cookbook 'privacy_services_manager', '= 1.1.0', :supermarket
privacy_services_manager (6) Versions 1.1.0 Follow0
Configures Mac OS X Accessibility, Calendar, Contacts, iCloud, Location Services and Reminders
cookbook 'privacy_services_manager', '= 1.1.0'
knife supermarket install privacy_services_manager
knife supermarket download privacy_services_manager
Privacy Services Manager Cookbook
Configures Mac OS X Accessibility, Calendar, Contacts, iCloud, Location Services and Reminders using University of Utah, Marriott Library, Apple Support's privacy_services_manager.
- Chef 11+
- Mac OS X 10.8+
This cookbook wraps University of Utah, Marriott Library, Apple Support's
Please read their documentation thoroughly before using this cookbook.
There are four actions available:
addCreates an entry for the specified application and enable the application for the service.
enableEffectively just calls
add, ensuring that the application has been added and enabled.
removeDeletes the application's entry within the service. There will no longer be a record of that application therein.
disableLeaves the application's record intact, but will disallow the application from utilizing the given service.
servicesThere are six services that can be modified:
accessibilitydeals with behind-the-scenes systems that Apple believes require extra privileges to enable. Applications that interface with your computer experience, such as BetterSnapTool or the Steam in-game overlay, require access through this service. These privileges must be granted by a privileged user via sudo.
calendaris the service responsible for allowing applications to inject events into your calendar. This can be used to schedule recurring events, among other things.
contactshandles requests to access a user's address book. Many web browsers use this to store login information for various websites. This service is handled on a per-user basis, so any user has the ability to modify this service for themselves.
icloudmanages access to a user's iCloud storage and settings. Examples would be any text editing application that is able to save to your iCloud, such as TextEdit or iA Writer. Because of the nature of this request (access to a user's personal files and settings).
locationmanages any application that desires to report on your physical location. Apple's own Maps application will request access to this, as well as web browsers once you visit a website that asks for your location (such as Google Maps).
remindersgives an application the ability to access your Reminders (which are usually handled manually via the Reminders application).
templateModify privacy services for Apple's User Template. Only applies to certain services.
forcerootForce the script to allow the creation/modification of the root user's own TCC database file.
no_check_binEnable administrative override for binaries.
log_destRedirect logging to the specified file.
userModify privacy services for a specific user named "user".
languageWhen changing privacy services for the Apple's User Template, modify the lang template. (Apple provides many User Template folder for different languages.)
language flags only affect those services which use the TCC system, i.e.
accessibility. Providing these options for Location Services will have no effect.
Add an application to your own contacts service permissions
Most web browsers will ask you for permission to look at your contacts.
Let's add Safari as a trusted application for vagrant user:
privacy_services_manager 'grant safari access to contacts' do service 'contacts' user 'vagrant' applications ['com.apple.Safari'] action :add end
Add an application to the global location service permissions
For this part of the walkthrough we will be adding Apple's Maps application to Location Services, but know that the process is the same for Accessibility.
First, because Location Services is handled a bit differently under-the-hood, we have to enable the system globally.
privacy_services_manager 'enable location services globally' do service 'location' action :enable end
Now we will add Maps to the database. To do this, simply do:
privacy_services_manager 'add location services for maps' do service 'location' applications ['maps'] action :add end
This cookbook includes a custom ChefSpec matcher you can use to test your own cookbooks.
Example Matcher Usage
expect(chef_run).to add_privacy_services_manager('grant safari access to contacts').with( service: 'contacts', user: 'vagrant', applications: ['com.apple.Safari'])
- Ask specific questions on Stack Overflow.
- Report bugs and discuss potential features in Github issues.
Please refer to CONTRIBUTING.
MIT - see the accompanying LICENSE file for details.
|dmg ~> 2.2|
- Fix #3 Updates to the administrative override
- Fix #2 Users Application Support directory gets set with root permissions
- Fix #1 ERROR: AttributeError: 'module' object has no attribute 'abspah'
- BID not updating tccdb
- Initial release
1.1.0 passed this metric
1.1.0 passed this metric