#!/bin/sh ################################################################################################### # Created by Mike Boylan, adapted from Crowdstrike script by David Larrea & Matt Wilson # support@kandji.io | Kandji, Inc. ################################################################################################### # Created - 01/20/2022 ################################################################################################### # Tested macOS Versions ################################################################################################### # # 12.1 # 12.0.1 # ################################################################################################### # Software Information ################################################################################################### # # This Audit and Enforce script is used to ensure that a specific configuration # profile is installed and ensure that the software is running after installation. # # Configuration profiles are linked to in the deployment instructions found in the # Kandji Knowledge Base. # ################################################################################################### # License Information ################################################################################################### # Copyright 2021 Kandji, Inc. # # Permission is hereby granted, free of charge, to any person obtaining a copy of this # software and associated documentation files (the "Software"), to deal in the Software # without restriction, including without limitation the rights to use, copy, modify, merge, # publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons # to whom the Software is furnished to do so, subject to the following conditions: # # The above copyright notice and this permission notice shall be included in all copies or # substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, # INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR # PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE # FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR # OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER # DEALINGS IN THE SOFTWARE. ################################################################################################### # Script version VERSION="1.0" ################################################################################################### ###################################### VARIABLES ################################################## ################################################################################################### # Change the PROFILE_PAYLOAD_ID_PREFIX variable to the profile prefix you want to wait on before # running the installer. If the profile is not found, this audit and enforce script will exit 0 # and do nothing until the next Kandji agent check-in. # These are the profile prefixes that contain all settings PROFILE_PAYLOAD_ID_PREFIXES=("com.malwarebytes.tcc" "io.kandji.mwbnotifications") # App info APP_NAME="Malwarebytes" APP_PATH="/Library/Application Support/Malwarebytes/Malwarebytes Endpoint Agent/EndpointAgentDaemon.app" PROCESS_LABEL="com.malwarebytes.agent.daemon" ################################################################################################### ##################################### FUNCTIONS ################################################### ################################################################################################### load_agent() { # Load Agent /bin/launchctl load "/Library/LaunchDaemons/$PROCESS_LABEL.plist" } check_agent() { pid=$(/bin/launchctl list | /usr/bin/grep $PROCESS_LABEL | /usr/bin/cut -f 1) echo $pid } ################################################################################################### ##################################### MAIN LOGIC ################################################## ################################################################################################### # All of the main logic be here ... modify at your own risk. # Look for profiles for prefix in "${PROFILE_PAYLOAD_ID_PREFIXES[@]}"; do matched_profiles=( $(/usr/bin/profiles show | /usr/bin/grep "$prefix" | /usr/bin/sed 's/.*\ //') ) if [[ ${#matched_profiles[@]} -eq 0 ]]; then echo "At least one profile with prefix $prefix was not found ..." echo "Waiting until all profiles are installed before proceeding ..." echo "Will check again at the next Kandji agent check-in ..." exit 0 fi done # If we got here, then all the requires profiles are installed. echo "All $APP_NAME profiles are installed ..." # Now check to see if the app is installed if [[ ! -e "$APP_PATH" ]]; then echo "$APP_NAME is not installed ..." echo "Starting the installation process ..." exit 1 fi # Get the PID process_id="" loop_counter=0 # Loop until the pid is found or we have checked the status 5 times while [[ -z "$process_id" ]] && [[ "$loop_counter" -lt 6 ]]; do # Get the PID process_id="$(check_agent)" # If no PID is returned, try to reload the process. if [[ -z "$process_id" ]]; then echo "Agent not running ..." echo "Attempting to reload ..." # Call the function $(load_agent) # Check for new pid new_pid=$(check_agent) # Check to see if the agent loaded successfully if [[ -n "$new_pid" ]]; then echo "Agent loaded successfully ..." else echo "Failed to load agent ..." echo "Will try again ..." /bin/sleep 3 # Increment counter ((loop_counter++)) if [[ "$loop_counter" -gt 5 ]]; then echo "Unable to load the agent successfully ..." echo "Reinstalling $APP_NAME" exit 1 fi fi else # Agent is running echo "Agent ($process_id) is running ..." fi done # Everything checks out echo "$APP_NAME appears to be running properly ..." echo "Nothing to do ..." exit 0