MacOS – Applescript Command as Specified User to Delete All Files in a Particular Folder

applescriptfinderkeychainmacosterminal

I am looking at using the POSIX path to delete the contents of a particular folder on users computers but it must be performed as a particular user.

I can deploy the script silently from my side using LanRev (Absolute Manage) so the user won't see the password.

In my scenario below, I am trying to execute the script specifying the user as "secretAdmin" and the password will be "secretPass123".

The system would be deleting the contents of the folder ~/Library/Keychains/

tell application "Finder"
    delete (every item of folder "$HOME/Library/Keychains") with user secretAdmin password secretPass123
end tell

Unfortunately this doesn't work. There are different system setups with the $HOME directory being located across different volumes and thus it's always best to use the current user ~/ or $HOME POSIX path instead – unless there is another method that I have overlooked.

Unfortunately, this code results in errors, and I have become sloppy with my AppleScript over the past 2 years not keeping its practice up to scratch.

Any assistance would be greatly appreciated.

Best Answer

You can reference the files like this:

set myPath to (path to library folder from user domain as text) & "Keychains"
tell application "Finder" to get files of folder myPath

Related Solutions

MacOS – Create a remote only user in OS X

The best way to do this is to create a chroot jail for the user. I'll clean up the answer here when I get home but I posted the solution on my blog.

https://thefragens.com/chrootd-sftp-on-mac-os-x-server/

Below are most of the instruction from the above post.

First, you should create the new user in Workgroup Admin and either assign them access privileges for SSH via Server Admin or assign them to a group that has SSH access privileges. Further discussion is below.

From the Terminal, start off right.

sudo cp /etc/sshd_config /etc/sshd_config.bkup

sudo chown root /
sudo chmod 755 /
sudo mkdir -p /chroot/user/scratchpad
sudo chown -R root /chroot
sudo chown user /chroot/user/scratchpad
sudo chmod -R 755 /chroot

Every additional new user added will then be something along the lines of the following.

sudo mkdir -p /chroot/user2/scratchpad
sudo chown root /chroot/user2
sudo chown user2 /chroot/user2/scratchpad
sudo chmod -R 755 /chroot/user2

Every folder it the path to the chroot jail must be owned by root. I don't think it matters what group the folder is in. What I did above was to

backup /etc/sshd_config
change ownership of the root directory to root
change permissions of the root directory to 755
create a chroot folder
create a user folder inside the chroot folder
create a folder inside the user folder that user can modify
set ownership and permissions

Now to edit /etc/sshd_config to the following.

#Subsystem  sftp    /usr/libexec/sftp-server
Subsystem   sftp    internal-sftp

Match User user
    X11Forwarding no
    AllowTcpForwarding no
    ForceCommand internal-sftp
    ChrootDirectory /chroot/user

This creates a chroot jail that when the user logs in will drop them into the folder /chroot/user, in that folder is a folder they can add things to /chroot/user/scratchpad.

If you want to create a Group in Workgroup Admin for 'Chroot Users' then add the new users that you created in Workgroup Admin to the Group you won't have to keep editing the /etc/sshd_config file. Instead of the above, add the following. Make sure you add the 'Chroot Users' group to the SSH access ACL in Server Admin.

Match Group chrootusers
    X11Forwarding no
    AllowTcpForwarding no
    ForceCommand internal-sftp
    ChrootDirectory /chroot/%u

To test whether the above is working, issue the following from the terminal.

$ sftp user@domain.com
Password:
sftp>

MacOS – Automatically Mount a Network Drive and Copy a File to a Network Folder (AppleScript)

Copying of files in Applescript is best done either through System Events or Finder, using the duplicate … to command, i.e.

tell application "System Events" to duplicate sourceFile to targetFolder

where both sourceFile and targetFolder need to be the correct object type for the application used – meaning disk item or finder item (both objects can be created from AppleScript alias objects, or textual path values with a bit of type coercion – I’d add the details, but you have not stated how the paths to both are stored / acquired in your script).

A few notes on your code:

There is no need to use globals when you have defined them as properties already. AppleScript properties are script scoped and persist across execution – they are only reset when the script is recompiled. If you assign those that need user setting missing value when declaring, you can even check if they are already set and skip re-prompting the user (there would be an even more comfortable and secure solution if Apple hadn’t deprecated Keychain Access Scripting).
There is no need for the repeated assignments and recursive call in your connectToServer() handler. The following code
```
set timeOutCounter to 0
repeat while (list disks) does not contain serverName and timeOutCounter is less than timeOutInterval
    -- mount drive
    delay someInterval -- recommended, so you don’t hectically loop
    set timeOutCounter to timeOutCounter + someInterval -- time out loop 
end repeat
```
will try to connect in the interval defined by someInterval, until the mount is available or timeOutIntervalis reached (assuming these values are declared. As properties, best – see above).
You might also want to offer your user a more comfortable way of selecting the target folder than typing a folder name from memory. Check out Standard Additions’s AppleScript dictionary for the choose folder command.
Finally, but that is mainly a matter of taste and coding style, I’d rather move the display dialog command into its own handler and call that, if needed repeatedly, from the script body, than use a C style mainLoop handler. I’ve found that, generally speaking, AppleScript runs out of Stack space easily when recursing and can get very confused about variable assignments, so it is a good idea to avoid recursive constructs where they are not necessary.

Best Answer

Related Solutions

MacOS – Create a remote only user in OS X

MacOS – Automatically Mount a Network Drive and Copy a File to a Network Folder (AppleScript)

Related Question