Tutorial

Nuevas actualizaciones y mejoras para Macfleet.

Aviso importante

Los ejemplos de código y scripts proporcionados en estos tutoriales son solo para propósitos educativos. Macfleet no es responsable de ningún problema, daño o vulnerabilidad de seguridad que pueda surgir del uso, modificación o implementación de estos ejemplos. Siempre revisa y prueba el código en un entorno seguro antes de usarlo en sistemas de producción.

← Todas las publicaciones

July 7, 2025

Application Force Close Management for macOS

Implement enterprise-grade application force close management across your MacFleet deployment with automated process termination, security validation, troubleshooting diagnostics, and comprehensive fleet-wide application control. This tutorial provides solutions for maintaining system stability while ensuring secure and efficient application process management.

Understanding macOS Application Process Management

macOS provides several methods for process termination:

killall - Terminate all instances of a named process
kill - Terminate specific processes by PID
pkill - Pattern-based process termination
Activity Monitor - GUI-based process management
Force Quit - System-level application termination

Basic Force Close Operations

Simple Force Close

#!/bin/bash

# Basic force close
killall "appname"

Force Close with Verbose Output

#!/bin/bash

# Force close with PID output
killall -v "Notes"

Detailed Process Information

#!/bin/bash

# Get detailed process info without killing
killall -d "appname"

List Available Signals

#!/bin/bash

# List available signals
killall -l "appname"

Force Close with Specific Signal

#!/bin/bash

# Force close with ABRT signal
killall -abrt "Pages"

Enterprise Application Force Close Management System

Comprehensive Process Control Tool

#!/bin/bash

# MacFleet Enterprise Application Force Close Management Tool
# Advanced process termination and application control

# Configuration
CONFIG_FILE="/etc/macfleet/force_close_policy.conf"
LOG_FILE="/var/log/macfleet_force_close.log"
QUARANTINE_DIR="/Library/MacFleet/TerminatedApps"
AUDIT_LOG="/var/log/macfleet_process_audit.log"

# Create directories
mkdir -p "$(dirname "$CONFIG_FILE")" "$(dirname "$LOG_FILE")" "$QUARANTINE_DIR" "$(dirname "$AUDIT_LOG")"

# Default force close management policy
cat > "$CONFIG_FILE" 2>/dev/null << 'EOF' || true
# MacFleet Enterprise Application Force Close Management Policy
# Version: 2.0

# Force Close Policy Enforcement
ENFORCE_FORCE_CLOSE_POLICIES=true
GRACEFUL_TERMINATION_FIRST=true
ESCALATION_TIMEOUT=10
SAVE_WORK_BEFORE_TERMINATION=true
PREVENT_SYSTEM_PROCESS_TERMINATION=true

# Security and Safety
REQUIRE_ADMIN_APPROVAL=false
VALIDATE_PROCESS_LEGITIMACY=true
CHECK_PROCESS_DEPENDENCIES=true
MALWARE_DETECTION_ENABLED=true
SUSPICIOUS_BEHAVIOR_MONITORING=true

# Business Rules
BUSINESS_HOURS_PROTECTION=true
BUSINESS_HOURS_START="09:00"
BUSINESS_HOURS_END="18:00"
CRITICAL_APP_PROTECTION=true
PRODUCTIVITY_APP_MONITORING=true

# Diagnostic and Troubleshooting
DIAGNOSTIC_LOGGING=true
CRASH_REPORT_COLLECTION=true
PERFORMANCE_MONITORING=true
RESOURCE_USAGE_TRACKING=true
HANG_DETECTION_ENABLED=true

# Notification and Communication
USER_NOTIFICATION_ENABLED=true
ADMIN_NOTIFICATION_ENABLED=true
SLACK_WEBHOOK_URL=""
EMAIL_NOTIFICATION_ENABLED=false
FORCE_CLOSE_WARNINGS=true

# Compliance and Audit
AUDIT_ALL_TERMINATIONS=true
COMPLIANCE_REPORTING=true
INCIDENT_DOCUMENTATION=true
ESCALATION_PROCEDURES=true
AUTOMATED_RECOVERY=true

# Recovery and Restart
AUTO_RESTART_CRITICAL_APPS=true
RESTART_DELAY=5
CRASH_RECOVERY_ENABLED=true
STATE_PRESERVATION=true
USER_SESSION_PROTECTION=true
EOF

# Source configuration
source "$CONFIG_FILE" 2>/dev/null || true

# Logging function
log_action() {
    echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" | tee -a "$LOG_FILE"
}

# Audit logging function
audit_log() {
    local action="$1"
    local process_name="$2"
    local result="$3"
    local details="$4"
    echo "$(date '+%Y-%m-%d %H:%M:%S') - ACTION:$action PROCESS:$process_name RESULT:$result DETAILS:$details USER:$(whoami)" >> "$AUDIT_LOG"
}

# Get comprehensive process information
get_process_info() {
    local process_name="$1"
    
    echo "=== Process Information Analysis ==="
    
