Latest
This commit is contained in:
parent
a7ce2c3297
commit
e409616ed5
10 changed files with 59 additions and 10 deletions
3
docs/terminal/full-disk-access.md
Normal file
3
docs/terminal/full-disk-access.md
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
# Full Disk Access
|
||||||
|
|
||||||
|
This script requires full disk access. Please grant the current Terminal application full disk access before proceeding.
|
|
@ -1006,6 +1006,7 @@ softwareGroups:
|
||||||
- htop
|
- htop
|
||||||
- ipmitool
|
- ipmitool
|
||||||
- iproute2mac
|
- iproute2mac
|
||||||
|
- macprefs
|
||||||
- masscan
|
- masscan
|
||||||
- prefsniff
|
- prefsniff
|
||||||
- pulumi
|
- pulumi
|
||||||
|
|
|
@ -0,0 +1,40 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
# @file Ensure Terminal Permissions
|
||||||
|
# @brief Ensures the macOS terminal used for the provisioning process has full disk access permissions
|
||||||
|
# @description
|
||||||
|
# This script ensures the terminal running the provisioning process has full disk access permissions. It also
|
||||||
|
# prints information regarding the process of how to enable the permission as well as information related to
|
||||||
|
# the specific reasons that the terminal needs full disk access. More specifically, the scripts need full
|
||||||
|
# disk access to modify various system files and permissions.
|
||||||
|
#
|
||||||
|
# ## Sources
|
||||||
|
#
|
||||||
|
# * [Detecting Full Disk Access permission on macOS](https://www.dzombak.com/blog/2021/11/macOS-Scripting-How-to-tell-if-the-Terminal-app-has-Full-Disk-Access.html)
|
||||||
|
|
||||||
|
{{ includeTemplate "universal/profile-before" }}
|
||||||
|
{{ includeTemplate "universal/logg-before" }}
|
||||||
|
|
||||||
|
# @description Prints information describing why full disk access is required for the script to run on macOS.
|
||||||
|
printFullDiskAccessNotice() {
|
||||||
|
if [ -d /Applications ] && [ -d /System ]; then
|
||||||
|
logg md "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/docs/terminal/full-disk-access.md"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# @description Ensures the terminal running the provisioning process script has full disk access on macOS. It does this
|
||||||
|
# by attempting to read a file that requires full disk access. If it does not, the program opens the preferences
|
||||||
|
# pane where the user can grant access so that the script can continue.
|
||||||
|
ensureFullDiskAccess() {
|
||||||
|
if [ -d /Applications ] && [ -d /System ]; then
|
||||||
|
if ! plutil -lint /Library/Preferences/com.apple.TimeMachine.plist > /dev/null ; then
|
||||||
|
logg star 'Opening Full Disk Access preference pane.. Grant full-disk access for the terminal you would like to run the provisioning process with.' && open "x-apple.systempreferences:com.apple.preference.security?Privacy_AllFiles"
|
||||||
|
logg prompt 'Press ENTER to check for Full Disk Access again' && read -rsn
|
||||||
|
ensureFullDiskAccess
|
||||||
|
else
|
||||||
|
logg success 'Current terminal has full disk access'
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
printFullDiskAccessNotice
|
||||||
|
ensureFullDiskAccess
|
|
@ -62,7 +62,7 @@
|
||||||
[credential]
|
[credential]
|
||||||
helper = cache --timeout=3600
|
helper = cache --timeout=3600
|
||||||
credentialStore = {{ if eq .host.distro.id "darwin" }}keychain{{ else }}{{ if eq .host.distro.id "windows" }}wincredman{{ else }}secretservice{{ end }}{{ end }}
|
credentialStore = {{ if eq .host.distro.id "darwin" }}keychain{{ else }}{{ if eq .host.distro.id "windows" }}wincredman{{ else }}secretservice{{ end }}{{ end }}
|
||||||
{{ if (lookPath "asdf") -}}
|
{{ if (lookPath "gh") -}}
|
||||||
[credential "https://github.com"]
|
[credential "https://github.com"]
