Lateral thinking. You could try this...
You will need
A second script to delete the file
A watched file
Maybe a temp file or 2 to pass information across between the 2 scripts.
In your script, when you want to delete the file, put in a touch /path/to/watched/file, then pause for 10 seconds. Set the LaunchDaemon to watch that file, and when it sees the touch it will run the delete script. I have used temp files to pass information between the 2 scripts like usernames etc. The script run by the Daemon will be run locally as root. Had success in the past with troublesome folders in Users accounts by using this method. Just remember to leave the watched file alone, or the Daemon will run.
Not saying it will work. But it is using Apple methodology locally on the Mac rather than something from an MDM or some other source.
Daemon Something along these lines
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>com.unique.daemon.name</string> <key>ProgramArguments</key> <array> <string>/path/to/daemon/script.sh</string> <string>-argument</string> </array> <key>WatchPaths</key> <array> <string>/path/to/watched/file</string> </array> </dict> </plist>
Watching this file /path/to/watched/file
Runs as root this script /path/to/daemon/script.sh
If you have specific info, like a username to pass then echo $"the variable" > /to/a/temp/location/file. Then in the Daemon script newvar=$(cat /to/a/temp/location/file). Now use $newvar in the Daemon script.
Your main script will then need
/usr/bin/touch /path/to/watched/file /bin/sleep 10
Put this in where you would have the rm command, and the Daemon should handle that for you.
For some strange reason I found more success with rm -Rfv
Not a clue why verbose would be more successful, but whatever works.
Not tested or even tried this in Big Sur. The basic method does work, of touching a watched file to launch a Daemon.
I have been using jamf DeleteAccount DeleteHomeDir and it works at times. I find my self working on a few machines , go back later to run it again. and then it fails with can't remove the /Users/HomeFolder
It does remove the user account, just not the homefolder. If I remove the deleteHomeDir it will create a deleted users folder tell me that is making a dmg, but never does. i'll try the v and see what happens.