1+ #! /bin/bash
2+
3+ # Initial setup script for Mac OS X 10.11.x
4+ # Rich Trouton, created July 29, 2015
5+ # Last modified 8-3-2015
6+ #
7+ # Adapted from Initial setup script for Mac OS X 10.10.x
8+ # Rich Trouton, created August 20, 2014
9+ # Last modified 11-21-2014
10+ #
11+
12+ # Sleeping for 30 seconds to allow the new default User Template folder to be moved into place
13+
14+ sleep 30
15+
16+ # Disable Time Machine's pop-up message whenever an external drive is plugged in
17+
18+ /usr/bin/defaults write /Library/Preferences/com.apple.TimeMachine DoNotOfferNewDisksForBackup -bool true
19+
20+ # Disable root login by setting root's shell to /usr/bin/false
21+ # Note: Setting this value has been known to cause issues seen
22+ # by others when they used Casper's FileVault 2 management.
23+ # If you are running Casper and see problems encrypting, the
24+ # original UserShell value is as follows:
25+ #
26+ # /bin/sh
27+ #
28+ # To revert it back to /bin/sh, run the following command:
29+ # /usr/bin/dscl . -change /Users/root UserShell /usr/bin/false /bin/sh
30+
31+ /usr/bin/dscl . -create /Users/root UserShell /usr/bin/false
32+
33+ # Make a symbolic link from /System/Library/CoreServices/Applications/Directory Utility.app
34+ # to /Applications/Utilities so that Directory Utility.app is easier to access.
35+
36+ if [[ ! -e " /Applications/Utilities/Directory Utility.app" ; then
37+ ln -s " /System/Library/CoreServices/Applications/Directory Utility.app" " /Applications/Utilities/Directory Utility.app"
38+ fi
39+
40+ if [[ -L " /Applications/Utilities/Directory Utility.app" ; then
41+ rm " /Applications/Utilities/Directory Utility.app"
42+ ln -s " /System/Library/CoreServices/Applications/Directory Utility.app" " /Applications/Utilities/Directory Utility.app"
43+ fi
44+
45+ # Make a symbolic link from /System/Library/CoreServices/Applications/Network Utility.app
46+ # to /Applications/Utilities so that Network Utility.app is easier to access.
47+
48+ if [[ ! -e " /Applications/Utilities/Network Utility.app" ; then
49+ ln -s " /System/Library/CoreServices/Applications/Network Utility.app" " /Applications/Utilities/Network Utility.app"
50+ fi
51+
52+ if [[ -L " /Applications/Utilities/Network Utility.app" ; then
53+ rm " /Applications/Utilities/Network Utility.app"
54+ ln -s " /System/Library/CoreServices/Applications/Network Utility.app" " /Applications/Utilities/Network Utility.app"
55+ fi
56+
57+ # Make a symbolic link from /System/Library/CoreServices/Screen Sharing.app
58+ # to /Applications/Utilities so that Screen Sharing.app is easier to access.
59+
60+ if [[ ! -e " /Applications/Utilities/Screen Sharing.app" ; then
61+ ln -s " /System/Library/CoreServices/Applications/Screen Sharing.app" " /Applications/Utilities/Screen Sharing.app"
62+ fi
63+
64+ if [[ -L " /Applications/Utilities/Screen Sharing.app" ; then
65+ rm " /Applications/Utilities/Screen Sharing.app"
66+ ln -s " /System/Library/CoreServices/Applications/Screen Sharing.app" " /Applications/Utilities/Screen Sharing.app"
67+ fi
68+
69+ # Set separate power management settings for desktops and laptops
70+ # If it's a laptop, the power management settings for "Battery" are set to have the computer sleep in 15 minutes, disk will spin down
71+ # in 10 minutes, the display will sleep in 5 minutes and the display itslef will dim to half-brightness before sleeping. While plugged
72+ # into the AC adapter, the power management settings for "Charger" are set to have the computer never sleep, the disk doesn't spin down,
73+ # the display sleeps after 30 minutes and the display dims before sleeping.
74+ #
75+ # If it's not a laptop (i.e. a desktop), the power management settings are set to have the computer never sleep, the disk doesn't spin down, the display
76+ # sleeps after 30 minutes and the display dims before sleeping.
77+ #
78+
79+ # Detects if this Mac is a laptop or not by checking the model ID for the word "Book" in the name.
