Skip to content

Instantly share code, notes, and snippets.

View vmiller's full-sized avatar

Vaughn Miller vmiller

23 followers · 17 following
View GitHub Profile
@weswhet
weswhet / mscupdate.py
Last active June 9, 2024 05:19
quit, update, and reopen all apps that have an update available in Managed Software Center.
#!/usr/local/munki/munki-python
import argparse
import os
import pathlib
import plistlib
import pprint
import pwd
import subprocess
from time import sleep
@pudquick
pudquick / brew.md
Last active November 7, 2024 11:03
Lightly "sandboxed" homebrew on macOS

brew is a bad neighbor

This isn't a guide about locking down homebrew so that it can't touch the rest of your system security-wise.

This guide doesn't fix the inherent security issues of a package management system that will literally yell at you if you try to do something about "huh, maybe it's not great my executables are writeable by my account without requiring authorization first".

But it absolutely is a guide about shoving it into its own little corner so that you can take it or leave it as you see fit, instead of just letting the project do what it likes like completely taking over permissions and ownership of a directory that might be in use by other software on your Mac and stomping all over their contents.

By following this guide you will:

  • Never have to run sudo to forcefully change permissions of some directory to be owned by your account
@gregneagle
gregneagle / Makefile
Created March 5, 2020 18:35
Make your own PPPC/TCC avoidance wrapper!
CC=gcc
CFLAGS=
SIGNINGIDENTITY="insert signing identity here"
IDENTIFIER=com.someorg.fudo.changeme
fudo: main.c
$(CC) -o fudo main.c
codesign -s $(SIGNINGIDENTITY) -i $(IDENTIFIER) fudo
@talkingmoose
talkingmoose / Manage App Notifications.bash
Last active January 25, 2024 15:26
macOS Catalina will prompt users to allow Notifications from each app that makes a request. Administrators can manage these prompts using a Configuration Profile. If running Jamf Pro 10.19 or later, I suggest instead using this manifest: https://github.com/talkingmoose/jamf-manifests/blob/master/macOS%20Notifications%20(com.apple.notificationset…
#!/bin/bash
<<ABOUT_THIS_SCRIPT
-----------------------------------------------------------------------
Written by:William Smith
Professional Services Engineer
Jamf
[email protected]
https://gist.github.com/talkingmoose/9faf50deaaefafa9a147e48ba39bb4b0
@joncrain
joncrain / erase_install_mojave.plist
Last active May 14, 2019 18:08
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>OnDemand</key>
<true/>
<key>RestartAction</key>
<string>RequireRestart</string>
<key>_metadata</key>
<dict>
@poundbangbash
poundbangbash / isMDMEnrolled.py
Created February 11, 2019 16:29
Munki fact to check if MDM is Enrolled
#!/usr/bin/python
import platform
import plistlib
import subprocess
from distutils.version import LooseVersion
def get_os_version():
'''Return OS version.'''
return LooseVersion(platform.mac_ver()[0])
@poundbangbash
poundbangbash / isMDMInstalled.py
Created February 11, 2019 16:27
Munki fact to check if MDM is Installed
'''Check MDM install status'''
import subprocess
import plistlib
import sys
def fact():
'''Check MDM install status'''
cmd = ['/usr/bin/profiles', '-C', '-o', 'stdout-xml']
run = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
@carlashley
carlashley / macOS_Mojave_touristd.mobileconfig
Created October 4, 2018 04:35
macOS Mojave touristd
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadContent</key>
<dict>
<key>com.apple.touristd</key>
@grahamgilbert
grahamgilbert / clean_old_apple_updates.py
Created May 9, 2018 16:35
Clean out old apple updates (older than 24 hours) because softwareupdate often refuses to install them
#!/usr/bin/python
"""
Removes cached apple updates that are older than 24 hours
"""
import datetime
import os
import shutil
import sys
@erikng
erikng / 32bitapps.py
Last active April 16, 2018 11:46
32bitapps.py
#!/usr/bin/python
import subprocess
import plistlib
cmd = ['/usr/sbin/system_profiler', '-xml', 'SPApplicationsDataType']
proc = subprocess.Popen(cmd, shell=False, bufsize=-1, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
output, err = proc.communicate()
plist = plistlib.readPlistFromString(output)
items = plist[0]['_items']
for item in sorted(items, key=lambda x: x.get('path')):