/
postinstall.in
executable file
·29 lines (25 loc) · 1.01 KB
/
postinstall.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
#!/bin/bash
set -e
user="@PRIVSEP_USER@"
group="@PRIVSEP_GROUP@"
dscl=/usr/bin/dscl
$dscl . -read "/Users/${user}" &> /dev/null || {
# We need to find a free UID/GID
uid=200
while $($dscl . -list /Users uid | grep -q "\b${uid}$") || \
$($dscl . -list /Users gid | grep -q "\b${uid}$"); do
uid=$((${uid} + 1))
done
$dscl . -create /Groups/${group}
$dscl . -create /Groups/${group} PrimaryGroupID ${uid}
$dscl . -create /Groups/${group} Password "*"
$dscl . -create /Groups/${group} RealName "lldpd privilege separation group"
$dscl . -create /Users/${user}
$dscl . -create /Users/${user} UserShell /usr/bin/false
$dscl . -create /Users/${user} NFSHomeDirectory /var/empty
$dscl . -create /Users/${user} PrimaryGroupID ${uid}
$dscl . -create /Users/${user} UniqueID ${uid}
$dscl . -create /Users/${user} Password "*"
$dscl . -create /Users/${user} RealName "lldpd privilege separation user"
}
/bin/launchctl load "/Library/LaunchDaemons/im.bernat.lldpd.plist"