Update to privileges

This commit is contained in:
Brian Zalewski 2023-12-07 06:23:25 +00:00
parent d583e35548
commit 86829ec36e

View file

@ -53,7 +53,26 @@ ensureFullDiskAccess() {
# * Ensures CloudFlare Teams certificate is imported into the system keychain # * Ensures CloudFlare Teams certificate is imported into the system keychain
importCloudFlareCert() { importCloudFlareCert() {
if [ -d /Applications ] && [ -d /System ] && [ -z "$HEADLESS_INSTALL" ]; then if [ -d /Applications ] && [ -d /System ] && [ -z "$HEADLESS_INSTALL" ]; then
logg info 'Importing Cloudflare_CA.crt into System.keychain' && sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" ### Acquire certificate
if [ ! -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" ]; then
logg info 'Downloading Cloudflare_CA.crt from https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt to determine if it is already in the System.keychain'
CRT_TMP="$(mktemp)"
curl -sSL https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt > "$CRT_TMP"
else
CRT_TMP="$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt"
fi
### Validate / import certificate
security verify-cert -c "$CRT_TMP" > /dev/null 2>&1
if [ $? != 0 ]; then
logg info '**macOS Manual Security Permission** Requesting security authorization for Cloudflare trusted certificate'
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$CRT_TMP" && logg success 'Successfully imported Cloudflare_CA.crt into System.keychain'
fi
### Remove temporary file, if necessary
if [ ! -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" ]; then
rm -f "$CRT_TMP"
fi
fi fi
} }