Uninstall application from Mac OS X

I’m using the below script to uninstall FortiClient from Mac OS X but it’s getting failed at this line:

folder delete “/Library/Application Support/Fortinet/FortiClient”
Exit Code: 127 as illigal_command http://tldp.org/LDP/abs/html/exitcodes.html

Action Information:
Completed at line: wait /bin/sh -c “cd ‘/Library/Application Support/Fortinet/FortiClient’; ./uninstall”
Failed at line: folder delete “/Library/Application Support/Fortinet/FortiClient”

Action Script:

//Uninstall FortiClient
//Stop Process
wait killall FortiClient
wait /bin/sh -c "cd '/Library/Application Support/Fortinet/FortiClient'; ./uninstall"
folder delete "/Library/Application Support/Fortinet/FortiClient"
if {exists folder "/Applications/FortiClient.app"}
    wait /bin/rm -rfd "/Applications/FortiClient.app"
endif

If I’m removing the line “folder delete…” from the script, it runs successfully and able to uninstall the application from the endpoint but all folder still exist in the desired path.
Any help on this would be highly appreciated.

Thank You.

I’m not sure why the command would fail, perhaps it expects an empty folder and it isn’t, or it only works on windows. Either way, I’d use:

wait /bin/rm -rfd "/Library/Application Support/Fortinet/FortiClient"

Commented in the other post that the error would appear for folder delete in the client log. If there was any error it would specify it more than an exit code. This exit code doesn’t come from the folder delete command, in your case it comes from the wait right before it.

Thank You @AlanM and @rustymyers for your response!

I have used the below code and it’s working fine. Forticlient app and entire dir. has been removed from the machine but I can see FortiClient service still running in Activity Monitor.

wait killall FortiClient
wait /bin/sh -c "cd '/Library/Application Support/Fortinet/FortiClient'; ./uninstall"
wait /bin/rm -rfd "/Library/Application Support/Fortinet/FortiClient"
if {exists folder "/Applications/FortiClient.app"}
    wait /bin/rm -rfd "/Applications/FortiClient.app"
endif

Any thought on this please.
Thank You.

I’m guessing that the FortiClient process respawns after you kill it and before it gets uninstalled. How does it get launched initially? If it’s a launch daemon (/Library/LaunchDaemon) then you can unload the daemon to prevent it from reloading (taking a guess at real plist name):

wait launchctl unload "/Library/LaunchDaemons/com.forticlient.plist"

Correct @rustymyers

Some more services are there in /Library/LaunchDaemon like:

com.fortinet.forticlient.appfw.plist
com.fortinet.forticlient.epctrl.plist
com.fortinet.forticlient.fmon.plist
com.fortinet.forticlient.fssoagent_launchdaemon.plist
com.fortinet.forticlient.servctl.plist
com.fortinet.forticlient.vpn.plist
com.fortinet.forticlient.wf.plist

I will be unloading all of’em.

Thank You…!

Hi @rustymyers
I’ve tried using the below script to uninstall the application from the endpoints and action has been completed from BigFix Side. But still FortiClient services exist in Activity Monitor.

Pasted image767×116 34.4 KB

    //Stop Process........................!!!
    wait killall FortiClient
    wait /bin/sh -c "cd '/Library/Application Support/Fortinet/FortiClient'; ./uninstall"
    wait /bin/rm -rfd "/Library/Application Support/Fortinet"
    wait launchctl unload "/Library/LaunchDaemons/com.fortinet.forticlient.appfw.plist"
    wait launchctl unload "/Library/LaunchDaemons/com.fortinet.forticlient.epctrl.plist"
    wait launchctl unload "/Library/LaunchDaemons/com.fortinet.forticlient.fmon.plist"
    wait launchctl unload "/Library/LaunchDaemons/com.fortinet.forticlient.fssoagent_launchdaemon.plist"
    wait launchctl unload "/Library/LaunchDaemons/com.fortinet.forticlient.servctl.plist"
    wait launchctl unload "/Library/LaunchDaemons/com.fortinet.forticlient.vpn.plist"
    wait launchctl unload "/Library/LaunchDaemons/com.fortinet.forticlient.wf.plist"

wait launchctl unload "/Library/LaunchAgents/com.fortinet.forticlient.fssoagent_launchagent.plist"

    if {exists folder "/Applications/FortiClient.app"}
        wait /bin/rm -rfd "/Applications/FortiClient.app"
    endif

And the main problem is until or unless this service get removed from Activity Monitor, We can not re-install the latest version of the FortiClient on the machine.