80+ IS_LAPTOP=` /usr/sbin/system_profiler SPHardwareDataType | grep " Model Identifier" | grep " Book" `
81+
82+ if [ " $IS_LAPTOP " != " " ; then
83+ pmset -b sleep 15 disksleep 10 displaysleep 5 halfdim 1
84+ pmset -c sleep 0 disksleep 0 displaysleep 30 halfdim 1
85+ else
86+ pmset sleep 0 disksleep 0 displaysleep 30 halfdim 1
87+ fi
88+
89+ # Set the login window to name and password
90+
91+ /usr/bin/defaults write /Library/Preferences/com.apple.loginwindow SHOWFULLNAME -bool true
92+
93+ # Disable external accounts (i.e. accounts stored on drives other than the boot drive.)
94+
95+ /usr/bin/defaults write /Library/Preferences/com.apple.loginwindow EnableExternalAccounts -bool false
96+
97+ # Set the ability to view additional system info at the Login window
98+ # The following will be reported when you click on the time display
99+ # (click on the time again to proceed to the next item):
100+ #
101+ # Computer name
102+ # Version of OS X installed
103+ # IP address
104+ # This will remain visible for 60 seconds.
105+
106+ /usr/bin/defaults write /Library/Preferences/com.apple.loginwindow AdminHostInfo HostName
107+
108+ # Sets the "Show scroll bars" setting (in System Preferences: General)
109+ # to "Always" in your Mac's default user template and for all existing users.
110+ # Code adapted from DeployStudio's rc130 ds_finalize script, where it's
111+ # disabling the iCloud and gestures demos
112+
113+ # Checks the system default user template for the presence of
114+ # the Library/Preferences directory. If the directory is not found,
115+ # it is created and then the "Show scroll bars" setting (in System
116+ # Preferences: General) is set to "Always".
117+
118+ for USER_TEMPLATE in " /System/Library/User Template" *
119+ do
120+ if [ ! -d " ${USER_TEMPLATE} "
121+ then
122+ mkdir -p " ${USER_TEMPLATE} "
123+ fi
124+ if [ ! -d " ${USER_TEMPLATE} "
125+ then
126+ mkdir -p " ${USER_TEMPLATE} "
127+ fi
128+ if [ -d " ${USER_TEMPLATE} "
129+ then
130+ /usr/bin/defaults write " ${USER_TEMPLATE} "
131+ fi
132+ done
133+
134+ # Checks the existing user folders in /Users for the presence of
135+ # the Library/Preferences directory. If the directory is not found,
136+ # it is created and then the "Show scroll bars" setting (in System
137+ # Preferences: General) is set to "Always".
138+
139+ for USER_HOME in /Users/*
140+ do
141+ USER_UID=` basename " ${USER_HOME} " `
142+ if [ ! " ${USER_UID} " = " Shared"
143+ then
144+ if [ ! -d " ${USER_HOME} "
145+ then
146+ mkdir -p " ${USER_HOME} "
147+ chown " ${USER_UID} " " ${USER_HOME} "
148+ chown " ${USER_UID} " " ${USER_HOME} "
149+ fi
150+ if [ ! -d " ${USER_HOME} "
151+ then
152+ mkdir -p " ${USER_HOME} "
153+ chown " ${USER_UID} " " ${USER_HOME} "
154+ chown " ${USER_UID} " " ${USER_HOME} "
155+ chown " ${USER_UID} " " ${USER_HOME} "
156+ fi
157+ if [ -d " ${USER_HOME} "
158+ then
159+ /usr/bin/defaults write " ${USER_HOME} "
160+ chown " ${USER_UID} " " ${USER_HOME} " *
161+ fi
162+ fi
163+ done
164+
165+
166+ # Determine OS version and build version
167+ # as part of the following actions to disable
168+ # the iCloud and Diagnostic pop-up windows
169+
170+ osvers=$( sw_vers -productVersion | awk -F. ' {print $2}' )
171+ sw_vers=$( sw_vers -productVersion)
172+ sw_build=$( sw_vers -buildVersion)
173+
174+
175+ # Checks first to see if the Mac is running 10.7.0 or higher.
176+ # If so, the script checks the system default user template
177+ # for the presence of the Library/Preferences directory.
178+ #
179+ # If the directory is not found, it is created and then the
180+ # iCloud and Diagnostic pop-up settings are set to be disabled.
181+
182+ if [[ ${osvers} -ge 7 ]]; then
183+
184+ for USER_TEMPLATE in " /System/Library/User Template" *
185+ do
186+ /usr/bin/defaults write " ${USER_TEMPLATE} "
187+ /usr/bin/defaults write " ${USER_TEMPLATE} "
188+ /usr/bin/defaults write " ${USER_TEMPLATE} " " ${sw_vers} "
189+ /usr/bin/defaults write " ${USER_TEMPLATE} " " ${sw_build} "
190+ done
191+
192+ # Checks first to see if the Mac is running 10.7.0 or higher.
