├── .gitignore
├── ChromeKioskMode.sh
├── README.md
├── addHOSTS.sh
├── bitDefenderInstallUniversal.sh
├── checkAppearance.zsh
├── checkZoom.sh
├── checkZoomAndUpdate.sh
├── chromeRepair.sh
├── clean_users.sh
├── defaultBrowserMail.zsh
├── dockutil.sh
├── drivewipe.sh
├── enableLocationServices.zsh
├── prepDockLauncher.sh
├── removeSSID.sh
├── setDock.sh
├── swap_bonjour_forIP.sh
└── waitForUser.sh


/.gitignore:
--------------------------------------------------------------------------------
1 | 
2 | .DS_Store
3 | 


--------------------------------------------------------------------------------
/ChromeKioskMode.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | 
3 | # kill and relaunch Google Chrome in kiosk mode
4 | 
5 | killall Google\ Chrome
6 | 
7 | sleep 5
8 | 
9 | /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --kiosk


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # macos
2 | Scripts and misc for doing stuff in OS X/macOS. Use with caution, compatibility with certain OS versions is not guaranteed.
3 | 


--------------------------------------------------------------------------------
/addHOSTS.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | # 
 3 | # Check /etc/hosts and add entry if it's not found
 4 | #
 5 | 
 6 | SUCCESS=0
 7 | domain=domain.com
 8 | needle=subdomain.$domain
 9 | hostline="127.0.0.1 $needle"
10 | filename=/etc/hosts
11 | 
12 | # Determine if the line already exists in /etc/hosts
13 | grep -q "$needle" "$filename"  # -q is for quiet. Shhh...
14 | 
15 | # Grep's return error code can then be checked. No error=success
16 | if [ $? -eq $SUCCESS ]
17 | then
18 |   exit 0;
19 | else
20 |   # If the line wasn't found, add it using an echo append >>
21 |   echo "$hostline" >> "$filename"
22 |     # Let's recheck to be sure it was added.
23 |     grep -q "$needle" "$filename"
24 | 
25 |     if [ $? -eq $SUCCESS ]
26 |         then
27 |             exit 0;
28 |         else
29 |             exit 1;
30 |     fi
31 | fi
32 | 


--------------------------------------------------------------------------------
/bitDefenderInstallUniversal.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | dmgNameIntel="Endpoint_for_MAC.dmg"
 4 | dmgNameARM="Endpoint_for_MAC_ARM.dmg"
 5 | downloadURLIntel="https://your-url.com/bitdefender/$dmgNameIntel"
 6 | downloadURLARM="https://your-url.com/bitdefender/$dmgNameARM"
 7 | pkgNameIntel="antivirus_for_mac.pkg"
 8 | pkgNameARM="antivirus_for_mac_arm.pkg"
 9 | expectedTeamID="GUNFMW623Y"
10 | workDirectory=$( /usr/bin/basename "$0" )
11 | tempDirectory=$( /usr/bin/mktemp -d "/private/tmp/$workDirectory.XXXXXX" )
12 | 
13 | printlog(){
14 |   timestamp=$(date +%F\ %T)    
15 |   echo "$timestamp" "BitDefender Install" "$1"
16 | }
17 | 
18 | cleanupAndExit() { # $1 = exit code, $2 message
19 |   if [[ -n $2 && $1 -ne 0 ]]; then
20 |       printlog "ERROR: $2"
21 |   fi
22 |   if [ -n "$dmgMount" ]; then
23 |       # unmount disk image
24 |       printlog "Unmounting $dmgMount"
25 |       sleep 2
26 |       hdiutil detach "$dmgMount"
27 |   fi
28 |   exit "$1"
29 | }
30 | 
31 | determinePlatform() {
32 |   if [[ $(arch) == "arm64" ]]; then
33 |     downloadURL="$downloadURLARM"
34 |     dmgName="$dmgNameARM"
35 |     pkgName="$pkgNameARM"
36 |   elif [[ $(arch) == "i386" ]]; then
37 |     downloadURL="$downloadURLIntel"
38 |     dmgName="$dmgNameIntel"
39 |     pkgName="$pkgNameIntel"
40 | fi
41 | }
42 | 
43 | mountDMG() {
44 |   # mount the dmg
45 |   printlog "Mounting $tempDirectory/$dmgName"
46 |   # always pipe 'Y\n' in case the dmg requires an agreement
47 |   if ! dmgMount=$(printlog 'Y'$'\n' | hdiutil attach "$tempDirectory/$dmgName" -nobrowse -readonly | tail -n 1 | cut -c 54- ); then
48 |     cleanupAndExit 3 "Error mounting $tempDirectory/$dmgName"
49 |   fi
50 | 
51 |   if [[ ! -e $dmgMount ]]; then
52 |     printlog "Error mounting $tempDirectory/$dmgName"
53 |     cleanupAndExit 3
54 |   fi
55 | 
56 |   printlog "Mounted: $dmgMount"
57 | }
58 | 
59 | # check for installation and exit if found
60 | if [ -e "/Applications/Endpoint Security for Mac.app" ]; then
61 |   printlog "Endpoint Security for Mac found. Exiting."
62 |     cleanupAndExit 0
63 | else printlog "Endpoint Security for Mac not found. Proceeding..."
64 | fi
65 | 
66 | # create temporary working directory
67 | printlog "Created working directory '$tempDirectory'"
68 | 
69 | determinePlatform
70 | 
71 | # download the installer dmg
72 | printlog "Downloading dmg $downloadURL"
73 | /usr/bin/curl --silent --location "$downloadURL" -o "$tempDirectory/$dmgName"
74 | 
75 | mountDMG
76 | 
77 | # Get the Team ID
78 | teamID=$(/usr/sbin/spctl -a -vv -t install "$dmgMount/$pkgName" 2>&1 | awk '/origin=/ {print $NF }' | tr -d '()')
79 | printlog "Team ID for downloaded package: $teamID"
80 | 
81 | # install the package if Team ID validates
82 | if [ $expectedTeamID = "$teamID" ] || [ "$expectedTeamID" = "" ]; then
83 |   printlog "Installing package $pkgName"
84 |   /usr/sbin/installer -pkg "$dmgMount"/"$pkgName" -target /
85 |   exitCode=0
86 | else
87 |   printlog "Package verification failed before package installation could start. Download link may be invalid."
88 |   exitCode=1
89 | fi
90 | 
91 | cleanupAndExit $exitCode
92 | 


