kitzy/unloadFDERecoveryAgent.sh

## unloadFDERecoveryAgent.sh
#!/bin/bash

# Output all to log
exec 2>&1 >> /var/log/unloadFDERecoveryAgent.log

log()
{
  NOW="$(date +"%Y-%m-%d %H:%M:%S")"
  echo "$NOW": "$1"
}

log "----- Starting unloadFDERecoveryAgent -----"
# Initialize variables
days=""
hours=""
minutes=""
seconds=""

# Check if FDERecoveryAgent is loaded
log "Checking for FDERecoveryAgent"
FDEPID=$(pgrep "FDERecoveryAgent")
if [ ! -z "${FDEPID}" ]
  # if FDERecoveryAgent is running
  then
    log "FDERecoveryAgent running with PID ${FDEPID}"
    # Find out how long FDERecoveryAgent has been running
    etime=$(ps -ax -o etime,command -c | grep "FDERecoveryAgent" | head -n 1 | awk '{print $1}')
    # Strip out - and : delimiters
    IFS='-:' read -a etimeArray <<< $etime
    # Convert space delmited value into an array in a 2nd step because I don't understand how bash works
    IFS=' ' read -a etimeArray <<< $etimeArray
    # Find out how many items are in the array
    count=${#etimeArray[@]}
    # Use the number of items in the array to determine what position in the array corresponds to each time unit
    if [ $count == 4 ]
      then
        # if 4, set all units using values from the array
        days=${etimeArray[0]}
        hours=${etimeArray[1]}
        minutes=${etimeArray[2]}
        seconds=${etimeArray[3]}
    elif [ $count == 3 ]
      then
        # if 3, set days to 0 and fill the other units with values from the array
        days=0
        hours=${etimeArray[0]}
        minutes=${etimeArray[1]}
        seconds=${etimeArray[2]}
    elif [ $count == 2 ]
      then
        # if 2, set days and hours to 0 and fill the other units with values from the array
        days=0
        hours=0
        minutes=${etimeArray[0]}
        seconds=${etimeArray[1]}
    elif [ $count == 1 ]
      then
        # if 2, set days, hours and minutes to 0 and fill the other units with values from the array
        days=0
        hours=0
        minutes=0
        seconds=${etimeArray[0]}
      else
        log "ERROR: unable to parse etimeArray"
    fi
    # Use complicated math to calculate time in seconds
    runtime=$(echo "$days * 24 * 60 * 60 + $hours * 60 * 60 + $minutes * 60 + $seconds" | bc)
    log "FDERecoveryAgent has been running for $runtime seconds"
    if [ $runtime -ge 300 ]
      then
        # Kill stuck JAMF process
        log "killing stuck jamf process"
        killall jamf
        # Unload FDERecoveryAgent daemon
        log "unloading FDERecoveryAgent daemon"
        launchctl unload /System/Library/LaunchDaemons/com.apple.security.FDERecoveryAgent.plist
        # Kill FDERecoveryAgent process
        log "killing FDERecoveyAgent process"
        kill -9 ${FDEPID}
        # Update inventory in Casper
        log "updating inventory"
        jamf recon
      else
        log "FDERecoveryAgent has been running less than 300 seconds"
    fi
  # if FDERecoveryAgent is not running
  else
   log "FDERecoveryAgent not running"
fi
log "----- END -----"
exit 0
	#!/bin/bash

	# Output all to log
	exec 2>&1 >> /var/log/unloadFDERecoveryAgent.log

	log()
	{
	NOW="$(date +"%Y-%m-%d %H:%M:%S")"
	echo "$NOW": "$1"
	}

	log "----- Starting unloadFDERecoveryAgent -----"
	# Initialize variables
	days=""
	hours=""
	minutes=""
	seconds=""

	# Check if FDERecoveryAgent is loaded
	log "Checking for FDERecoveryAgent"
	FDEPID=$(pgrep "FDERecoveryAgent")
	if [ ! -z "${FDEPID}" ]
	# if FDERecoveryAgent is running
	then
	log "FDERecoveryAgent running with PID ${FDEPID}"
	# Find out how long FDERecoveryAgent has been running
	etime=$(ps -ax -o etime,command -c \| grep "FDERecoveryAgent" \| head -n 1 \| awk '{print $1}')
	# Strip out - and : delimiters
	IFS='-:' read -a etimeArray <<< $etime
	# Convert space delmited value into an array in a 2nd step because I don't understand how bash works
	IFS=' ' read -a etimeArray <<< $etimeArray
	# Find out how many items are in the array
	count=${#etimeArray[@]}
	# Use the number of items in the array to determine what position in the array corresponds to each time unit
	if [ $count == 4 ]
	then
	# if 4, set all units using values from the array
	days=${etimeArray[0]}
	hours=${etimeArray[1]}
	minutes=${etimeArray[2]}
	seconds=${etimeArray[3]}
	elif [ $count == 3 ]
	then
	# if 3, set days to 0 and fill the other units with values from the array
	days=0
	hours=${etimeArray[0]}
	minutes=${etimeArray[1]}
	seconds=${etimeArray[2]}
	elif [ $count == 2 ]
	then
	# if 2, set days and hours to 0 and fill the other units with values from the array
	days=0
	hours=0
	minutes=${etimeArray[0]}
	seconds=${etimeArray[1]}
	elif [ $count == 1 ]
	then
	# if 2, set days, hours and minutes to 0 and fill the other units with values from the array
	days=0
	hours=0
	minutes=0
	seconds=${etimeArray[0]}
	else
	log "ERROR: unable to parse etimeArray"
	fi
	# Use complicated math to calculate time in seconds
	runtime=$(echo "$days * 24 * 60 * 60 + $hours * 60 * 60 + $minutes * 60 + $seconds" \| bc)
	log "FDERecoveryAgent has been running for $runtime seconds"
	if [ $runtime -ge 300 ]
	then
	# Kill stuck JAMF process
	log "killing stuck jamf process"
	killall jamf
	# Unload FDERecoveryAgent daemon
	log "unloading FDERecoveryAgent daemon"
	launchctl unload /System/Library/LaunchDaemons/com.apple.security.FDERecoveryAgent.plist
	# Kill FDERecoveryAgent process
	log "killing FDERecoveyAgent process"
	kill -9 ${FDEPID}
	# Update inventory in Casper
	log "updating inventory"
	jamf recon
	else
	log "FDERecoveryAgent has been running less than 300 seconds"
	fi
	# if FDERecoveryAgent is not running
	else
	log "FDERecoveryAgent not running"
	fi
	log "----- END -----"
	exit 0