This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/zsh | |
TARGET=$1 | |
# to be used as an egrep pattern | |
SYMS='getprogname|NSGetArgv|NSGetArgc|optarg|optind|getopt|getopt_long' | |
sudo find ${TARGET} -type f -perm +111 \! -name "*.dylib" | \ | |
while read f ; do | |
sudo nm -u ${f} 2> /dev/null | \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
To prevent unintended installations, profiles containing certain payloads (specifically com.apple.Safari) will require a manual verification even when running as root. | |
Example: | |
sudo profiles install -path ~/Desktop/safari.mobileconfig | |
Enter the admin user name: | |
sudo profiles -IvF ~/Desktop/safari.mobileconfig | |
profiles: verbose mode ON | |
profiles install profile ~/Desktop/safari.mobileconfig for user: (null) | |
Enter the admin user name: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
<plist version="1.0"> | |
<dict> | |
<key>PayloadContent</key> | |
<array> | |
<dict> | |
<key>AllowUserOverrides</key> | |
<true/> | |
<key>AllowedTeamIdentifiers</key> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Updated to reflect changes introduced with 10.13.4. Update to 10.13.4 if needed before attempting to make | |
SecureToken-related changes. ### | |
sysadminctl is a tool Apple introduced in 10.10 for working with system user accounts. In 10.13, sysadminctl is Apple's | |
recommended tool for working with user accounts in the CLI, replacing functionality that has long been provided by dscl | |
and adds new features available only in 10.13. sysadminctl can be used to change user passwords, create new users or | |
check the status of a new-to-10.13 security feature named SecureToken. | |
SecureToken is a non-visible APFS file system attribute, unlike the SIP protected flag or file creation date, that triggers | |
the creation of a new AuthenticationAuthority entry in a user's local account record |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bash-3.2$ /Applications/Install\ macOS\ Sierra.app/Contents/Resources/startosinstall --usage | |
Usage: startosinstall --applicationpath <install macOS.app path> | |
Arguments | |
--applicationpath, a path to copy of the OS installer application to start the install with. | |
--license, prints the user license agreement only. | |
--agreetolicense, agree to license the license you printed with --license. | |
--rebootdelay, how long to delay the reboot at the end of preparing. This delay is in seconds and has a maximum of 300 (5 minutes). | |
--pidtosignal, Specify a PID to which to send SIGUSR1 upon completion of the prepare phase. To bypass "rebootdelay" send SIGUSR1 back to startosinstall. | |
--usage, prints this message. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
<plist version="1.0"> | |
<dict> | |
<key>autoremove</key> | |
<false/> | |
<key>catalogs</key> | |
<array> | |
<string>production</string> | |
</array> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
import os | |
import sys | |
from CoreFoundation import (CFPreferencesAppValueIsForced, | |
CFPreferencesCopyAppValue, | |
CFPreferencesCopyValue, | |
kCFPreferencesAnyUser, | |
kCFPreferencesAnyHost, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## REMOVE FIRST CHARACTER FROM STRING | |
sed '/^.//' | |
== Example == | |
$ echo "foo" | sed 's/^.//' | |
oo | |
____________________________________________________________________ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# pylint: disable=E0611, E1101, E0602 | |
''''Fix 802.1x When Using Config Profiles and PEAP-MSCHAPV2 or EAP-TLS''' | |
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # | |
# | |
# This script will find the system profile that is attached to one ethernet | |
# interface from our configuration profile and then copy it to all other | |
# ethernet interfaces so that other ethernet interfaces can be used instead | |
# of just the FirstActiveEthernet at time of profile installation. This issue | |
# is still an issue as of 10.12.3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# pylint: disable=C0103, W0612, E1101, E0602, E0611 | |
# pylint: disable=W0101, W0110, W0141 | |
''''Fix 802.1x When Using Config Profiles and EAP-TLS''' | |
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # | |
# | |
# This script will determine the profile ID that was used when | |
# installing the 802.1x Ethernet Identity preference and make | |
# a copy of the keychain entry to be used as a user identity preference | |
# so that any Ethernet can be used when a user is logged in. As of 10.12.3 |
NewerOlder