acidprime · January 9, 2012 00:24
diff --git a/keychaindelete.sh b/keychaindelete.sh
 #!/bin/bash
 # set -xv # Uncomment for debug , also change LOGLEVEL=VERBOSE
 # -- Envoirmental settings
 declare -x SCRIPT="${0##*/}"
 declare -x SCRIPTLOG="/Library/Logs/${SCRIPT}.log"
 declare -x SCRIPTPATH="${0}"
 declare -x RUNDIRECTORY="${0%%/*}"
 declare -x SYSROOT="/"

 # Command Shorthands
 declare -x awk="/usr/bin/awk"
 declare -x date="/bin/date"
 declare -x defaults="/usr/bin/defaults"
 declare -x dscl="/usr/bin/dscl"
 declare -x rm="/bin/rm"
 declare -x sudo="/usr/bin/sudo"

 declare -x LOGINNAME="${1}"	# Passed by the login hook.

 declare -x DATE="$($date -u "+%Y-%m-%d")"
 declare -x OSVER="$($defaults read "${SYSROOT:-"/"}System/Library/CoreServices/SystemVersion" 'ProductVersion' 2>/dev/null )"
 declare -x LOGLEVEL="NORMAL"	# Default to NORMAL unless VERBOSE is set


 printf "%s\n" "$DATE:$SCRIPT:STARTED" >>"${SCRIPTLOG:?}"

 # zStandard Functions
 STATUS() {
 declare STATUS_TYPE="$1"
 declare STATUS_MESSAGE="$2"
 case "${STATUS_TYPE:?"Error status message with null"}" in
 	normal)	[ -n "$LOGLEVEL" ] && printf "%s\n" "$DATE:STATUS: $STATUS_MESSAGE">>"${SCRIPTLOG:?}" ;;
 	error)  [ -n "$LOGLEVEL" ] && printf "%s\n" "$DATE:ERROR: $STATUS_MESSAGE">>"${SCRIPTLOG:?}" ;;
 	verbose) [ "$LOGLEVEL" = "VERBOSE" ] && printf "%s\n" "$DATE:STATUS: VERBOSE: $STATUS_MESSAGE">>"${SCRIPTLOG:?}" ;;
 esac
 return 0
 } # END STATUS()

 DIE() {
 STATUS verbose "FUNCTION:	${FUNCNAME}"
 declare LAST_MESSAGE="$1"
 declare LASTEXIT="$2"
 printf "%s\n\v" "$DATE:$LAST_MESSAGE:$LASTEXIT" >>"${SCRIPTLOG:?}" ""# Print specific error message for respective issue to standard error.
 unset ${!KEY*}
 exit 0		# always 0 for loginhooks
 return 0	# Should never get here
 } # END DIE()

 CHECK_OS() { # CHECK_OS Read the /System/Library/CoreServices/SystemVersion.plist value for OS version.
 STATUS verbose "FUNCTION:	${FUNCNAME}"
 declare OSVER="$1"
 case "$OSVER" in

 	10.0* | 10.1* ) DIE "ERROR:$FUNCNAME:$LINENO Unsupported OS version : $OSVER is too old." ;;
 	
 	10.2* ) export KEYNAME="${LOGINNAME}" ; return 0 ;;
 	
 	10.3* | 10.4* | 10.5* ) export KEYNAME="login"; export KEYOLDNAME="${LOGINNAME}" ; return 0 ;;

 	*)	DIE "ERROR:$FUNCNAME:$LINENO Unsupported OS version : $OSVER unknown version." 192 ;;
 esac
 }
 CHECK_OS "$OSVER" # We also set the keychain name here for 10.2

 declare USERHOME=$($dscl /Search -read /Users/${LOGINNAME:?} NFSHomeDirectory | $awk '{ print $2;exit}')
 declare KEYCHAIN="${USERHOME:?}/Library/Keychains/${KEYNAME:?}.keychain"	# login.keychain
 declare OLD_KEYCHAIN="${USERHOME:?}/Library/Keychains/${KEYOLDNAME:?}.keychain"	# shortname.keychain

 if [ -f "${KEYCHAIN:?}" ]; then # Check for ~/Library/Keychains/login.keychain
 	$sudo -u "${LOGINNAME:?}"  $rm "${KEYCHAIN:?}" # We sudo as a failsafe so we are not rm'ing as root.
 	
 elif [ -f "${OLD_KEYCHAIN:?}" ]; then # Check for ~/Library/Keychains/shortname.keychain circa 10.2 (upgraded clients)
 	STATUS verbose "Detected legacy keychain named ${KEYOLDNAME:?}, continuing with removal:"
 	$sudo -u "${LOGINNAME:?}"  $rm "${OLD_KEYCHAIN:?}" # We sudo as a failsafe so we are not rm'ing as root.
 else
 	STATUS error "The file: ${KEYCHAIN:?} or ${OLD_KEYCHAIN:?}  does not exist, aborting." && exit 0
 	
 fi

 unset ${!KEY*} # Clean up
 DIE "$SCRIPT:ENDED:COMPLETED IN $SECONDS SECONDS" 0
 unset -f DIE	# Should never get here
 exit 0		# Always exit 0 in loginhooks.
	#!/bin/bash
	# set -xv # Uncomment for debug , also change LOGLEVEL=VERBOSE
	# -- Envoirmental settings
	declare -x SCRIPT="${0##*/}"
	declare -x SCRIPTLOG="/Library/Logs/${SCRIPT}.log"
	declare -x SCRIPTPATH="${0}"
	declare -x RUNDIRECTORY="${0%%/*}"
	declare -x SYSROOT="/"