    # Check if process exists
    if ! pgrep -f "$process_name" >/dev/null 2>&1; then
        echo "Process not found: $process_name"
        return 1
    fi
    
    # Get process details
    echo "Process Name: $process_name"
    
    # Get PIDs
    local pids
    pids=$(pgrep -f "$process_name" | tr '\n' ' ')
    echo "Process IDs: $pids"
    
    # Get CPU and memory usage
    echo "Resource Usage:"
    ps -p $(pgrep -f "$process_name" | head -1) -o pid,pcpu,pmem,time,command 2>/dev/null | tail -1
    
    # Get process tree
    echo "Process Tree:"
    pstree $(pgrep -f "$process_name" | head -1) 2>/dev/null || echo "  Process tree not available"
    
    # Get open files
    echo "Open Files Count:"
    lsof -p $(pgrep -f "$process_name" | head -1) 2>/dev/null | wc -l || echo "  Unable to determine"
    
    # Get network connections
    echo "Network Connections:"
    lsof -i -p $(pgrep -f "$process_name" | head -1) 2>/dev/null | wc -l || echo "  0"
    
    # Check if process is hanging
    local cpu_usage
    cpu_usage=$(ps -p $(pgrep -f "$process_name" | head -1) -o pcpu= 2>/dev/null | xargs)
    if [[ -n "$cpu_usage" ]] && (( $(echo "$cpu_usage < 0.1" | bc -l) )); then
        echo "Status: Potentially hung (very low CPU usage)"
    else
        echo "Status: Active"
    fi
}

# Check if process termination is safe
check_termination_safety() {
    local process_name="$1"
    local force="${2:-false}"
    
    echo "=== Validating Process Termination Safety ==="
    
    # Check if process exists
    if ! pgrep -f "$process_name" >/dev/null 2>&1; then
        echo "✅ Process not running: $process_name"
        return 0
    fi
    
    # Prevent system process termination
    if [[ "$PREVENT_SYSTEM_PROCESS_TERMINATION" == "true" ]]; then
        local system_processes=(
            "kernel"
            "launchd"
            "WindowServer"
            "loginwindow"
            "SystemUIServer"
            "Dock"
            "Finder"
            "cfprefsd"
            "CoreServicesUIAgent"
        )
        
        for system_process in "${system_processes[@]}"; do
            if [[ "$process_name" == "$system_process" ]]; then
                echo "❌ Cannot terminate critical system process: $process_name"
                audit_log "TERMINATION_BLOCKED" "$process_name" "SYSTEM_PROCESS" "System process protection active"
                return 1
            fi
        done
    fi
    
    # Business hours protection for critical apps
    if [[ "$BUSINESS_HOURS_PROTECTION" == "true" && "$force" != "true" ]]; then
        local current_hour
        current_hour=$(date +%H)
        local start_hour
        start_hour=$(echo "$BUSINESS_HOURS_START" | cut -d':' -f1)
        local end_hour
        end_hour=$(echo "$BUSINESS_HOURS_END" | cut -d':' -f1)
        
        if [[ $current_hour -ge $start_hour && $current_hour -lt $end_hour ]]; then
            local critical_apps=(
                "Microsoft Word"
                "Microsoft Excel"
                "Microsoft PowerPoint"
                "Slack"
                "Microsoft Teams"
                "Zoom"
                "Safari"
                "Google Chrome"
            )
            
            for critical_app in "${critical_apps[@]}"; do
                if [[ "$process_name" == *"$critical_app"* ]]; then
                    echo "❌ Termination blocked: Critical productivity app during business hours"
                    audit_log "TERMINATION_BLOCKED" "$process_name" "BUSINESS_HOURS" "Critical app protection during business hours"
                    return 1
                fi
            done
        fi
    fi
    
    # Check for unsaved work
    if [[ "$SAVE_WORK_BEFORE_TERMINATION" == "true" ]]; then
        echo "⚠️  Checking for unsaved work..."
        
        # Check for document apps with potential unsaved changes
        local document_apps=(
            "TextEdit"
            "Pages"
            "Numbers"
            "Keynote"
            "Microsoft Word"
            "Microsoft Excel"
            "Microsoft PowerPoint"
        )
        
        for doc_app in "${document_apps[@]}"; do
            if [[ "$process_name" == *"$doc_app"* ]]; then
                echo "📝 Document application detected - attempting to save work"
                try_save_work "$process_name"
                break
            fi
        done
    fi
    
    # Check process dependencies
    if [[ "$CHECK_PROCESS_DEPENDENCIES" == "true" ]]; then
        local child_processes
        child_processes=$(pgrep -P $(pgrep -f "$process_name" | head -1) 2>/dev/null | wc -l)
        
        if [[ $child_processes -gt 0 ]]; then
            echo "⚠️  Process has $child_processes child processes"
            if [[ "$force" != "true" ]]; then
                echo "❌ Termination blocked: Process has dependencies. Use force option to proceed."
                audit_log "TERMINATION_BLOCKED" "$process_name" "DEPENDENCIES" "Process has $child_processes child processes"
                return 1
            fi
        fi
    fi
    
    echo "✅ Process termination safety validated"
    audit_log "SAFETY_CHECK" "$process_name" "PASSED" "All safety checks passed"
    return 0
}

# Try to save work in document applications
try_save_work() {
    local process_name="$1"
    
    echo "=== Attempting to Save Work ==="
    
    # Send save command via AppleScript for common applications
    local save_commands=(
        "osascript -e 'tell application \"System Events\" to keystroke \"s\" using command down'"
        "osascript -e 'tell application \"$process_name\" to save every document'"
    )
    
    for cmd in "${save_commands[@]}"; do
        eval "$cmd" 2>/dev/null || true
        sleep 1
    done
    
    # Wait a moment for save operations to complete
    sleep 3
    
    echo "💾 Save attempt completed"
    log_action "Work save attempt completed for $process_name"
}

# Detect suspicious or malware processes
detect_suspicious_process() {
    local process_name="$1"
    
    if [[ "$MALWARE_DETECTION_ENABLED" != "true" ]]; then
        return 0
    fi
    
    echo "=== Suspicious Process Detection ==="
    
    local suspicious_indicators=(
        "crypto"
        "miner"
        "trojan"
        "virus"
        "malware"
        "ransomware"
        "keylogger"
        "backdoor"
    )
    
    # Check process name for suspicious keywords
    for indicator in "${suspicious_indicators[@]}"; do
        if [[ "$process_name" == *"$indicator"* ]]; then
            echo "🚨 Suspicious process detected: $process_name (matches: $indicator)"
            log_action "SECURITY ALERT: Suspicious process detected: $process_name"
            audit_log "SUSPICIOUS_PROCESS" "$process_name" "DETECTED" "Matches indicator: $indicator"
            
            # Quarantine process information
            quarantine_process_info "$process_name"
            return 1
        fi
    done
    
    # Check for unusual resource consumption
    local cpu_usage
    cpu_usage=$(ps -p $(pgrep -f "$process_name" | head -1) -o pcpu= 2>/dev/null | xargs)
    
    if [[ -n "$cpu_usage" ]] && (( $(echo "$cpu_usage > 80" | bc -l) )); then
        echo "⚠️  High CPU usage detected: ${cpu_usage}%"
        log_action "High CPU usage detected for $process_name: ${cpu_usage}%"
    fi
    
    return 0
}

# Quarantine suspicious process information
quarantine_process_info() {
    local process_name="$1"
    
    echo "=== Quarantining Process Information ==="
    
    local quarantine_file="$QUARANTINE_DIR/suspicious_process_$(date +%Y%m%d_%H%M%S).json"
    
    mkdir -p "$QUARANTINE_DIR"
    
    # Gather comprehensive process information
    local pid
    pid=$(pgrep -f "$process_name" | head -1)
    
    cat > "$quarantine_file" << EOF
{
  "timestamp": "$(date -u +%Y-%m-%dT%H:%M:%SZ)",
  "process_name": "$process_name",
  "pid": "$pid",
  "detection_reason": "suspicious_indicators",
  "system_info": {
    "hostname": "$(hostname)",
    "user": "$(whoami)",
    "os_version": "$(sw_vers -productVersion)"
  },
  "process_details": {
    "command_line": "$(ps -p $pid -o command= 2>/dev/null || echo 'unknown')",
    "cpu_usage": "$(ps -p $pid -o pcpu= 2>/dev/null || echo 'unknown')",
    "memory_usage": "$(ps -p $pid -o pmem= 2>/dev/null || echo 'unknown')",
    "start_time": "$(ps -p $pid -o lstart= 2>/dev/null || echo 'unknown')"
  }
}
EOF
    
    echo "🔒 Process information quarantined: $quarantine_file"
    log_action "Suspicious process information quarantined: $quarantine_file"
}

# Send termination notification
send_termination_notification() {
    local process_name="$1"
    local operation="$2"
    local result="$3"
    local reason="$4"
    
    if [[ "$USER_NOTIFICATION_ENABLED" != "true" ]]; then
        return 0
    fi
    
    echo "=== Sending Termination Notifications ==="
    
    local notification_title="MacFleet Process Management"
    local notification_message="Process $operation: $process_name ($result)"
    
    if [[ -n "$reason" ]]; then
        notification_message="$notification_message - Reason: $reason"
    fi
    
    # Display notification to logged-in users
    local logged_users
    logged_users=$(who | awk '{print $1}' | sort -u)
    
    for user in $logged_users; do
        if [[ -n "$user" ]]; then
            sudo -u "$user" osascript -e "display notification \"$notification_message\" with title \"$notification_title\"" 2>/dev/null || true
            echo "📱 Notification sent to user: $user"
        fi
    done
    
    # Slack notification
    if [[ -n "$SLACK_WEBHOOK_URL" ]]; then
        local slack_payload="{\"text\":\"🖥️ *$(hostname)*: $notification_title\\n$notification_message\"}"
        curl -s -X POST -H 'Content-type: application/json' --data "$slack_payload" "$SLACK_WEBHOOK_URL" >/dev/null 2>&1 || true
        echo "📢 Slack notification sent"
    fi
    
    log_action "Termination notifications sent for $process_name ($operation - $result)"
}

# Enterprise force close with escalation
enterprise_force_close() {
    local process_name="$1"
    local force="${2:-false}"
    local signal="${3:-TERM}"
    
    echo "=== Enterprise Force Close Initiated ==="
    
    if [[ -z "$process_name" ]]; then
        echo "❌ Process name required"
        return 1
    fi
    
    # Get process information
    echo "Analyzing process: $process_name"
    get_process_info "$process_name"
    
    # Detect suspicious processes
    if detect_suspicious_process "$process_name"; then
        echo "⚠️  Suspicious process detected - proceeding with caution"
    fi
    
    # Safety checks
    if ! check_termination_safety "$process_name" "$force"; then
        return 1
    fi
    
    log_action "ENTERPRISE FORCE CLOSE: Starting termination of $process_name"
    audit_log "FORCE_CLOSE" "$process_name" "INITIATED" "Signal: $signal Force: $force"
    
    # Graceful termination first (if enabled)
    if [[ "$GRACEFUL_TERMINATION_FIRST" == "true" && "$force" != "true" ]]; then
        echo "🔄 Attempting graceful termination first..."
        
        if killall -TERM "$process_name" 2>/dev/null; then
            echo "Graceful termination signal sent, waiting ${ESCALATION_TIMEOUT}s..."
            sleep "$ESCALATION_TIMEOUT"
            
            # Check if process is still running
            if ! pgrep -f "$process_name" >/dev/null 2>&1; then
                echo "✅ Process terminated gracefully"
                send_termination_notification "$process_name" "graceful termination" "success"
                audit_log "FORCE_CLOSE" "$process_name" "SUCCESS" "Graceful termination successful"
                return 0
            else
                echo "⚠️  Graceful termination failed, escalating to force termination"
            fi
        fi
    fi
    
    # Force termination
    echo "🚨 Executing force termination..."
    
    case "$signal" in
        "TERM")
            if killall "$process_name" 2>/dev/null; then
                echo "✅ Process force closed successfully with TERM signal"
                termination_result="success"
            else
                echo "❌ Failed to force close process with TERM signal"
                termination_result="failed"
            fi
            ;;
        "KILL")
            if killall -KILL "$process_name" 2>/dev/null; then
                echo "✅ Process force killed successfully with KILL signal"
                termination_result="success"
            else
                echo "❌ Failed to force kill process with KILL signal"
                termination_result="failed"
            fi
            ;;
        "ABRT")
            if killall -ABRT "$process_name" 2>/dev/null; then
                echo "✅ Process aborted successfully with ABRT signal"
                termination_result="success"
            else
                echo "❌ Failed to abort process with ABRT signal"
                termination_result="failed"
            fi
            ;;
        *)
            if killall -"$signal" "$process_name" 2>/dev/null; then
                echo "✅ Process terminated successfully with $signal signal"
                termination_result="success"
            else
                echo "❌ Failed to terminate process with $signal signal"
                termination_result="failed"
            fi
            ;;
    esac
    
    # Send notifications
    send_termination_notification "$process_name" "force close" "$termination_result" "Signal: $signal"
    
    # Auto-restart critical applications if configured
    if [[ "$AUTO_RESTART_CRITICAL_APPS" == "true" && "$termination_result" == "success" ]]; then
        restart_if_critical "$process_name"
    fi
    
    if [[ "$termination_result" == "success" ]]; then
        log_action "Process force closed successfully: $process_name"
        audit_log "FORCE_CLOSE" "$process_name" "SUCCESS" "Signal: $signal"
        return 0
    else
        log_action "FAILED: Could not force close process: $process_name"
        audit_log "FORCE_CLOSE" "$process_name" "FAILED" "Signal: $signal"
        return 1
    fi
}

# Restart critical applications
restart_if_critical() {
    local process_name="$1"
    
    local critical_apps=(
        "Finder"
        "Dock"
        "SystemUIServer"
        "Spotlight"
    )
    
    for critical_app in "${critical_apps[@]}"; do
        if [[ "$process_name" == *"$critical_app"* ]]; then
            echo "🔄 Restarting critical application: $critical_app"
            log_action "Auto-restarting critical application: $critical_app"
            
            sleep "$RESTART_DELAY"
            
            case "$critical_app" in
                "Finder")
                    open -a Finder &
                    ;;
                "Dock")
                    killall Dock &
                    ;;
                "SystemUIServer")
                    killall SystemUIServer &
                    ;;
                "Spotlight")
                    mdutil -E / &
                    ;;
            esac
            
            break
        fi
    done
}

# Bulk force close operations
bulk_force_close() {
    local process_list_file="$1"
    local force="${2:-false}"
    local signal="${3:-TERM}"
    
    echo "=== Bulk Force Close Operations ==="
    
    if [[ ! -f "$process_list_file" ]]; then
        echo "❌ Process list file not found: $process_list_file"
        return 1
    fi
    
    local success_count=0
    local failure_count=0
    local total_count=0
    
    while IFS= read -r process_name; do
        # Skip empty lines and comments
        if [[ -z "$process_name" || "$process_name" == \#* ]]; then
            continue
        fi
        
        ((total_count++))
        echo "Processing ($total_count): $process_name"
        
        if enterprise_force_close "$process_name" "$force" "$signal"; then
            ((success_count++))
        else
            ((failure_count++))
        fi
        
        echo "---"
        sleep 1  # Brief pause between operations
    done < "$process_list_file"
    
    echo "=== Bulk Force Close Summary ==="
    echo "Total processes: $total_count"
    echo "Successful terminations: $success_count"
    echo "Failed terminations: $failure_count"
    
    log_action "Bulk force close completed: $success_count/$total_count successful"
    audit_log "BULK_FORCE_CLOSE" "MULTIPLE" "COMPLETED" "Success: $success_count Failed: $failure_count Total: $total_count Signal: $signal"
}

# Hang detection and automatic recovery
detect_and_recover_hangs() {
    echo "=== Hang Detection and Recovery ==="
    
    if [[ "$HANG_DETECTION_ENABLED" != "true" ]]; then
        echo "Hang detection is disabled"
        return 0
    fi
    
    local hang_threshold=0.1  # CPU usage below this for extended time indicates hang
    local hang_duration=30    # Seconds of low activity to consider hung
    
    # Find processes with very low CPU usage
    local potentially_hung
    potentially_hung=$(ps -A -o pid,pcpu,time,command | awk -v threshold="$hang_threshold" '$2 < threshold && $2 > 0 {print $1 ":" $4}')
    
    if [[ -n "$potentially_hung" ]]; then
        echo "Potentially hung processes detected:"
        echo "$potentially_hung" | while IFS=':' read -r pid command; do
            echo "  PID $pid: $command"
            
            # Check if it's a user application (not system process)
            if [[ "$command" == *".app"* ]]; then
                local app_name
                app_name=$(basename "$command")
                echo "🔄 Attempting recovery of hung application: $app_name"
                
                log_action "Hang detected and recovery attempted: $app_name (PID: $pid)"
                audit_log "HANG_RECOVERY" "$app_name" "ATTEMPTED" "PID: $pid"
                
                # Try graceful recovery first
                kill -USR1 "$pid" 2>/dev/null || true
                sleep 5
                
                # If still hanging, force close
                if ps -p "$pid" >/dev/null 2>&1; then
                    enterprise_force_close "$app_name" "true" "TERM"
                fi
            fi
        done
    else
        echo "No hung processes detected"
    fi
}

# Generate comprehensive process management report
generate_process_report() {
    local report_file="/Library/MacFleet/Reports/process_management_report_$(date +%Y%m%d_%H%M%S).json"
    
    echo "=== Generating Process Management Report ==="
    
    mkdir -p "$(dirname "$report_file")"
    
    # Count recent operations from audit log
    local recent_terminations=0
    local recent_hangs=0
    local suspicious_processes=0
    
    if [[ -f "$AUDIT_LOG" ]]; then
        recent_terminations=$(grep -c "ACTION:FORCE_CLOSE.*RESULT:SUCCESS" "$AUDIT_LOG" 2>/dev/null || echo 0)
        recent_hangs=$(grep -c "ACTION:HANG_RECOVERY" "$AUDIT_LOG" 2>/dev/null || echo 0)
        suspicious_processes=$(grep -c "ACTION:SUSPICIOUS_PROCESS" "$AUDIT_LOG" 2>/dev/null || echo 0)
    fi
    
    # Get current system load
    local load_average
    load_average=$(uptime | awk -F'load average:' '{print $2}' | awk '{print $1}' | tr -d ',')
    
    # Count running processes
    local total_processes
    total_processes=$(ps -A | wc -l)
    
    # Create JSON report
    cat > "$report_file" << EOF
{
  "report_type": "process_management",
  "timestamp": "$(date -u +%Y-%m-%dT%H:%M:%SZ)",
  "device_info": {
    "hostname": "$(hostname)",
    "os_version": "$(sw_vers -productVersion)",
    "serial_number": "$(system_profiler SPHardwareDataType | grep "Serial Number" | awk -F: '{print $2}' | xargs)"
  },
  "system_status": {
    "load_average": "$load_average",
    "total_processes": $total_processes,
    "recent_terminations": $recent_terminations,
    "hang_recoveries": $recent_hangs,
    "suspicious_processes_detected": $suspicious_processes
  },
  "policy_configuration": {
    "graceful_termination_first": $GRACEFUL_TERMINATION_FIRST,
    "business_hours_protection": $BUSINESS_HOURS_PROTECTION,
    "hang_detection_enabled": $HANG_DETECTION_ENABLED,
    "malware_detection_enabled": $MALWARE_DETECTION_ENABLED
  },
  "security_status": {
    "system_process_protection": $PREVENT_SYSTEM_PROCESS_TERMINATION,
    "suspicious_behavior_monitoring": $SUSPICIOUS_BEHAVIOR_MONITORING,
    "audit_enabled": $AUDIT_ALL_TERMINATIONS
  }
}
EOF
    
