spacebar/macos-system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow azwdevice and admin as filevault users

Browse Source
This commit is contained in:
T. R. Bernstein
2025-08-31 20:23:39 +02:00
parent 2f80bcb7ff
commit ece6a9b3b2
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
bin/azw-ensure-single-fv-user → bin/azw-set-filevault-users
View File

@@ -18,8 +18,8 @@ function main {
function allowOnlyFilevaultUserToUnlock() {
local fdeuser
for fdeuser in ${(f)"$(fdesetup list | cut -d',' -f1)"}; do
[[ ${fdeuser} != ${username} ]] && fdesetup remove -user "${fdeuser}"
for fdeuser in $(fdesetup list | cut -d',' -f1); do
[[ ${fdeuser} != ${username} && ${fdeuser} != "admin" ]] && fdesetup remove -user "${fdeuser}"
done
return 0
}

4
modules/03-single-filevault-user.sh → modules/03-set-filevault-users.sh
View File

@@ -16,7 +16,7 @@ function createLaunchDaemon() {
<key>ProgramArguments</key>
<array>
<string>/usr/local/bin/azw</string>
<string>ensure-single-fv-user</string>
<string>set-filevault-users</string>
<string>${filevault_username}</string>
</array>
<key>OnDemand</key>
@@ -36,7 +36,7 @@ function enableLaunchDaemon() {
}
function createLaunchdService() {
local serviceName='de.astzweig.macos.launchdaemons.ensure-single-filevault-user'
local serviceName='de.astzweig.macos.launchdaemons.set-filevault-users'
local launchDaemonPath="/Library/LaunchDaemons/${serviceName}.plist"
[[ -f ${launchDaemonPath} ]] || indicateActivity -- 'Create Launch Daemon' createLaunchDaemon
indicateActivity -- 'Enable Launch Daemon' enableLaunchDaemon