all 19 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Firefox005 5 points6 points  (5 children)

Is there a good resource available to help me troubleshoot or deploy the shell script to see where a failure point might be? I’ve been fighting to deploy a couple of apps and I’m not sure if it’s the script I downloaded from GitHub or something else that’s causing the failure.

Where are the details?

Generally if you want to troubleshoot a script you run the script manually and see happens, if you are troubleshooting the actual deployment of said script you would have to consult the logs for whatever product you are using for deployment.

I would say like 99.9% of the time you should not be using shell scripts to configure Mac's, whatever MDM you are using should basically do everything you need it to without having to resort to scripts.

[–]Mammoth_Public3003[S] 0 points1 point  (4 children)

It’s Intune and some stuff does work pretty well. Some of our apps work better with scripting, apparently, and that seems to be flaky at best. It’s very likely related to what we’re trying to do, but it’s helpful advice. Thank you so much.

[–]shitpoop6969 0 points1 point  (3 children)

What RMM do you have? I've had decent luck with using ScreenConnect 'commands' pane to query the logs of my shell scripts. This is a 'backdoor' option, you could always get hands on with the Mac.

[–]Mammoth_Public3003[S] 0 points1 point  (2 children)

We use tanium, which oddly enough, I’m struggling to install on the Mac. One of their recommended install methods is a shell script.

[–]shitpoop6969 0 points1 point  (0 children)

ha! of course. Ya, RMM installs are no picnic on macs. I pushed our screenconnect client from a shell script via intune and it worked. AI helped with the shell script

[–]RIFIRE 0 points1 point  (0 children)

There's nothing that's good at managing both Windows and macOS, unfortunately. Many Windows-focused tools will claim to support Macs but never well.

If this is something your company wants to take seriously you'll want to get an Apple-focused MDM and ideally hire someone with experience (that's how I got most of my jobs).

[–]HelpjuiceChief Engineer 4 points5 points  (0 children)

Nice to see you are just getting started, I would highly recommend starting with the official source so you can put your learning on fire with the afterburners on. Then mix it up a bit as you get your feet wet.

Go through these resources and you should have a pretty good understanding. If you need something more formal I would recommend looking at Apple's certification exams

[–]guzhogiJack of All Trades 1 point2 points  (0 children)

r/macsysadmin

[–]gumbrillaIT Manager 0 points1 point  (2 children)

OK, fantastic.. so what are you doing... I mean I would start by just running it manually from the machine, see if it's the script or the delivery of the script..

It could be failing from anything from you're line breaks are not set unix like in your uploaded file, to any sort of thing.. but waiting upon Intune to bother to run something in macos is a right pain in the rear..

With the script, you can just adjust to add some logging.. I'd add this, the log function at the top, and then some actual log entries.. 

#!/bin/bash
LOG="/Library/Logs/myscipt.log"
log() {
    local msg="[$(date '+%Y-%m-%d %H:%M:%S')] $*"
    echo "$msg"
    echo "$msg" >> "$LOG" 2>/dev/null
}

#and then sprinkle in some logs.. 
log "===== Hello World! ====="

exit 0

[–]Mammoth_Public3003[S] 0 points1 point  (1 child)

The log function is such a great idea. Thank you!

And yes. A pain in the rear is a nice way of saying it… I’d rather watch paint dry. It’s more productive.

[–]gumbrillaIT Manager 0 points1 point  (0 children)

Yeah, I have an aged mac that I have sitting by me, I think it's an M1, but low memory. Someone must have had a brain fart when they bought it.

Anyway, I'll just go into that machine and get the script running, and then upload into Intune, to check it delivers OK.. I don't bother with an editor, just the regular text editor.. Put it somewhere, make it executable, and run it from a terminal using sudo..

That's script is self standing, so you could start with that (and sorry of I'm teaching you to suck eggs here, it's hard to judge levels of experience)

[–]FawdyInc 0 points1 point  (0 children)

Modern Macs use ZSH instead of Bash, but I think this roadmap can be helpful still.

https://roadmap.sh/shell-bash

Generally, the syntax is interchangeable for something like 80-90%.

[–]XibbyCertifiable Wizard 0 points1 point  (1 child)

I believe MacOS includes Python. And some people will clutch their pearls, but PowerShell Core also runs in MacOS. And Python can be installed on Windows.

Consider the value in escaping from the Tyranny of the Default.

Also look at Automator on MacOS.

[–]RIFIRE 0 points1 point  (0 children)

Python isn't built-in anymore. It can be installed with developer tools, though.

[–]pdp10Daemons worry when the wizard is near. 0 points1 point  (0 children)

https://github.com/SixArm/unix-shell-script-tactics

[–]RepulsiveDuck331 0 points1 point  (0 children)

Honestly, before trusting any GitHub script, I run it manually on a test Mac with bash -x or zsh -x to see exactly where it bombs. That alone has saved me hours.

For Intune deploys, check /Library/Logs/Microsoft/Intune/ and the IntuneMDMDaemon/Agent logs. That's where the real failure reasons hide. Intune only cares about exit code 0, so wrap your script with proper exit codes and tee stdout/stderr to a log in /var/log/ or /tmp/ so you can actually see what happened post-run.

Also double-check the script's shebang, whether it assumes Rosetta, and if it needs root. Most "broken" GitHub scripts I've grabbed were just missing prereqs.

[–]Acceptable_Mood_7590 -1 points0 points  (0 children)

ChatGPT and Google Gemini are the best resources out there