Created
August 27, 2024 00:26
-
-
Save ylluminate/ac95127d01afe04def6be1c94d683e81 to your computer and use it in GitHub Desktop.
Monterey Services Disabler to debloat or "un-Apple" macOS 12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env zsh | |
# Monterey_Services_Disabler.sh | |
# Purpose: Robustly disable potentially unnecessary services on macOS 12 Monterey (especially useful for virtual machine guests) | |
# Version: 1.6 | |
# CREDITS: Starting point credit to gopsmith: https://gist.github.com/gopsmith/bf4d3a8203cd0792c9f8702cc76c8525 | |
# Original idea and script disable.sh by pwnsdx https://gist.github.com/pwnsdx/d87b034c4c0210b988040ad2f85a68d3 | |
# Big Sur revision by b0gdanw https://gist.github.com/b0gdanw/40d000342dd1ba4d892ad0bdf03ae6ea | |
# | |
# INSTRUCTIONS: | |
# - If this is a virtual machine guest, make a snapshot first; if not, back up your system. I am not responsible for any problems and likely will not reply to comments here within a reasonble timeframe, if at all. | |
# - Turn off SIP (you can Kagi or however you web search for such info; eg, Parallels 19 which runs Monterey fine on older MacPro5,1 systems: https://kb.parallels.com/cn/116526). | |
# - Open iTerm / Terminal / your_favorite_terminal_app. | |
# - Create the script, eg: `nano ~/Monterey_Services_Disableer.sh` and paste in contents, save and exit. | |
# - `chmod +x Monterey_Services_Disableer.sh` | |
# - `sudo ./Monterey_Services_Disableer.sh` | |
# - Watch output and review log for any problems. | |
# | |
# | |
# IMPORTANT: Remember to have backed up or created a snapshot of a virtual machine before you run this. If you have troubles, try an AI since I will likely not reply here or will take a very long time to reply if at all. | |
# | |
# Global definitions | |
SCRIPT_NAME="Monterey_Services_Disableer" | |
LOG_FILE="${SCRIPT_NAME}.log" | |
# Initialize log file | |
echo "${SCRIPT_NAME}.sh - $(date)" > $LOG_FILE | |
# Function to log messages | |
log_message() { | |
echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" | tee -a $LOG_FILE | |
} | |
# Function to log errors | |
log_error() { | |
echo "$(date '+%Y-%m-%d %H:%M:%S') - ERROR: $1" | tee -a $LOG_FILE >&2 | |
} | |
# Check if script is run as root | |
if [[ $EUID -ne 0 ]]; then | |
log_error "This script must be run as root" | |
exit 1 | |
fi | |
# Function to disable a service | |
disable_service() { | |
local service_type=$1 | |
local service_name=$2 | |
log_message "Attempting to disable ${service_type} service: ${service_name}" | |
if sudo launchctl list | grep -q ${service_name}; then | |
sudo launchctl bootout ${service_type}/${service_name} 2>/dev/null | |
if [ $? -eq 0 ]; then | |
log_message "Successfully disabled ${service_name}" | |
else | |
log_error "Failed to disable ${service_name}" | |
fi | |
else | |
log_message "Service ${service_name} is not running" | |
fi | |
sudo launchctl disable ${service_type}/${service_name} 2>/dev/null | |
} | |
# Function to ensure a service is running | |
ensure_service_running() { | |
local service_type=$1 | |
local service_name=$2 | |
log_message "Checking ${service_type} service: ${service_name}" | |
if sudo launchctl list | grep -q ${service_name}; then | |
log_message "${service_name} is already running" | |
else | |
log_message "Attempting to start ${service_name}" | |
sudo launchctl enable ${service_type}/${service_name} 2>/dev/null | |