--------------------------------------------------------------------------------
/checkAppearance.zsh:
--------------------------------------------------------------------------------
 1 | #!/bin/zsh --no-rcs
 2 | #set -x
 3 | 
 4 | # Get the currently logged in user
 5 | currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
 6 | uid=$(id -u "$currentUser")
 7 | 
 8 | # Run a command as the currently logged in user
 9 | RunAsUser() {  
10 | 	if [ "$currentUser" != "loginwindow" ]; then
11 | 		launchctl asuser "$uid" sudo -u "$currentUser" "$@"
12 | 	else
13 | 		echo "No user logged in, cannot proceed"
14 | 		# uncomment the exit command
15 | 		# to make the function exit with an error when no user is logged in
16 | 		exit 1
17 | 	fi
18 | }	
19 | 
20 | # Get the current appearance
21 | setAppearance=$(RunAsUser defaults read -g AppleInterfaceStyle 2>/dev/null)
22 | setAutoAppearance=$(RunAsUser defaults read -g AppleInterfaceStyleSwitchesAutomatically 2>/dev/null)
23 | 
24 | # Check if the appearance is set to Light, Dark, or Auto.
25 | if [ -z "$setAppearance" ] && [ -z "$setAutoAppearance" ]; then
26 | 	appearance="Light"
27 | elif [ "$setAutoAppearance" = 1 ] && [ -z "$setAppearance" ]; then
28 | 	appearance="Auto (Light)"
29 | elif  "$setAutoAppearance" = 1 ] && [ "$setAppearance" = Dark ]; then
30 | 	appearance="Auto (Dark)" 
31 | else
32 | 	appearance="Dark"
33 | fi
34 | 
35 | echo "<result>$appearance</result>
36 | 


--------------------------------------------------------------------------------
/checkZoom.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/zsh --no-rcs
 2 | 
 3 | if [ -e /Applications/zoom.us.app ]; then
 4 |     zoomStatus=$(/usr/libexec/PlistBuddy -c "print ZITPackage" /Applications/zoom.us.app/Contents/Info.plist 2>/dev/null)
 5 | else echo "Zoom not installed"
 6 | exit 0
 7 | fi
 8 | 
 9 | if [[ $zoomStatus == true ]]; then
10 |     zoomAppType="zoomforIT"
11 | else zoomAppType="consumer"
12 | fi
13 | 
14 | echo "Zoom installed is $zoomAppType"
15 | 


--------------------------------------------------------------------------------
/checkZoomAndUpdate.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | if [ -e /Applications/zoom.us.app ]; then
 4 |     zoomStatus=$(/usr/libexec/PlistBuddy -c "print ZITPackage" /Applications/zoom.us.app/Contents/Info.plist 2>/dev/null)
 5 | else echo "Zoom not installed"
 6 | exit 0
 7 | fi
 8 | 
 9 | if [[ $zoomStatus == true ]]; then
10 |     zoomAppType="zoomforIT"
11 |     echo "Zoom installed is already $zoomAppType"
12 |     exit 0
13 | else zoomAppType="consumer"
14 | fi
15 | 
16 | echo "Zoom installed is $zoomAppType"
17 | 
18 | assertedApps="$(/usr/bin/pmset -g assertions | /usr/bin/awk '/NoDisplaySleepAssertion | PreventUserIdleDisplaySleep/ && match($0,/\(.+\)/) && ! /coreaudiod/ {gsub(/^.*\(/,"",$0); gsub(/\).*$/,"",$0); print};')"
19 | 
20 | if [[ "${assertedApps}" =~ zoom.us ]]; then
21 |     echo "Zoom is running and in a video call."
22 |     echo exit 1
23 | fi
24 | 
25 | echo "Safe to update Zoom now. Proceeding.."
26 | 
27 | /usr/local/Installomator/Installomator.sh zoom NOTIFY=silent BLOCKING_PROCESS_ACTION=ignore INSTALL=force
28 | 
29 | if pgrep -xq "zoom.us"; then
30 |     echo "Zoom is open, let's close and reopen it"
31 |     killall "zoom.us"
32 |     open -j -h "/Applications/zoom.us.app"
33 | fi
34 | 
35 | exit 0


