McAfee SmartInstaller.sh installation issues

NYBGIT
New Contributor III

Hi All,

i am having great difficulty deploying McAfeeSmartInstaller.sh to machines running MacOS Catalina and Big Sur. Some may not be using the McAfeeSmartInstaller.sh but the installer.sh script with some success. I am unable to find where this installer.sh sits on the ePO as it always downloads the McAfeeSmartInstaller.sh

I've found many articles as to why the installer isnt working on the most recent OS which are:

  1. About the read-only system volume in macOS Catalina - Apple Support - Apple created a read-only volume from Catalina also noted in thread Solved: Problem deploying McAfee EPO to bigsur - Jamf Nation Community - 241670
  2. Deploying McAfee products with Jamf Pro software - there's an existing bug located in the McAfeeSmartInstaller.sh on Line 5 that needs to be changed to From temp_directory=`sudo mktemp -d McAfeeSmartInstall_XXXXXX` To temp_directory=`sudo mktemp -d /tmp/McAfeeSmartInstall_XXXXXX`
  3. Smart Installer displays a password logon prompt in silent mode (mcafee.com) - disabling the admin prompt when the installer is running by changing line 45 and 46, and set the Absolute path, instead of the symbolic link: From:
    sudo cp -f $temp_directory/coninfo.xml /tmp/coninfo.xml
    open -W -a "$temp_directory/$APP_FILE_NAME" --args -c "/tmp/coninfo.xml" "$@"

    To:
    sudo cp -f $temp_directory/coninfo.xml /private/tmp/coninfo.xml
    "$temp_directory/$APP_FILE_NAME/Contents/MacOS/McAfeeSmartInstall" -c "/private/tmp/coninfo.xml" -s -g

None of which seems to resolve my issue.

Scenario 1:

I created a postinstall script to run in the package i created which dumps the McAfeeSmartInstaller.sh in the /private/tmp directory. Permission on the /tmp is 777 and the file is 755. The post install script was taken from McAfee-Agent/postinstall.sh at master · franton/McAfee-Agent · GitHub with changes to reflect my environment. I try executing the package locally i receive the error

Creating temporary directory...
chmod: /private/tmp/PKInstallSandbox.UxwMKL/Scripts/mcafeeenterpriseagent5.7.3.t6Z7Wv//tmp/McAfeeSmartInstall_YMWT0Q: No such file or directory

If i change line 5 to temp_directory=`sudo mktemp -d McAfeeSmartInstall_XXXXXX` the installer hangs (package installation) at installer[11292]: PackageKit: Enqueuing install with framework-specified quality of service (utility). If i execute the McAfeeSmartInstaller.sh directly from terminal everything works as expect. This is the same when using JAMF remote to execute the package. When i try to execute using the policy it fails on creating a temporary directory. So JAMF is executing it differently in different scenarios. 

 

At this point i am completely stuck on how to fix this issue. i have tried numerous fixes which i did not explain to keep the thread short. Has anyone came around to resolving this issue.  

6 REPLIES 6

NYBGIT
New Contributor III

I was able to resolve this issue speaking with Jamf support. It turns out when a policy is ran it uses the root user.

There is a small difference between running policies with a policy versus with Jamf Remote. Policies run via policy are executed as the root user, whereas policies executed via Jamf Remote are executed as the management account with root privileges.

For example, if a script says to change some file in ~/Documents/somefile.txt, when run from Jamf Remote this is going to modify a file in: /Users/$managementAccount/Documents/somefile.txt.
 
However if run via policy then this would modify a file in: /var/root/Documents/somefile.txt, which most of the time will not work, since there is not typically a Documents directory in /var/root.

To avoid this, i explicitly changed the directory in the script before it begins the installation.  Taking this post install script from McAfee-Agent/postinstall.sh at master · franton/McAfee-Agent · GitHub , after line 42 i changed the directory  adding "cd /private/tmp". This resolved my issue 

ericbenfer
Contributor III

Following your example, I've got a pkg mostly working.

The McAfeeSmartInstall.sh kicks off and launches the GUI McAfeeSmartInstall.app which bounces for several minutes. It finally stops bouncing, but the pkg/Installer.app never closes out.

NYBGIT
New Contributor III

How are you running the script? 

NYBGIT
New Contributor III

Here's how im executing the script in Jamf as a policy

#!/bin/bash

# Script to install latest McAfee version from install.sh script.
# Should also upgrade any previous software before proceeding.

# Author : contact@richard-purves.com
# Version : 1.0 - Initial Version

# Set up log file, folder and function
LOGFOLDER="/var/log/organisation"
LOG=$LOGFOLDER"/McAfee-Install.log"

if [ ! -d "$LOGFOLDER" ];
then
mkdir $LOGFOLDER
fi

echo $( date )" - Starting installation of McAfee Agent" > $LOG

logme()
{
# Check to see if function has been called correctly
if [ -z "$1" ]
then
echo $( date )" - logme function call error: no text passed to function! Please recheck code!"
exit 1
fi

# Log the passed details
echo "" >> $LOG
echo $( date )" - "$1 >> $LOG
echo "" >> $LOG
}

# Check for existing McAfee agent. Upgrade if present. Full install if not.

logme "Installing McAfee Agent."
cd /private/tmp
/private/tmp/McAfeeSmartInstall.sh 2>&1 | tee -a ${LOG}


# Now make the agent check for policies and other tasks

/bin/sleep 30

logme "Checking for new policies"
/Library/McAfee/agent/bin/cmdagent -c 2>&1 | tee -a ${LOG}

/bin/sleep 10

logme "Collecting and sending computer properties to ePO server"
/Library/McAfee/agent/bin/cmdagent -p 2>&1 | tee -a ${LOG}

/bin/sleep 10

logme "Forwarding events to ePO server"
/Library/McAfee/agent/bin/cmdagent -f 2>&1 | tee -a ${LOG}

/bin/sleep 10

logme "Enforcing ePO server policies"
/Library/McAfee/agent/bin/cmdagent -e 2>&1 | tee -a ${LOG}


# Delete script
rm -rf /private/tmp/McAfeeSmartInstall.sh

#Check-in to JAMF
/usr/local/jamf/bin/jamf recon

#Grab new profiles
/usr/local/jamf/bin/jamf manage

# All done!

logme "Installation script completed"

NYBGIT
New Contributor III

In the past I had always just created a pkg and ran the "Install - McAfee Agent" script as a postinstall script all within the pkg.

This time around it does not seem to like that approach.

I was able to get it working by running the "Install - McAfee Agent" from a policy... Just like what you are doing.

Thanks.