    echo "Process management report saved to: $report_file"
    log_action "Process management report generated: $report_file"
}

# Main function with argument handling
main() {
    log_action "=== MacFleet Process Management Tool Started ==="
    
    case "${1:-help}" in
        "close")
            enterprise_force_close "$2" "$3" "$4"
            ;;
        "bulk")
            bulk_force_close "$2" "$3" "$4"
            ;;
        "info")
            get_process_info "$2"
            ;;
        "detect-hangs")
            detect_and_recover_hangs
            ;;
        "report")
            generate_process_report
            ;;
        *)
            echo "MacFleet Enterprise Application Force Close Management Tool"
            echo "Usage: $0 [command] [options]"
            echo ""
            echo "Commands:"
            echo "  close [process_name] [force] [signal]    - Force close application with safety checks"
            echo "  bulk [list_file] [force] [signal]       - Bulk force close from file list"
            echo "  info [process_name]                     - Get detailed process information"
            echo "  detect-hangs                            - Detect and recover hung applications"
            echo "  report                                  - Generate process management report"
            echo ""
            echo "Signals:"
            echo "  TERM (default)  - Graceful termination signal"
            echo "  KILL           - Immediate termination (cannot be ignored)"
            echo "  ABRT           - Abort with core dump generation"
            echo "  HUP            - Hang up signal"
            echo "  INT            - Interrupt signal"
            echo ""
            echo "Examples:"
            echo "  $0 close \"Safari\"                      - Safe force close of Safari"
            echo "  $0 close \"Notes\" true KILL             - Force kill Notes (bypass safety)"
            echo "  $0 bulk hung_processes.txt              - Bulk close from list"
            echo "  $0 info \"Google Chrome\"                - Get Chrome process information"
            echo "  $0 detect-hangs                         - Scan for and recover hung apps"
            ;;
    esac
    
