Script assistance deleting files in user folders

mkimmel_us
New Contributor II

We have a couple of script needs that are similar and involve deleting specific files within a user's profile. One example is Hotspot Shield. This app only has 5 things to delete, so we have used a script like I've listed below, and pushed it out as a policy using the every5 to make sure users are not reinstalling it.

sudo rm -r ~/Library/Caches/com.anchorfree.hss
sudo rm -rf ~/Library/Caches/com.anchorfree.Hotspot_Shield
sudo rm ~/Library/Preferences/com.anchorfree.Hotspot_Shield.plist
sudo rm -rf /Library/ApplicationSupport/HotsportShield
sudo rm -rf /Applications/HotspotShield.app

When it executes, we see a log file that looks like this, and does not indicate a problem. It does not delete the items that are listed.

unning script Hotspot Shield Removal Script.sh...
Script exit code: 0
Script result: rm: /var/root/Library/Caches/com.anchorfree.hss: No such file or directory
rm: /var/root/Library/Preferences/com.anchorfree.Hotspot_Shield.plist: No such file or directory
Unmounting file server...
Displaying message to end user...

I am new to scripting on Macs, so I'm not really sure where the issue lies. Can anyone provide some guidance? I've tried searching the site for the last couple of days, and have not found anything useful.

Thanks

Mike

21 REPLIES 21

mm2270
Legendary Contributor II
rm: /var/root/Library/Preferences/com.anchorfree.Hotspot_Shield.plist: No such file or directory

That line spells it out. When a Casper Suite policy runs a script or any command, its doing so from the "root" account on the Mac and not the account of the logged in user. In the error line above, its saying it can't find the file to delete in the path /var/root/Library/Preferences.

As a result, you need to tell your script to get the current logged in user account and replace that in the path instead of using the ~ shortcut. There are several ways to do it, and most have been outlined in threads here on JAMF Nation. Here are just two-

who | awk '/console/{ print $1 }'
ls -l /dev/console | awk '{ print $3 }'

So, how to use that in the script above? Make it into a variable like so:

currUser=$( who | awk '/console/{ print $1 }' )

or

currUser=$( ls -l /dev/console | awk '{ print $3 }' )

Then in the script, replace all the tilde's (~) with:

$currUser

So it would look something like this instead

#!/bin/sh
currUser=$( who | awk '/console/{ print $1 }' )

rm -r /Users/$currUser/Library/Caches/com.anchorfree.hss

You also don't need the sudo in the command since its already running with sudo privileges if its running from a Casper Suite policy.

rtrouton
Valued Contributor III

Another way that would remove the files from all user home folders (assuming they're in /Users) would be something like this:

#!/bin/sh

# delete needed files

for USER_HOME in /Users/*
  do
    USER_UID=`basename "${USER_HOME}"`
    if [ ! "${USER_UID}" = "Shared" ]; then
       # Removing cache files from users' ~/Library/Caches
       if [ -d "${USER_HOME}"/Library/Caches ]; then
    rm -rf "${USER_HOME}"/Library/Caches/com.anchorfree.hss
    rm -rf "${USER_HOME}"/Library/Caches/com.anchorfree.Hotspot_Shield
       fi
       # Removing preference file from users' ~/Library/Preferences    
       if [ -f "${USER_HOME}"/Library/Preferences/com.anchorfree.Hotspot_Shield.plist ]; then
    rm -rf "${USER_HOME}"/Library/Preferences/com.anchorfree.Hotspot_Shield.plist
       fi
       # Removing Hotsport Shield directory from users' ~/Library/Application Support
       if [ -d "${USER_HOME}"/Library/ApplicationSupport/HotsportShield ]; then
    rm -rf "${USER_HOME}"/Library/ApplicationSupport/HotsportShield
       fi
       # Removing Hotspot Shield.app from /Applications
       if [ -d /Applications/Hotspot Shield.app ]; then
    rm -rf /Applications/Hotspot Shield.app
       fi
    fi
done

In this instance, the script will loop through the home directories in /Users and remove the specified files if found, then also check for the Hotspot Shield application and remove it from /Applications.

Note: Haven't tested this script. No warranties on correct performance. Offer void in Utah.

mm2270
Legendary Contributor II

Indeed. I was going to add in the possibility of looping through all existing home folders, but decided not to since the OP said he was new to scripting. πŸ™‚

mkimmel_us
New Contributor II

Since rtrouton just created the entire script, I tried that one first. When the script is executed it appears to work exactly as intended, except that the actual Hotspot Shield.app is not deleted. Any thoughts?

Here is the log:

/usr/sbin/jamf is version 8.62 Executing Policy HotSpot TEST... Mounting afp://jsshv.hv.us.edu/CasperShare to /Volumes/CasperShare... Running script HotspotShieldRemovalScript.sh... Script exit code: 0 Script result: Unmounting file server... Running Recon... Locating mobile device records...

(Thank you so much for the quick reply mm2270. I was in the middle of typing up your script when rtrouton replied)

Mike

rtrouton
Valued Contributor III

See, this is why the offer is void in Utah. πŸ™‚ I forgot to put a space between Hotspot and Shield.app. I've corrected it in the script above.

mkimmel_us
New Contributor II
See, this is why the offer is void in Utah. πŸ™‚ I forgot to put a space between Hotspot and Shield.app. I've corrected it in the script above.

I should have noticed that myself <headslap>

Trying that now. Thanks!

mkimmel_us
New Contributor II

Annoyingly,

...a space between Hotspot and Shield.app
did not work.

rtrouton
Valued Contributor III

OK, try this script. I've removed the check to see if Hotspot Shield.app is there and the script should now just delete the application.

