I've got this following bash script, in witch for every user loggend in a mac i will check if the secure token status is set to enabled. Then I will count, with grep -ic command, how many time the word enable is present. Then, if the word enable is not equal to 0 I will print the username and the word enabled otherwise disable. This is the output i've got:
luigiMac
martaMac
provamacmarco:Disabled
This is the script:
#!/usr/bin/env zsh
result=""
enabled="Enabled"
disabled="Disabled"
users=$(dscl . -list /Users | grep -v -e '_' -e root -e nobody -e daemon)
for item_ in "${users[@]}"; do
newUsers =("$item_")
#echo $newUsers
done
for i in "${newUsers[@]}";do
#echo $i[4]
tokenStatus =$(sysadminctl -adminUser "" -adminPassword "" -secureTokenStatus "$i" 2>&1 | grep -ic "enabled")
print $tokenStatus
if [[ "${tokenStatus[@]}" -ne 0 ]]
then
result="${i}:${enabled}"
echo "${result}"
else
result="${i}:${disabled}"
echo "${result}"
fi
done
#echo "${result}"
I don't understand why the script doesn't print enable or disable for the other username.
CodePudding user response:
I'm no zsh
expert but IMO you're doing a lot of unnecessary things in your script; you could somewhat simplify it to:
dscl . -list /Users |
grep -vE -e '^_' -e '^(root|daemon|nobody)$' |
while IFS=$'\n' read -r user
do
if sysadminctl ... -secureTokenStatus "$user" 2>&1 |
grep -q 'ENABLED'
then
result=Enabled
else
result=Disabled
fi
printf '%s:%s\n' "$user" "$result"
done