Quick one as it’s been a while and work has me very busy. I’ve been having to debug a lot of custom scripts that run within JAMF Pro policies. My view of debugging has always been to replicate as closely as possible the actual operating environment so you can see exactly where it’s failing.

The usual way is with either a “-x” on the end of your script shebang or to use the “set -x” command at specific points in your script. However this outputs the relevant info to the console, which you can’t see if executing as part of a policy. However with some redirection trickery, there’s a way around this.

time=$( date "+%d%m%y-%H%M" )
set -x
logfile=/tmp/scripttest-"$time".log
exec > $logfile 2>&1

Place this code snippet at the start of your script. It will do all the -x stuff we mentioned but redirect all output to a log file in /tmp. This means you can trigger the policy and get a complete read on what it’s doing. Came in very handy for my recent patchoo commits!