Skip to main content
Question

Delete applications without Adminrights withs self Service

  • July 31, 2019
  • 15 replies
  • 71 views
A
Forum|alt.badge.img+4

Hi,

Since none of the users on our computer have no admin rights, but we have created a possibility that the user can uninstall App. However, the script only deletes the application from the folder. That is sufficient in most cases. However, in some cases it is necessary to delete the created data. Maybe someone has an idea how to find these and delete them.

#!/bin/bash 


##########################################################################  
# Shellscript : Uninstall Script  
# Autor : Andreas Vogel, 
##########################################################################  

# Script asks for the file to be deleted. 
#  
# Only for test - comment out in production!  
# set -x 

###### please only edit here 
###### list files to protect here 

app_protect=" 
NoMAD 
McAfee 
Self Service 
Preproxy
Identity Agent
jamf" 

##### End ################



# Variabeln 
sys=$(while read p; do echo "$p" | grep "/Applications" ; done </System/Library/Sandbox/rootless.conf) 

list=" 
$app_protect 
$sys" 


askapp () {
    /usr/bin/osascript <<EOF - 2>/dev/null
    set strPath to POSIX file "/Applications/"
    set f to (choose file with prompt "$1" default location strPath)
    set posixF to POSIX path of f
    tell application "Finder" to set filesDir to container of f as alias as text
    set posixDir to POSIX path of filesDir
    posixF

EOF
}


asknewdir () {
    osascript <<EOF - 2>/dev/null
tell application "SystemUIServer"
    activate
    text returned of (display dialog "$1" default answer "")
end tell
EOF
}

app=$(askapp 'Please select the program to be deleted') || exit


# Loop for checking before deleting 
for a in $list ; do 
if [[ "$app" = *$a* ]]; then 
osascript -e 'display dialog "This program can not be deleted!" buttons {"OK"} default button 1'  
exit 0 
fi 
done 

# Program is stopped and deleted 
pkill -f "$app"  
sudo rm -rf "$app"  
osascript -e 'display dialog "The app has been deleted" buttons {"OK"} default button "OK"' 
exit 0
    a_martin253

    15 replies

    A
    Forum|alt.badge.img+4
    • avogel
    • Author
    • New Contributor
    • October 18, 2019

    no ideas

    alexduffner
    Forum|alt.badge.img+3
    • alexduffner
    • New Contributor
    • February 8, 2023

    Hi @avogel,

    I have combined your idea with another and my own.
    Perhaps the result will also serve your purposes:

    https://github.com/aduffner/uninstallMacApps/blob/main/uninstallMacApps.sh 

    Pre-requisites: Installed https://github.com/bartreardon/swiftDialog (for the beautiful modals)

     

    Best regards

    Alex

    a_martin253
    tobiaslinder
    Forum|alt.badge.img+16
    • tobiaslinder
    • Valued Contributor
    • May 22, 2023

    Hi @avogel,

    I have combined your idea with another and my own.
    Perhaps the result will also serve your purposes:

    https://github.com/aduffner/uninstallMacApps/blob/main/uninstallMacApps.sh 

    Pre-requisites: Installed https://github.com/bartreardon/swiftDialog (for the beautiful modals)

     

    Best regards

    Alex


    Hey @alexduffner 
    Sadly the link to your uninstallMacApps doesn't work anymore. I would be really interested in your approach.

    alexduffner
    Forum|alt.badge.img+3
    • alexduffner
    • New Contributor
    • May 22, 2023

    Hey @alexduffner 
    Sadly the link to your uninstallMacApps doesn't work anymore. I would be really interested in your approach.


    Hi @tobiaslinder, had set it to private for some reason, it's now public again.
    Your and other's feedback is explicitly welcome. 😊

    tobiaslinder
    Forum|alt.badge.img+16
    • tobiaslinder
    • Valued Contributor
    • May 22, 2023

    Hi @tobiaslinder, had set it to private for some reason, it's now public again.
    Your and other's feedback is explicitly welcome. 😊


    Thank you so much. You will hear from me, if I succeed at implementing your code in my project.

