From 52be2d67628ae34c6d382deaa5687411f8f47e26 Mon Sep 17 00:00:00 2001 From: Brian Zalewski <59970525+ProfessorManhattan@users.noreply.github.com> Date: Mon, 27 Nov 2023 06:46:35 +0000 Subject: [PATCH] Suppress macOS permission fallback code --- .../run_before_01-system-homebrew.sh.tmpl | 19 ++++++++----------- .../run_onchange_after_28-privoxy.sh.tmpl | 2 +- ..._onchange_after_45-default-browser.sh.tmpl | 2 +- .../run_onchange_after_50-rclone.sh.tmpl | 6 +++--- .../run_onchange_after_51-samba.sh.tmpl | 12 ++++++------ .../run_onchange_after_57-netdata.sh.tmpl | 10 +++++----- home/Library/Scripts/default-browser.scpt | 14 ++++++++++++++ home/dot_local/bin/executable_rclone-mount | 6 +++++- 8 files changed, 43 insertions(+), 28 deletions(-) create mode 100644 home/Library/Scripts/default-browser.scpt diff --git a/home/.chezmoiscripts/universal/run_before_01-system-homebrew.sh.tmpl b/home/.chezmoiscripts/universal/run_before_01-system-homebrew.sh.tmpl index 94456f9d..33b5be3b 100644 --- a/home/.chezmoiscripts/universal/run_before_01-system-homebrew.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_before_01-system-homebrew.sh.tmpl @@ -56,17 +56,14 @@ if [ -d /Applications ] && [ -d /Library ] && [ -z "$NO_RESTART" ]; then if ! cat "$HOME/.zshrc" | grep '# TEMPORARY FOR INSTALL DOCTOR MACOS' > /dev/null; then echo 'bash <(curl -sSL https://install.doctor/start) # TEMPORARY FOR INSTALL DOCTOR MACOS' >> "$HOME/.zshrc" fi - # TODO - Section below attempts to add timeout to macOS softwareupdate command but is failing to prompt for password (which is required even with /etc/sudoers set up - # if command -v gtimeout > /dev/null; then - # logg info 'Ensuring system software is upgraded (timing out after 50 minutes if system upgrade fails)' - # gtimeout 3000 sudo softwareupdate -i -a -R || logg warn 'The system update command timed out after 50 minutes' - # else - # # If gtimeout is unavailable, then attempt system upgrade without a timeout (which usually works on fresh systems) - # logg info 'Applying OS upgrades (if available)' - # sudo softwareupdate -i -a -R || logg error 'Failed to perform a system update via sudo softwareupdate -i -a -R' - # fi - logg info 'Applying OS upgrades (if available)' - sudo softwareupdate -i -a -R || logg error 'Failed to perform a system update via sudo softwareupdate -i -a -R' + if command -v gtimeout > /dev/null; then + logg info 'Ensuring system software is upgraded (timing out after 50 minutes if system upgrade fails)' + sudo gtimeout 3000 softwareupdate -i -a -R || logg warn 'The system update command timed out after 50 minutes' + else + # If gtimeout is unavailable, then attempt system upgrade without a timeout (which usually works on fresh systems) + logg info 'Applying OS upgrades (if available)' + sudo softwareupdate -i -a -R || logg error 'Failed to perform a system update via sudo softwareupdate -i -a -R' + fi logg info 'If system updates were downloaded / installed, a reboot might be required.' if command -v gsed > /dev/null; then sudo gsed -i '/# TEMPORARY FOR INSTALL DOCTOR MACOS/d' "$HOME/.zshrc" || logg warn "Failed to remove kickstart script from .zshrc" diff --git a/home/.chezmoiscripts/universal/run_onchange_after_28-privoxy.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_28-privoxy.sh.tmpl index fb45fb08..16955673 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_28-privoxy.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_28-privoxy.sh.tmpl @@ -43,7 +43,7 @@ if command -v privoxy > /dev/null; then if command -v add-user > /dev/null; then sudo add-user privoxy fi - sudo chown privoxy:privoxy "$PRIVOXY_CONFIG" || sudo chown privoxy:$(id -g -n) "$PRIVOXY_CONFIG" + sudo chown privoxy:privoxy "$PRIVOXY_CONFIG" 2> /dev/null || sudo chown privoxy:$(id -g -n) "$PRIVOXY_CONFIG" # @description Restart Privoxy after configuration is applied if [ -d /Applications ] && [ -d /System ]; then diff --git a/home/.chezmoiscripts/universal/run_onchange_after_45-default-browser.