X-Git-Url: https://git.slaskete.net/einar-bin/blobdiff_plain/c78d6c54b80fd639fd6cb1f679aeebe11e2d9ff8..ed9a9b728dddc3157fd86f95364b94237dd3b203:/addfollowmeprint.sh diff --git a/addfollowmeprint.sh b/addfollowmeprint.sh index 3807927..f50b1d0 100755 --- a/addfollowmeprint.sh +++ b/addfollowmeprint.sh @@ -224,9 +224,9 @@ echo "This script will add a new printer called ${QueueName}, connecting to the print server ${PrintServer} using your user name and password from NTNU." # Get username and password -printf "User name: " +printf "NTNU User name: " read -r Username -printf "Password: " +printf "NTNU Password: " Settings=$(stty -g) stty -echo read -r Password @@ -313,18 +313,24 @@ if [ "${Uname}" = "darwin" ]; then exit 1 fi - sudo cupsenable "${QueueName}" - sudo cupsaccept "${QueueName}" - # Add credentials to the keychain if they are missing # Shamelessly stolen^W^WBorrowed from https://github.com/Orakeltjenesten/scripts/blob/33abfb353524f449f0bbdee27adb2f1f0a9756a2/print/ntnuprint-mac.sh - # TODO: Since we should have a known-good username and password at this stage it's unwise to re-use the existing credentials, can we simply drop the test? - if ! security find-internet-password -s ${PrintServer} >/dev/null 2>&1; then - security -v add-internet-password -a "${Workgroup}\\${Username}" -s ${PrintServer} \ - -w "${Password}" -D "Network Password" -r "smb " -l "${QueueName}" \ - -T /System/Library/CoreServices/NetAuthAgent.app -T 'group://NetAuth' \ - -T /System/Library/CoreServices/NetAuthAgent.app/Contents/MacOS/NetAuthSysAgent >/dev/null 2>&1 + security -v add-internet-password -U -a "${Workgroup}\\${Username}" -s "${PrintServer}" \ + -w "${Password}" -D "Network Password" -r "smb " -l "${QueueName}" \ + -T /System/Library/CoreServices/NetAuthAgent.app -T 'group://NetAuth' \ + -T /System/Library/CoreServices/NetAuthAgent.app/Contents/MacOS/NetAuthSysAgent >/dev/null 2>&1 + + # Make sure the password has the correct ACL ref https://mostlikelee.com/blog-1/2017/9/16/scripting-the-macos-keychain-partition-ids + OS_Min_Vers=$(sw_vers | grep ProductVersion | awk '{print $2}' | cut -d "." -f2) + if [ "${OS_Min_Vers}" -ge 12 ]; then + echo -e "\nNOTE: You need to provide your local Mac password again here in order to give the printing system access to your credentials.\n" + security set-internet-password-partition-list -S "apple-tool:,apple:" -s "${PrintServer}" > /dev/null fi + + sudo cupsenable "${QueueName}" + sudo cupsaccept "${QueueName}" + sudo launchctl stop org.cups.cupsd + sudo launchctl start org.cups.cupsd fi # Set correct paper size and enable the duplexer option