[apple/security.git] / ISACLProtectedItems / KeychainItemsAclTest.sh

#!/bin/sh

#  KechainItemsAclTest.sh
#  Security
#
#  Created by Vratislav Kužela on 22/08/14.
#

AGRP="testACL"
SVCE="testACLService"
OPERATION="create"

for i in $@; do
    if [[ "$i" =~ "agrp=" ]]; then
        AGRP=${i#*=}
    elif [[ "$i" =~ "svce=" ]]; then
        SVCE=${i#*=}
    elif [[ "$i" =~ "op=create" ]]; then
        OPERATION="create"
    elif [[ "$i" =~ "op=delete" ]]; then
        OPERATION="delete"
    fi
done

if [ "$OPERATION" = "create" ]; then
security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct1,accc="ak"
security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct2,accc="ak;od:true;odel:true"
security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct3,accc="ak;od:cpo(DeviceOwnerAuthentication);odel:true"
security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct4,accc="akpu"
security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct5,accc="akpu;od:true;odel:true"
security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct6,accc="akpu;od:cpo(DeviceOwnerAuthentication);odel:true"

security item -a class=inet,agrp=$AGRP,acct=acct1,accc="ak"
security item -a class=inet,agrp=$AGRP,acct=acct2,accc="ak;od:true;odel:true"
security item -a class=inet,agrp=$AGRP,acct=acct3,accc="ak;od:cpo(DeviceOwnerAuthentication);odel:true"
security item -a class=inet,agrp=$AGRP,acct=acct4,accc="akpu"
security item -a class=inet,agrp=$AGRP,acct=acct5,accc="akpu;od:true;odel:true"
security item -a class=inet,agrp=$AGRP,acct=acct6,accc="akpu;od:cpo(DeviceOwnerAuthentication);odel:true"

security item -a class=cert,agrp=$AGRP,slnr=slnr1,accc="ak"
security item -a class=cert,agrp=$AGRP,slnr=slnr2,accc="ak;od:true;odel:true"
security item -a class=cert,agrp=$AGRP,slnr=slnr3,accc="ak;od:cpo(DeviceOwnerAuthentication);odel:true"
security item -a class=cert,agrp=$AGRP,slnr=slnr4,accc="akpu"
security item -a class=cert,agrp=$AGRP,slnr=slnr5,accc="akpu;od:true;odel:true"
security item -a class=cert,agrp=$AGRP,slnr=slnr6,accc="akpu;od:cpo(DeviceOwnerAuthentication);odel:true"

security item -a class=keys,agrp=$AGRP,klbl=hash1,accc="ak"
security item -a class=keys,agrp=$AGRP,klbl=hash2,accc="ak;od:true;odel:true"
security item -a class=keys,agrp=$AGRP,klbl=hash3,accc="ak;od:cpo(DeviceOwnerAuthentication);odel:true"
security item -a class=keys,agrp=$AGRP,klbl=hash4,accc="akpu"
security item -a class=keys,agrp=$AGRP,klbl=hash5,accc="akpu;od:true;odel:true"
security item -a class=keys,agrp=$AGRP,klbl=hash6,accc="akpu;od:cpo(DeviceOwnerAuthentication);odel:true"

elif [ "$OPERATION" = "delete" ]; then

security item -D class=genp,agrp=$AGRP
security item -D class=inet,agrp=$AGRP
security item -D class=cert,agrp=$AGRP
security item -D class=keys,agrp=$AGRP

fi
Commit	Line	Data
5c19dc3a A	1	#!/bin/sh
	2
	3	# KechainItemsAclTest.sh
	4	# Security
	5	#
	6	# Created by Vratislav Kužela on 22/08/14.
	7	#
	8
	9	AGRP="testACL"
	10	SVCE="testACLService"
	11	OPERATION="create"
	12
	13	for i in $@; do
	14	if [[ "$i" =~ "agrp=" ]]; then
	15	AGRP=${i#*=}
	16	elif [[ "$i" =~ "svce=" ]]; then
	17	SVCE=${i#*=}
	18	elif [[ "$i" =~ "op=create" ]]; then
	19	OPERATION="create"
	20	elif [[ "$i" =~ "op=delete" ]]; then
	21	OPERATION="delete"
	22	fi
	23	done
	24
	25	if [ "$OPERATION" = "create" ]; then
	26	security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct1,accc="ak"
	27	security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct2,accc="ak;od:true;odel:true"
	28	security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct3,accc="ak;od:cpo(DeviceOwnerAuthentication);odel:true"
	29	security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct4,accc="akpu"
	30	security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct5,accc="akpu;od:true;odel:true"
	31	security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct6,accc="akpu;od:cpo(DeviceOwnerAuthentication);odel:true"
	32
	33	security item -a class=inet,agrp=$AGRP,acct=acct1,accc="ak"
	34	security item -a class=inet,agrp=$AGRP,acct=acct2,accc="ak;od:true;odel:true"
	35	security item -a class=inet,agrp=$AGRP,acct=acct3,accc="ak;od:cpo(DeviceOwnerAuthentication);odel:true"
	36	security item -a class=inet,agrp=$AGRP,acct=acct4,accc="akpu"
	37	security item -a class=inet,agrp=$AGRP,acct=acct5,accc="akpu;od:true;odel:true"
	38	security item -a class=inet,agrp=$AGRP,acct=acct6,accc="akpu;od:cpo(DeviceOwnerAuthentication);odel:true"
	39
	40	security item -a class=cert,agrp=$AGRP,slnr=slnr1,accc="ak"
	41	security item -a class=cert,agrp=$AGRP,slnr=slnr2,accc="ak;od:true;odel:true"
	42	security item -a class=cert,agrp=$AGRP,slnr=slnr3,accc="ak;od:cpo(DeviceOwnerAuthentication);odel:true"
	43	security item -a class=cert,agrp=$AGRP,slnr=slnr4,accc="akpu"
	44	security item -a class=cert,agrp=$AGRP,slnr=slnr5,accc="akpu;od:true;odel:true"
	45	security item -a class=cert,agrp=$AGRP,slnr=slnr6,accc="akpu;od:cpo(DeviceOwnerAuthentication);odel:true"
	46
	47	security item -a class=keys,agrp=$AGRP,klbl=hash1,accc="ak"
	48	security item -a class=keys,agrp=$AGRP,klbl=hash2,accc="ak;od:true;odel:true"
	49	security item -a class=keys,agrp=$AGRP,klbl=hash3,accc="ak;od:cpo(DeviceOwnerAuthentication);odel:true"
	50	security item -a class=keys,agrp=$AGRP,klbl=hash4,accc="akpu"
	51	security item -a class=keys,agrp=$AGRP,klbl=hash5,accc="akpu;od:true;odel:true"
	52	security item -a class=keys,agrp=$AGRP,klbl=hash6,accc="akpu;od:cpo(DeviceOwnerAuthentication);odel:true"
	53
	54	elif [ "$OPERATION" = "delete" ]; then
	55
	56	security item -D class=genp,agrp=$AGRP
	57	security item -D class=inet,agrp=$AGRP
	58	security item -D class=cert,agrp=$AGRP
	59	security item -D class=keys,agrp=$AGRP
	60
	61	fi