--------------------------------------------------------------------------------
/chromeRepair.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | loggedInUser=$( scutil <<< "show State:/Users/ConsoleUser" | awk -F': ' '/[[:space:]]+Name[[:space:]]:/ { if ( $2 != "loginwindow" ) { print $2 }}' )
 4 | url="https://dl.google.com/chrome/mac/stable/accept_tos%3Dhttps%253A%252F%252Fwww.google.com%252Fintl%252Fen_ph%252Fchrome%252Fterms%252F%26_and_accept_tos%3Dhttps%253A%252F%252Fpolicies.google.com%252Fterms/googlechrome.pkg"
 5 | expectedTeamID="EQHXZ8M8AV"
 6 | 
 7 | paths=(
 8 |   "/Applications/Google Chrome.app"
 9 |   "/Library/LaunchAgents/com.google.keystone*"
10 |   "/Library/LaunchAgents/com.google.Keystone*"
11 |   "/Library/Preferences/com.google.keystone*"
12 |   "/Library/Google/Chrome/"
13 |   "/Library/Application Support/Google/Chrome/"
14 |   "/var/db/receipts/com.google.Chrome.bom"
15 |   "/var/db/receipts/com.google.Chrome.plist"
16 | )
17 | 
18 | for path in "${paths[@]}"; do
19 |   if [ ! -e "${path}" ]; then
20 |     echo "Not found: '${path}'"
21 |   else
22 |     echo "Found: '${path}'"
23 |     rm -rf "${path}" && echo "'${path}' deleted"
24 |   fi
25 | done
26 | 
27 | sudo -u "$loggedInUser" rm -rf /Users/"$loggedInUser"/Library/Application\ Support/Google/Chrome/
28 | sudo -u "$loggedInUser" rm -rf /Users/"$loggedInUser"/Library/Application\ Support/Google/RLZ
29 | sudo -u "$loggedInUser" rm -rf /Users/"$loggedInUser"/Library/Application\ Support/CrashReporter/Google\ Chrome*
30 | sudo -u "$loggedInUser" rm -rf /Users/"$loggedInUser"/Library/Preferences/com.google.Chrome*
31 | sudo -u "$loggedInUser" rm -rf /Users/"$loggedInUser"/Library/Caches/com.google.Chrome*
32 | sudo -u "$loggedInUser" rm -rf /Users/"$loggedInUser"/Library/Saved\ Application\ State/com.google.Chrome.savedState/
33 | sudo -u "$loggedInUser" rm -rf /Users/"$loggedInUser"/Library/Google/GoogleSoftwareUpdate/Actives/com.google.Chrome
34 | sudo -u "$loggedInUser" rm -rf /Users/"$loggedInUser"/Library/Google/Google\ Chrome*
35 | sudo -u "$loggedInUser" rm -rf /Users/"$loggedInUser"/Library/LaunchAgents/com.google.*
36 | sudo -u "$loggedInUser" rm -rf /Users/"$loggedInUser"/Library/Preferences/com.google.Chrome.plist
37 | sudo -u "$loggedInUser" rm -rf /Users/"$loggedInUser"/Library/Preferences/com.google.Keystone.Agent.plist
38 | sudo -u "$loggedInUser" rm -rf /Users/"$loggedInUser"/Library/Caches/com.google.*
39 | sudo -u "$loggedInUser" rm -rf /Users/"$loggedInUser"/Applications/Chrome\ Apps.localized/
40 | 
41 | # create temporary working directory
42 | workDirectory=$( /usr/bin/basename "$0" )
43 | tempDirectory=$( /usr/bin/mktemp -d "/private/tmp/$workDirectory.XXXXXX" )
44 | echo "Created working directory '$tempDirectory'"
45 | 
46 | # download the installer package
47 | echo "Downloading Chrome package"
48 | /usr/bin/curl --location --silent "$url" -o "$tempDirectory/Chrome.pkg"
49 | 
50 | # verify the download
51 | teamID=$(/usr/sbin/spctl -a -vv -t install "$tempDirectory/Chrome.pkg" 2>&1 | awk '/origin=/ {print $NF }' | tr -d '()')
52 | echo "Team ID for downloaded package: $teamID"
53 | 
54 | # install the package if Team ID validates
55 | if [ "$expectedTeamID" = "$teamID" ] || [ "$expectedTeamID" = "" ]; then
56 |   echo "Package verified. Installing package Chrome.pkg"
57 |   /usr/sbin/installer -pkg "$tempDirectory/Chrome.pkg" -target /
58 |   exitCode=0
59 | else
60 |     echo "Package verification failed before package installation could start. Download link may be invalid."
61 |     exitCode=1
62 | fi
63 | 
64 | # remove the temporary working directory when done
65 | echo "Deleting working directory '$tempDirectory' and its contents"
66 | /bin/rm -Rf "$tempDirectory"
67 | 
68 | sudo -u "$loggedInUser" osascript -e "display alert \"Google Chrome has been repaired\" message \"Google Chrome was been removed and reinstalled. Please open Google Chrome now to test.\""
69 | 
70 | exit $exitCode


