v0elkl
Level 1 (4 points)
Mac OS X

Q: Custom launchd runs shell script issues

Hi Everyone,

 

I work for the IT department at a school, we have a custom launchd that is triggered to run at startup and the interval of 60secs.

This LaunchDaemon runs a shell script that re-enables Remote Management even as the kids are turning it off. The principal wants the kids to have admin rights so our options of securing this are limited.

 

It has worked perfectly for us for the past year or so.

 

We want to add some functionality to lock down the Computer Name in the sharing tab. We wanted to modify the existing shell script to include a few lines that would grab the students account name and mirror it across to the Computer Name. So we don't come across computers of the network with "Captain Awesome's Macbook Pro" as their bonjour name.

 

We then want to be able to create a package that we can distribute over ARD to all our students.

 

--

 

The shell scripting we have written works perfectly when it is run locally on the machine. However when packaged and distributed across the network, the package is run as root. So our students end up with a computer name of root, instead of their username.

 

The script in the package is as follows;

 

#!/bin/bash

 

 

sudo echo "$USER"

u="$USER"

 

 

sudo echo "#!/bin/bash

 

 

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/k ickstart -activate -configure -users mmcadmin -access -on -restart -agent -privs -all

 

 

sudo scutil --set ComputerName $u

sudo scutil --set HostName $u

sudo scutil --set LocalHostName $u" >> /Library/Scripts/Enable\ ARD/enableARD.sh

 

When this is run it produces a file in the set location, and as it is run as root the file output has root as the username.

#!/bin/bash


sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/k ickstart -activate -configure -users mmcadmin -access -on -restart -agent -privs -all

 

 

sudo scutil --set ComputerName root

sudo scutil --set HostName root

sudo scutil --set LocalHostName root

 

Any ideas on how we can fix this?

 

Thanks

Garrett

Posted on Oct 16, 2015 4:30 PM

by BobHarris,Solvedanswer
BobHarris BobHarris
Level 6 (19,553 points)
Mac OS X
A:

Why not look for the owner of Finder

 

u=$(ps -axo user,ucomm|grep '[Ff]inder')

u=${u%%\ *}

The 'ps' command is going to return "username Finder", assuming someone is logged in and the Finder is running.

 

The '[Ff]inder' will match Finder or finder.  Just in case a lowercase finder name is in there.

 

The ${u%%\ *} will delete everything after the first space in the 'ps' output leaving just the username.  The backslash protects the space then an * wildcard to match everything after a space.

Posted on Oct 16, 2015 7:33 PM

Close
v0elkl

Q: Custom launchd runs shell script issues

  • All replies
  • Helpful answers

  • by BobHarris,Solvedanswer

    BobHarris BobHarris Oct 16, 2015 7:33 PM in response to v0elkl
    Level 6 (19,553 points)
    Mac OS X
    Oct 16, 2015 7:33 PM in response to v0elkl

    Why not look for the owner of Finder

     

    u=$(ps -axo user,ucomm|grep '[Ff]inder')

    u=${u%%\ *}

    The 'ps' command is going to return "username Finder", assuming someone is logged in and the Finder is running.

     

    The '[Ff]inder' will match Finder or finder.  Just in case a lowercase finder name is in there.

     

    The ${u%%\ *} will delete everything after the first space in the 'ps' output leaving just the username.  The backslash protects the space then an * wildcard to match everything after a space.

  • by v0elkl,

    v0elkl v0elkl Oct 16, 2015 7:34 PM in response to BobHarris
    Level 1 (4 points)
    Mac OS X
    Oct 16, 2015 7:34 PM in response to BobHarris

    Thank you so much, I just tested and it work perfectly.

    You are my hero lol.

     

    Thanks again!