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_45-default-browser.sh.tmpl index ff6d26ae..98efb0e0 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_45-default-browser.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_45-default-browser.sh.tmpl @@ -22,7 +22,7 @@ if [ -d /Applications ] && [ -d /System ]; then brew install defaultbrowser fi logg info "Setting default browser to {{ .user.defaultBrowserDarwin }}" - defaultbrowser "{{ .user.defaultBrowserDarwin }}" + osascript "$HOME/Library/Scripts/default-browser.scpt" "{{ .user.defaultBrowserDarwin }}" else logg info 'Setting default browser for text/html to {{ .user.defaultBrowser }}' xdg-mime default {{ .user.defaultBrowser }}.desktop text/html diff --git a/home/.chezmoiscripts/universal/run_onchange_after_50-rclone.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_50-rclone.sh.tmpl index 8f33b982..0e7f499c 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_50-rclone.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_50-rclone.sh.tmpl @@ -85,12 +85,12 @@ EOT if command -v add-user > /dev/null; then sudo add-user rclone fi - sudo chown -Rf rclone:rclone /var/cache/rclone || sudo chown -Rf rclone:$(id -g -n) /var/cache/rclone + sudo chown -Rf rclone:rclone /var/cache/rclone 2> /dev/null || sudo chown -Rf rclone:$(id -g -n) /var/cache/rclone logg info 'Ensuring /var/log/rclone exists' sudo mkdir -p /var/log/rclone sudo chmod 770 /var/log/rclone - sudo chown -Rf rclone:rclone /var/log/rclone || sudo chown -Rf rclone:$(id -g -n) /var/log/rclone + sudo chown -Rf rclone:rclone /var/log/rclone 2> /dev/null || sudo chown -Rf rclone:$(id -g -n) /var/log/rclone logg info 'Adding ~/.local/bin/rclone-mount to /usr/local/bin' sudo cp -f "$HOME/.local/bin/rclone-mount" /usr/local/bin/rclone-mount @@ -117,7 +117,7 @@ EOT logg info "Ensuring /mnt/$SERVICE_ID is created with proper permissions" sudo mkdir -p "/mnt/$SERVICE_ID" sudo chmod 770 "/mnt/$SERVICE_ID" - sudo chown -Rf rclone:rclone "/mnt/$SERVICE_ID" || sudo chown -Rf rclone:$(id -g -n) "/mnt/$SERVICE_ID" + sudo chown -Rf rclone:rclone "/mnt/$SERVICE_ID" 2> /dev/null || sudo chown -Rf rclone:$(id -g -n) "/mnt/$SERVICE_ID" ### Enable / restart the service logg info "Enabling / restarting the $SERVICE_ID S3 service" diff --git a/home/.chezmoiscripts/universal/run_onchange_after_51-samba.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_51-samba.sh.tmpl index b6f27635..d8ad75ae 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_51-samba.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_51-samba.sh.tmpl @@ -76,17 +76,17 @@ if command -v smbd > /dev/null; then logg info "Ensuring $PRIVATE_SHARE is created" sudo mkdir -p "$PRIVATE_SHARE" sudo chmod 770 "$PRIVATE_SHARE" - sudo chown -Rf rclone:rclone "$PRIVATE_SHARE" || sudo chown -Rf rclone:$(id -g -n) "$PRIVATE_SHARE" + sudo chown -Rf rclone:rclone "$PRIVATE_SHARE" 2> /dev/null || sudo chown -Rf rclone:$(id -g -n) "$PRIVATE_SHARE" logg info "Ensuring $PUBLIC_SHARE is created" sudo mkdir -p "$PUBLIC_SHARE" sudo chmod 775 "$PUBLIC_SHARE" - sudo chown -Rf rclone:rclone "$PUBLIC_SHARE" || sudo chown -Rf rclone:$(id -g -n) "$PUBLIC_SHARE" + sudo chown -Rf rclone:rclone "$PUBLIC_SHARE" 2> /dev/null || sudo chown -Rf rclone:$(id -g -n) "$PUBLIC_SHARE" logg info "Ensuring $HOME/Public is created" mkdir -p "$HOME/Public" chmod 775 "$HOME/Public" - chown -Rf {{ .user.username }}:{{ .user.username }} "$HOME/Public" || chown -Rf {{ .user.username }}:$(id -g -n) "$HOME/Public" + chown -Rf {{ .user.username }}:{{ .user.username }} "$HOME/Public" 2> /dev/null || chown -Rf {{ .user.username }}:$(id -g -n) "$HOME/Public" sudo sharing -a "$PRIVATE_SHARE" -S "Private (System)" -n "Private (System)" -g 000 -s 001 -E 1 -R 1 && logg success "Configured $PRIVATE_SHARE as a private Samba share" || logg info 'sharing command failed - it is likely that the share was already set up' sudo sharing -a "$PUBLIC_SHARE" -S "Public (System)" -n "Public (System)" -g 001 -s 001 -E 1 -R 0 && logg success "Configured $PUBLIC_SHARE as a public Samba share" || logg info 'sharing command failed - it is likely that the share was already set up' @@ -97,17 +97,17 @@ if command -v smbd > /dev/null; then logg info "Ensuring $PRIVATE_SHARE is created" sudo mkdir -p "$PRIVATE_SHARE" sudo chmod 770 "$PRIVATE_SHARE" - sudo chown -Rf rclone:rclone "$PRIVATE_SHARE" || sudo chown -Rf rclone:$(id -g -n) "$PRIVATE_SHARE" + sudo chown -Rf rclone:rclone "$PRIVATE_SHARE" logg info "Ensuring $PUBLIC_SHARE is created" sudo mkdir -p "$PUBLIC_SHARE" sudo chmod 775 "$PUBLIC_SHARE" - sudo chown -Rf rclone:rclone "$PUBLIC_SHARE" || sudo chown -Rf rclone:$(id -g -n) "$PUBLIC_SHARE" + sudo chown -Rf rclone:rclone "$PUBLIC_SHARE" logg info "Ensuring $HOME/Public is created" mkdir -p "$HOME/Public" chmod 775 "$HOME/Public" - chown -Rf {{ .user.username }}:rclone "$HOME/Public" || chown -Rf {{ .user.username }}:$(id -g -n) "$HOME/Public" + chown -Rf {{ .user.username }}:rclone "$HOME/Public" logg info "Copying Samba server configuration to /etc/samba/smb.conf" sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/samba/config" "/etc/samba/smb.conf" diff --git a/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl index e33098a4..855cb708 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl @@ -17,13 +17,13 @@ ensureNetdataOwnership() { ### Ensure /usr/local/var/lib/netdata/cloud.d is owned by user if [ -d /usr/local/var/lib/netdata ]; then logg info 'Ensuring permissions are correct on /usr/local/var/lib/netdata' - sudo chown -Rf netdata:netdata /usr/local/var/lib/netdata || sudo chown -Rf netdata:$(id -g -n) /usr/local/var/lib/netdata + sudo chown -Rf netdata:netdata /usr/local/var/lib/netdata 2> /dev/null || sudo chown -Rf netdata:$(id -g -n) /usr/local/var/lib/netdata elif [ -d /var/lib/netdata ]; then logg info 'Ensuring permissions are correct on /var/lib/netdata' - sudo chown -Rf netdata:netdata /var/lib/netdata || sudo chown -Rf netdata:$(id -g -n) /var/lib/netdata - elif [ -d "$HOMEBREW_PREFIX/var/lib/netdata" ]; then - logg info "Ensuring permissions are correct on $HOMEBREW_PREFIX/var/lib/netdata" - sudo chown -Rf netdata:netdata "$HOMEBREW_PREFIX/var/lib/netdata" || sudo chown -Rf netdata:$(id -g -n) "$HOMEBREW_PREFIX/var/lib/netdata" + sudo chown -Rf netdata:netdata /var/lib/netdata 2> /dev/null || sudo chown -Rf netdata:$(id -g -n) /var/lib/netdata + elif [ -d "${HOMEBREW_PREFIX:-/opt/homebrew}/var/lib/netdata" ]; then + logg info "Ensuring permissions are correct on ${HOMEBREW_PREFIX:-/opt/homebrew}/var/lib/netdata" + sudo chown -Rf netdata:netdata "${HOMEBREW_PREFIX:-/opt/homebrew}/var/lib/netdata" 2> /dev/null || sudo chown -Rf netdata:$(id -g -n) "${HOMEBREW_PREFIX:-/opt/homebrew}/var/lib/netdata" else logg warn 'No /var/lib/netdata folder found' fi diff --git a/home/Library/Scripts/default-browser.scpt b/home/Library/Scripts/default-browser.scpt new file mode 100644 index 00000000..38d045f8 --- /dev/null +++ b/home/Library/Scripts/default-browser.scpt @@ -0,0 +1,14 @@ +on run argv + do shell script "defaultbrowser " & item 1 of argv + try + tell application "System Events" + tell application process "CoreServicesUIAgent" + tell window 1 + tell (first button whose name starts with "use") + perform action "AXPress" + end tell + end tell + end tell + end tell + end try +end run \ No newline at end of file diff --git a/home/dot_local/bin/executable_rclone-mount b/home/dot_local/bin/executable_rclone-mount index 30074f72..7008f4e4 100644 --- a/home/dot_local/bin/executable_rclone-mount +++ b/home/dot_local/bin/executable_rclone-mount @@ -44,7 +44,11 @@ for FOLDER in "$CACHE_FOLDER" "$CONFIG_FOLDER" "$LOG_FOLDER" "$MOUNT_PATH"; do if [ ! -d "$FOLDER" ]; then sudo mkdir -p "$FOLDER" || echo "ERROR: Need permissions for $FOLDER" sudo chmod 755 "$FOLDER" - sudo chown -Rf rclone:rclone "$FOLDER" || sudo chown -Rf rclone:$(id -g -n) "$FOLDER" + if command -v own > /dev/null; then + sudo own "$FOLDER" + else + sudo chown -Rf rclone:rclone "$FOLDER" 2> /dev/null || sudo chown -Rf rclone:$(id -g -n) "$FOLDER" + fi fi done