--------------------------------------------------------------------------------
/clean_users.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | #
 4 | # Purpose: Removes all non-local accounts on computers to help stop drives from filling up.
 5 | # Will spare the 'ladmin' and 'Shared' home directories.
 6 | #
 7 | 
 8 | users=$(find /Users -type d -maxdepth 1 | cut -d"/" -f3)
 9 | 
10 | echo "Time to clean users.."
11 | echo "Found these $users"
12 | echo "Removing users.."
13 | 
14 | for i in $users; do
15 |   if [[ $i = "ladmin" ]] || [[ $i = "Shared" ]]; then continue
16 |   else
17 |   	echo "Removing $i.."
18 |     rm -Rf /Users/"$i"
19 |   fi
20 | done
21 | 
22 | echo "Finished cleaning users."
23 | 


--------------------------------------------------------------------------------
/defaultBrowserMail.zsh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | # Should be in the format domain.vendor.app (e.g. com.google.chrome or com.apple.safari)
 4 | browserAgentString="com.google.chrome"
 5 | 
 6 | # Should be in the format domain.vendor.app (e.g. com.google.chrome or com.apple.mail)
 7 | emailAgentString="com.google.chrome"
 8 | 
 9 | loggedInUser=$(/usr/bin/stat -f%Su "/dev/console")
10 | loggedInUserHome=$(/usr/bin/dscl . -read "/Users/$loggedInUser" NFSHomeDirectory | /usr/bin/awk '{print $NF}')
11 | launchServicesPlistFolder="$loggedInUserHome/Library/Preferences/com.apple.LaunchServices"
12 | launchServicesPlist="$launchServicesPlistFolder/com.apple.launchservices.secure.plist"
13 | plistbuddyPath="/usr/libexec/PlistBuddy"
14 | plistbuddyPreferences=(
15 |   "Add :LSHandlers:0:LSHandlerRoleAll string $browserAgentString"
16 |   "Add :LSHandlers:0:LSHandlerURLScheme string http"
17 |   "Add :LSHandlers:1:LSHandlerRoleAll string $browserAgentString"
18 |   "Add :LSHandlers:1:LSHandlerURLScheme string https"
19 |   "Add :LSHandlers:2:LSHandlerRoleViewer string $browserAgentString"
20 |   "Add :LSHandlers:2:LSHandlerContentType string public.html"
21 |   "Add :LSHandlers:3:LSHandlerRoleViewer string $browserAgentString"
22 |   "Add :LSHandlers:3:LSHandlerContentType string public.url"
23 |   "Add :LSHandlers:4:LSHandlerRoleViewer string $browserAgentString"
24 |   "Add :LSHandlers:4:LSHandlerContentType string public.xhtml"
25 |   "Add :LSHandlers:5:LSHandlerRoleAll string $emailAgentString"
26 |   "Add :LSHandlers:5:LSHandlerURLScheme string mailto"
27 | )
28 | lsregisterPath="/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/Support/lsregister"
29 | 
30 | ########## main process ##########
31 | 
32 | # Clear out LSHandlers array data from $launchServicesPlist, or create new plist if file does not exist.
33 | if [[ -e "$launchServicesPlist" ]]; then
34 |   "$plistbuddyPath" -c "Delete :LSHandlers" "$launchServicesPlist"
35 |   echo "Reset LSHandlers array from $launchServicesPlist."
36 | else
37 |   /bin/mkdir -p "$launchServicesPlistFolder"
38 |   "$plistbuddyPath" -c "Save" "$launchServicesPlist"
39 |   echo "Created $launchServicesPlist."
40 | fi
41 | 
42 | # Add new LSHandlers array.
43 | "$plistbuddyPath" -c "Add :LSHandlers array" "$launchServicesPlist"
44 | echo "Initialized LSHandlers array."
45 | 
46 | # Set handler for each URL scheme and content type to specified browser and email client.
47 | for plistbuddyCommand in "${plistbuddyPreferences[@]}"; do
48 |   "$plistbuddyPath" -c "$plistbuddyCommand" "$launchServicesPlist"
49 |   if [[ "$plistbuddyCommand" = *"$browserAgentString"* ]] || [[ "$plistbuddyCommand" = *"$emailAgentString"* ]]; then
50 |     arrayEntry=$(echo "$plistbuddyCommand" | /usr/bin/awk -F: '{print $2 ":" $3 ":" $4}' | /usr/bin/sed 's/ .*//')
51 |     prefLabel=$(echo "$plistbuddyCommand" | /usr/bin/awk '{print $4}')
52 |     echo "Set $arrayEntry to $prefLabel."
53 |   fi
54 | done
55 | 
56 | # Fix permissions on $launchServicesPlistFolder.
57 | /usr/sbin/chown -R "$loggedInUser" "$launchServicesPlistFolder"
58 | echo "Fixed permissions on $launchServicesPlistFolder."
59 | 
60 | # Reset Launch Services database.
61 | "$lsregisterPath" -kill -r -domain local -domain system -domain user
62 | echo "Reset Launch Services database. A restart may also be required for these new default client changes to take effect."
63 | 
64 | # Try to modify CHrome so it doesn't prompt for first run. I think this is not needed if you use GCBM/config profiles
65 | # if [ ! -d $loggedInUserHome/Library/Application\ Support/Google/Chrome ]; then
66 | #   echo "Chrome has not been launched. Doing the needed prep.."
67 | #   /bin/mkdir -p $loggedInUserHome/Library/Application\ Support/Google/Chrome
68 | #   /usr/bin/touch $loggedInUserHome/Library/Application\ Support/Google/Chrome/First\ Run
69 | #   /usr/sbin/chown -R "$loggedInUser" $loggedInUserHome/Library/Application\ Support/Google/Chrome
70 | # fi
71 | 
72 | exit 0
73 | 


