Update to privileges
This commit is contained in:
parent
d583e35548
commit
86829ec36e
1 changed files with 20 additions and 1 deletions
|
@ -53,7 +53,26 @@ ensureFullDiskAccess() {
|
||||||
# * Ensures CloudFlare Teams certificate is imported into the system keychain
|
# * Ensures CloudFlare Teams certificate is imported into the system keychain
|
||||||
importCloudFlareCert() {
|
importCloudFlareCert() {
|
||||||
if [ -d /Applications ] && [ -d /System ] && [ -z "$HEADLESS_INSTALL" ]; then
|
if [ -d /Applications ] && [ -d /System ] && [ -z "$HEADLESS_INSTALL" ]; then
|
||||||
logg info 'Importing Cloudflare_CA.crt into System.keychain' && sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt"
|
### Acquire certificate
|
||||||
|
if [ ! -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" ]; then
|
||||||
|
logg info 'Downloading Cloudflare_CA.crt from https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt to determine if it is already in the System.keychain'
|
||||||
|
CRT_TMP="$(mktemp)"
|
||||||
|
curl -sSL https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt > "$CRT_TMP"
|
||||||
|
else
|
||||||
|
CRT_TMP="$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt"
|
||||||
|
fi
|
||||||
|
|
||||||
|
### Validate / import certificate
|
||||||
|
security verify-cert -c "$CRT_TMP" > /dev/null 2>&1
|
||||||
|
if [ $? != 0 ]; then
|
||||||
|
logg info '**macOS Manual Security Permission** Requesting security authorization for Cloudflare trusted certificate'
|
||||||
|
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$CRT_TMP" && logg success 'Successfully imported Cloudflare_CA.crt into System.keychain'
|
||||||
|
fi
|
||||||
|
|
||||||
|
### Remove temporary file, if necessary
|
||||||
|
if [ ! -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" ]; then
|
||||||
|
rm -f "$CRT_TMP"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue