Disable cups & partially configure firewall

2024-11-22 09:51:33 -05:00 · 2024-09-28 23:37:27 -07:00 · 2024-09-28 23:37:27 -07:00 · 60c5b59486
commit 60c5b59486
parent 1d00ab35c3
2 changed files with 30 additions and 0 deletions
--- a/development.sh
+++ b/development.sh
@ -13,6 +13,20 @@ done
 echo "VerifyHostKeyDNS yes" | sudo tee /etc/ssh/ssh_config.d/10-custom.conf
 sudo chmod 644 /etc/ssh/ssh_config.d/10-custom.conf
 # Disable cups
 sudo launchctl unload /System/Library/LaunchDaemons/org.cups.cupsd.plist
 sudo launchctl remove /System/Library/LaunchDaemons/org.cups.cupsd.plist
 # Firewall rules
 /usr/libexec/ApplicationFirewall/socketfilterfw --setallowsignedapp off
 /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on
 /usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode on
 sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/libexec/remoted
 sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/libexec/sharingd
 sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/libexec/sshd-keygen-wrapper
 sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/sbin/cupsd
 sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/sbin/smbd
 # Install Brew
 /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
 (echo; echo 'eval "$(/opt/homebrew/bin/brew shellenv)"') >> /Users/$(USERS)/.zprofile
--- a/primary.sh
+++ b/primary.sh
@ -15,6 +15,22 @@ sudo chmod 644 /etc/ssh/ssh_config.d/10-custom.conf
 umask 022
 # Disable cups
 sudo launchctl unload /System/Library/LaunchDaemons/org.cups.cupsd.plist
 sudo launchctl remove /System/Library/LaunchDaemons/org.cups.cupsd.plist
 # Firewall rules
 /usr/libexec/ApplicationFirewall/socketfilterfw --setallowsignedapp off
 /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on
 /usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode on
 sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/bin/python3
 sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/bin/ruby
 sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/libexec/remoted
 sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/libexec/sharingd
 sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/libexec/sshd-keygen-wrapper
 sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/sbin/cupsd
 sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/sbin/smbd
 # Setup Edge Enterprise Policies
 sudo mkdir -p '/Library/Tomster Corporation/scripts/' '/Library/Tomster Corporation/prefs/' '/Library/Managed Preferences'
 curl https://raw.githubusercontent.com/TommyTran732/macOS-Setup-Script/etc/Library/Tomster%20Corporation/apply_prefs.sh | sudo tee '/etc/Library/Tomster Corporation/apply_prefs.sh'