--------------------------------------------------------------------------------
/dockutil.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/zsh --no-rcs
 2 | 
 3 | export PATH=/usr/bin:/bin:/usr/sbin:/sbin
 4 | autoload is-at-least
 5 | installedOSversion=$(sw_vers -productVersion)
 6 | 
 7 | if is-at-least 13 "\$installedOSversion"; then
 8 |   settingsPath=/System/Applications/System\ Settings.app
 9 |   else
10 |     settingsPath=/System/Applications/System\ Preferences.app
11 | fi
12 | 
13 | # Get the currently logged in user
14 | currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
15 | 
16 | # Get uid logged in user
17 | uid=$(id -u "${currentUser}")
18 | 
19 | # Current User home folder - do it this way in case the folder isn't in /Users
20 | userHome=$(dscl . -read /users/${currentUser} NFSHomeDirectory | cut -d " " -f 2)
21 | 
22 | # Path to plist
23 | plist="${userHome}/Library/Preferences/com.apple.dock.plist"
24 | 
25 | # Convenience function to run a command as the current user
26 | # usage: runAsUser command arguments...
27 | runAsUser() {  
28 | 	if [[ "${currentUser}" != "loginwindow" ]]; then
29 | 		launchctl asuser "$uid" sudo -u "${currentUser}" "$@"
30 | 	else
31 | 		echo "no user logged in"
32 | 		exit 1
33 | 	fi
34 | }
35 | 
36 | # Check if dockutil is installed
37 | if [[ -x "/usr/local/bin/dockutil" ]]; then
38 |     dockutil="/usr/local/bin/dockutil"
39 | else
40 |     echo "dockutil not installed in /usr/local/bin, exiting"
41 |     exit 1
42 | fi
43 | 
44 | # Version dockutil
45 | dockutilVersion=$(${dockutil} --version)
46 | echo "Dockutil version = ${dockutilVersion}"
47 | 
48 | # Create a clean Dock
49 | runAsUser "${dockutil}" --remove all --no-restart ${plist}
50 | echo "clean-out the Dock"
51 | 
52 | # Full path to Applications to add to the Dock
53 | apps=(
54 | "/System/Applications/Launchpad.app"
55 | "/Applications/Google Chrome.app"
56 | "/Applications/Slack.app"
57 | "/Applications/zoom.us.app"
58 | "/Applications/Kandji Self Service.app"
59 | "/System/Applications/System Settings.app"
60 | "/System/Applications/System Preferences.app"
61 | )
62 | 
63 | # Loop through Apps and check if App is installed, If Installed at App to the Dock.
64 | for app in "${apps[@]}"; 
65 | do
66 | 	if [[ -e ${app} ]]; then
67 | 		runAsUser "${dockutil}" --add "$app" --no-restart ${plist};
68 | 	else
69 | 		echo "${app} not installed"
70 |     fi
71 | done
72 | 
73 | # Add logged in users Downloads folder to the Dock
74 | runAsUser "${dockutil}" --add ${userHome}/Downloads --view list --display stack --sort dateadded --no-restart ${plist}
75 | 
76 | # Disable show recent
77 | runAsUser defaults write com.apple.dock show-recents -bool FALSE
78 | echo "Hide show recent from the Dock"
79 | 
80 | # sleep 3
81 | 
82 | # Kill dock to use new settings
83 | killall -KILL Dock
84 | echo "Restarted the Dock"
85 | 
86 | echo "Finished creating default Dock"
87 | 
88 | # don't try to tidy dock again
89 | # mkdir -p "/Users/$currentUser/Library/bits"
90 | # touch "/Users/$currentUser/Library/bits/dock.tidied"
91 | # echo "Created recipt so the dock won't be tidied again"
92 | 
93 | exit 0
94 | 


--------------------------------------------------------------------------------
/drivewipe.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # Written by Rusty Myers
  3 | # 2013-07-12
  4 | # Erase FV Volume
  5 | # Uses rtroutons code: https://github.com/rtrouton/rtrouton_scripts/blob/master/rtrouton_scripts/filevault_2_encryption_check/filevault_2_status_check.sh
  6 | # updated #1
  7 | 
  8 | function Log ()
  9 | {
 10 |     logText=$1
 11 |     # indent lines except for program entry and exit
 12 |     if [[ "${logText}" == "-->"* ]];then
 13 |         logText="${logText} : launched..."
 14 |     else
 15 |         if [[ "${logText}" == "<--"* ]];then
 16 |             logText="${logText} : ...terminated"
 17 |         else
 18 |         logText="   ${logText}"
 19 |         fi
 20 |     fi
 21 |     date=$(/bin/date)
 22 |     echo "${date/E[DS]T /} ${logText}"
 23 | }
 24 | 
 25 | function buildDiskArray () {
 26 |     # Resent Variables
 27 |     SSD=""
 28 |     HDD=""
 29 |     UUID=""
 30 |     DiskListArrayNumber=0
 31 |     DiskList=""
 32 |     # Reset Array
 33 |     unset DiskListArray
 34 |     GROUPNAME="CLCLVG"
 35 | 
 36 |     # Build array of internal disks in Mac (disk0, disk1, disk2, etc...)
 37 |     DiskList=$(diskutil list | grep -i ^/dev | awk '{print $1}')
 38 | 
 39 |     for i in $DiskList; do
 40 |         # Run through each disk connected
 41 |         # put each disk's info into a plist
 42 |         diskutil info -plist $i > "$TMP_LOCATION/tmpdisk.plist"
 43 |         # Yes if internal
 44 |         if [[ $(defaults read "$TMP_LOCATION/tmpdisk.plist" Internal) == 1 ]]; then
 45 |             Log "Disk $i is Internal"
 46 |             Log "Disk array number: $DiskListArrayNumber"
 47 |             # Set array with internal disk
 48 |             DiskListArray[$DiskListArrayNumber]="$i"
 49 |             # Increment array
 50 |             DiskListArrayNumber=$(expr $DiskListArrayNumber + 1)
 51 |         fi
 52 |     done
 53 |     Log "There are ${#DiskListArray[@]} internal disks in the DiskListArray"
 54 | }
 55 | 
 56 | function ifError () {
 57 |     # check return code passed to function
 58 |     exitStatus=$?
 59 |     if [[ $exitStatus -ne 0 ]]; then
 60 |     # if rc > 0 then print error msg and quit
 61 |     echo -e "$0 Time:$TIME $1 Exit: $exitStatus"
 62 |     exit $exitStatus
 63 |     fi
 64 | }
 65 | 
 66 | Log "-->"
 67 | Log "Hello Computer."
 68 | 
 69 | # Variables
 70 | TIME=`date "+2013-07-12-21-43-51"`
 71 | VOLUMENAME="Macintosh HD"
 72 | # net install env have the /System/Installation/ as rw
 73 | TMP_LOCATION="/private/tmp"
 74 | CORESTORAGESTATUS="$TMP_LOCATION/corestatus.txt"
 75 | 
 76 | # Check for the number of internal disks
 77 | buildDiskArray
 78 | 
 79 | # If there is one internal drive, there is NO LVG
 80 | if [[ "${#DiskListArray[@]}" -lt 2 ]];then
 81 |     # one disk means disk 0 is our target
 82 |     Log "Internal Disk: ${DiskListArray[0]}"
 83 |     INTERNALDISK="${DiskListArray[0]}"
 84 | 
 85 |     diskutil cs info "$INTERNALDISK" > "$CORESTORAGESTATUS" 2>&1
 86 | 
 87 |     # If the Mac is running 10.7 or higher, but the boot volume
 88 |     # is not a CoreStorage volume, the following message is
 89 |     # displayed without quotes:
 90 |     #
 91 |     # "FileVault 2 Encryption Not Enabled"
 92 | 
 93 |     if grep -iE 'is not a CoreStorage disk' $CORESTORAGESTATUS 1>/dev/null; then
 94 |        Log "FileVault 2 Encryption Not Enabled"
 95 |        rm -f "$CORESTORAGESTATUS"
 96 |        # do one pass wipe
 97 |        diskutil secureErase 1 "$INTERNALDISK"
 98 |        ifError "Erasing internal disk $INTERNALDISK failed. We've got to do this by hand!"
 99 |     else
100 |        Log "FileVault 2 Encryption is Enabled"
101 |        CoreStorageUUID=`/usr/sbin/diskutil cs list | awk '/Logical Volume Group/ {print $5}'`
102 |        /usr/sbin/diskutil cs delete $CoreStorageUUID
103 |        ifError "Erasing internal disk $INTERNALDISK failed. We've got to do this by hand!"
104 |     fi
105 |     Log "************"
106 |     Log "******  All Done. Thanks!  ******"
107 |     Log "************"
108 | 
109 | fi
110 | Log "<--"
111 | 
112 | exit 0
113 | 


