- Jamf Nation Community
- Products
- Jamf Pro
- Get Current/Active User as root when "Fast User Sw...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Get Current/Active User as root when "Fast User Switching" is "Enabled" and more than one user is logged in
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-10-2013 12:17 PM
Hi jamfnation, ;-)
I have searched the forum to get closer to my problem, but I can not find a solution yet.
In some cases I need the Current/Active user in a variable when I run as root and "Fast User Switching" is "Enabled" and more than one user is logged in. How do I get the real Active one (Active Screen running on the Mac-Display)!?
One example: When I log in to an AD-user-session, beginning in the login window via Casper Remote, the AD user proceeds to login and I will get the prompt to ask the user to login or login as casperscreensharing (everybody knows). In that case, when nobody is in front of the book (dev cases), I choose: login as casperscreensharing. Logged in as casperscreensharing, I switch to the active AD-Account, still logged in while I logged in with casperscreensharing in the background...
There are a some of the commands I found and used a lot of times that are published in the community to get the active user, but the ones I found can not handle my problem yet:
- id -un //user context
- ls -la /dev/console etc... //user context
- finger ... //user context
- w -ih ... //user context
- last -x ... //user context
- users ... //user context
- /Library/Preferences/com.apple.loginwindow.plist ... //user context
- are there more!? ;-) ...
Does anyone know how to get the "current/active" user when more then one is logged in and we run as "root"!?
Is there an easy trick/tool or maybe someone has written a comparison of the above tools to get the current/active user!?
//Just to be safe: Bash/Python
Thanks a lot for your help.
Cheers,
Alex
9 REPLIES 9
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-10-2013 12:50 PM
i dont know about Python but here it is in Perl
sub getConsoleUser {
my $console = "/dev/console";
my $tmpuser = undef;
syslog('notice', "checking for logged-in user
");
$tmpuser = getpwuid((stat $console)[4]);
$tmpuser = undef if ($tmpuser eq "root");
return $tmpuser;
}
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-10-2013 01:34 PM
bash
ls -l /dev/console | cut -d " " -f 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-10-2013 01:40 PM
thx @ nessts: I sit on the line... can not get the posted code running...
Can you please help me to get the user from your function in a plist entry:
e.g. local.myplist MyCurrentActiveUser Username;
#!/usr/bin/perl
# my first try...
sub getConsoleUser {
my $console = "/dev/console";
my $tmpuser = undef;
# syslog('notice', "checking for logged-in user
");
$tmpuser = getpwuid((stat $console)[4]);
$tmpuser = undef if ($tmpuser eq "root");
return $tmpuser;
}
getConsoleUser@ jcompton: thx for your help: but still tried all of the commands - you do not get the correct user, when "Fast User Switiching" is active and anyone else is logged in...
Cheers,
Alex
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-10-2013 01:49 PM
I should have added - I only tested on Mountain Lion. My test:
- Target machine - 10.8.4 - one local account and one AD bound mobile user account. Fast user switching enabled
- SSH as root to target machine
- On target machine - switched back and forth from local user to AD user several times. On each with - ran the command from ssh session. Result was true each time.
Good luck.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-10-2013 01:56 PM
I enabled Fast User Switching and both my bash method and my Python method returned the proper results.
bash:
$ ls -l /dev/console | awk '{ print $3 }'
tlarkinPython:
>>> import getpass
>>> getpass.getuser()
'tlarkin'When I logged into my other local user account I ran the same commands and got the proper results when Fast User Switching. I don't have a Network account to test this with. I think with virtual screen sharing you may bet wonky results but I am unable to test that at the moment. Currently 35,000 feet in the air on a plane. :-)
Hope this helps.
Thanks,
Tom
Edited for bad grammar
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-10-2013 02:08 PM
Just wanted to chime in and confirm that the ls -l /dev/console | awk '{print $3}' command works here as well in some quick tests. With 2 accounts "active" and switching between them with FUS, it will return only the active account, not any in the background.
I also tested it with ScreenSharing by logging in as the backgrounded account and it still returns the user controlling the Mac's screen. Hope that helps.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-10-2013 06:22 PM
If you want to do it using officially supported Apple methods, here's a Python script:
#!/usr/bin/python
# based on http://developer.apple.com/library/mac/#qa/qa1133/_index.html
from SystemConfiguration import SCDynamicStoreCopyConsoleUser
cfuser = SCDynamicStoreCopyConsoleUser( None, None, None )
print cfuser[0]
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-12-2013 02:50 AM
I have tested this with a standard VNC session that I start the normal way not over Casper Remote.
I also tested sending the VNC session through a SSH tunnel like Casper Remote does, I used my normal login username to start the ssh tunnel.
In the tests I executed Greg’s script and this command stat -f '%u %Su' /dev/console both returned the correct information.
When testing with Casper Remote the result is different I get a user that is added by Casper Suite as the current logged in user "Casper Remote Screen Sharing".
lsof -i :5900 showed me that the "Casper Remote Screen Sharing" had started the session and that is the same user that shows up in the results of Greg's script and in the command i sent
This is probably an issue caused by the Jamf binary starting the SSH tunnel and the VNC server
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-12-2013 03:13 AM
Thanks Martin,
that's exactly the problem I am talking about.
What I can say after my testings. If have tested the problem on 10.7.5 and 10.8.3/4 with the same results giving me "casperscreensharing".
Please try it also:
1. boot up a computer
2. login with an account (I only tried AD accounts)
3. use capser remote from 2nd computer
4. connect via screen sharing
5. do not "share display" with active user - we assume that no one is sitting in front
6. when you are in the casperscreensharing session, do a fast user switch back to your other account stilled logged in the background
7. try the commands
When I login via
[ssh -L 5901:remote.host.com:5900 remoteuser@remote.host.com](ssh -L 5901:remote.host.com:5900 remoteuser@remote.host.com)
[vnc://127.0.0.1:5901](vnc://127.0.0.1:5901)
I get the correct results from the commands.
How does the casperscreensharing influences the result!?
Thanks,
Alex