#!/bin/sh

# delete needed files

rm -rf /Applications/Hotspot Shield.app

for USER_HOME in /Users/*
  do
    USER_UID=`basename "${USER_HOME}"`
    if [ ! "${USER_UID}" = "Shared" ]; then
       # Removing cache files from users' ~/Library/Caches
       if [ -d "${USER_HOME}"/Library/Caches ]; then
    rm -rf "${USER_HOME}"/Library/Caches/com.anchorfree.hss
    rm -rf "${USER_HOME}"/Library/Caches/com.anchorfree.Hotspot_Shield
       fi
       # Removing preference file from users' ~/Library/Preferences    
       if [ -f "${USER_HOME}"/Library/Preferences/com.anchorfree.Hotspot_Shield.plist ]; then
    rm -rf "${USER_HOME}"/Library/Preferences/com.anchorfree.Hotspot_Shield.plist
       fi
       # Removing Hotsport Shield directory from users' ~/Library/Application Support
       if [ -d "${USER_HOME}"/Library/Application Support/Hotsport Shield ]; then
    rm -rf "${USER_HOME}"/Library/Application Support/Hotsport Shield
       fi
    fi
done

mkimmel_us
New Contributor II

Okay, I apologize rtrouton, the issue was that I'd fogrotten to add the space for both lines of the code referencing the app. It was the end of a long day, and I was rushing to try and get it done. Hopefully I didn't make you wrack you brain too much for no reason. Thank you so much for the hand-holding. I've been working with Windows-based scripts for years, but these UNIX based scripts are completely new to me. Cheers

Mike

rhooper
Contributor III

We have a folder within the Current Users folder called Applications. Within that is another folder called Chrome Apps and a file that is not supposed to be there.

Will this script work to remove that file if I changed the name of the specific file(s) being searched for?

Or would it be easier to delete the entire Applications folder within the logged in Users account?

Scripting is not a strong point for me, but I am learning, very fast. Attached is the screen shot of the folder and Files in question. The problem is we have several hundred differently named user accounts. I do not want to mess it up and delete the entire Users Folder... that would be bad.... real bad....
Would love to use JAMF to push out a script to take care of this. We need this by tomorrow so a script push tonight would be great.

b8941cc60cce488e9f059019408ef4a1

mm2270
Legendary Contributor II

@rhooper Yes, you could adapt the script above from Rich to work on locating and deleting those specific folders/files in each user account. The first rm -rf line won't be needed in your case since you're looking only for some directories, not an app in the Applications folder.

I would do it that way rather than blow the entire~/Applications/ folder away, because other applications may also put stuff there and you may end up deleting stuff you didn't intend to.

rhooper
Contributor III

@mm2270 So we are having issues once again.
I have tried the following script:

!/bin/sh

currUser=$( who | awk '/console/{ print $1 }' )
rm -rf /Users/$currUser/Applications/Chrome Apps/TestNav.app

The first line is the Shell, but you know this. The second line is to locate the currently logged in user?
rm -rf /Users/$curr.... is used to go tot he currently logged in user then to Applications/Chrome Apps/TestNav.app and remove it. I have tried -r, I have tried Chrome Apps/TestNav... It still has an error that is not explained in JAMF.
Am I missing something? Current experience with scripting in not good and new.

We need to get this off of there really quickly.
Thanks all

djdavetrouble
Contributor III

@rhooper your shebang is malformed, but that may be from the posting

#!/bin/sh

There are some better ways of getting current user:
current user

And probably want to quote your variable
rm -rf /Users/"$currUser"/Applications/Chrome Apps/TestNav.app

And, since you are in userspace, you may be bumping into PPPC restrictions.

rlandgraf
Contributor

@rhooper You need to put a in the middle of Chrome Apps or put quotes around the whole path.
This should work:

#!/bin/sh

currUser=$( who | awk '/console/{ print $1 }' )
rm -rf /Users/$currUser/Applications/Chrome Apps/TestNav.app

rhooper
Contributor III

@djdavetrouble & @rlandgraf The between Chrome Apps was attempted and failed.
Sorry the # did not copy and I did not catch it before posting.
I just added the "" around $currUser and readded the slash. It looks like this rm -rf /Users/"$currUser"/Applications/Chrome Apps/TestNav.app
I am not a scripter so this is all confusing how it parses for the proper location and holds it in a variable.

It failed again at step 2 of 4. Executing the "removal of Chrome TestNav.app policy"

djdavetrouble
Contributor III

See my advice about current user, your method returns a null string for me.

rlandgraf
Contributor

@rhooper Apologies I did not look close enough. Try this:

#!/bin/sh
currUse=$(/bin/ls -l /dev/console | /usr/bin/awk '/ / { print $3}')
rm -rf /Users/$currUser/Applications/Chrome Apps/TestNav.app

rhooper
Contributor III

@djdavetrouble I see the need for "" around the variable.
How do you know it returns a null value? I am trying to understand it, but which one to use with current user? pythin which is now python3 bash to sh? I fell really dumb in this arena.

rhooper
Contributor III

@rlandgraf I added an 'r' to your script. Hope that was OK?
Still failing. Not sure why though.
currUser equals all the stuff between ( ). Is this correct?
Not sure what the { print $3} is at all though.

rhooper
Contributor III

Why can I not use just the $USER as my variable directly?
Another thing I noticed. I dragged the Application directly to the Terminal window. the address is not Chrome Apps/TestNav.app but rather ChromeApps.localized/TestNav.app.
A direct rm -rf Users/$USER/Applications/Chrome Apps.localized/TestNav.app does, in fact, remove the application. Somehow I think the problem lies in the Users variable and its parsing. Either way the rm -rf script did not work if I used $USER or currUser.

rhooper
Contributor III

combined this post and another