    GraemeU
    Forum|alt.badge.img+3
    • GraemeU
    • New Contributor
    • May 23, 2023

     Hi Alex

     

    This script looks wonderful however during testing I was still prompted for admin creds when running via self service. - specifically Finder requesting to delete x files. Running on Ventura 13.4

    a_martin253
    GraemeU
    Forum|alt.badge.img+3
    • GraemeU
    • New Contributor
    • May 24, 2023

     Hi Alex

     

    This script looks wonderful however during testing I was still prompted for admin creds when running via self service. - specifically Finder requesting to delete x files. Running on Ventura 13.4


    Hi

    Just to follow up, I ended up making some changes to the script to get this to work in my environment.

    line 50 after add

    trash() { mv "$@" /Users/$currentUser/.Trash/ ; }

    line 186 remove

    /usr/bin/sudo -u "$currentUser" osascript -e "tell application \\"Finder\\" to delete { $posixFiles }" >/dev/null

    after add

    echo "Moving app data to trash…" sleep 1 for item in "${paths[@]}" do Echo "Trashing $item ..." trash $item done
    a_martin253
    alexduffner
    Forum|alt.badge.img+3
    • alexduffner
    • New Contributor
    • May 24, 2023

    Hi

    Just to follow up, I ended up making some changes to the script to get this to work in my environment.

    line 50 after add

    trash() { mv "$@" /Users/$currentUser/.Trash/ ; }

    line 186 remove

    /usr/bin/sudo -u "$currentUser" osascript -e "tell application \\"Finder\\" to delete { $posixFiles }" >/dev/null

    after add

    echo "Moving app data to trash…" sleep 1 for item in "${paths[@]}" do Echo "Trashing $item ..." trash $item done

    Nice! Thank you for sharing, just request a pull request via Github - I will merge it :-)

    GraemeU
    Forum|alt.badge.img+3
    • GraemeU
    • New Contributor
    • May 24, 2023

    Hi Alex, I will do some further testing before doing anything like this, for example the Zoom Outlook Plugin has a build in Uninstall.app which users cannot run, however if they try to remove it via the script, it will find a lot of things you dont really want to remove as part of the app. This is around the wildcard line 155. 

    paths+=($(find "$location" -iname "*$app_name*" -maxdepth 1

    See below image

     

     

    alexduffner
    Forum|alt.badge.img+3
    • alexduffner
    • New Contributor
    • May 24, 2023

    Hi Alex, I will do some further testing before doing anything like this, for example the Zoom Outlook Plugin has a build in Uninstall.app which users cannot run, however if they try to remove it via the script, it will find a lot of things you dont really want to remove as part of the app. This is around the wildcard line 155. 

    paths+=($(find "$location" -iname "*$app_name*" -maxdepth 1

    See below image

     

     


    I think regex matches like these are the reason why nobody came up with an all-in-one uninstaller ^^
    Thank you for testing. I would also recommend to not test it in the wild.

    GraemeU
    Forum|alt.badge.img+3
    • GraemeU
    • New Contributor
    • May 24, 2023

    I think regex matches like these are the reason why nobody came up with an all-in-one uninstaller ^^
    Thank you for testing. I would also recommend to not test it in the wild.


    Hi Alex

    Yes agree, this is a very tricky problem to solve but I think this script gets about 95% of the way there with no trouble, which is excellent. I have a small test group with this deployed now and will get feedback from users, mainly so I can round off our exclusion list.

    I will just remind users to double check everything in the list prior to clicking ok! 😊

    alexduffner
    Y
    Forum|alt.badge.img+1
    • yeyo
    • New Contributor
    • November 7, 2024

    HI, Thanks for the script really appreciate the script. Just curious is there a way to restrict it to just application folder. So users can't go browsing all sort of directory. Like limiting it to just /Application folder only.  

    Thanks in advance 

    Y
    Forum|alt.badge.img+1
    • yeyo
    • New Contributor
    • November 7, 2024

    I just tried the script and it doesn't seem work. 

    Jacek_ADC
    Forum|alt.badge.img+7
    • Jacek_ADC
    • Valued Contributor
    • November 25, 2024

    @alexduffner 
    Love your script. We just started to remove the adminrights on all our macbooks a few weeks ago.
    Really nice done and i like your solution with swiftdialog. Great !!

    a_martin253
    Forum|alt.badge.img+3
    • a_martin253
    • New Contributor
    • March 20, 2025

    Hi

    Just to follow up, I ended up making some changes to the script to get this to work in my environment.

    line 50 after add

    trash() { mv "$@" /Users/$currentUser/.Trash/ ; }

    line 186 remove

    /usr/bin/sudo -u "$currentUser" osascript -e "tell application \\"Finder\\" to delete { $posixFiles }" >/dev/null

    after add

    echo "Moving app data to trash…" sleep 1 for item in "${paths[@]}" do Echo "Trashing $item ..." trash $item done

    Thank you for this @GraemeU ! Those tweaks to the script worked perfectly! And thank you @alexduffner for building it out. I am going to see if I can fork it to add a swiftDialog check parameter into the script so it doesn't just fail out if it is missing /usr/local/bin/dialog

    Terms & ConditionsCookie settingsAccessibility statement