Jamf Nation Community

May · ‎07-12-2016

Hi all

We have an EA in place to retreive the Apple update server CatalogURL that's set on each Mac, it works consistantly on all our 10.9 machines but i'm getting incosistent results from 10.10 and 10.11 machines.

We're pushing out the CatalogURL in a computer level Configuration Profile so it adds the CatalogURL to /Library/Managed Preferences/com.apple.SoftwareUpdate.plist and
not to /Library/Preferences or /var/root/Library/Preferences

If i run jamf recon the EA reports back with no result on about half of the machines if i then run the command directly on that Mac in terminal (the plist definitely has a CatalogURL key within it)

As root defaults read /Library/Managed Preferences/com.apple.SoftwareUpdate CatalogURL i get Segmentation fault: 11

as admin sudo defaults read /Library/Managed Preferences/com.apple.SoftwareUpdate CatalogURL i get no result

as admin without sudo defaults read /Library/Managed Preferences/com.apple.SoftwareUpdate CatalogURL i either get the CatalogURL successfully on some machines and get Segmentation fault: 11 on others

it seems to be permission related as i can copy the plist to the Desktop and read from it ok from there. As this is running as root in an EA is there anything i need to be aware of to make this work 100% on 10.10 and 10.11 ?

here's the EA

#!/bin/sh

if [ -f /Library/Managed Preferences/com.apple.SoftwareUpdate.plist ]; then

SWU=`defaults read /Library/Managed Preferences/com.apple.SoftwareUpdate CatalogURL`

echo "<result>$SWU</result>"

else

echo "<result>No managed plist</result>"

fi

franton · ‎07-13-2016

Try this instead. It'll output "None" if the key isn't managed, or it should output the CatalogURL key contents.

#!/usr/bin/python

# EA to show if Software Updates are managed or not

import CoreFoundation

domain = 'com.apple.SoftwareUpdate'
key = 'CatalogURL'

key_value = CoreFoundation.CFPreferencesCopyAppValue(key, domain)

print "<result>{}</result>".format(key_value)

As has been explained to me by @bentoms and others, you should use the OS API to read out the key as with defaults, you get the contents of the file/memory cached copy which may not be what the OS is using if a profile is installed.

View solution in original post

May · ‎07-12-2016

or is than alternative way to get the CatalogURL ?

Nix4Life · ‎07-12-2016

@May On my home system (10.10.5), I get the correct results with defaults read /Library/Preferences/com.apple.SoftwareUpdate CatalogURL.( results are from Reposado VM at home)are you running Munki on any of your systems? IIRC Munki uses /Library/Managed, but could be other applications also

hth
Larry

Larrys-iMac:$ sudo defaults read /Library/Preferences/com.apple.SoftwareUpdate CatalogURL
**http://10.19.1.9/content/catalogs/others/index-10.10-10.9-mountainlion-lion-snowleopard-leopard.merged-1_home.sucatalog**
Larrys-iMac:$ defaults read /Library/Preferences/com.apple.SoftwareUpdate CatalogURL
**http://10.19.1.9/content/catalogs/others/index-10.10-10.9-mountainlion-lion-snowleopard-leopard.merged-1_home.sucatalog**

stevevalle · ‎07-12-2016

This is how I do my Apple Software Update Server Extension Attribute:

#!/bin/sh
SWU=`defaults read /Library/Preferences/com.apple.SoftwareUpdate CatalogURL`
echo "<result>$SWU</result>"

Make sure you wrap the defaults read statement with a backtick `

Edit: Just tested your script. Works for me.

May · ‎07-13-2016

Thanks @stevevalle @LSinNY

We're using Apple update server.

Looking at the plist in /Library/Preferences there is no CatalogURL key in there and /var/root/Library/Preferences/com.apple.SoftwareUpdate.plist does not exist.

I think because we're pushing it out via a config profile it only writes to /Library/Managed Preferences/com.apple.SoftwareUpdate.plist,

I have the command wrapped in backticks, i'll try enclosing it with double quotes and other ways to see if that makes a difference, i do still think it's permissions related as if i move the plist to the Desktop the same script reads from it with no issue.

franton · ‎07-13-2016

Try this instead. It'll output "None" if the key isn't managed, or it should output the CatalogURL key contents.

#!/usr/bin/python

# EA to show if Software Updates are managed or not

import CoreFoundation

domain = 'com.apple.SoftwareUpdate'
key = 'CatalogURL'

key_value = CoreFoundation.CFPreferencesCopyAppValue(key, domain)

print "<result>{}</result>".format(key_value)

As has been explained to me by @bentoms and others, you should use the OS API to read out the key as with defaults, you get the contents of the file/memory cached copy which may not be what the OS is using if a profile is installed.

JevermannNG · ‎01-31-2023

Is there a way to run this in BASH ?

Thank you!

May · ‎07-13-2016

Hi @franton

It's good to know this is the best approach

I've just tested it and all the Macs are consistently reporting the CatalogURL correctly, i then remove the CatalogURL config profile and re-test and the script reports "none" as expected,
thank you so much!

franton · ‎07-13-2016

You're welcome. I got the info from macmule and frogor on the slack instance.

bentoms · ‎07-13-2016

@franton dammit! Giving away part of my JNUC talk.

Haha.

cjatsbm · ‎09-21-2016

This is great... 1 quick question...

I modified this slightly to return the plist entry for file location for Dropbox... However I assume the script itself is not run as the currently logged in user... Is there a way in python to run this as the current user?

!/usr/bin/python

EA to show dropbox folder location

import CoreFoundation
domain = 'com.getdropbox.dropbox.plist'
key = 'NSNavLastRootDirectory'
key_value = CoreFoundation.CFPreferencesCopyAppValue(key, domain)
print "<result>{}</result>".format(key_value)

Jamf Nation Community

defaults read Extension Attribute inconsistent results on 10.10 and 10.11

!/usr/bin/python

EA to show dropbox folder location