Please assist!

I’m unloading the launch agent which should remove FortiClientAgent service from the activity monitor.
However main FortiClient service has been removed successfully from the script.

Pasted image1158×178 13.3 KB

Even I’ve tried running FortiClientUninstaller.app (Path: /Applications) using below code:

//Uninstall FortiClient- Mac OS X (Global)

//Stop Process........................!!!
wait killall FortiClient

//Application removal.....................................!!!

wait /bin/sh -c "cd '/Applications'; ./FortiClientUninstaller.app"

//Remove .app............................................!!!
if {exists folder "/Applications/FortiClient.app"}
    wait /bin/rm -rfd "/Applications/FortiClient.app"
endif

Action Successfully Completed but FortiClientAgent service still in there.

Might be an order of operations. You would want to unload the daemons and then kill any residual apps. Try something like the following. I would also suggest running the commands through an SSH connection to see if they work of if you get errors. Figuring out how to remove it correctly through the terminal will help determine the steps that you need in the action script.

wait /bin/sh -c "cd '/Library/Application Support/Fortinet/FortiClient'; ./uninstall"
wait /bin/rm -rfd "/Library/Application Support/Fortinet"
wait launchctl unload "/Library/LaunchDaemons/com.fortinet.forticlient.appfw.plist"
wait launchctl unload "/Library/LaunchDaemons/com.fortinet.forticlient.epctrl.plist"
wait launchctl unload "/Library/LaunchDaemons/com.fortinet.forticlient.fmon.plist"
wait launchctl unload "/Library/LaunchDaemons/com.fortinet.forticlient.fssoagent_launchdaemon.plist"
wait launchctl unload "/Library/LaunchDaemons/com.fortinet.forticlient.servctl.plist"
wait launchctl unload "/Library/LaunchDaemons/com.fortinet.forticlient.vpn.plist"
wait launchctl unload "/Library/LaunchDaemons/com.fortinet.forticlient.wf.plist"
wait launchctl unload "/Library/LaunchAgents/com.fortinet.forticlient.fssoagent_launchagent.plist"

//Stop Process........................!!!
wait killall FortiClientAgent

wait /bin/sh -c "cd '/Library/Application Support/Fortinet/FortiClient'; ./uninstall"
wait /bin/rm -rfd "/Library/Application Support/Fortinet/FortiClient"
if {exists folder "/Applications/FortiClient.app"}
    wait /bin/rm -rfd "/Applications/FortiClient.app"
endif

Be aware that telling a daemon to unload isn’t instantaneous. The BES Client for example takes a while to stop often and you will see code in the scripts we have to help you that wait for the service to stop. The “unload” returns immediately and the launch daemon process sends different messages to the daemon to try and stop it.

Hi @AlanM, In such case what could be the alternative to stop the services apart from unloading it…?

Yay…!!!

This way works and FortiClientAgent has been removed from the activity monitor. I’m able to push the Installation without any inconvenience.
Thank you so much @rustymyers

Using “unload” is still correct, but it can take a while after the command has been issued and returned for the daemon to actually shut down. You sometimes have to have a delay after the command or wait until it has actually shut down.

This works for me on MacOS

#!/bin/bash
#Written by Aman

killall -9 FortiClientAgent
rm -rf /Applications/FortiClient.app
rm -rf /Applications/FortiClientUninstaller.app
rm -rf /Library/Application\ Support/Fortinet/
rm -rf /Library/LaunchAgents/com.fortinet.forticlient.credential_store.plist
rm -rf /Library/LaunchAgents/com.fortinet.forticlient.fct_launcher.plist
rm -rf /Library/LaunchDaemons/com.fortinet.forticlient.appfw.plist
rm -rf /Library/LaunchDaemons/com.fortinet.forticlient.epctrl.plist
rm -rf /Library/LaunchDaemons/com.fortinet.forticlient.fmon.plist
rm -rf /Library/LaunchDaemons/com.fortinet.forticlient.servctl.plist
rm -rf /Library/LaunchDaemons/com.fortinet.forticlient.vpn.plist
rm -rf /Library/LaunchDaemons/com.fortinet.forticlient.wf.plist
rm -rf /Library/Internet\ Plug-Ins/FortiClient_SSLVPN_Plugin.bundle