sudo launchctl bootstrap ${service_type} /System/Library/LaunchDaemons/${service_name}.plist 2>/dev/null | |
if sudo launchctl list | grep -q ${service_name}; then | |
log_message "${service_name} started successfully" | |
else | |
log_error "Failed to start ${service_name}" | |
fi | |
fi | |
} | |
# Arrays of services to disable | |
GUI_AGENTS=( | |
'com.apple.AMPArtworkAgent' | |
'com.apple.AMPDeviceDiscoveryAgent' | |
'com.apple.AMPLibraryAgent' | |
'com.apple.Spotlight' | |
'com.apple.cloudd' | |
'com.apple.cloudpaird' | |
'com.apple.CloudPhotosConfiguration' | |
'com.apple.coreservices.AppleIDAuthAgent' | |
'com.apple.findmymacmessenger' | |
'com.apple.iCloudUserNotifications' | |
'com.apple.imagent' | |
'com.apple.notificationcenterui' | |
'com.apple.Safari.SafeBrowsing.Service' | |
'com.apple.SafariCloudHistoryPushAgent' | |
'com.apple.security.CloudKeychainProxy' | |
'com.apple.SocialPushAgent' | |
'com.apple.touristd' | |
) | |
SYSTEM_DAEMONS=( | |
'com.apple.apsd' | |
'com.apple.AssetCacheLocatorService' | |
'com.apple.awacsd' | |
'com.apple.awdd' | |
'com.apple.CrashReporterSupportHelper' | |
'com.apple.FindMyMac' | |
'com.apple.icloud.findmydeviced' | |
'com.apple.preferences.timezone.auto' | |
'com.apple.siriknowledged' | |
'com.apple.softwareupdated' | |
'com.apple.spindump' | |
'com.apple.SubmitDiagInfo' | |
'com.apple.systemstats' | |
) | |
# Disable GUI agents | |
log_message "Disabling GUI agents..." | |
for agent in "${GUI_AGENTS[@]}"; do | |
disable_service "gui/501" "${agent}" | |
done | |
# Disable system daemons | |
log_message "Disabling system daemons..." | |
for daemon in "${SYSTEM_DAEMONS[@]}"; do | |
disable_service "system" "${daemon}" | |
done | |
# Disable Spotlight indexing | |
log_message "Disabling Spotlight indexing..." | |
sudo mdutil -a -i off 2>> $LOG_FILE | |
if [ $? -ne 0 ]; then | |
log_error "Failed to disable Spotlight indexing" | |
else | |
log_message "Successfully disabled Spotlight indexing" | |
fi | |
# Ensure essential networking services are running | |
log_message "Ensuring essential networking services are running..." | |
ESSENTIAL_SERVICES=( | |
"com.apple.mDNSResponder" | |
"com.apple.networkd" | |
"com.apple.configd" | |
) | |
for service in "${ESSENTIAL_SERVICES[@]}"; do | |
ensure_service_running "system" "${service}" | |
done | |
# Ensure remote access services are running | |
log_message "Ensuring remote access services are running..." | |
REMOTE_SERVICES=( | |
"com.apple.RemoteDesktop" | |
"com.apple.screensharing" | |
"com.apple.ssh.sshd" | |
) | |
for service in "${REMOTE_SERVICES[@]}"; do | |
ensure_service_running "system" "${service}" | |
done | |
# Jump Desktop is awesome, I check it here: Jump Desktop Connect service | |
log_message "Checking Jump Desktop Connect service..." | |
if pgrep -f "/Applications/Jump Desktop Connect.app/Contents/MacOS/JumpConnect --service" > /dev/null; then | |
log_message "Jump Desktop Connect service is running" | |
else | |
log_error "Jump Desktop Connect service is not running. Attempting to start it." | |
sudo launchctl load -w /Library/LaunchDaemons/com.p5sys.jump.connect.service.plist | |
sleep 2 | |
if pgrep -f "/Applications/Jump Desktop Connect.app/Contents/MacOS/JumpConnect --service" > /dev/null; then | |
log_message "Successfully started Jump Desktop Connect service" | |
else | |
log_error "Failed to start Jump Desktop Connect service. You may need to start it manually." | |
fi | |
fi | |
# Create a function to reverse the changes - THIS HAS NOT BEEN TESTED | |
create_reverse_script() { | |
