Created
March 9, 2016 16:35
-
-
Save desbo/950f561e0a21d8510963 to your computer and use it in GitHub Desktop.
websecurity_uninstall.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| INSTPREFIX="/opt/cisco/anyconnect" | |
| BINDIR="${INSTPREFIX}/bin" | |
| PLUGINSDIR="${BINDIR}/plugins" | |
| LIBDIR="${INSTPREFIX}/lib" | |
| PROFILESDIR="${INSTPREFIX}/websecurity" | |
| ACMANIFESTDAT="${INSTPREFIX}/VPNManifest.dat" | |
| WEBSECMANIFEST="ACManifestWebSecurity.xml" | |
| UNINSTALLLOG="/tmp/websecurity-uninstall.log" | |
| ANYCONNECT_WEBSECURITY_PACKAGE_ID=com.cisco.pkg.anyconnect.websecurity | |
| # Array of files to remove | |
| FILELIST=("${INSTPREFIX}/${WEBSECMANIFEST}" \ | |
| "${BINDIR}/acwebsecagent" \ | |
| "${BINDIR}/websecurity_uninstall.sh" \ | |
| "${LIBDIR}/libboost_filesystem.dylib" \ | |
| "${LIBDIR}/libboost_system.dylib" \ | |
| "${LIBDIR}/libboost_thread.dylib" \ | |
| "${LIBDIR}/libboost_date_time.dylib" \ | |
| "${INSTPREFIX}/libacwebsecapi.dylib" \ | |
| "${INSTPREFIX}/libacwebsecctrl.dylib") | |
| echo "Uninstalling Cisco AnyConnect Web Security Module..." | |
| echo "Uninstalling Cisco AnyConnect Web Security Module..." > ${UNINSTALLLOG} | |
| echo `whoami` "invoked $0 from " `pwd` " at " `date` >> ${UNINSTALLLOG} | |
| # Check for root privileges | |
| if [ `whoami` != "root" ]; then | |
| echo "Sorry, you need super user privileges to run this script." | |
| echo "Sorry, you need super user privileges to run this script." >> ${UNINSTALLLOG} | |
| exit 1 | |
| fi | |
| # update the VPNManifest.dat; if no entries remain in the .dat file then | |
| # this tool will delete the file - DO NOT blindly delete VPNManifest.dat by | |
| # adding it to the FILELIST above - allow this tool to delete the file if needed | |
| if [ -f "${BINDIR}/manifesttool" ]; then | |
| echo "${BINDIR}/manifesttool -x ${INSTPREFIX} ${INSTPREFIX}/${WEBSECMANIFEST}" >> ${UNINSTALLLOG} | |
| ${BINDIR}/manifesttool -x ${INSTPREFIX} ${INSTPREFIX}/${WEBSECMANIFEST} | |
| fi | |
| # check the existence of the manifest file - if it does not exist, remove the manifesttool | |
| if [ ! -f ${ACMANIFESTDAT} ] && [ -f ${BINDIR}/manifesttool ]; then | |
| echo "Removing ${BINDIR}/manifesttool" >> ${UNINSTALLLOG} | |
| rm -f ${BINDIR}/manifesttool | |
| fi | |
| # move the plugins to a different folder to stop the websec agent and then remove | |
| # these plugins once websec agent is stopped. | |
| echo "Moving plugins from ${PLUGINSDIR}" >> ${UNINSTALLLOG} | |
| mv -f ${PLUGINSDIR}/libacwebsecapi.dylib ${INSTPREFIX} 2>&1 >/dev/null | |
| echo "mv -f ${PLUGINSDIR}/libacwebsecapi.dylib ${INSTPREFIX}" >> ${UNINSTALLLOG} | |
| mv -f ${PLUGINSDIR}/libacwebsecctrl.dylib ${INSTPREFIX} 2>&1 >/dev/null | |
| echo "mv -f ${PLUGINSDIR}/libacwebsecctrl.dylib ${INSTPREFIX}" >> ${UNINSTALLLOG} | |
| # wait for 2 seconds for the websecagent to exit | |
| sleep 2 | |
| # ensure that the websec agent is not running | |
| WEBSECPROC=`ps -A -o pid,command | grep '(${BINDIR}/acwebsecagent)' | egrep -v 'grep|websecurity_uninstall' | cut -c 1-5` | |
| if [ ! "x${WEBSECPROC}" = "x" ] ; then | |
| echo Killing `ps -A -o pid,command -p ${WEBSECPROC} | grep ${WEBSECPROC} | egrep -v 'ps|grep'` >> ${UNINSTALLLOG} | |
| kill -TERM ${WEBSECPROC} >> ${UNINSTALLLOG} 2>&1 | |
| fi | |
| # Remove only those files that we know we installed | |
| INDEX=0 | |
| while [ $INDEX -lt ${#FILELIST[@]} ]; do | |
| echo "rm -rf "${FILELIST[${INDEX}]}"" >> ${UNINSTALLLOG} | |
| rm -rf "${FILELIST[${INDEX}]}" | |
| let "INDEX = $INDEX + 1" | |
| done | |
| # Remove the plugins directory if it is empty | |
| if [ -d ${PLUGINSDIR} ]; then | |
| if [ ! -z `find "${PLUGINSDIR}" -prune -empty` ] ; then | |
| echo "rm -df "${PLUGINSDIR}"" >> ${UNINSTALLLOG} | |
| rm -df "${PLUGINSDIR}" >> ${UNINSTALLLOG} 2>&1 | |
| fi | |
| fi | |
| # Remove the bin directory if it is empty | |
| if [ -d ${BINDIR} ]; then | |
| if [ ! -z `find "${BINDIR}" -prune -empty` ] ; then | |
| echo "rm -df "${BINDIR}"" >> ${UNINSTALLLOG} | |
| rm -df "${BINDIR}" >> ${UNINSTALLLOG} 2>&1 | |
| fi | |
| fi | |
| # Remove the bin directory if it is empty | |
| if [ -d ${LIBDIR} ]; then | |
| if [ ! -z `find "${LIBDIR}" -prune -empty` ] ; then | |
| echo "rm -df "${LIBDIR}"" >> ${UNINSTALLLOG} | |
| rm -df "${LIBDIR}" >> ${UNINSTALLLOG} 2>&1 | |
| fi | |
| fi | |
| # Remove the profiles directory | |
| # During an upgrade, the profiles will be moved and restored by | |
| # preupgrade and postupgrade scripts. | |
| if [ -d ${PROFILESDIR} ]; then | |
| echo "rm -rf "${PROFILESDIR}"" >> ${UNINSTALLLOG} | |
| rm -rf "${PROFILESDIR}" >> ${UNINSTALLLOG} 2>&1 | |
| fi | |
| # remove installer receipt | |
| pkgutil --forget ${ANYCONNECT_WEBSECURITY_PACKAGE_ID} >> ${UNINSTALLLOG} 2>&1 | |
| echo "Successfully removed Cisco AnyConnect Web Security Module from the system." >> ${UNINSTALLLOG} | |
| echo "Successfully removed Cisco AnyConnect Web Security Module from the system." | |
| exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment