1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
#!/bin/bash
#
# Richard Kettlewell 2011-06-18
#
# This file is part of secnet.
# See README for full list of copyright holders.
#
# secnet is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# secnet is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# version 3 along with secnet; if not, see
# https://www.gnu.org/licenses/gpl.html.
#
set -e
group=${group:-secnet}
user=${user:-secnet}
# pick ID1 ID2 ... IDn
# Echoes an ID matching none of ID1..IDn
pick() {
local n
n=250 # better not choose 0!
while :; do
ok=true
for k in "$@"; do
if [ $n = $k ]; then
ok=false
break
fi
done
if $ok; then
echo $n
return
fi
n=$((1+$n))
done
}
if dscl . -read /Groups/$group >/dev/null 2>&1; then
:
else
gids=$(dscl . -list /Groups PrimaryGroupID|awk '{print $2}')
gid=$(pick $gids)
dscl . -create /Groups/$group
dscl . -create /Groups/$group PrimaryGroupID $gid
dscl . -create /Groups/$group Password \*
fi
if dscl . -read /Users/$user >/dev/null 2>&1; then
:
else
uids=$(dscl . -list /Users UniqueID|awk '{print $2}')
uid=$(pick $uids)
gid=$(dscl . -read /Groups/$group PrimaryGroupID | awk '{print $2}')
dscl . -create /Users/$user
dscl . -create /Users/$user UniqueID $uid
dscl . -create /Users/$user UserShell /usr/bin/false
dscl . -create /Users/$user RealName 'secnet'
dscl . -create /Users/$user NFSHomeDirectory /var/empty
dscl . -create /Users/$user PrimaryGroupID $gid
dscl . -create /Users/$user Password \*
fi
cp uk.org.greenend.secnet.plist /Library/LaunchDaemons/.
launchctl load /Library/LaunchDaemons
echo "To start secnet:"
echo " sudo launchctl start uk.org.greenend.secnet"
echo
echo "To stop secnet:"
echo " sudo launchctl stop uk.org.greenend.secnet"
echo
echo "To uninstall:"
echo " sudo launchctl unload /Library/LaunchDaemons/uk.org.greenend.secnet.plist"
echo " sudo rm -f /Library/LaunchDaemons/uk.org.greenend.secnet.plist"
|