	# Command Shorthands
	declare -x awk="/usr/bin/awk"
	declare -x date="/bin/date"
	declare -x defaults="/usr/bin/defaults"
	declare -x dscl="/usr/bin/dscl"
	declare -x rm="/bin/rm"
	declare -x sudo="/usr/bin/sudo"

	declare -x LOGINNAME="${1}" # Passed by the login hook.

	declare -x DATE="$($date -u "+%Y-%m-%d")"
	declare -x OSVER="$($defaults read "${SYSROOT:-"/"}System/Library/CoreServices/SystemVersion" 'ProductVersion' 2>/dev/null )"
	declare -x LOGLEVEL="NORMAL" # Default to NORMAL unless VERBOSE is set


	printf "%s\n" "$DATE:$SCRIPT:STARTED" >>"${SCRIPTLOG:?}"

	# zStandard Functions
	STATUS() {
	declare STATUS_TYPE="$1"
	declare STATUS_MESSAGE="$2"
	case "${STATUS_TYPE:?"Error status message with null"}" in
	normal) [ -n "$LOGLEVEL" ] && printf "%s\n" "$DATE:STATUS: $STATUS_MESSAGE">>"${SCRIPTLOG:?}" ;;
	error) [ -n "$LOGLEVEL" ] && printf "%s\n" "$DATE:ERROR: $STATUS_MESSAGE">>"${SCRIPTLOG:?}" ;;
	verbose) [ "$LOGLEVEL" = "VERBOSE" ] && printf "%s\n" "$DATE:STATUS: VERBOSE: $STATUS_MESSAGE">>"${SCRIPTLOG:?}" ;;
	esac
	return 0
	} # END STATUS()

	DIE() {
	STATUS verbose "FUNCTION: ${FUNCNAME}"
	declare LAST_MESSAGE="$1"
	declare LASTEXIT="$2"
	printf "%s\n\v" "$DATE:$LAST_MESSAGE:$LASTEXIT" >>"${SCRIPTLOG:?}" ""# Print specific error message for respective issue to standard error.
	unset ${!KEY*}
	exit 0 # always 0 for loginhooks
	return 0 # Should never get here
	} # END DIE()

	CHECK_OS() { # CHECK_OS Read the /System/Library/CoreServices/SystemVersion.plist value for OS version.
	STATUS verbose "FUNCTION: ${FUNCNAME}"
	declare OSVER="$1"
	case "$OSVER" in

	10.0* \| 10.1* ) DIE "ERROR:$FUNCNAME:$LINENO Unsupported OS version : $OSVER is too old." ;;

	10.2* ) export KEYNAME="${LOGINNAME}" ; return 0 ;;

	10.3* \| 10.4* \| 10.5* ) export KEYNAME="login"; export KEYOLDNAME="${LOGINNAME}" ; return 0 ;;

	*) DIE "ERROR:$FUNCNAME:$LINENO Unsupported OS version : $OSVER unknown version." 192 ;;
	esac
	}
	CHECK_OS "$OSVER" # We also set the keychain name here for 10.2

	declare USERHOME=$($dscl /Search -read /Users/${LOGINNAME:?} NFSHomeDirectory \| $awk '{ print $2;exit}')
	declare KEYCHAIN="${USERHOME:?}/Library/Keychains/${KEYNAME:?}.keychain" # login.keychain
	declare OLD_KEYCHAIN="${USERHOME:?}/Library/Keychains/${KEYOLDNAME:?}.keychain" # shortname.keychain

	if [ -f "${KEYCHAIN:?}" ]; then # Check for ~/Library/Keychains/login.keychain
	$sudo -u "${LOGINNAME:?}" $rm "${KEYCHAIN:?}" # We sudo as a failsafe so we are not rm'ing as root.

	elif [ -f "${OLD_KEYCHAIN:?}" ]; then # Check for ~/Library/Keychains/shortname.keychain circa 10.2 (upgraded clients)
	STATUS verbose "Detected legacy keychain named ${KEYOLDNAME:?}, continuing with removal:"
	$sudo -u "${LOGINNAME:?}" $rm "${OLD_KEYCHAIN:?}" # We sudo as a failsafe so we are not rm'ing as root.
	else
	STATUS error "The file: ${KEYCHAIN:?} or ${OLD_KEYCHAIN:?} does not exist, aborting." && exit 0

	fi

	unset ${!KEY*} # Clean up
	DIE "$SCRIPT:ENDED:COMPLETED IN $SECONDS SECONDS" 0
	unset -f DIE # Should never get here
	exit 0 # Always exit 0 in loginhooks.