Script to remove MacOS High Sierra Install.app from applications folder

Why not use the Restricted Software option on the JSS, you can stop the app process as well as delete the app.

Can't really see a reason why it wouldn't work. It looks right to me from here.
But can you try adding in the full path to rm, like /bin/rm ? It really shouldn't need that, but try it anyway.

Can you post the entire script? Or are you using the Execute Command option on a policy?

would it work if it was this way

rm -rf /Applications/"Install macOS High Sierra.app"

@Cornoir I"m pushing the latest version of the installer to all of our machines. I want to remove any installers that may have been previously downloaded from the app store by users.

@mm2270 Will try that now.

@emily That is the entire script. I've tried both ways that I posted as a script. Have not tried running with Files and Process Execute Command. I kind of need it ran as a script so that I can run it before other actions without creating two policies.

@jstine if it's a bash script you need to add #!/bin/bash to the top of the script.

I think you will need to edit the script to setup the beginning

#!/bin/sh

rm -rf /Applications/"Install macOS High Sierra.app"

exit

@mm2270 No luck using /bin/rm

@ammonsc Tried your suggestion, but no resolve :(

@ammonsc Tried #!/bin/sh and #!bin/bash. Still nothing.

@emily I tried that too but still no luck. I appreciate the suggestions though!

is the policy giving you an error in the log? That may help to figure out the problem.

Ah. So strangely enough, in the past, scripts without a shebang in them would work when run from the Jamf console. We actually had a few back in the day, and they never had a problem running interestingly enough. I assume, at least back then, that the console would read the script extension (.sh), and assume a bash script and execute it correctly. That may have changed with version 9 or 10 though. Especially now that scripts can be created directly in the web UI and don't need any extension.

I made an incorrect assumption that the script line was being added to the Execute Command field, not run as a full script, given it's a single line. Because as a single command in Execute Command, it would have worked as is.

Removed.

I think something might be wrong with our JSS. The logs show that the script isn't actually being run as a part of the policy.

I would assume something is wrong with the policy first before assuming it's your whole Jamf Pro setup. Create a new policy and maybe even a new script and put them together and try it again.
And just a question, but, the policy IS running, correct? This isn't a case of the policy not running again because of the policy blackout window is it?

@mm2270 Yes the policy is running. I completely deleted and recreated both the policy and the script. When looking at the logs, it does not actually run the script at all. I've opened a case with Jamf support and hope to hear something soon.

Thank you everyone for your help. I will post the resolution when I have it.

We use this script:

sudo rm -rf "/Applications/Install macOS High Sierra.app"

I am using a policy and under "Files and Processes" I am searching for file by path and checked delete if found. I think this was a user requested feature a few revs back.

Maybe the script has an operating system requirement set in it's options, check the Limitations tab in the script editor.
You didn't copy another script to initially get started?

#!/bin/sh

## set the name of the appication to remove
appName="/Applications/Install macOS High Sierra.app"


logFile="/private/var/log/TECHUninstalls.log"

log () {
    /bin/echo $1
    /bin/echo $(date "+%Y-%m-%d %H:%M:%S: ") $1 >> $logFile 
}

log "-----"
log "If found, will remove $appName..."

if [ -d "$appName" ]
    then
        /bin/rm -rf "$appName"
        log "Removed $appName"
    else
        log "$appName wasn't there."
fi

I'm not sure why it's necessary to remove the old installer, since any time I've pushed an updated version to clients it overwrites the old one.

Sorry for the necromancy, but we're seeing users updating using old cached installers... I'd just nuke them all from orbit, but I worry about trying to delete the old one when it's being run. 

Anyone have a good way to check if it's running at all before just deleting it?