Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- #
- # Create local admin account with ssh access
- # This script can e.g. be used as a postinstall script in a package in an InstaDMG workflow
- #
- # Thomas Berglund, 2010 (thomas.berglund AT gmail.com)
- # Set the username and password
- USERNAME="eviladmin"
- PASSWORD="superSecretPassword"
- UNIQUE_ID="499"
- HOME_PATH="/Users" # set this to something else if you want to hide the home folder
- # Define Directory Services Local Database path
- DSLocalDB="${3}/private/var/db/dslocal/nodes/Default"
- # Create user
- /usr/bin/dscl -f "$DSLocalDB" localonly -create /Local/Target/Users/${USERNAME}
- /usr/bin/dscl -f "$DSLocalDB" localonly -create /Local/Target/Users/${USERNAME} RealName ${USERNAME}
- /usr/bin/dscl -f "$DSLocalDB" localonly -create /Local/Target/Users/${USERNAME} PrimaryGroupID 20
- /usr/bin/dscl -f "$DSLocalDB" localonly -create /Local/Target/Users/${USERNAME} UniqueID ${UNIQUE_ID}
- /usr/bin/dscl -f "$DSLocalDB" localonly -create /Local/Target/Users/${USERNAME} UserShell /bin/bash
- /usr/bin/dscl -f "$DSLocalDB" localonly -create /Local/Target/Users/${USERNAME} NFSHomeDirectory ${HOME_PATH}/${USERNAME}
- /usr/bin/dscl -f "$DSLocalDB" localonly -create /Local/Target/Users/${USERNAME} naprivs -1073741569
- /usr/bin/dscl -f "$DSLocalDB" localonly -passwd /Local/Target/Users/${USERNAME} $PASSWORD
- # Get GeneratedUID for admin group and $USERNAME
- ADMIN_GUID="$(/usr/bin/dscl -f "$DSLocalDB" localonly -read /Local/Target/Groups/admin GeneratedUID | cut -d " " -f 2)"
- USERNAME_GUID="$(/usr/bin/dscl -f "$DSLocalDB" localonly -read /Local/Target/Users/${USERNAME} GeneratedUID | cut -d " " -f 2)"
- # Create ssh group, if you want the admin user to have access via ssh
- /usr/bin/dscl -f "$DSLocalDB" localonly -create /Local/Target/Groups/com.apple.access_ssh
- /usr/bin/dscl -f "$DSLocalDB" localonly -append /Local/Target/Groups/com.apple.access_ssh PrimaryGroupID 403
- /usr/bin/dscl -f "$DSLocalDB" localonly -append /Local/Target/Groups/com.apple.access_ssh RealName "Remote Login ACL"
- /usr/bin/dscl -f "$DSLocalDB" localonly -append /Local/Target/Groups/com.apple.access_ssh NestedGroups ${ADMIN_GUID}
- # Assign group memberships for admin account
- /usr/bin/dscl -f "$DSLocalDB" localonly -append /Local/Target/Groups/_appserveradm GroupMembership ${USERNAME}
- /usr/bin/dscl -f "$DSLocalDB" localonly -append /Local/Target/Groups/_appserverusr GroupMembership ${USERNAME}
- /usr/bin/dscl -f "$DSLocalDB" localonly -append /Local/Target/Groups/admin GroupMembership ${USERNAME}
- /usr/bin/dscl -f "$DSLocalDB" localonly -append /Local/Target/Groups/admin GroupMembers ${USERNAME_GUID}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement