MacJediWizard
commented
2 years ago Closed MacJediWizard closed 2 years ago
MacJediWizard
commented
2 years ago MacJediWizard
commented
2 years ago here is the full log showing that the temp admin user is ok and auth but then it will not perform the update. it shows in the log
MacJediWizard
commented
2 years ago what I did find today is running the command like this with sudo -s in my script from jamf and using the current user flag as you see, the command ran as expected. it promoted the standard user to admin, ran the process and demoted user all as expected. not sure why using sudo -s would help with the issue.
sudo -s /Library/Management/erase-install/erase-install.sh --erase --os 12 --min-drive-space 50 --depnotify --fs --current-user --check-power --power-wait-limit 300
grahampugh
commented
2 years ago I've added a section to the FAQs to address this since it comes up sometimes:
Please note that the specified account does not need to be an admin. For the --reinstall option, the account just needs to be a Volume Owner, and for the --erase option the script elevates the account to admin to make it work.
By pre-elevating using su, you are probably preventing it from working. Just use a standard account and it should work.
grahampugh
commented
2 years ago PS, the following command that you specified is incorrect:
/Library/Management/erase-install/erase-install.sh --erase --os 12 --min-drive-space 50 --depnotify --user --check-power --power-wait-limit 300If you use the --user flag, the script expects a value for user. For example --user fredastaire. Perhaps you meant --current-user?
grahampugh
commented
2 years ago -s is irrelevant as far as I can tell. This is correct:
sudo /Library/Management/erase-install/erase-install.sh --erase --os 12 --min-drive-space 50 --depnotify --fs --current-user --check-power --power-wait-limit 300--min-drive-space 50 should be useless as the default of 45 GB should be sufficient (submit an issue if you have experienced that it is not enough - 45 GB is the recommendation from Apple).
--os 12 is also currently superfluous since it is the latest, but does have the benefit that you don't need to change it if you want to prevent Ventura becoming the default sometime in late October :)
So currently you only need:
sudo /Library/Management/erase-install/erase-install.sh --erase --depnotify --fs --current-user --check-power --power-wait-limit 300PS, the following command that you specified is incorrect:
/Library/Management/erase-install/erase-install.sh --erase --os 12 --min-drive-space 50 --depnotify --user --check-power --power-wait-limit 300If you use the
--userflag, the script expects a value for user. For example--user fredastaire. Perhaps you meant--current-user?
this was a typo sorry. yes it was --current-user
MacJediWizard
commented
2 years ago
-sis irrelevant as far as I can tell. This is correct:sudo /Library/Management/erase-install/erase-install.sh --erase --os 12 --min-drive-space 50 --depnotify --fs --current-user --check-power --power-wait-limit 300
--min-drive-space 50should be useless as the default of 45 GB should be sufficient (submit an issue if you have experienced that it is not enough - 45 GB is the recommendation from Apple).
--os 12is also currently superfluous since it is the latest, but does have the benefit that you don't need to change it if you want to prevent Ventura becoming the default sometime in late October :)So currently you only need:
sudo /Library/Management/erase-install/erase-install.sh --erase --depnotify --fs --current-user --check-power --power-wait-limit 300
Ok will try without the -s but it worked after I added the shell flag. not sure why. the using 12 for os is so we have it set for when Ventura comes out. I didnt want to have to remember to change it to 12 once it was released. we prevent users from automatically updating to the next version until we have a lot of testing done. I agree it does nothing now
grahampugh
commented
2 years ago Just to clarify, if I understood you correctly, you were shelling out to a different user (you said in terminal su to admin user). There's no need to do this, since the script will elevate the chosen user to admin anyway, and I have never tested the script to be used shelled out to another user - things may not work as expected in that context.
MacJediWizard
commented
2 years ago I was not using su just s. I was running with jamf and the user was failing when the script was run even though the user was a column owner and admin. I was trying lots of things to troubleshoot
Just to clarify, if I understood you correctly, you were shelling out to a different user (you said
in terminal su to admin user). There's no need to do this, since the script will elevate the chosen user to admin anyway, and I have never tested the script to be used shelled out to another user - things may not work as expected in that context.
grahampugh
commented
2 years ago I can't really tell if this is still an issue or if the FAQ page answers your question. Feel free to reopen this issue with some new information if you are still experiencing problems.
Describe the bug I am running the script with the following flags: /Library/Management/erase-install/erase-install.sh --erase --os 12 --min-drive-space 50 --depnotify --user --check-power --power-wait-limit 300
This prompts me for the password as expected and the name of the account is showing correctly in the password window. I enter the password. the script accepts and moves forward. the de-notify window opens and says preparing your Mac but never goes farther. when I look at the terminal window I see that after the "agree to License" message it says this user can not upgrade the drive. the user is the admin user that was entered in flag. I have checked and the admin user is a volume owner and administrator. the logged in user is a standard user.
When I set the logged in user as an admin and used this account all worked as expected.
Also in terminal when I su to my admin user and run the script I find the same behavior, when logged in user is standard vs when logged in user is admin, and trying to use the admin user to run the update.
also even if I do not use the user flag in the command line and manually enter the admin when prompted and then password when prompted I get the same behavior.
To Reproduce
Expected behavior when using an admin user and password it is expected to run the erase and install.
Environment (please complete the following information):