Help

Bash script help needed

Go to solution
dexterrivera
New Contributor III

Posted on ‎05-12-2014 11:43 AM

Hello,

I need to uninstall some old McAfee agents that are in my environment still after adding newer version to build process. Below is what I was hoping would work but I get a syntax error when I test. Any help would be much appreciated. Thanks.

#!/bin/bash

if [ -d "/Library/McAfee/shared/4.8.0" ]
then

else "/Library/McAfee/cma/uninstall.sh"
fi

0 Kudos
Reply
2 ACCEPTED SOLUTIONS

Go to solution
charles_hitch
Contributor II

Posted on ‎05-12-2014 12:12 PM

That being the case this is a better way to do it:

#!/bin/sh

# Define the desired ePO version
desired_epo="4.8.0.1085"

# Get the version info from the CLT
epo_version=`/Library/McAfee/cma/bin/msaconfig -version`

# Remove CMA aka ePO if not the desired version
if [ $epo_version != $desired_epo ]
then
    /Library/McAfee/cma/uninstall.sh
fi

As Josh pointed out though its good to make sure the commands you want to run exist (such as msaconfig and uninstall.sh) prior to attempting to execute them.

View solution in original post

0 Kudos
Reply

Go to solution
Josh_S
Contributor III

Posted on ‎05-12-2014 12:14 PM

@dexterrivera][/url - That is effectively what that script does. The first test bracket checks to make sure that the directory doesn't exist (the ! at the beginning inverses behavior), the second test bracket checks to make sure that the uninstaller.sh script exists.

If you want to add additional actions to the script and don't want everything encased in an "if" statement, you could exit out on checking if the directory exists.

#!/bin/sh

if [ -d "/Library/McAfee/shared/4.8.0" ]; then
    exit 0
elif [ -f "/Library/McAfee/cma/uninstall.sh" ]; then
    /Library/McAfee/cma/uninstall.sh
fi

# Add in additional script actions here. No machine that reaches this stage should have the 4.8.0 directory.

Edit: @charles.hitch solution looks pretty good too :)

View solution in original post

0 Kudos
Reply
12 REPLIES 12

Go to solution
charles_hitch
Contributor II

Posted on ‎05-12-2014 11:48 AM

You don't have any actions in your if statement. You need something on the line between "then" and else. Also you don't need quotes around /Library/McAfee/cma/uninstall.sh. Lastly be aware that if you run the cma uninstaller it will uninstall no matter what version is installed.

0 Kudos
Reply

Go to solution
dexterrivera
New Contributor III

Posted on ‎05-12-2014 11:53 AM

Ah, I thought I could leave blank if the 4.8.0 directory was found ending the script. I figured it would be like vbs scripting which is what I primarily do for our Windows environment.

So what can I put if the 4.8.0 directory is found? Is there a "end script" command? Thanks for the quick response by the way.

0 Kudos
Reply

Go to solution
Josh_S
Contributor III

Posted on ‎05-12-2014 11:57 AM

As @charles.hitch said, you need something in your if statement. I'm not sure exactly what you're trying to do, but if you're trying to run the installer if that directory doesn't exist then the following should work for you. Added in a check to make sure the uninstaller exists.

#!/bin/sh

if [ ! -d "/Library/McAfee/shared/4.8.0" ] && [ -f "/Library/McAfee/cma/uninstall.sh" ]; then
    /Library/McAfee/cma/uninstall.sh
fi
0 Kudos
Reply

Go to solution
dexterrivera
New Contributor III

Posted on ‎05-12-2014 12:06 PM

@Josh_S
4.8.0 is the version of the new agent pointing to my ePO server any version older than that needs to be uninstalled.

So effectively I need to the following:
If 4.8.0 is installed the directory exists so end script, else uninstall existing agent by running the uninstall.sh

0 Kudos
Reply

Go to solution
charles_hitch
Contributor II

Posted on ‎05-12-2014 12:12 PM

That being the case this is a better way to do it:

#!/bin/sh

# Define the desired ePO version
desired_epo="4.8.0.1085"

# Get the version info from the CLT
epo_version=`/Library/McAfee/cma/bin/msaconfig -version`

# Remove CMA aka ePO if not the desired version
if [ $epo_version != $desired_epo ]
then
    /Library/McAfee/cma/uninstall.sh
fi

As Josh pointed out though its good to make sure the commands you want to run exist (such as msaconfig and uninstall.sh) prior to attempting to execute them.

