I am trying to deploy McAfee to endpoints using a fixlet. Troubles is there is only a Wizard for RPM packages. McAfee only provides the shell script (.sh) to install on endpoints. Does anyone know how I can take this shell script and run it on endpoints?
I thought if I could copy the script and put it in the fixlet as a .sh instead of action script it would work. Trouble is the shell script has custom information that is unreadable.
My Idea is if I can download the “McAfeeInstaller.sh” file using bigfix then have bigfix run the shell script. If anyone has any advice on this type of issue I would appreciate it.
You can use the createfile command to create the script on endpoints without doing a download, then run it. See this example:https://bigfix.me/fixlet/details/24629
Can you provide the script in question in the forum? (please redact any server info or credentials specific to your org)
Can you provide links to the McAfee documentation for this process?
My intention is to download it from my BigFix server where its cached to the file path: /var/opt/BESClient/__BESData/CustomSite/Downloads/
Then run it from there? Can you help me do that?
The McAfee shell script has custom information in it that is unreadable. I’m not sure we could leverage it. But I can give you what the script says.
#!/bin/sh
PATH=/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin
platform=`uname`
if [ "$platform" != "Linux" ];then
echo "This package must be installed on Linux Platform."
echo "Aborting installation."
exit 1
fi
user=`id | cut -d'=' -f2 | cut -d\( -f1`
if [ $user -ne 0 ]; then
echo "This package needs root authentication to install."
exit 1
fi
umask 022
BOOTSTRAP_PAYLOAD="bootstrap.tar.gz"
INSTALL_COMMAND="./McAfeeSmartInstall $@"
IsResume=0
BOOTSTRAP_SESSION_FILE="/etc/cma.d/bootstrap_temp.txt"
if [ -f "$BOOTSTRAP_SESSION_FILE" ] ;then
temp_directory=`cat $BOOTSTRAP_SESSION_FILE`
fi
if [ ! -e "$temp_directory" ] ;then
temp_directory=`mktemp -d bootstrap_XXXXXX`
echo Creating temporary directory...
else
echo Resuming download from \"$temp_directory\" directory...
IsResume=1
fi
####bootstrap_size=914432
bootstrap_size=1741894
block_size=512
#get bootstrap.sh file name
command=$0
if [ -e "$temp_directory" ] ;then
mkdir -p /etc/cma.d
echo "$temp_directory" > $BOOTSTRAP_SESSION_FILE
required_space=`du -b "$command" | cut -f1`
required_space=`expr 2 \* $required_space`
echo space required to copy archive is $required_space bytes
available_space=`df -B 1 $temp_directory | tail -n -1 | awk '{if ( $4 ~ /%/) { print $3 } else { print $4 } }'`
echo space available at $temp_directory is $available_space bytes
if [ $required_space -gt $available_space ];then
echo Not enough space to extract contents
rm -rf $temp_directory
exit 1
fi
echo "extracting archive to $temp_directory... please wait"
SKIP=`awk '/^__ARCHIVE_FOLLOWS__/ { print NR + 1; exit 0; }' "$0"`
tail -n +$SKIP "$command" > "$temp_directory"/payload
nblocks=`expr $bootstrap_size / $block_size`
remainder=`expr $bootstrap_size % $block_size`
if [ 0 != $remainder ];then
nblocks=`expr $nblocks + 1`
fi
if [ $IsResume -eq 1 ] && [ -f $temp_directory/coninfo.xml ];then
mv $temp_directory/coninfo.xml $temp_directory/coninfo.xml.tmp
echo Creating backup of coninfo.xml...
fi
dd if="$temp_directory"/payload of="$temp_directory"/$BOOTSTRAP_PAYLOAD bs=1 count=$bootstrap_size
dd if="$temp_directory"/payload of="$temp_directory"/coninfo.xml bs=512 skip=$nblocks
BOOTSTRAP_BINARY="bootstrap"
cd $temp_directory
if [ -f "bootstrap.tar.gz" ] ;then
gunzip -f bootstrap.tar.gz
tar -xf bootstrap.tar
if [ -f "/etc/SuSE-release" ] ;then
BOOTSTRAP_BINARY="bootstrap_x32"
rm -rf bootstrap_x64
elif [ `uname -m` = "x86_64" ]; then
BOOTSTRAP_BINARY="bootstrap_x64"
rm -rf bootstrap_x32
else
BOOTSTRAP_BINARY="bootstrap_x32"
rm -rf bootstrap_x64
fi
rm -rf bootstrap.tar.gz
fi
chmod +x $BOOTSTRAP_BINARY
mv -f $BOOTSTRAP_BINARY McAfeeSmartInstall
$INSTALL_COMMAND
returncode=$?
mv McAfeeSmartInstall_* .. 2>/dev/null
cd ..
#if BOOTSTRAP_SESSION_FILE file exist then it is a network issue, and resume in next run, don't remove the temp directory
if [ ! -f "$BOOTSTRAP_SESSION_FILE" ] ;then
rm -rf "$temp_directory"
fi
if [ $returncode -ne 0 ];then
exit 1
fi
exit 0
fi
exit 1
##DO NOT PUT ANYTHING AFTER __ARCHIVE_FOLLOWS__ UNDER ANY CIRCUMSTANCE (NOT EVEN WHITESPACE).
##DOING SO WILL RENDER THE SCRIPT UNUSABLE
###SUCCESSFUL extraction from the zip depends on it
Yes, It doenst matter to me what folder it runs out of. McAfee only gives the (shell script) through the ePO (ePolicy Orchestrator) console. It has so custom parts that is unreadable. I would think its best to just download the (shell script) they gave me and run it.
So If you think running it out of (/tmp) would be better I’m all for it.
so there isn’t a bootstrap.tar.gz file in addition to the script??? based upon reading through the script it seems like there should be… or it downloads that file somehow, but I don’t see how.
Are you saying what you copy and pasted into the forum isn’t the entire script, and there is a bunch of other stuff in the full script that is illegible?