|
||||||
helper = !{{- output "which" "gh" | trim }} auth git-credential
|
helper = !{{- output "which" "gh" | trim }} auth git-credential
|
||||||
[credential "https://gist.github.com"]
|
[credential "https://gist.github.com"]
|
||||||
|
@ -126,7 +126,7 @@
|
||||||
autocorrect = 20
|
autocorrect = 20
|
||||||
[http]
|
[http]
|
||||||
postBuffer = 524288000
|
postBuffer = 524288000
|
||||||
{{ if (stat (joinPath "etc" "ssl" "cert.pem")) -}}sslcainfo = /etc/ssl/cert.pem{{ end -}}
|
{{ if (stat (joinPath "etc" "ssl" "cert.pem")) -}} sslcainfo = /etc/ssl/cert.pem{{ end -}}
|
||||||
[init]
|
[init]
|
||||||
defaultBranch = master
|
defaultBranch = master
|
||||||
# templatedir = ~/.config/git/template
|
# templatedir = ~/.config/git/template
|
||||||
|
|
|
@ -125,7 +125,7 @@ logg() {
|
||||||
# 2. If any of the above are missing, it will then use the appropriate system package manager to satisfy the requirements. *Note that some of the requirements are not scanned for in order to keep it simple and fast.*
|
# 2. If any of the above are missing, it will then use the appropriate system package manager to satisfy the requirements. *Note that some of the requirements are not scanned for in order to keep it simple and fast.*
|
||||||
# 3. On macOS, the official Xcode Command Line Tools are installed.
|
# 3. On macOS, the official Xcode Command Line Tools are installed.
|
||||||
ensureBasicDeps() {
|
ensureBasicDeps() {
|
||||||
if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v expect > /dev/null || ! command -v rsync > /dev/null || ! command -v unbuffer; then
|
if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v expect > /dev/null || ! command -v rsync > /dev/null || ! command -v unbuffer > /dev/null; then
|
||||||
if command -v apt-get > /dev/null; then
|
if command -v apt-get > /dev/null; then
|
||||||
### Debian / Ubuntu
|
### Debian / Ubuntu
|
||||||
logg info 'Running sudo apt-get update' && sudo apt-get update
|
logg info 'Running sudo apt-get update' && sudo apt-get update
|
||||||
|
|
|
@ -94,7 +94,7 @@ logg() {
|
||||||
# 2. If any of the above are missing, it will then use the appropriate system package manager to satisfy the requirements. *Note that some of the requirements are not scanned for in order to keep it simple and fast.*
|
# 2. If any of the above are missing, it will then use the appropriate system package manager to satisfy the requirements. *Note that some of the requirements are not scanned for in order to keep it simple and fast.*
|
||||||
# 3. On macOS, the official Xcode Command Line Tools are installed.
|
# 3. On macOS, the official Xcode Command Line Tools are installed.
|
||||||
ensureBasicDeps() {
|
ensureBasicDeps() {
|
||||||
if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v expect > /dev/null || ! command -v rsync > /dev/null || ! command -v unbuffer; then
|
if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v expect > /dev/null || ! command -v rsync > /dev/null || ! command -v unbuffer > /dev/null; then
|
||||||
if command -v apt-get > /dev/null; then
|
if command -v apt-get > /dev/null; then
|
||||||
### Debian / Ubuntu
|
### Debian / Ubuntu
|
||||||
logg info 'Running sudo apt-get update' && sudo apt-get update
|
logg info 'Running sudo apt-get update' && sudo apt-get update
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
# 2. If any of the above are missing, it will then use the appropriate system package manager to satisfy the requirements. *Note that some of the requirements are not scanned for in order to keep it simple and fast.*
|
# 2. If any of the above are missing, it will then use the appropriate system package manager to satisfy the requirements. *Note that some of the requirements are not scanned for in order to keep it simple and fast.*
