforce for users, or only set for one account, one time, etc.

One other possible option - you can see if the app respects a global preference setting. If so, you'd be able to write this into a global plist, like so, which would set it for all accounts.

defaults write /Library/Preferences/com.ivanti.filedirector server "server.domain.com"

dooley_do
New Contributor

Thanks for the above tips. I tried running it under 'Files and Processes' and it does complete but it appears the application only supports preferences per user, rather than being able to set globally via root. Is it possible to run something as root but detect the logged in user and apply it to them?

I really just want to apply this to users when they install the software via self-service rather than having to select a group to apply it to.

Thanks

mm2270
Legendary Contributor III

@dooley_do If you're sure this will only run from a Self Service driven policy and you only want it to affect the logged in user, then there are 2 basic ways.

Method 1 - getting the logged in user and directing the defaults command at the user's plist

#!/bin/sh

## Get the logged in username
loggedInUser=$(stat -f%Su /dev/console)

## Run the defaults command on their plist
/usr/bin/defaults write /Users/$loggedInUser/Library/Preferences/com.ivanti.filedirector server "server.domain.com"

## Correct permissions on the plist
/usr/sbin/chown $loggedInUser /Users/$loggedInUser/Library/Preferences/com.ivanti.filedirector.plist

Method 2 - Run the command as the logged in user

#!/bin/sh

## Get the logged in username
loggedInUser=$(stat -f%Su /dev/console)

## Run command as user
sudo -u $loggedInUser /usr/bin/defaults write com.ivanti.filedirector server "server.domain.com"

There's actually another way of running commands as the current user that's a little more involved, but also more reliable. However, give one of the above a try first to see if it solves this for you.

Old thread I know, but wanted to let you know that Method 1 worked beautifully for me. I'm trying to get Camtasia 2023 installed and their preferences aren't global...was having a heck of a time getting Jamf to do the defaults write bit for each user. So, thank you!