mirror of
https://github.com/tommytran732/macOS-Setup-Script
synced 2024-11-22 09:51:33 -05:00
Disable cups & partially configure firewall
This commit is contained in:
parent
1d00ab35c3
commit
60c5b59486
@ -13,6 +13,20 @@ done
|
||||
echo "VerifyHostKeyDNS yes" | sudo tee /etc/ssh/ssh_config.d/10-custom.conf
|
||||
sudo chmod 644 /etc/ssh/ssh_config.d/10-custom.conf
|
||||
|
||||
# Disable cups
|
||||
sudo launchctl unload /System/Library/LaunchDaemons/org.cups.cupsd.plist
|
||||
sudo launchctl remove /System/Library/LaunchDaemons/org.cups.cupsd.plist
|
||||
|
||||
# Firewall rules
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --setallowsignedapp off
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode on
|
||||
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/libexec/remoted
|
||||
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/libexec/sharingd
|
||||
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/libexec/sshd-keygen-wrapper
|
||||
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/sbin/cupsd
|
||||
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/sbin/smbd
|
||||
|
||||
# Install Brew
|
||||
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
|
||||
(echo; echo 'eval "$(/opt/homebrew/bin/brew shellenv)"') >> /Users/$(USERS)/.zprofile
|
||||
|
16
primary.sh
16
primary.sh
@ -15,6 +15,22 @@ sudo chmod 644 /etc/ssh/ssh_config.d/10-custom.conf
|
||||
|
||||
umask 022
|
||||
|
||||
# Disable cups
|
||||
sudo launchctl unload /System/Library/LaunchDaemons/org.cups.cupsd.plist
|
||||
sudo launchctl remove /System/Library/LaunchDaemons/org.cups.cupsd.plist
|
||||
|
||||
# Firewall rules
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --setallowsignedapp off
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode on
|
||||
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/bin/python3
|
||||
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/bin/ruby
|
||||
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/libexec/remoted
|
||||
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/libexec/sharingd
|
||||
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/libexec/sshd-keygen-wrapper
|
||||
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/sbin/cupsd
|
||||
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /usr/sbin/smbd
|
||||
|
||||
# Setup Edge Enterprise Policies
|
||||
sudo mkdir -p '/Library/Tomster Corporation/scripts/' '/Library/Tomster Corporation/prefs/' '/Library/Managed Preferences'
|
||||
curl https://raw.githubusercontent.com/TommyTran732/macOS-Setup-Script/etc/Library/Tomster%20Corporation/apply_prefs.sh | sudo tee '/etc/Library/Tomster Corporation/apply_prefs.sh'
|
||||
|
Loading…
Reference in New Issue
Block a user