bruienne

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>items</key>
	<array>
		<dict>
			<key>assets</key>
			<array>
				<dict>

bruienne

#!/bin/bash

sessions=$(last | grep "still logged in" | wc -l)

if [[ $(pgrep -f ".*sharedsystemlogout.*" | wc -l) -eq 0 ]]; then
  if [[ $sessions -eq 0 ]]; then
    ls /Users | grep -v Shared | while read f;
    do
      THISHOME="/Users/${f}"
      echo "INFO - No users logged in, reaping ${THISHOME}" >> /var/log/sharedsystemcleaner.log

bruienne

#!/usr/bin/python
# Requires passlib: pip install passlib

from passlib.hash import pbkdf2_sha512
from passlib.util import ab64_decode
from biplist import *

# Checksum size must be 128 bytes for use as OS X password hash!
pbkdf2_sha512.checksum_size = 128
hash = pbkdf2_sha512.encrypt("password", rounds=38000, salt_size=32)

bruienne

#!/usr/bin/env python
# encoding: utf-8
#
# Copyright 2014 - The Regents of the University of Michigan.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0

bruienne

#!/bin/sh

KERNEL="/path/to/vmlinuz64"
INITRD="/path/to/initrd.img"
#CMDLINE="earlyprintk=serial console=ttyS0 acpi=off"
CMDLINE="loglevel=3 user=docker console=ttyS0 console=tty0 noembed nomodeset norestore waitusb=10:LABEL=boot2docker-data base"

MEM="-m 1G"
#SMP="-c 2"
NET="-s 2:0,virtio-net,en0"

bruienne

#!/usr/bin/env python

import subprocess
import plistlib
import sys

# Our read and write commands to the authorizationdb
readcmd = ['/usr/bin/security', 'authorizationdb', 'read', 'system.login.console']
writecmd = ['/usr/bin/security', 'authorizationdb', 'write', 'system.login.console']

bruienne

# Allow trusted addresses to get to SSH and Apple remote desktop.

# Ports filtered - add more ports to allow more services as needed
# 22/tcp: ssh
# 3283/tcp: Apple Remote Desktop
# 3283/udp: Apple Remote Desktop
# 5900/tcp: Apple Remote Desktop/VNC
incoming_services_tcp = "{ 22, 3283, 5900 }"
incoming_services_udp = "{ 3283 }"

bruienne

sudo /usr/libexec/PlistBuddy -x -c 'Print :ShadowHashData' /var/db/dslocal/nodes/Default/users/root.plist | awk '/\t[^\<]/{print $1}' | base64 -D | plutil -convert xml1 -o - -- - | python -c 'import plistlib; import sys; plist = plistlib.readPlistFromString(sys.stdin.read()); print plist["SALTED-SHA512-PBKDF2"]["iterations"]'

bruienne

#!/usr/bin/python
# modify_basesystem_dmg.py
#
# Adds additional frameworks to BaseSystem.dmg - Python is default
# Modify cpioextract() and xar_source to change what is extracted,
# and from what OS X installer PKG.
#
# To invoke:
#
# ./modify_basesystem_dmg.py /path/to/InstallESD.dmg

bruienne

# To run, provide the path to a signed profile at the command line:
# ./unsignprofile.py SignedProfile.mobileconfig

from M2Crypto import SMIME, X509, m2, BIO
from plistlib import *
import sys
import logging

# Can be any file probably since we're not verifying.
certstore_path = "/etc/ssl/certs/ca-certificates.crt"