midore's blog: OS X 10.9.2: 00-first

# 00-first.sh

#!/bin/bash
# 00-first.sh
# OS X 10.9.2
#
#---------------------------------------------------------------------
# change mode share folder
#---------------------------------------------------------------------
chmod 0 ~/Public/Drop\ Box/ ~/Public/
chmod 700 $HOME

#---------------------------------------------------------------------
# airplay, cupsd, netbiosd
#---------------------------------------------------------------------
# AirPlay
launchctl unload -w /System/Library/LaunchAgents/com.apple.AirPlayUIAgent.plist
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.AirPlayXPCHelper.plist
# Cupsd
sudo launchctl unload -w /System/Library/LaunchDaemons/org.cups.cupsd.plist
# Netbios
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.netbiosd.plist

## AirDrop
# OS X 10.9.2: Disable AirDrop
# http://midorex.blogspot.com/2014/03/os-x-1092-disable-airdrop.html

#---------------------------------------------------------------------
# ipv6 OFF all Interfaces
#---------------------------------------------------------------------
sudo networksetup -setv6off "Thunderbolt Bridge"
sudo networksetup -setv6off "Thunderbolt 1"
sudo networksetup -setv6off 'USB Ethernet'
sudo networksetup -setv6off "Wi-Fi"
# sudo networksetup -setv6off "Bluetooth DUN"

#---------------------------------------------------------------------
# Computer Name
#---------------------------------------------------------------------
# cname='mycomputername'
# sudo systemsetup -setcomputername $cname
# sudo systemsetup -getcomputername

#---------------------------------------------------------------------
# Netbios Name
#---------------------------------------------------------------------
# nbname='mybiosname'
# sudo scutil --set LocalHostName $nbname
# sudo scutil --get LocalHostName

cat /Library/Preferences/SystemConfiguration/com.apple.smb.server.plist

#---------------------------------------------------------------------
# input Volume
#---------------------------------------------------------------------
sudo osascript -e "set volume input volume 0"

#---------------------------------------------------------------------
# root
#---------------------------------------------------------------------
## sudo rm -rf /var/root/Library/
## sudo chmod 0 /private/var/root

#---------------------------------------------------------------------
# Spotright off
#---------------------------------------------------------------------
sudo mdutil -a -E -i off /

# Enable or disable Spotlight in Mac OS X
# http://kristerlaag.tumblr.com/post/69885371103/enable-or-disable-spotlight-in-mac-os-x
sudo touch /.metadata_never_index

#---------------------------------------------------------------------
# fseventsd
#---------------------------------------------------------------------
sudo chmod 755 /.fseventsd/
cd /.fseventsd/
sudo rm -rf 0000*
sudo touch /.fseventsd/no_log
# 2014-03-12
sudo chmod 644 /.fseventsd/no_log

sudo chmod 700 /.fseventsd/
sudo ls -la /.fseventsd/

#---------------------------------------------------------------------
# Other Directory
#---------------------------------------------------------------------
## path to /Volumes/not-system-root-volumes
# vo=/Volumes/path

# sudo chmod 755 $vo/.fseventsd/
# cd $vo/.fseventsd/
# sudo rm -rf 0000*
# sudo touch $vo/.fseventsd/no_log
# 2014-03-12
# sudo chmod 644 $vo/.fseventsd/no_log

# sudo chmod 700 $vo/.fseventsd/
# sudo ls -la $vo/.fseventsd/

#---------------------------------------------------------------------
# memory
#---------------------------------------------------------------------
sudo nvram security-mode="full"
sudo nvram -x -p

#---------------------------------------------------------------------
# Pmset
#---------------------------------------------------------------------
# sudo srm -rf /private/var/vm/sleepimage 
sudo pmset -a sleep 0
sudo pmset -a womp 0
sudo pmset -a autorestart 0
sudo pmset -a hibernatemode 0
# sudo pmset -a disksleep 1
# sudo pmset -a ttyskeepawake 0

#---------------------------------------------------------------------
# softwareupdate
#---------------------------------------------------------------------
### sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate catalogURL http://swupdate.apple.com:8088/index-leopard-snowleopard.merged-1.suctalog
sudo softwareupdate --schedule off
#=>Automatic check is off

#---------------------------------------------------------------------
# sshd off
#---------------------------------------------------------------------
# $ man systemsetup
# Displays whether remote login (SSH) is on or off.
sudo systemsetup -f -setremotelogin off
sudo systemsetup -getremotelogin
# =>
# Remote Login: Off

# 参考にしたところ
Mac OS X Security Configuration Guides
http://www.apple.com/support/security/guides/

# 2014-03-01 追記
Enable or disable Spotlight in Mac OS X
http://kristerlaag.tumblr.com/post/69885371103/enable-or-disable-spotlight-in-mac-os-x
Enable or disable Spotlight in Mac OS X

# 2014-03-07
# 公開日時の訂正
http://midorex.blogspot.com/2014/03/published-date.html

# 2014-03-12
# added
sudo chmod 644 /.fseventsd/no_log

midore's blog

2014/03/01

OS X 10.9.2: 00-first

0 件のコメント: