07-13-2022 06:04 AM - edited 07-13-2022 06:28 AM
Hi there,
Some Adobe Lightroom users are seeing the permissions error below when launching the application on Monterey. Adobe provided fixes here. A script sets the permissions correctly.
If we follow the instructions by downloading the shell script, dragging it into the Terminal window, and executing it under the current user with the issue, the problem is resolved.
If the same script is uploaded to Jamf and run, the script tries to correct the root user and not the user logged in. The policy errors out with return code 1.
Here are the script and the log results.
LightroomCorrectPermission.sh
#!/bin/bash
# reclaim Inactive memory due to memory leaks by Jenkins
echo === `date`
id=`id -u -nr`
home=/Users/$id
declare -a arr=( "Documents/Adobe/" "Library/Preferences/Adobe/" "Library/Caches/Adobe/" "Library/Application Support/Adobe/" )
for i in "${arr[@]}"
do
echo "----------------------------------"
echo "Process folder: $home/$i"
echo "Restore owner: sudo chown -R $id $home/$i"
sudo chown -R $id "$home/$i"
echo "Restore read/write permission: chmod -RL +rwX $home/$i"
chmod -RL +rwX "$home/$i"
echo "Remove ACL: chmod -RN $home/$i"
chmod -RN "$home/$i"
done
Log in Jamf:
Script result: === Tue Jul 12 14:37:52 EDT 2022 ---------------------------------- Process folder: /Users/root/Documents/Adobe/ Restore owner: sudo chown -R root /Users/root/Documents/Adobe/ chown: /Users/root/Documents/Adobe/: No such file or directory Restore read/write permission: chmod -RL +rwX /Users/root/Documents/Adobe/ chmod: /Users/root/Documents/Adobe/: No such file or directory Remove ACL: chmod -RN /Users/root/Documents/Adobe/ chmod: Failed to clear ACL on file /Users/root/Documents/Adobe/: No such file or directory ---------------------------------- Process folder: /Users/root/Library/Preferences/Adobe/ Restore owner: sudo chown -R root /Users/root/Library/Preferences/Adobe/ chown: /Users/root/Library/Preferences/Adobe/: No such file or directory Restore read/write permission: chmod -RL +rwX /Users/root/Library/Preferences/Adobe/ chmod: /Users/root/Library/Preferences/Adobe/: No such file or directory Remove ACL: chmod -RN /Users/root/Library/Preferences/Adobe/ chmod: Failed to clear ACL on file /Users/root/Library/Preferences/Adobe/: No such file or directory ---------------------------------- Process folder: /Users/root/Library/Caches/Adobe/ Restore owner: sudo chown -R root /Users/root/Library/Caches/Adobe/ chown: /Users/root/Library/Caches/Adobe/: No such file or directory Restore read/write permission: chmod -RL +rwX /Users/root/Library/Caches/Adobe/ chmod: /Users/root/Library/Caches/Adobe/: No such file or directory Remove ACL: chmod -RN /Users/root/Library/Caches/Adobe/ chmod: Failed to clear ACL on file /Users/root/Library/Caches/Adobe/: No such file or directory ---------------------------------- Process folder: /Users/root/Library/Application Support/Adobe/ Restore owner: sudo chown -R root /Users/root/Library/Application Support/Adobe/ chown: /Users/root/Library/Application Support/Adobe/: No such file or directory Restore read/write permission: chmod -RL +rwX /Users/root/Library/Application Support/Adobe/ chmod: /Users/root/Library/Application Support/Adobe/: No such file or directory Remove ACL: chmod -RN /Users/root/Library/Application Support/Adobe/ chmod: Failed to clear ACL on file /Users/root/Library/Application Support/Adobe/: No such file or directory |
Error running script: return code was 1. |
Solved! Go to Solution.
07-13-2022 06:57 AM - edited 07-13-2022 06:57 AM
script runs as root, your 'id' command is getting root user.. you want logged in user, plus your variable is the same name as the command..
currUser=$(ls -l /dev/console | awk '{print $3}')
Posted on 07-13-2022 07:03 AM
As you mentioned, the script is running as root when run from Jamf. Your script will need to determine the current active user and not what user the script is running under.
Here is what I typically use:
id=$( scutil <<< "show State:/Users/ConsoleUser" | awk '/Name :/ && ! /loginwindow/ { print $3 }' )
home=$(dscl . -read "/Users/${id}" NFSHomeDirectory | awk '{print $NF}')
I also changed how the the home directory is determined in case there is a rare instance that the user's home folder is not /Users/<<userid>>
07-13-2022 06:57 AM - edited 07-13-2022 06:57 AM
script runs as root, your 'id' command is getting root user.. you want logged in user, plus your variable is the same name as the command..
currUser=$(ls -l /dev/console | awk '{print $3}')
Posted on 07-13-2022 07:03 AM
As you mentioned, the script is running as root when run from Jamf. Your script will need to determine the current active user and not what user the script is running under.
Here is what I typically use:
id=$( scutil <<< "show State:/Users/ConsoleUser" | awk '/Name :/ && ! /loginwindow/ { print $3 }' )
home=$(dscl . -read "/Users/${id}" NFSHomeDirectory | awk '{print $NF}')
I also changed how the the home directory is determined in case there is a rare instance that the user's home folder is not /Users/<<userid>>
Posted on 07-13-2022 07:09 AM
Thanks, guys. My scripting skills aren't awesome. So, it'll look something like this?
#!/bin/bash
echo === `date`
id=$( scutil <<< "show State:/Users/ConsoleUser" | awk '/Name :/ && ! /loginwindow/ { print $3 }' )
home=$(dscl . -read "/Users/${id}" NFSHomeDirectory | awk '{print $NF}')
declare -a arr=( "Documents/Adobe/" "Library/Preferences/Adobe/" "Library/Caches/Adobe/" "Library/Application Support/Adobe/" )
for i in "${arr[@]}"
do
echo "----------------------------------"
echo "Process folder: $home/$i"
echo "Restore owner: sudo chown -R $id $home/$i"
sudo chown -R $id "$home/$i"
echo "Restore read/write permission: chmod -RL +rwX $home/$i"
chmod -RL +rwX "$home/$i"
echo "Remove ACL: chmod -RN $home/$i"
chmod -RN "$home/$i"
done
07-14-2022 07:04 PM - edited 07-14-2022 07:05 PM
I had to look up "X" (capital "x") in the chmod manpage . #wipesbrow
chmod -RL +rwX "$home/$i"