- Jamf Nation Community
- Products
- Jamf Pro
- How do I delete a launch daemon using a script?
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
I have been working on a policy that will create a temporary admin account. A launch daemon gets installed and launched to handle the account deletion. Once the alotted time has elapsed, I see the account and its home folder get deleted. I see that the launchd process is no longer running. Everything works exactly as intended, but the launch daemon does not get deleted. I can manually run a command such as "sudo rm /Library/LaunchDaemons/com.my.launchdaemon.plist" and that works perfectly. The launch daemon triggers another Jamf Pro policy to run that deploys a script that runs the account deletion, deletes the home folder, unloads the launch daemon and then is supposed to delete the launch daemon. A moment ago, I commented out all the steps except the launchdaemon unload and deletion, and watched as the script deleted the launch daemon! Below are all the steps that the script runs.
#!/bin/zsh
# Delete the Rescue Admin account and its home folder
echo "Removing Rescue Admin account"
dscl . -delete /Users/rescueadmin
echo "Deleting home folder"
rm -rf /Users/rescueadmin
# Unload and delete the Rescue Admin launch daemon
echo "Unloading launchdaemon"
launchctl bootout system /Library/LaunchDaemons/com.cbre.RescueAdmin.plist
echo "Deleting launchdaemon"
rm -f "/Library/LaunchDaemons/com.cbre.RescueAdmin.plist"I don't understand why removing all the previous steps in the script allows the launch daemon to get deleted. I know there are other temporary admin account solutions but I wanted to create one myself. It's only the launch daemon deletion that won't work. How can I delete the launch daemon?
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
I should have added that because the process for the LaunchDaemon is still running the .plist for it is still "busy" and won't go away until the process is killed.
Reply
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday - last edited yesterday
@howie_isaacks Your bootout command is wrong.
Should be
launchctl bootout system/com.cbre.RescueAdmin(or whatever the label is for the LaunchDaemon)
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday - last edited yesterday
OK. The launch daemon does get unloaded. I see that when I run launchctl list. It just doesn't get deleted. I will modify the bootout command as you mentioned.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
I should have added that because the process for the LaunchDaemon is still running the .plist for it is still "busy" and won't go away until the process is killed.
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
You're right! And right after I responded to you a moment ago, I realized that plist won't get deleted if it's still in use. Here's what has worked twice over the last few minutes. I removed the unload and delete steps from the script that handles the account deletion. I added those steps to files and processes in the same policy that is running the script that deletes the admin account. That worked! I set the launch daemon to launch this process after 2 minutes. When I put this into production, I will set it to 15 or 20 minutes.