    log_action "=== Process management operation completed ==="
}

# Execute main function
main "$@"

## Advanced Process Management Features

### Intelligent Hang Detection

```bash
#!/bin/bash

# Advanced hang detection with machine learning patterns
detect_application_patterns() {
    local process_name="$1"
    
    echo "=== Application Behavior Pattern Analysis ==="
    
    # Monitor CPU and memory usage over time
    local cpu_samples=()
    local memory_samples=()
    
    for i in {1..10}; do
        local pid
        pid=$(pgrep -f "$process_name" | head -1)
        
        if [[ -n "$pid" ]]; then
            local cpu_usage
            local mem_usage
            cpu_usage=$(ps -p "$pid" -o pcpu= | xargs)
            mem_usage=$(ps -p "$pid" -o pmem= | xargs)
            
            cpu_samples+=("$cpu_usage")
            memory_samples+=("$mem_usage")
        fi
        
        sleep 2
    done
    
    # Analyze patterns
    local avg_cpu=0
    local cpu_variance=0
    
    for cpu in "${cpu_samples[@]}"; do
        avg_cpu=$(echo "$avg_cpu + $cpu" | bc -l)
    done
    avg_cpu=$(echo "scale=2; $avg_cpu / ${#cpu_samples[@]}" | bc -l)
    
    echo "Average CPU Usage: ${avg_cpu}%"
    
    # Detect hang patterns
    if (( $(echo "$avg_cpu < 0.5" | bc -l) )); then
        echo "🚨 Pattern indicates potential hang: Very low CPU activity"
        return 1
    elif (( $(echo "$avg_cpu > 90" | bc -l) )); then
        echo "🚨 Pattern indicates potential infinite loop: Sustained high CPU"
        return 1
    else
        echo "✅ Process behavior appears normal"
        return 0
    fi
}

# Resource leak detection
detect_resource_leaks() {
    local process_name="$1"
    
    echo "=== Resource Leak Detection ==="
    
    local pid
    pid=$(pgrep -f "$process_name" | head -1)
    
    if [[ -z "$pid" ]]; then
        echo "Process not found: $process_name"
        return 1
    fi
    
    # Check memory growth
    local initial_memory
    initial_memory=$(ps -p "$pid" -o rss= | xargs)
    
    sleep 60  # Monitor for 1 minute
    
    local final_memory
    final_memory=$(ps -p "$pid" -o rss= | xargs)
    
    local memory_growth
    memory_growth=$((final_memory - initial_memory))
    
    echo "Memory Growth: ${memory_growth} KB in 60 seconds"
    
    if [[ $memory_growth -gt 50000 ]]; then  # More than 50MB growth
        echo "🚨 Potential memory leak detected"
        log_action "Memory leak detected in $process_name: ${memory_growth}KB growth"
        return 1
    fi
    
    # Check file descriptor leaks
    local open_files
    open_files=$(lsof -p "$pid" 2>/dev/null | wc -l)
    
    echo "Open File Descriptors: $open_files"
    
    if [[ $open_files -gt 1000 ]]; then
        echo "🚨 Potential file descriptor leak detected"
        log_action "File descriptor leak detected in $process_name: $open_files open files"
        return 1
    fi
    
    echo "✅ No resource leaks detected"
    return 0
}

## Important Configuration Notes

### macOS Process Control Commands

- **`killall`** - Terminate all processes by name (case-sensitive)
- **`kill`** - Terminate specific process by PID
- **`pkill`** - Pattern-based process termination
- **Signals** - TERM (graceful), KILL (immediate), ABRT (with core dump)

### Enterprise Integration Points

- **Security Information and Event Management (SIEM)** - Process termination logging
- **Application Performance Monitoring** - Integration with APM platforms
- **Incident Management Systems** - Automated ticket creation for hangs
- **Change Management** - Documentation of process interventions

### Best Practices for Enterprise Process Management

1. **Safety and Validation**
   - Always attempt graceful termination before force killing
   - Protect critical system processes from accidental termination
   - Implement business hours restrictions for productivity applications
   - Maintain comprehensive audit trails

2. **User Experience**
   - Attempt to save user work before terminating applications
   - Provide clear notifications about process terminations
   - Auto-restart critical applications when possible
   - Minimize disruption during business hours

3. **Security and Monitoring**
   - Detect and quarantine suspicious processes
   - Monitor for unusual resource consumption patterns
   - Implement hang detection and automatic recovery
   - Track process behavior for security analysis

4. **Troubleshooting and Diagnostics**
   - Collect detailed process information before termination
   - Generate crash reports for analysis
   - Monitor system performance impact
   - Provide comprehensive reporting capabilities

### Troubleshooting Common Issues

- **Process won't terminate** - Escalate through signal hierarchy (TERM → KILL)
- **System stability issues** - Avoid terminating critical system processes
- **Data loss concerns** - Implement work-saving procedures before termination
- **Resource leaks** - Monitor memory and file descriptor usage
- **Hang detection false positives** - Tune detection thresholds based on application behavior

Remember to test process management procedures thoroughly in a controlled environment before implementing across your entire MacFleet to ensure system stability and user productivity.

Tutorial

Nuevas actualizaciones y mejoras para Macfleet.

Síguenos en X.com

May 20, 2025

Configurando un Runner de GitHub Actions en un Mac Mini (Apple Silicon)

Runner de GitHub Actions

GitHub Actions es una plataforma poderosa de CI/CD que te permite automatizar tus flujos de trabajo de desarrollo de software. Aunque GitHub ofrece runners hospedados, los runners auto-hospedados proporcionan mayor control y personalización para tu configuración de CI/CD. Este tutorial te guía a través de la configuración y conexión de un runner auto-hospedado en un Mac mini para ejecutar pipelines de macOS.