193+ # If so, the script checks the existing user folders in /Users
194+ # for the presence of the Library/Preferences directory.
195+ #
196+ # If the directory is not found, it is created and then the
197+ # iCloud and Diagnostic pop-up settings are set to be disabled.
198+
199+ for USER_HOME in /Users/*
200+ do
201+ USER_UID=` basename " ${USER_HOME} " `
202+ if [ ! " ${USER_UID} " = " Shared"
203+ then
204+ if [ ! -d " ${USER_HOME} "
205+ then
206+ mkdir -p " ${USER_HOME} "
207+ chown " ${USER_UID} " " ${USER_HOME} "
208+ chown " ${USER_UID} " " ${USER_HOME} "
209+ fi
210+ if [ -d " ${USER_HOME} "
211+ then
212+ /usr/bin/defaults write " ${USER_HOME} "
213+ /usr/bin/defaults write " ${USER_HOME} "
214+ /usr/bin/defaults write " ${USER_HOME} " " ${sw_vers} "
215+ /usr/bin/defaults write " ${USER_HOME} " " ${sw_build} "
216+ chown " ${USER_UID} " " ${USER_HOME} "
217+ fi
218+ fi
219+ done
220+ fi
221+
222+ # Set whether you want to send diagnostic info back to
223+ # Apple and/or third party app developers. If you want
224+ # to send diagonostic data to Apple, set the following
225+ # value for the SUBMIT_DIAGNOSTIC_DATA_TO_APPLE value:
226+ #
227+ # SUBMIT_DIAGNOSTIC_DATA_TO_APPLE=TRUE
228+ #
229+ # If you want to send data to third party app developers,
230+ # set the following value for the
231+ # SUBMIT_DIAGNOSTIC_DATA_TO_APP_DEVELOPERS value:
232+ #
233+ # SUBMIT_DIAGNOSTIC_DATA_TO_APP_DEVELOPERS=TRUE
234+ #
235+ # By default, the values in this script are set to
236+ # send no diagnostic data:
237+
238+ SUBMIT_DIAGNOSTIC_DATA_TO_APPLE=FALSE
239+ SUBMIT_DIAGNOSTIC_DATA_TO_APP_DEVELOPERS=FALSE
240+
241+ # To change this in your own script, comment out the FALSE
242+ # lines and uncomment the TRUE lines as appropriate.
243+
244+ # Checks first to see if the Mac is running 10.10.0 or higher.
245+ # If so, the desired diagnostic submission settings are applied.
246+
247+ if [[ ${osvers} -ge 10 ]]; then
248+
249+ CRASHREPORTER_SUPPORT=" /Library/Application Support/CrashReporter"
250+
251+ if [ ! -d " ${CRASHREPORTER_SUPPORT} " ; then
252+ mkdir " ${CRASHREPORTER_SUPPORT} "
253+ chmod 775 " ${CRASHREPORTER_SUPPORT} "
254+ chown root:admin " ${CRASHREPORTER_SUPPORT} "
255+ fi
256+
257+ /usr/bin/defaults write " $CRASHREPORTER_SUPPORT " ${SUBMIT_DIAGNOSTIC_DATA_TO_APPLE}
258+ /usr/bin/defaults write " $CRASHREPORTER_SUPPORT "
259+ /usr/bin/defaults write " $CRASHREPORTER_SUPPORT " ${SUBMIT_DIAGNOSTIC_DATA_TO_APP_DEVELOPERS}
260+ /usr/bin/defaults write " $CRASHREPORTER_SUPPORT "
261+ /bin/chmod a+r " $CRASHREPORTER_SUPPORT "
262+ /usr/sbin/chown root:admin " $CRASHREPORTER_SUPPORT "
263+
264+ fi
265+
266+ # Turn SSH on
267+
268+ systemsetup -setremotelogin on
269+
270+ # Turn off Gatekeeper
271+
272+ spctl --master-disable
273+
274+ # Disable Gatekeeper's auto-rearm. Otherwise Gatekeeper
275+ # will reactivate every 30 days. When it reactivates, it
276+ # will be be set to "Mac App Store and identified developers"
277+
278+ /usr/bin/defaults write /Library/Preferences/com.apple.security GKAutoRearm -bool NO
279+
280+ # Remove setup LaunchDaemon item
281+
282+ srm /Library/LaunchDaemons/com.company.initialsetup.plist
283+
284+ # Make script self-destruct
285+
286+ srm $0
0 commit comments