force re-install McAfee agent on Mac OS

1 Comment
How to force re-install McAfee agent on Mac OS

One of my previous article talks about fresh or upgrade Installation of McAfee agent on Mac OS. But did you ever tried re-Installing the existing version of McAfee agent? Thus the result would be negative. So this post explains the reason behind it. And to overcome this check & force re-install same version of McAfee agent on Mac OS. Please be aware this document created for clients in ePO environment. For demonstration, I have Mac book running McAfee agent version 5.6.2 and will show you how to force Install same version again.

Why re-installation fails?

The Installer script’s “preinstall check block” do compares both Installing and existing (Installed) versions. As a result if both versions found to be same, the Installer terminate task with error as shown below.

$ tail -500 /var/log/install.log |grep -A10 -B10 higher

--output--
2020-02-04 18:53:25+05:30 smeenatchi-mac-01 installd[492]: ./preinstall: An higher or same version of the agent is already installed
<<--cropped few lines-->>
2020-02-04 18:53:25+05:30 smeenatchi-mac-01 installd[492]: PackageKit: Install Failed: Error Domain=PKInstallErrorDomain Code=112 "An error occurred while running scripts from the package “ma.pkg”." UserInfo={NSFilePath=./preinstall, NSURL=file://localhost/Volumes/MFEMAoKjuc/ma.pkg#ma.pkg, PKInstallPackageIdentifier=comp.nai.cmamac, NSLocalizedDescription=An error occurred while running scripts from the package “ma.pkg”.} {
            NSFilePath = "./preinstall";
            NSLocalizedDescription = "An error occurred while running scripts from the package \U201cma.pkg\U201d.";
            NSURL = "file://localhost/Volumes/MFEMAoKjuc/ma.pkg#ma.pkg";
            PKInstallPackageIdentifier = "comp.nai.cmamac";
        }

Actually version check part is still applicable for windows clients too. But there you have “/ForceInstall” switch to overcome it.

What does force Install means here?

Now like windows Installer, lets do apply small modification to Mac OS McAfee agent Install script. As it makes Installer to assume Installing version is higher than existing version of McAfee agent. In other words just masking the version check.

Enable Force Install Action

McAfee Install script for Mac actually written as bash shell script. And it includes Install logic as well as encoded Install binaries at the end. Therefore do not modify anything even white space at encoded bin area. But good thing is not much changes needed. Because just need to add few lines of additional code.

  • Download the Installation files from ePO and extract it. If you are not sure how to do it, please do refer Get McAfee agent package from ePO.
  • Edit the Installer script using your preferred editor. For example notepad++, vim, etc.
  • Look for code block “Cannot have install and upgrade together” and then Insert the code above to it. This should work for McAfee agent versions greater than 5.0.0.0
##force re-install of MA 
if [ "$force" == "yes" ]; then
   /usr/bin/sed -i "" '/<Version>/ s/[0-9].[0-9].[0-9].[0-9]*/5.0.0.0/g' /etc/ma.d/EPOAGENT3000/config.xml
else
   echo ""
fi
  • On Mac OS, McAfee verifies currently Installed agent properties from config file “/etc/ma.d/EPOAGENT3000/config.xml“. This file holds the details of version currently running. Therefore at the beginning of the Installation above code will modify the config and set version to 5.0.0.0. When the Installation finishes the version number automatically updated by current Installer. Certainly we are not altering any Important codes nor binaries. Since this method of approach is safe and should not create any harm.
  • After doing modifications that particular section should be similar to below.
if [ ! -z "$macmnsvcroot" ] ;then
    if !([ !  -z "$install" ] || [ ! -z "$upgrade" ]) ;then
        echo macmnsvc to run as root works with install/upgrade option
        usage
        exit 1
    fi
fi

##force re-install of MA 
if [ "$force" == "yes" ]; then
   /usr/bin/sed -i "" '/<Version>/ s/[0-5].[0-9].[0-9].[0-9]*/5.0.0.0/g' /etc/ma.d/EPOAGENT3000/config.xml
else
   echo ""
fi

###Cannot have install and upgrade together
if [ ! -z "$install" ] && [ ! -z "$upgrade" ];then
    echo You cannot specify install and upgrade at the same time
    usage 
    exit 1
fi

Note: Do not modify anything beyond this line. Since its the encoded binary area. Which will be extracted into binary during Installation. Even adding a white space make this Installer script useless.

##DO NOT PUT ANYTHING AFTER __ARCHIVE_FOLLOWS__ UNDER ANY CIRCUMSTANCE (NOT EVEN WHITESPACE). 
##DOING SO WILL RENDER THE SCRIPT UNUSABLE
###SUCCESSFUL extraction from the zip depends on it
__ARCHIVE_FOLLOWS__
Ïúíþ    €        …          H   __PAGEZERO                                                        x  __TEXT                  à              à                  __text          __TEXT          H     ™=     H               €            
 €     P       U   U   q   Æ   '   
--cropped---

Now we have enabled force Install option without affecting any other Install options. So lets try out.

force re-install McAfee agent on Mac OS

Execute the Installer with additional argument “-f” (force)

$ sudo sh install.sh -i -f

Then take a look at the log, instead of error you should see progressive messages like below.

$ tail -500 /var/log/install.log |grep -A2  lower

--output--
2020-02-04 18:54:51+05:30 smeenatchi-mac-01 installd[492]: ./preinstall: The installed version is lower.Installation will proceed now
2020-02-04 18:54:51+05:30 smeenatchi-mac-01 installd[492]: ./preinstall: Upgrading...
2020-02-04 18:54:51+05:30 smeenatchi-mac-01 installd[492]: ./preinstall: MA preupgrade starts.

Finally verify agent settings and version.

--Verify agent settings and version--
$ /Library/McAfee/agent/bin/cmdagent -i
--output--
Component: McAfee Agent
AgentMode: 1
Version: 5.6.2.209
GUID: 5123456-054e-11ea-0623-080027c56e2a
TenantId: N/A
LogLocation: /var/McAfee/agent/logs
InstallLocation: /Library/McAfee/agent
CryptoMode: 0
DataLocation: /var/McAfee/agent
EpoServerList: 10.20.30.10|epo-server-1|epo-server-1.sunt.com|10.20.30.20|epo-server-2|epo-server-2.sunt.com
EpoPortList: 443|443
EpoServerLastUsed: 10.20.30.10
LastASCTime: 20200204185536
LastPolicyUpdateTime: 20200204185540
EpoVersion: 5.x.x
ServerId: xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx

In other words we made the Installer script ready with force action enabled. So use without switch “-f” for normal Installation and vice versa.

--Normal Install / upgrade--
$ sudo sh install.sh -i

--For force re-install--
$ sudo sh install.sh -i -f

In conclusion, by doing simple tweak we did force re-install same version of McAfee agent on Mac OS. Hope this does helps you. Most Importantly “thank you” for reading my post. Please post your comments and suggestions.

One thought on “force re-install McAfee agent on Mac OS

  1. I have read your excellent post. About mcafee install error this is a great job. I have enjoyed reading your post first time. I want to say thanks for this post. Thank you…

Leave a Reply

Your email address will not be published. Required fields are marked *