|
||||||
# 3. On macOS, the official Xcode Command Line Tools are installed.
|
# 3. On macOS, the official Xcode Command Line Tools are installed.
|
||||||
ensureBasicDeps() {
|
ensureBasicDeps() {
|
||||||
if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v expect > /dev/null || ! command -v rsync > /dev/null || ! command -v unbuffer; then
|
if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v expect > /dev/null || ! command -v rsync > /dev/null || ! command -v unbuffer > /dev/null; then
|
||||||
if command -v apt-get > /dev/null; then
|
if command -v apt-get > /dev/null; then
|
||||||
### Debian / Ubuntu
|
### Debian / Ubuntu
|
||||||
logg info 'Running sudo apt-get update' && sudo apt-get update
|
logg info 'Running sudo apt-get update' && sudo apt-get update
|
||||||
|
|
|
@ -159,7 +159,7 @@ setEnvironmentVariables() {
|
||||||
# 2. If any of the above are missing, it will then use the appropriate system package manager to satisfy the requirements. *Note that some of the requirements are not scanned for in order to keep it simple and fast.*
|
# 2. If any of the above are missing, it will then use the appropriate system package manager to satisfy the requirements. *Note that some of the requirements are not scanned for in order to keep it simple and fast.*
|
||||||
# 3. On macOS, the official Xcode Command Line Tools are installed.
|
# 3. On macOS, the official Xcode Command Line Tools are installed.
|
||||||
ensureBasicDeps() {
|
ensureBasicDeps() {
|
||||||
if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v expect > /dev/null || ! command -v rsync > /dev/null || ! command -v unbuffer; then
|
if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v expect > /dev/null || ! command -v rsync > /dev/null || ! command -v unbuffer > /dev/null; then
|
||||||
if command -v apt-get > /dev/null; then
|
if command -v apt-get > /dev/null; then
|
||||||
### Debian / Ubuntu
|
### Debian / Ubuntu
|
||||||
logg info 'Running sudo apt-get update' && sudo apt-get update
|
logg info 'Running sudo apt-get update' && sudo apt-get update
|
||||||
|
@ -306,9 +306,9 @@ setupPasswordlessSudo() {
|
||||||
logg info 'Note: Non-privileged installations are not yet supported'
|
logg info 'Note: Non-privileged installations are not yet supported'
|
||||||
fi
|
fi
|
||||||
if [ -n "$SUDO_PASSWORD" ]; then
|
if [ -n "$SUDO_PASSWORD" ]; then
|
||||||
printf '%s\n' "$SUDO_PASSWORD" | sudo -p "" -S echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers
|
printf '%s\n' "$SUDO_PASSWORD" | sudo -p "" -S echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers > /dev/null
|
||||||
else
|
else
|
||||||
echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers
|
echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers > /dev/null
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -114,9 +114,9 @@ setupPasswordlessSudo() {
|
||||||
logg info 'Note: Non-privileged installations are not yet supported'
|
logg info 'Note: Non-privileged installations are not yet supported'
|
||||||
fi
|
fi
|
||||||
if [ -n "$SUDO_PASSWORD" ]; then
|
if [ -n "$SUDO_PASSWORD" ]; then
|
||||||
printf '%s\n' "$SUDO_PASSWORD" | sudo -p "" -S echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers
|
printf '%s\n' "$SUDO_PASSWORD" | sudo -p "" -S echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers > /dev/null
|
||||||
else
|
else
|
||||||
echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers
|
echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers > /dev/null
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -709,6 +709,11 @@ softwarePackages:
|
||||||
bin: https://github.com/joehillen/sysz
|
bin: https://github.com/joehillen/sysz
|
||||||
pacman: sysz
|
pacman: sysz
|
||||||
script:linux: cd /tmp && git clone https://github.com/joehillen/sysz.git && cd sysz && sudo make install && cd /tmp && rm -rf sysz
|
script:linux: cd /tmp && git clone https://github.com/joehillen/sysz.git && cd sysz && sudo make install && cd /tmp && rm -rf sysz
|
||||||
|
macprefs:
|
||||||
|
_bin: macprefs
|
||||||
|
_name: MacPrefs
|
||||||
|
_github: https://github.com/clintmod/macprefs
|
||||||
|
brew: clintmod/formulas/macprefs
|
||||||
appium:
|
appium:
|
||||||
_bin: appium
|
_bin: appium
|
||||||
_desc: '[Appium](https://appium.io/) is an open source automation tool for running scripts and testing native applications, mobile-web applications and hybrid applications on Android or iOS using a webdriver.'
|
_desc: '[Appium](https://appium.io/) is an open source automation tool for running scripts and testing native applications, mobile-web applications and hybrid applications on Android or iOS using a webdriver.'
|
||||||
|
|
Loading…
Reference in a new issue