--------------------------------------------------------------------------------
/enableLocationServices.zsh:
--------------------------------------------------------------------------------
 1 | #!/bin/zsh --no-rcs
 2 | # shellcheck shell=bash
 3 | # set -x
 4 | #
 5 | # Turn on Location Services programmatically.
 6 | # People travel. Don't set the time zone manually.
 7 | #
 8 | # Adam Codega
 9 | # github.com/acodega
10 | #
11 | # Tested on macOS Sequoia 15.1.1 and earlier
12 | #
13 | # pre-SIP commands have been left for historical/education reasons
14 | # Mac has to restart after running, Location Services will be enabled then
15 | #
16 | 
17 | # unload locationd for pre-SIP systems, comment this out if SIP
18 | # /bin/launchctl unload /System/Library/LaunchDaemons/com.apple.locationd.plist
19 | 
20 | # write enabled value to locationd plist
21 | /usr/bin/defaults write /var/db/locationd/Library/Preferences/ByHost/com.apple.locationd LocationServicesEnabled -int 1
22 | 
23 | # fix ownership of the locationd folder, just to be safe, comment this out if SIP
24 | # /usr/sbin/chown -R _locationd:_locationd /var/db/locationd
25 | 
26 | # reload locationd for pre-SIP systems
27 | # /bin/launchctl load /System/Library/LaunchDaemons/com.apple.locationd.plist
28 | 


--------------------------------------------------------------------------------
/prepDockLauncher.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | # Define LaunchDaemon variables
 4 | launchdaemon_identifier="com.contoso.docksettings"
 5 | launchdaemon_filepath="/Library/LaunchDaemons/${launchdaemon_identifier}.plist"
 6 | launchdaemon_program_filepath="/tmp/setDock.sh"
 7 | launchdaemon_watchpath="/Applications/zoom.us.app"
 8 | 
 9 | # Create LaunchDaemon that launches script after last Auto App is installed
10 | cat <<EOF > "${launchdaemon_filepath}"
11 | <?xml version="1.0" encoding="UTF-8"?>
12 | <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
13 | <plist version="1.0">
14 |     <dict>
15 |         <key>Label</key>
16 |         <string>${launchdaemon_identifier}</string>
17 |         <key>Program</key>
18 |         <string>${launchdaemon_program_filepath}</string>
19 |         <key>RunAtLoad</key>
20 |         <false/>
21 |         <key>WatchPaths</key>
22 |         <array>
23 |             <string>${launchdaemon_watchpath}</string>
24 |         </array>
25 |     </dict>
26 | </plist>
27 | EOF
28 | 
29 | # Create program script
30 | cat <<EOF > "${launchdaemon_program_filepath}"
31 | #!/bin/zsh --no-rcs
32 | autoload is-at-least
33 | installedOSversion=\$(sw_vers -productVersion)
34 | launchdaemon_filepath="/Library/LaunchDaemons/com.contoso.docksettings.plist"
35 | currentUser=\$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print \$3 }' )
36 | uid=\$(id -u "\$currentUser")
37 | echo "\$currentUser and \$uid"
38 | 
39 | if is-at-least 13 "\$installedOSversion"; then
40 |   settingsPath=/System/Applications/System\ Settings.app
41 |   else
42 |     settingsPath=/System/Applications/System\ Preferences.app
43 | fi
44 | 
45 | runAsUser() {  
46 |   if [ "\$currentUser" != "loginwindow" ]; then
47 |     launchctl asuser "\$uid" sudo -u "\$currentUser" "\$@"
48 |   else
49 |     echo "no user logged in"
50 |   fi
51 | }
52 | 
53 | dock_item() {
54 |   printf '<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>%s</string><key>_CFURLStringType</key><integer>0</integer></dict></dict></dict>', "\$1"
55 | }
56 | 
57 | sleep 5
58 | 
59 | runAsUser defaults write com.apple.terminal SecureKeyboardEntry -bool "true"
60 | runAsUser defaults delete com.apple.dock persistent-apps
61 | runAsUser defaults write com.apple.dock "show-recents" -bool "false"
62 | 
63 | runAsUser defaults write com.apple.dock persistent-apps -array \
64 |   "\$(dock_item /System/Applications/Launchpad.app)" \
65 |   "\$(dock_item /Applications/Google\ Chrome.app)" \
66 |   "\$(dock_item /Applications/Slack.app)" \
67 |   "\$(dock_item /Applications/zoom.us.app)" \
68 |   "\$(dock_item /Applications/Self Service.app)" \
69 |   "\$(dock_item "\$settingsPath")"
70 | 
71 | killall Dock
72 | 
73 | launchctl unload "\${launchdaemon_filepath}"
74 | rm "\${launchdaemon_filepath}"
75 | rm "/tmp/setDock.sh"
76 | 
77 | exit 0
78 | 
79 | EOF
80 | 
81 | chmod a+x "${launchdaemon_program_filepath}"
82 | 
83 | # Load LaunchDaemon
84 | launchctl load "${launchdaemon_filepath}"
85 | 
86 | # Exit
87 | exit 0
88 | 