0 Kudos
Reply

Go to solution
Josh_S
Contributor III

Posted on ‎05-12-2014 12:14 PM

@dexterrivera][/url - That is effectively what that script does. The first test bracket checks to make sure that the directory doesn't exist (the ! at the beginning inverses behavior), the second test bracket checks to make sure that the uninstaller.sh script exists.

If you want to add additional actions to the script and don't want everything encased in an "if" statement, you could exit out on checking if the directory exists.

#!/bin/sh

if [ -d "/Library/McAfee/shared/4.8.0" ]; then
    exit 0
elif [ -f "/Library/McAfee/cma/uninstall.sh" ]; then
    /Library/McAfee/cma/uninstall.sh
fi

# Add in additional script actions here. No machine that reaches this stage should have the 4.8.0 directory.

Edit: @charles.hitch solution looks pretty good too :)

0 Kudos
Reply

Go to solution
dexterrivera
New Contributor III

Posted on ‎05-12-2014 12:19 PM

@charles.hitch
@Josh_S
Awesome. Thank you very much guys!

0 Kudos
Reply

Go to solution
mm2270
Legendary Contributor III

Posted on ‎05-12-2014 12:23 PM

We use McAfee here, and if I were you I wouldn't be relying on that folder's existence to know what version is installed as that could turn out to be faulty for a variety of reasons.
I would try something like this instead. You might have to adjust the below path, but it should be close

xpath /Configuration/Version[1] < /etc/cma.d/EPOAGENT3700MACX/config.xml 2>&1 | awk -F'[>|<]' '{print $3}'

Example result: 4.8.0.1500

You could build that process into your script to get the actual version installed and then take the appropriate action if its not the version you expect.
Be careful with just comparing strings though. The above "number" isn't actually a number, at least not so far as bash is concerned, so you may need to do something like strip out the periods to do a true integer comparison. Though I'd imagine you wouldn't run into any Macs that have a higher version installed, so it may not be necessary.

0 Kudos
Reply

Go to solution
dexterrivera
New Contributor III

Posted on ‎05-12-2014 12:29 PM

@mm2270
Yes, I noticed that xml file has the version but didn't know how to read the file to then execute on the result. I just began deploying 4.8.0.1500 so there aren't any other versions higher than 4.6 out there, I only have 50 machines left and this was to force them over since they didn't move over on the initial push. Thanks for the sample though, I'll save it.

0 Kudos
Reply

Go to solution
jennifer
Contributor

Posted on ‎05-12-2014 12:36 PM

I use an extension attribute to keep track of the versions installed. Then we use smart groups for the upgrades (or uninstalls in your case).

Version=`cat /etc/cma.d/EPOAGENT3700MACX/config.xml | egrep "<Version>.*</Version>" |sed -e "s/<Version>(.*)</Version>/1/"|tr "|" " "`

echo '<result>'$Version'</result>'
0 Kudos
Reply

Go to solution
dexterrivera
New Contributor III

Posted on ‎05-12-2014 01:07 PM

@jennifer_unger
Good stuff! I will set this up too. Thanks!

0 Kudos
Reply

Go to solution
jennifer
Contributor

Posted on ‎05-13-2014 04:39 AM

Just as a side note, I also have a different EA (that I'm sure came from JAMF Nation) that grabs the DAT version.

This one has been very helpful for security reporting purposes. 

#!/bin/sh
#This script has been verified to work on McAfee Security for Mac Anti-malware (v1.0).

#Check to see if McAfee Security is installed
if [ -f "/Library/Preferences/com.mcafee.ssm.antimalware.plist" ]; then
result=`/usr/bin/defaults read /Library/Preferences/com.mcafee.ssm.antimalware Update_DATVersion`
echo "<result>$result</result>"
else
echo "<result>Not installed</result>"
fi
Reply