In your command-line run the following commands:
brew doctor
brew update
sysadminctl is a tool Apple introduced in 10.10 for working with system user accounts. In 10.13, | |
sysadminctl is Apple's recommended tool for working with user accounts in the CLI, replacing functionality | |
that has long been provided by dscl and adds new features available only in 10.13. | |
sysadminctl can be used to change user passwords, create new users (including automatically provisioning | |
the user home folder) or check the status of a new-to-10.13 security feature named SecureToken. | |
SecureToken is a user attribute like password type or user home location. SecureToken is not publicly | |
documented by Apple so it is not possible to provide a full technical description, but in practice one | |
needs only to know if a user has SecureToken or not. Having SecureToken set signifies that a user can | |
unlock a FileVault-encrypted volume. Without the SecureToken bit on a user account, that user will not |
In your command-line run the following commands:
brew doctor
brew update
This gist gives you the commands and config necessary to quickly and safely: | |
- Create a Root Certififacte Authority (valid until the year ~2045 and whose key is meant to be stored somewhere secure and hard to get at e.g. on USB key in an off-prem vault) | |
- Create an intermediate sub-root certificate authority (which is used for day to day signing of end-entity certs) | |
- Create an end-entity cert (e.g. for securing nginx/apache) | |
For more background, see: https://developers.yubico.com/PIV/Guides/Certificate_authority.html | |
We're going to generate a key per project which includes multiple fully qualified domains. This key can be checked into the project repo as it's intended for local development but never used on production servers.
Save ssl.conf
to your my_project
directory.
Open ssl.conf
in a text editor.
Edit the domain(s) listed under the [alt_names]
section so that they match the local domain name you want to use for your project, e.g.
#!/bin/bash | |
# relaunch with sudo if we aren't root | |
if [[ $EUID -ne 0 ]]; then | |
echo "$0: relaunching as sudo $0 $1 $USER" | |
sudo "$0" $1 $USER | |
exit $? | |
fi | |
real_user=$USER |
********* RemoveSymantecMacFiles.command 7.0.49 ********* | |
WARNING: This script will remove all files and folders created by Symantec | |
Mac OS X products (LiveUpdate Administration Utility files) and | |
any files within those folders. Therefore, you will lose ALL files | |
that reside in those folders, including any that you have created. | |
Usage: RemoveSymantecMacFiles.command [-CcdeFfghIikLlmpQqRrV] [-QQ] [-re] [volume ...] | |
Summary: If no option or volume is specified, then all Symantec files are |
#!/bin/sh | |
# Determines who is logged in and then kills SEP and relaunches sans reboot. | |
# Get logged in user from /dev/console | |
loggedInUser=`ls -l /dev/console | awk '{ print $3 }'` | |
if [ "$loggedInUser" != "admin" ] | |
then | |
launchctl unload /Library/LaunchDaemons/com.symantec.Sched501-1.plist |
#!/usr/bin/env bash | |
# relaunch with sudo if we aren't root | |
if [[ $EUID -ne 0 ]]; then | |
echo "$0: relaunching as sudo $0 $1 $USER" | |
sudo "$0" $1 $USER | |
exit $? | |
fi | |
real_user=$USER |
#!/usr/bin/env bash | |
## NOTE! OpenConnect is now on Version 8, and this is only for historical use | |
## See https://gist.github.com/darrenpmeyer/1a56d0d4817352998fe9d7cfe5a79684 for new script | |
oc_ver="7.08" | |
echo "Autobuild OpenConnect $oc_ver" | |
echo " " | |
echo "This script uses apt-get and make install via sudo rights" | |
echo "To simplify this, we're going to use sudo -v to pre-authenticate you" |