--------------------------------------------------------------------------------
/removeSSID.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | #
 4 | # Check if an SSID exists and delete it if it does.
 5 | # Change the wifinetwork variable to the name of your SSID.
 6 | # Turn Wi-Fi off and on in order to disconnect from the removed network.
 7 | #
 8 | 
 9 | wifiInterface=$(networksetup -listallhardwareports | /usr/bin/awk '/Wi-Fi|AirPort/ {getline; print $NF}')
10 | wifiNetwork="Contoso Inc"
11 | activeWiFiNetwork=$(networksetup -getairportnetwork $wifiInterface | cut -c 24-)
12 | searchResult=$(networksetup -listpreferredwirelessnetworks $wifiInterface | grep "$wifiNetwork")
13 | 
14 | # Search for it
15 | # Depending on your needs you may have nothing else to do, uncomment line 18 if so
16 | if [ "$searchResult" = "" ]; then
17 |     echo "No saved $wifiNetwork found"
18 | #    exit 0
19 | else
20 |     echo "$wifiNetwork found as a saved network. Removing.."
21 |     networksetup -removepreferredwirelessnetwork $wifiInterface "$wifiNetwork"
22 | fi
23 | 
24 | # Check active SSID
25 | if [ "$activeWiFiNetwork" != "$wifiNetwork" ]; then
26 |     echo "Not currently connected to $wifiNetwork"
27 |     exit 0
28 | else
29 |     echo "$wifiNetwork found as an active network, power cycling..."
30 | fi
31 | 
32 | # Power cycle Wi-Fi so network is disconnected
33 | networksetup -setairportpower $wifiInterface off
34 | sleep 0.5
35 | networksetup -setairportpower $wifiInterface on
36 | 


--------------------------------------------------------------------------------
/setDock.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/zsh --no-rcs
 2 | 
 3 | # Tested successfully on macOS Monterey and macOS Ventura
 4 | 
 5 | autoload is-at-least
 6 | installedOSversion=$(sw_vers -productVersion)
 7 | currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
 8 | uid=$(id -u "$currentUser")
 9 | 
10 | if is-at-least 13 "$installedOSversion"; then
11 |   settingsPath=/System/Applications/System\ Settings.app
12 |   else
13 |     settingsPath=/System/Applications/System\ Preferences.app
14 | fi
15 | 
16 | runAsUser() {  
17 |   if [ "$currentUser" != "loginwindow" ]; then
18 |     launchctl asuser "$uid" sudo -u "$currentUser" "$@"
19 |   else
20 |     echo "No user logged in, exiting."
21 |     exit 1
22 |   fi
23 | }
24 | 
25 | dock_item() {
26 |   printf '<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>%s</string><key>_CFURLStringType</key><integer>0</integer></dict></dict></dict>', "$1"
27 | }
28 | 
29 | runAsUser defaults delete com.apple.dock persistent-apps
30 | runAsUser defaults write com.apple.dock "show-recents" -bool "false"
31 | 
32 | runAsUser defaults write com.apple.dock persistent-apps -array \
33 |   "$(dock_item /System/Applications/Launchpad.app)" \
34 |   "$(dock_item /Applications/Google\ Chrome.app)" \
35 |   "$(dock_item /Applications/Slack.app)" \
36 |   "$(dock_item /Applications/zoom.us.app)" \
37 |   "$(dock_item "$settingsPath")"
38 | 
39 | killall Dock
40 | 
41 | exit 0
42 | 


--------------------------------------------------------------------------------
/swap_bonjour_forIP.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | #
 4 | # Let's get rid of a Bonjour printer and install at as IP
 5 | # We could check for the printer first with If but it's already 4PM
 6 | #
 7 | 
 8 | #Kill the Batman--I mean The Printer
 9 | lpadmin -x HP_X576dw__Floor_3_South_
10 | lpadmin -x HP_X476dw__Floor_3_North_
11 | 
12 | #Install it via IP and make sure printer sharing is not on
13 | lpadmin -p "HP-576dw-3-S" -D "HP X576dw (3 South)" -E -v lpd://192.168.60.53 -P "/Library/Printers/PPDs/Contents/Resources/HP Officejet Pro X476-X576 MFP.gz" -o printer-is-shared=false
14 | lpadmin -p "HP-476dw-3-N" -D "HP X476dw (3 North)" -E -v lpd://192.168.60.51 -P "/Library/Printers/PPDs/Contents/Resources/HP Officejet Pro X476-X576 MFP.gz" -o printer-is-shared=false
15 | 


--------------------------------------------------------------------------------
/waitForUser.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | # Bash/zsh snippet to wait until Setup Assistant is complete and the user is logged in 
 4 | 
 5 | waitForUser(){
 6 |     setupAssistantProcess=$(pgrep -l "Setup Assistant")
 7 |     until [ "$setupAssistantProcess" = "" ]; do
 8 |         echo "Setup Assistant Still Running. PID $setupAssistantProcess"
 9 |         sleep 1
10 |         setupAssistantProcess=$(pgrep -l "Setup Assistant")
11 |     done
12 |     echo "Out of Setup Assistant"
13 |     echo "Logged in user is $(scutil <<< "show State:/Users/ConsoleUser" | awk '/Name :/ { print $3 }')"
14 | 
15 |     finderProcess=$(pgrep -l "Finder")
16 |     until [ "$finderProcess" != "" ]; do
17 |     echo "Finder process not found. Assuming device is at login screen. PID $finderProcess"
18 |         sleep 1
19 |         finderProcess=$(pgrep -l "Finder")
20 |     done
21 |     echo "Finder is running"
22 |     echo "Logged in user is $(scutil <<< "show State:/Users/ConsoleUser" | awk '/Name :/ { print $3 }')"
23 | }
24 | 


--------------------------------------------------------------------------------