fleet/scripts/mdm/linux/linux-wipe.sh

#!/bin/sh

# Function to log out all users and lock their passwords except root
logout_users() {
    for user in $(who | awk '{print $1}' | sort | uniq)
    do
        if [ "$user" != "root" ]; then
            echo "Logging out $user"
            pkill -KILL -u "$user"
            passwd -l "$user"
        fi
    done
}

# Function to wipe non-essential data
wipe_non_essential_data() {
    # Define non-essential paths
    non_essential_paths="/home/* /tmp /var/tmp /var/log /home/*/.cache /var/cache /home/*/.local/share/Trash"

    for path in $non_essential_paths
    do
        if [ -e "$path" ]; then
            echo "Wiping $path"
            rm -rf "$path"
        fi
    done
}

# Function to wipe system files - Warning: This will render the system inoperable
wipe_system_files() {
    # Define essential system paths
    essential_system_paths="/bin /sbin /usr /lib"

    for path in $essential_system_paths
    do
        echo "Wiping $path"
        rm -rf "$path"
    done
}

wipe_all_files() {
    sleep 10 # Give fleetd enough time to register the script as completed
    wipe_non_essential_data
    wipe_system_files
}

if [ $1 == "wipe" ]; then
    # We are in the detatched child process
    wipe_all_files
else
    # We are in the parent shell, logout users and begin the detached
    # wipe child process
    logout_users
    echo "Wiping, system will be unreachable"
    nohup sh $0 wipe >/dev/null 2>/dev/null </dev/null &
fi
Linux and Windows MDM scripts (#15501) 2023-12-12 20:52:27 +00:00			`#!/bin/sh`

			`# Function to log out all users and lock their passwords except root`
			`logout_users() {`
			`for user in $(who \| awk '{print $1}' \| sort \| uniq)`
			`do`
			`if [ "$user" != "root" ]; then`
			`echo "Logging out $user"`
			`pkill -KILL -u "$user"`
			`passwd -l "$user"`
			`fi`
			`done`
			`}`

			`# Function to wipe non-essential data`
			`wipe_non_essential_data() {`
			`# Define non-essential paths`
			`non_essential_paths="/home/* /tmp /var/tmp /var/log /home//.cache /var/cache /home//.local/share/Trash"`

			`for path in $non_essential_paths`
			`do`
			`if [ -e "$path" ]; then`
			`echo "Wiping $path"`
			`rm -rf "$path"`
			`fi`
			`done`
			`}`

			`# Function to wipe system files - Warning: This will render the system inoperable`
			`wipe_system_files() {`
			`# Define essential system paths`
			`essential_system_paths="/bin /sbin /usr /lib"`

			`for path in $essential_system_paths`
			`do`
			`echo "Wiping $path"`
			`rm -rf "$path"`
			`done`
			`}`

Linux Wipe Async (#18372) #18173 Creates a detached child shell process to wipe the host. This lets the main shell script return and tells the server the command has completed, clearing it from the run queue. Now shuts the host down after being wiped instead of leaving it running without files like a zombie 2024-04-29 13:55:05 +00:00			`wipe_all_files() {`
			`sleep 10 # Give fleetd enough time to register the script as completed`
			`wipe_non_essential_data`
			`wipe_system_files`
			`}`
Linux and Windows MDM scripts (#15501) 2023-12-12 20:52:27 +00:00
Linux Wipe Async (#18372) #18173 Creates a detached child shell process to wipe the host. This lets the main shell script return and tells the server the command has completed, clearing it from the run queue. Now shuts the host down after being wiped instead of leaving it running without files like a zombie 2024-04-29 13:55:05 +00:00			`if [ $1 == "wipe" ]; then`
			`# We are in the detatched child process`
			`wipe_all_files`
			`else`
			`# We are in the parent shell, logout users and begin the detached`
			`# wipe child process`
			`logout_users`
			`echo "Wiping, system will be unreachable"`
			`nohup sh $0 wipe >/dev/null 2>/dev/null </dev/null &`
			`fi`