ISACLProtectedItems/KeychainItemsAclTest.sh

   1 #!/bin/sh
   2
   3 #  KechainItemsAclTest.sh
   4 #  Security
   5 #
   6 #  Created by Vratislav Kužela on 22/08/14.
   7 #
   8
   9 AGRP="testACL"
  10 SVCE="testACLService"
  11 OPERATION="create"
  12
  13 for i in $@; do
  14     if [[ "$i" =~ "agrp=" ]]; then
  15         AGRP=${i#*=}
  16     elif [[ "$i" =~ "svce=" ]]; then
  17         SVCE=${i#*=}
  18     elif [[ "$i" =~ "op=create" ]]; then
  19         OPERATION="create"
  20     elif [[ "$i" =~ "op=delete" ]]; then
  21         OPERATION="delete"
  22     fi
  23 done
  24
  25 if [ "$OPERATION" = "create" ]; then
  26 security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct1,accc="ak"
  27 security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct2,accc="ak;od:true;odel:true"
  28 security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct3,accc="ak;od:cpo(DeviceOwnerAuthentication);odel:true"
  29 security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct4,accc="akpu"
  30 security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct5,accc="akpu;od:true;odel:true"
  31 security item -a class=genp,svce=$SVCE,agrp=$AGRP,acct=acct6,accc="akpu;od:cpo(DeviceOwnerAuthentication);odel:true"
  32
  33 security item -a class=inet,agrp=$AGRP,acct=acct1,accc="ak"
  34 security item -a class=inet,agrp=$AGRP,acct=acct2,accc="ak;od:true;odel:true"
  35 security item -a class=inet,agrp=$AGRP,acct=acct3,accc="ak;od:cpo(DeviceOwnerAuthentication);odel:true"
  36 security item -a class=inet,agrp=$AGRP,acct=acct4,accc="akpu"
  37 security item -a class=inet,agrp=$AGRP,acct=acct5,accc="akpu;od:true;odel:true"
  38 security item -a class=inet,agrp=$AGRP,acct=acct6,accc="akpu;od:cpo(DeviceOwnerAuthentication);odel:true"
  39
  40 security item -a class=cert,agrp=$AGRP,slnr=slnr1,accc="ak"
  41 security item -a class=cert,agrp=$AGRP,slnr=slnr2,accc="ak;od:true;odel:true"
  42 security item -a class=cert,agrp=$AGRP,slnr=slnr3,accc="ak;od:cpo(DeviceOwnerAuthentication);odel:true"
  43 security item -a class=cert,agrp=$AGRP,slnr=slnr4,accc="akpu"
  44 security item -a class=cert,agrp=$AGRP,slnr=slnr5,accc="akpu;od:true;odel:true"
  45 security item -a class=cert,agrp=$AGRP,slnr=slnr6,accc="akpu;od:cpo(DeviceOwnerAuthentication);odel:true"
  46
  47 security item -a class=keys,agrp=$AGRP,klbl=hash1,accc="ak"
  48 security item -a class=keys,agrp=$AGRP,klbl=hash2,accc="ak;od:true;odel:true"
  49 security item -a class=keys,agrp=$AGRP,klbl=hash3,accc="ak;od:cpo(DeviceOwnerAuthentication);odel:true"
  50 security item -a class=keys,agrp=$AGRP,klbl=hash4,accc="akpu"
  51 security item -a class=keys,agrp=$AGRP,klbl=hash5,accc="akpu;od:true;odel:true"
  52 security item -a class=keys,agrp=$AGRP,klbl=hash6,accc="akpu;od:cpo(DeviceOwnerAuthentication);odel:true"
  53
  54 elif [ "$OPERATION" = "delete" ]; then
  55
  56 security item -D class=genp,agrp=$AGRP
  57 security item -D class=inet,agrp=$AGRP
  58 security item -D class=cert,agrp=$AGRP
  59 security item -D class=keys,agrp=$AGRP
  60
  61 fi