Prerrequisitos

Antes de comenzar, asegúrate de tener:

Un Mac mini (regístrate en Macfleet)
Un repositorio de GitHub con derechos de administrador
Un gestor de paquetes instalado (preferiblemente Homebrew)
Git instalado en tu sistema

Paso 1: Crear una Cuenta de Usuario Dedicada

Primero, crea una cuenta de usuario dedicada para el runner de GitHub Actions:

# Crear la cuenta de usuario 'gh-runner'
sudo dscl . -create /Users/gh-runner
sudo dscl . -create /Users/gh-runner UserShell /bin/bash
sudo dscl . -create /Users/gh-runner RealName "GitHub runner"
sudo dscl . -create /Users/gh-runner UniqueID "1001"
sudo dscl . -create /Users/gh-runner PrimaryGroupID 20
sudo dscl . -create /Users/gh-runner NFSHomeDirectory /Users/gh-runner

# Establecer la contraseña para el usuario
sudo dscl . -passwd /Users/gh-runner tu_contraseña

# Agregar 'gh-runner' al grupo 'admin'
sudo dscl . -append /Groups/admin GroupMembership gh-runner

Cambia a la nueva cuenta de usuario:

su gh-runner

Paso 2: Instalar Software Requerido

Instala Git y Rosetta 2 (si usas Apple Silicon):

# Instalar Git si no está ya instalado
brew install git

# Instalar Rosetta 2 para Macs Apple Silicon
softwareupdate --install-rosetta

Paso 3: Configurar el Runner de GitHub Actions

Ve a tu repositorio de GitHub
Navega a Configuración > Actions > Runners

Runner de GitHub Actions

Haz clic en "New self-hosted runner" (https://github.com/<username>/<repository>/settings/actions/runners/new)
Selecciona macOS como imagen del runner y ARM64 como arquitectura
Sigue los comandos proporcionados para descargar y configurar el runner

Runner de GitHub Actions

Crea un archivo .env en el directorio _work del runner:

# archivo _work/.env
ImageOS=macos15
XCODE_15_DEVELOPER_DIR=/Applications/Xcode.app/Contents/Developer

Ejecuta el script run.sh en tu directorio del runner para completar la configuración.
Verifica que el runner esté activo y escuchando trabajos en la terminal y revisa la configuración del repositorio de GitHub para la asociación del runner y el estado Idle.

Runner de GitHub Actions

Paso 4: Configurar Sudoers (Opcional)

Si tus acciones requieren privilegios de root, configura el archivo sudoers:

sudo visudo

Agrega la siguiente línea:

gh-runner ALL=(ALL) NOPASSWD: ALL

Paso 5: Usar el Runner en Flujos de Trabajo

Configura tu flujo de trabajo de GitHub Actions para usar el runner auto-hospedado:

name: Flujo de trabajo de muestra

on:
  workflow_dispatch:

jobs:
  build:
    runs-on: [self-hosted, macOS, ARM64]
    steps:
      - name: Instalar NodeJS
        run: brew install node

El runner está autenticado en tu repositorio y etiquetado con self-hosted, macOS, y ARM64. Úsalo en tus flujos de trabajo especificando estas etiquetas en el campo runs-on:

runs-on: [self-hosted, macOS, ARM64]

Mejores Prácticas

Mantén tu software del runner actualizado
Monitorea regularmente los logs del runner para problemas
Usa etiquetas específicas para diferentes tipos de runners
Implementa medidas de seguridad apropiadas
Considera usar múltiples runners para balanceo de carga

Solución de Problemas

Problemas comunes y soluciones:

Runner no conectando:
- Verifica conectividad de red
- Verifica validez del token de GitHub
- Asegúrate de permisos apropiados
Fallas de construcción:
- Verifica instalación de Xcode
- Verifica dependencias requeridas
- Revisa logs del flujo de trabajo
Problemas de permisos:
- Verifica permisos de usuario
- Verifica configuración de sudoers
- Revisa permisos del sistema de archivos

Conclusión

Ahora tienes un runner auto-hospedado de GitHub Actions configurado en tu Mac mini. Esta configuración te proporciona más control sobre tu entorno de CI/CD y te permite ejecutar flujos de trabajo específicos de macOS de manera eficiente.

Recuerda mantener regularmente tu runner y mantenerlo actualizado con los últimos parches de seguridad y versiones de software.

May 14, 2025

Aplicación Nativa

Aplicación nativa de Macfleet

Guía de Instalación de Macfleet

Macfleet es una solución poderosa de gestión de flota diseñada específicamente para entornos de Mac Mini alojados en la nube. Como proveedor de hosting en la nube de Mac Mini, puedes usar Macfleet para monitorear, gestionar y optimizar toda tu flota de instancias Mac virtualizadas.

Esta guía de instalación te llevará a través de la configuración del monitoreo de Macfleet en sistemas macOS, Windows y Linux para asegurar una supervisión integral de tu infraestructura en la nube.

🍎 macOS

Descarga el archivo .dmg para Mac aquí
Haz doble clic en el archivo .dmg descargado
Arrastra la aplicación Macfleet a la carpeta Aplicaciones
Expulsa el archivo .dmg
Abre Preferencias del Sistema > Seguridad y Privacidad
- Pestaña Privacidad > Accesibilidad
- Marca Macfleet para permitir el monitoreo
Inicia Macfleet desde Aplicaciones
El seguimiento comienza automáticamente

🪟 Windows

Descarga el archivo .exe para Windows aquí
Haz clic derecho en el archivo .exe > "Ejecutar como administrador"
Sigue el asistente de instalación
Acepta los términos y condiciones
Permite en Windows Defender si se solicita
Concede permisos de monitoreo de aplicaciones
Inicia Macfleet desde el Menú Inicio
La aplicación comienza el seguimiento automáticamente

🐧 Linux

Descarga el paquete .deb (Ubuntu/Debian) o .rpm (CentOS/RHEL) aquí
Instala usando tu gestor de paquetes
- Ubuntu/Debian: sudo dpkg -i Macfleet-linux.deb
- CentOS/RHEL: sudo rpm -ivh Macfleet-linux.rpm
Permite permisos de acceso X11 si se solicita
Agrega el usuario a los grupos apropiados si es necesario
Inicia Macfleet desde el menú de Aplicaciones
La aplicación comienza el seguimiento automáticamente

Nota: Después de la instalación en todos los sistemas, inicia sesión con tus credenciales de Macfleet para sincronizar datos con tu panel de control.