115 lines
No EOL
3.9 KiB
XML
115 lines
No EOL
3.9 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
|
<plist version="1.0">
|
|
<dict>
|
|
<key>PayloadContent</key>
|
|
<array>
|
|
<dict>
|
|
<key>PayloadContent</key>
|
|
<dict>
|
|
<key>com.google.santa</key>
|
|
<dict>
|
|
<key>Forced</key>
|
|
<array>
|
|
<dict>
|
|
<key>mcx_preference_settings</key>
|
|
<dict>
|
|
<key>BannedBlockMessage</key>
|
|
<string>This application has been banned</string>
|
|
<key>ClientMode</key>
|
|
<integer>1</integer>
|
|
<key>EnablePageZeroProtection</key>
|
|
<false/>
|
|
<key>EnableSilentMode</key>
|
|
<false/>
|
|
<key>EventDetailText</key>
|
|
<string>Open sync server</string>
|
|
<key>EventDetailURL</key>
|
|
<string>https://santa.{{ .host.domain }}/blockables/%file_sha%</string>
|
|
<key>FileChangesRegex</key>
|
|
<string>^/(?!(?:private/tmp|Library/(?:Caches|Managed Installs/Logs|(?:Managed )?Preferences))/)</string>
|
|
<key>MachineIDKey</key>
|
|
<string>MachineUUID</string>
|
|
<key>MachineIDPlist</key>
|
|
<string>/Library/Preferences/{{ .host.domain }}.santa.machine-mapping.plist</string>
|
|
<key>MachineOwnerKey</key>
|
|
<string>Owner</string>
|
|
<key>MachineOwnerPlist</key>
|
|
<string>/Library/Preferences/{{ .host.domain }}.santa.machine-mapping.plist</string>
|
|
<key>ModeNotificationLockdown</key>
|
|
<string>Entering Lockdown mode</string>
|
|
<key>ModeNotificationMonitor</key>
|
|
<string>Entering Monitor mode<br/>Please be careful!</string>
|
|
<key>MoreInfoURL</key>
|
|
<string>https://santa.{{ .host.domain }}/moreinfo</string>
|
|
<key>StaticRules</key>
|
|
<array>
|
|
<dict>
|
|
<!-- Always allow files signed by Google LLC -->
|
|
<key>identifier</key>
|
|
<string>EQHXZ8M8AV</string>
|
|
<key>policy</key>
|
|
<string>ALLOWLIST</string>
|
|
<key>rule_type</key>
|
|
<string>TEAMID</string>
|
|
</dict>
|
|
<dict>
|
|
<!-- Always allow files signed by "Internal Tools Certificate" -->
|
|
<key>identifier</key>
|
|
<string>b2617611fb6c008bfe9e05b7a633d4f21c403a0a1a88b514a04c3e5e111be025</string>
|
|
<key>policy</key>
|
|
<string>ALLOWLIST</string>
|
|
<key>rule_type</key>
|
|
<string>CERTIFICATE</string>
|
|
</dict>
|
|
<dict>
|
|
<!-- Always BLOCK the BundleExample.app binary in Santa's testdata files, for testing -->
|
|
<key>identifier</key>
|
|
<string>b7c1e3fd640c5f211c89b02c2c6122f78ce322aa5c56eb0bb54bc422a8f8b670</string>
|
|
<key>policy</key>
|
|
<string>BLOCKLIST</string>
|
|
<key>rule_type</key>
|
|
<string>BINARY</string>
|
|
</dict>
|
|
</array>
|
|
<key>SyncBaseURL</key>
|
|
<string>https://santa.{{ .host.domain }}/api/santa/</string>
|
|
<key>UnknownBlockMessage</key>
|
|
<string>This application has been blocked from executing.</string>
|
|
</dict>
|
|
</dict>
|
|
</array>
|
|
</dict>
|
|
</dict>
|
|
<key>PayloadEnabled</key>
|
|
<true/>
|
|
<key>PayloadIdentifier</key>
|
|
<string>0342c558-a101-4a08-a0b9-40cc00039ea5</string>
|
|
<key>PayloadType</key>
|
|
<string>com.apple.ManagedClient.preferences</string>
|
|
<key>PayloadUUID</key>
|
|
<string>0342c558-a101-4a08-a0b9-40cc00039ea5</string>
|
|
<key>PayloadVersion</key>
|
|
<integer>1</integer>
|
|
</dict>
|
|
</array>
|
|
<key>PayloadDescription</key>
|
|
<string>com.google.santa</string>
|
|
<key>PayloadDisplayName</key>
|
|
<string>com.google.santa</string>
|
|
<key>PayloadIdentifier</key>
|
|
<string>com.google.santa</string>
|
|
<key>PayloadOrganization</key>
|
|
<string></string>
|
|
<key>PayloadRemovalDisallowed</key>
|
|
<true/>
|
|
<key>PayloadScope</key>
|
|
<string>System</string>
|
|
<key>PayloadType</key>
|
|
<string>Configuration</string>
|
|
<key>PayloadUUID</key>
|
|
<string>9020fb2d-cab3-420f-9268-acca4868bdd0</string>
|
|
<key>PayloadVersion</key>
|
|
<integer>1</integer>
|
|
</dict>
|
|
</plist> |