41 lines
1.0 KiB
Bash
Executable File
41 lines
1.0 KiB
Bash
Executable File
#!/usr/bin/env zsh
|
|
# vi: set ft=zsh tw=80 ts=2
|
|
|
|
function main {
|
|
local username="$1"
|
|
|
|
function doesFilevaultUserExist() {
|
|
dscl . -list /Users | grep ${username} >&! /dev/null
|
|
}
|
|
|
|
function isFilevaultUserEnabled() {
|
|
fdesetup list | grep ${username} &> /dev/null
|
|
}
|
|
|
|
function isFilevaultEnabled() {
|
|
fdesetup status | grep On &> /dev/null
|
|
}
|
|
|
|
function allowOnlyFilevaultUserToUnlock() {
|
|
local fdeuser
|
|
for fdeuser in $(fdesetup list | cut -d',' -f1); do
|
|
[[ ${fdeuser} != ${username} && ${fdeuser} != "admin" ]] && fdesetup remove -user "${fdeuser}"
|
|
done
|
|
return 0
|
|
}
|
|
|
|
function disableUser() {
|
|
pwpolicy -u ${username} -disableuser
|
|
}
|
|
|
|
[[ $(id -un) == 'root' ]] || { lop -- -e 'This script needs to be run by root. Aborting.'; return }
|
|
isFilevaultEnabled || { lop -- -e 'FileVault is disabled. Aborting.'; return }
|
|
doesFilevaultUserExist && isFilevaultUserEnabled && allowOnlyFilevaultUserToUnlock && disableUser
|
|
}
|
|
|
|
if [[ "${ZSH_EVAL_CONTEXT}" == toplevel || "${ZSH_EVAL_CONTEXT}" == cmdarg ]]; then
|
|
_DIR="${0:A:h}"
|
|
source autoload-zshlib
|
|
main "$@"
|
|
fi
|