Bash script help needed

dexterrivera
New Contributor III

Hello,

I need to uninstall some old McAfee agents that are in my environment still after adding newer version to build process. Below is what I was hoping would work but I get a syntax error when I test. Any help would be much appreciated. Thanks.

#!/bin/bash

if [ -d "/Library/McAfee/shared/4.8.0" ]
then

else "/Library/McAfee/cma/uninstall.sh"
fi

2 ACCEPTED SOLUTIONS

charles_hitch
Contributor II

That being the case this is a better way to do it:

#!/bin/sh

# Define the desired ePO version
desired_epo="4.8.0.1085"

# Get the version info from the CLT
epo_version=`/Library/McAfee/cma/bin/msaconfig -version`

# Remove CMA aka ePO if not the desired version
if [ $epo_version != $desired_epo ]
then
    /Library/McAfee/cma/uninstall.sh
fi

As Josh pointed out though its good to make sure the commands you want to run exist (such as msaconfig and uninstall.sh) prior to attempting to execute them.

View solution in original post

Josh_S
Contributor III

@dexterrivera][/url - That is effectively what that script does. The first test bracket checks to make sure that the directory doesn't exist (the ! at the beginning inverses behavior), the second test bracket checks to make sure that the uninstaller.sh script exists.

If you want to add additional actions to the script and don't want everything encased in an "if" statement, you could exit out on checking if the directory exists.

#!/bin/sh

if [ -d "/Library/McAfee/shared/4.8.0" ]; then
    exit 0
elif [ -f "/Library/McAfee/cma/uninstall.sh" ]; then
    /Library/McAfee/cma/uninstall.sh
fi

# Add in additional script actions here. No machine that reaches this stage should have the 4.8.0 directory.

Edit: @charles.hitch solution looks pretty good too :)

View solution in original post

12 REPLIES 12

charles_hitch
Contributor II

You don't have any actions in your if statement. You need something on the line between "then" and else. Also you don't need quotes around /Library/McAfee/cma/uninstall.sh. Lastly be aware that if you run the cma uninstaller it will uninstall no matter what version is installed.

dexterrivera
New Contributor III

Ah, I thought I could leave blank if the 4.8.0 directory was found ending the script. I figured it would be like vbs scripting which is what I primarily do for our Windows environment.

So what can I put if the 4.8.0 directory is found? Is there a "end script" command? Thanks for the quick response by the way.

Josh_S
Contributor III

As @charles.hitch said, you need something in your if statement. I'm not sure exactly what you're trying to do, but if you're trying to run the installer if that directory doesn't exist then the following should work for you. Added in a check to make sure the uninstaller exists.

#!/bin/sh

if [ ! -d "/Library/McAfee/shared/4.8.0" ] && [ -f "/Library/McAfee/cma/uninstall.sh" ]; then
    /Library/McAfee/cma/uninstall.sh
fi

dexterrivera
New Contributor III

@Josh_S
4.8.0 is the version of the new agent pointing to my ePO server any version older than that needs to be uninstalled.

So effectively I need to the following:
If 4.8.0 is installed the directory exists so end script, else uninstall existing agent by running the uninstall.sh

charles_hitch
Contributor II

That being the case this is a better way to do it:

#!/bin/sh

# Define the desired ePO version
desired_epo="4.8.0.1085"

# Get the version info from the CLT
epo_version=`/Library/McAfee/cma/bin/msaconfig -version`

# Remove CMA aka ePO if not the desired version
if [ $epo_version != $desired_epo ]
then
    /Library/McAfee/cma/uninstall.sh
fi

As Josh pointed out though its good to make sure the commands you want to run exist (such as msaconfig and uninstall.sh) prior to attempting to execute them.

Josh_S
Contributor III

@dexterrivera][/url - That is effectively what that script does. The first test bracket checks to make sure that the directory doesn't exist (the ! at the beginning inverses behavior), the second test bracket checks to make sure that the uninstaller.sh script exists.

If you want to add additional actions to the script and don't want everything encased in an "if" statement, you could exit out on checking if the directory exists.

#!/bin/sh

if [ -d "/Library/McAfee/shared/4.8.0" ]; then
    exit 0
elif [ -f "/Library/McAfee/cma/uninstall.sh" ]; then
    /Library/McAfee/cma/uninstall.sh
fi

# Add in additional script actions here. No machine that reaches this stage should have the 4.8.0 directory.

Edit: @charles.hitch solution looks pretty good too :)

dexterrivera
New Contributor III

@charles.hitch
@Josh_S
Awesome. Thank you very much guys!

mm2270
Legendary Contributor III

We use McAfee here, and if I were you I wouldn't be relying on that folder's existence to know what version is installed as that could turn out to be faulty for a variety of reasons.
I would try something like this instead. You might have to adjust the below path, but it should be close

xpath /Configuration/Version[1] < /etc/cma.d/EPOAGENT3700MACX/config.xml 2>&1 | awk -F'[>|<]' '{print $3}'

Example result: 4.8.0.1500

You could build that process into your script to get the actual version installed and then take the appropriate action if its not the version you expect.
Be careful with just comparing strings though. The above "number" isn't actually a number, at least not so far as bash is concerned, so you may need to do something like strip out the periods to do a true integer comparison. Though I'd imagine you wouldn't run into any Macs that have a higher version installed, so it may not be necessary.

dexterrivera
New Contributor III

@mm2270
Yes, I noticed that xml file has the version but didn't know how to read the file to then execute on the result. I just began deploying 4.8.0.1500 so there aren't any other versions higher than 4.6 out there, I only have 50 machines left and this was to force them over since they didn't move over on the initial push. Thanks for the sample though, I'll save it.

jennifer
Contributor

I use an extension attribute to keep track of the versions installed. Then we use smart groups for the upgrades (or uninstalls in your case).

Version=`cat /etc/cma.d/EPOAGENT3700MACX/config.xml | egrep "<Version>.*</Version>" |sed -e "s/<Version>(.*)</Version>/1/"|tr "|" " "`

echo '<result>'$Version'</result>'

dexterrivera
New Contributor III

@jennifer_unger
Good stuff! I will set this up too. Thanks!

jennifer
Contributor

Just as a side note, I also have a different EA (that I'm sure came from JAMF Nation) that grabs the DAT version.

This one has been very helpful for security reporting purposes.

#!/bin/sh
#This script has been verified to work on McAfee Security for Mac Anti-malware (v1.0).

#Check to see if McAfee Security is installed
if [ -f "/Library/Preferences/com.mcafee.ssm.antimalware.plist" ]; then
result=`/usr/bin/defaults read /Library/Preferences/com.mcafee.ssm.antimalware Update_DATVersion`
echo "<result>$result</result>"
else
echo "<result>Not installed</result>"
fi