cat << EOF > reverse_${SCRIPT_NAME}.sh | |
#!/bin/zsh | |
# Initialize log file | |
REVERSE_LOG_FILE="reverse_${LOG_FILE}" | |
echo "reverse_${SCRIPT_NAME}.sh - \$(date)" > \$REVERSE_LOG_FILE | |
# Function to log messages | |
log_message() { | |
echo "\$(date '+%Y-%m-%d %H:%M:%S') - \$1" | tee -a \$REVERSE_LOG_FILE | |
} | |
# Function to log errors | |
log_error() { | |
echo "\$(date '+%Y-%m-%d %H:%M:%S') - ERROR: \$1" | tee -a \$REVERSE_LOG_FILE >&2 | |
} | |
# Check if script is run as root | |
if [[ \$EUID -ne 0 ]]; then | |
log_error "This script must be run as root" | |
exit 1 | |
fi | |
# Function to enable a service | |
enable_service() { | |
local service_type=\$1 | |
local service_name=\$2 | |
log_message "Enabling \${service_type} service: \${service_name}" | |
sudo launchctl enable \${service_type}/\${service_name} | |
sudo launchctl bootstrap \${service_type} /System/Library/LaunchDaemons/\${service_name}.plist 2>/dev/null | |
if [ \$? -eq 0 ]; then | |
log_message "Successfully enabled \${service_name}" | |
else | |
log_error "Failed to enable \${service_name}" | |
fi | |
} | |
# Re-enable GUI agents | |
log_message "Re-enabling GUI agents..." | |
for agent in "${GUI_AGENTS[@]}"; do | |
enable_service "gui/501" "\${agent}" | |
done | |
# Re-enable system daemons | |
log_message "Re-enabling system daemons..." | |
for daemon in "${SYSTEM_DAEMONS[@]}"; do | |
enable_service "system" "\${daemon}" | |
done | |
# Re-enable Spotlight indexing | |
log_message "Re-enabling Spotlight indexing..." | |
sudo mdutil -a -i on 2>> \$REVERSE_LOG_FILE | |
if [ \$? -ne 0 ]; then | |
log_error "Failed to re-enable Spotlight indexing" | |
else | |
log_message "Successfully re-enabled Spotlight indexing" | |
fi | |
log_message "All changes have been reversed." | |
log_message "Check \$REVERSE_LOG_FILE for detailed logs." | |
EOF | |
chmod +x reverse_${SCRIPT_NAME}.sh | |
log_message "Created reverse_${SCRIPT_NAME}.sh to undo the changes made by this script." | |
} | |
create_reverse_script | |
log_message "Service disabling complete. A reverse script has been created." | |
log_message "To reverse changes, run 'sudo ./reverse_${SCRIPT_NAME}.sh'" | |
log_message "Check $LOG_FILE for detailed logs." | |
# Collect system information for diagnostics | |
log_message "Collecting system information for diagnostics..." | |
{ | |
echo "System Information:" | |
sw_vers | |
echo "Kernel Version:" | |
uname -a | |
echo "Enabled LaunchAgents and LaunchDaemons:" | |
sudo launchctl list | |
echo "Network Interfaces:" | |
ifconfig | |
echo "Active Network Services:" | |
networksetup -listallnetworkservices | |
echo "Jump Desktop Connect Service Status:" | |
ps aux | grep -i "JumpConnect --service" | |
} >> $LOG_FILE | |
log_message "Script execution completed. Please check $LOG_FILE for full details and any error messages." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Observation of results for before and after on macOS 12.7.5:
Used this to average samples over 10 minutes (measured every 5 seconds):
Before and with
Terminal.app
"only" running:After disabler applied and then with a reboot and with
Terminal.app
"only" running:Perhaps not a "huge" boost by today's standards, but it's pretty big in my opinion and in the context of an always-on virtual machine.
The disabling can be pressed further if desired, by adding:
And you can disable or remove all of the Widgets: