search

synapsepd / MacOS-OneDrive-KFM

MacOS OneDrive Known Folder Move (KFM)
Apache License 2.0
65 stars 11 forks source link

Deployment on shared devices (with MDM) = Operation not permitted #11

Open bezik46 opened 2 years ago

bezik46 commented 2 years ago

Big Sur 11.6 on M1 iMac

Using Mosyle with Office 365 authentication, so the users home directory gets created as loggedin.user@domain.org

Sadly the move KFM fails with few errors It creates a symlink Documents INSIDE local Documents & Desktop INSIDE local Desktop & that is the end of the process !

2021-10-25 11:56:05 AM - INFO: Boot processing complete
2021-10-25 11:57:52 AM - INFO: Processing /usr/local/outset/login-privileged-every/onedrive-kfm.sh
2021-10-25 11:58:01 AM - INFO: Output from /usr/local/outset/login-privileged-every/onedrive-kfm.sh on stderr but it still ran successfully: Oct 25 11:57:52  root[790] <Notice>: OneDrive-KFM: Processing admin...
Oct 25 11:57:52  root[798] <Notice>: OneDrive-KFM: OneDrive folder does not yet exist for admin.
Oct 25 11:57:52  root[799] <Notice>: OneDrive-KFM: Processing localmanager...
Oct 25 11:57:52  root[808] <Notice>: OneDrive-KFM: OneDrive folder does not yet exist for localmanager.
Oct 25 11:57:52  root[809] <Notice>: OneDrive-KFM: Processing loggedin.user@domain.org...
Oct 25 11:57:52  root[818] <Notice>: OneDrive-KFM: Closing OneDrive.
2021-10-25 11:57:52.737 osascript[819:7958] NSNotificationCenter connection invalid
2021-10-25 11:57:52.737 osascript[819:7958] Connection to notification center invalid. ServerConnectionFailure: 1 invalidated: 0
2021-10-25 11:57:52.737 osascript[819:7958] Connection to notification center invalid. ServerConnectionFailure: 1 invalidated: 0
Oct 25 11:57:53  root[826] <Notice>: OneDrive-KFM: creating backup path: /Users/loggedin.user@domain.org/OneDrive Conflicts From M30-serial.FDQN
Oct 25 11:57:53  root[828] <Notice>: OneDrive-KFM: Moving documents folder for loggedin.user@domain.org.
mv: rename /Users/loggedin.user@domain.org/Documents to /Users/loggedin.user@domain.org/OneDrive Conflicts From M30-serial.FDQN/Documents: Operation not permitted
Oct 25 11:57:53  root[830] <Notice>: OneDrive-KFM: Building symlink for documents folder for loggedin.user@domain.org.
ln: /Users/loggedin.user@domain.org/Documents/Documents: File exists
Oct 25 11:57:54  root[857] <Notice>: OneDrive-KFM: Moving desktop folder for loggedin.user@domain.org.
mv: rename /Users/loggedin.user@domain.org/Desktop to /Users/loggedin.user@domain.org/OneDrive Conflicts From M30-serial.FDQN/Desktop: Operation not permitted
Oct 25 11:57:54  root[860] <Notice>: OneDrive-KFM: Building symlink for desktop folder for loggedin.user@domain.org.
ln: /Users/loggedin.user@domain.org/Desktop/Desktop: File exists
Oct 25 11:57:54  root[866] <Notice>: OneDrive-KFM: Ensuring ownership of backup data set to loggedin.user@domain.org.
Oct 25 11:57:54  root[870] <Notice>: OneDrive-KFM: loggedin.user@domain.org is console user - relaunch Finder and launch OneDrive
Oct 25 11:57:54  root[877] <Notice>: OneDrive-KFM: Moving backup files into proper OneDrive folders for loggedin.user@domain.org.
rsync: link_stat "/Users/loggedin.user@domain.org/OneDrive Conflicts From M30-serial.FDQN/Desktop/." failed: No such file or directory (2)
rsync error: some files could not be transferred (code 23) at /System/Volumes/Data/SWE/macOS/BuildRoots/38cf1d983f/Library/Caches/com.apple.xbs/Sources/rsync/rsync-55/rsync/main.c(996) [sender=2.6.9]
rsync: link_stat "/Users/loggedin.user@domain.org/OneDrive Conflicts From M30-serial.FDQN/Documents/." failed: No such file or directory (2)
rsync error: some files could not be transferred (code 23) at /System/Volumes/Data/SWE/macOS/BuildRoots/38cf1d983f/Library/Caches/com.apple.xbs/Sources/rsync/rsync-55/rsync/main.c(996) [sender=2.6.9]
Oct 25 11:57:55  root[892] <Notice>: OneDrive-KFM: 
find: -delete: /Users/loggedin.user@domain.org/OneDrive Conflicts From M30-serial.FDQN: relative path potentially not safe
Oct 25 11:57:55  root[898] <Notice>: OneDrive-KFM: loggedin.user@domain.org backup data migration complete.
Oct 25 11:57:55  root[899] <Notice>: OneDrive-KFM: Attempting to clean file names for loggedin.user@domain.org with /usr/local/bin/onedrive-name-fix.sh
Oct 25 11:57:55  root[902] <Notice>: OneDrive-Name-Fix: Loading...
Oct 25 11:57:55  root[903] <Notice>: OneDrive-Name-Fix: pathtoclean = /Users/loggedin.user@domain.org/OneDrive - St Paul's Girls' School   silent = NO   pathtonotice = /Users/loggedin.user@domain.org/OneDrive - St Paul's Girls' School/Desktop
Oct 25 11:57:55  root[907] <Notice>: OneDrive-Name-Fix: Fixing illegal chars...
Oct 25 11:57:55  root[913] <Notice>: OneDrive-Name-Fix: Fixing trailing spaces and periods...
Oct 25 11:58:01  root[7439] <Notice>: OneDrive-Name-Fix: Fixing leading spaces...

Thanks

Seb

bezik46 commented 2 years ago

If I run the command as root (which is enabled for testing), it works fine. Same fine if I run custom command via MDM (which runs as root). So it seems that outset is not running it with correct privileges?