A little off topic, but Campus Security is tired of getting lost USB drives. They are on a little campaign with the computer labs on campus to remind students to remove their USB drives. One request is to have the computer remind them.
Before I attempt to re-invent the wheel, does anyone have some sort of logout script that would detect if there is a USB drive and to remind the user to remove it?
--Gretchen
Hi. Try this out. Its a little simplistic and may need some tweaking or fleshing out, but I think it will generally do the trick
I adapted this from something else I was using to look at plugged in USB drives.
#!/bin/sh
for disk in $(diskutil list | awk '/disk[1-9]s/{ print $NF }' | grep -v /dev); do
if [[ $(diskutil info $disk | awk '/Protocol/{ print $2 }') == "USB" ]]; then
echo "Device $disk is a USB removable disk"
diskName=$(diskutil info $disk | awk -F"/" '/Mount Point/{ print $NF }')
MSG="There is a USB disk named "$diskName" still connected to this computer.
Please remember to take it with you!"
sudo /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper
-windowType utility -title "USB device still attached" -description "$MSG" -button1 "OK"
-icon /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/AlertCautionIcon.icns -iconSize 96
fi
doneThe general idea is it loops through disk identifiers on the system, minus any related to disk0 since that is the internal HD, and then checks the protocol to find USB devices. This would likely pick up not just USB thumb drives, but any USB hard drives attached as well. If it finds one, it gets the name and throws it into a jamfHelper dialog.
You could use any messaging system you want, such as the jamf binary displayMessage verb, AppleScript, CocoaDialog, etc.
HTH
-Mike
Awesome Mike! Thank you.
--Gretchen
Thanks Mike this is great!
Hi Mike
Do you know if its possible to make the script to also look at FireWire devices?
Hey Tim, sure, if you want it to look at both USB and FireWire (and perhaps Thunderbolt as well) devices, you could try this-
#!/bin/sh
for disk in $(diskutil list | awk '/disk[1-9]s/{ print $NF }' | grep -v /dev); do
if [[ $(diskutil info $disk | awk '/Protocol/{ print $2 }' | egrep "USB|FireWire|SATA") != "" ]]; then
echo "Device $disk is a removable disk"
diskName=$(diskutil info $disk | awk -F"/" '/Mount Point/{ print $NF }')
MSG="There is a removable disk named "$diskName" still connected to this computer.
Please remember to take it with you!"
sudo /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper
-windowType utility -title "Removable device still attached" -description "$MSG" -button1 "OK"
-icon /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/AlertCautionIcon.icns -iconSize 96
fi
doneThe above in my very quick informal testing seemed to alert to any USB, FireWire or Thunderbolt connected devices. (Thunderbolt drives show up as SATA from what I can see)
There may be a way to provide better feedback on what type of drive it located, but I'd have to play around with that to get it working. The above will just alert in a generic "removable drive" manner.
Thanks Mike thats great! :)
Dear Mike
Thank you so much for this script. It's already in use and works perfectly.
@tobias, glad its helping folks out.
One thing I should mention is that in the line in the script where its grabbing all disk identifiers from disk1* through disk9*, on a FileVault 2 encrypted Mac,the boot volume Macintosh HD does not list as disk0s<some number>, its actually disk1, just because of the way Apple's CoreStorage works. But it shouldn't affect the script since its not possible for an external USB or FW type drive to show up as disk0, and it looks for disks with a protocol of one of the specified types, so it will still catch all external disks only
Just thought I'd mention that though.
Do we have an option to monitor the USB access either read-only or full access via extension attribute with keep? history
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.