Index: build/cackey_osx_build/Template_pmbuild/scripts/04pkcs11tokend-post.sh ================================================================== --- build/cackey_osx_build/Template_pmbuild/scripts/04pkcs11tokend-post.sh +++ build/cackey_osx_build/Template_pmbuild/scripts/04pkcs11tokend-post.sh @@ -1,8 +1,46 @@ #!/bin/bash chmod -R go+rX /Library/Security/tokend/PKCS11.tokend chown -R root:wheel /Library/Security/tokend/PKCS11.tokend + +# Write Out Uninstaller (For our users' convenience) +cat << 'EOF' >> /usr/local/bin/cackey_osx_uninstall.sh +#!/bin/bash +# Script to remove current and previous releases of CACKey from Mac OS X + +if [ "`whoami`" != "root" ]; then + echo "Please rerun this script with sudo or directly as root." + exit 1 +fi + +# Remove Directories and Files +echo "Removing CACKey-related files and directories, if they exist..." +rm -rf /usr/lib/pkcs11/*cackey* +rm -rf /usr/local/lib/pkcs11/*cackey* +rm -rf /Library/CACKey +rm -rf /System/Library/Security/tokend/PKCS11.tokend +rm -rf /Library/Security/tokend/PKCS11.tokend + +# Forget about packages installed +echo "Removing saved Mac OS X package information for CACKey..." +for package in `pkgutil --pkgs | grep -i CACKey`; do + pkgutil --forget ${package} +done + +# If on Sierra or newer, reenable the pivtoken CryptoTokenKit +echo "Reenabling the builtin pivtoken CryptoTokenKit..." +if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then + defaults delete /Library/Preferences/com.apple.security.smartcard + security smartcards token -e com.apple.CryptoTokenKit.pivtoken +fi + +# Remove myself +rm -f /usr/local/bin/cackey_osx_uninstall.sh +EOF + +chown root:wheel /usr/local/bin/cackey_osx_uninstall.sh +chmod 755 /usr/local/bin/cackey_osx_uninstall.sh # If on Sierra or newer, disable the pivtoken CryptoTokenKit if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then security smartcards token -d com.apple.CryptoTokenKit.pivtoken defaults write /Library/Preferences/com.apple.security.smartcard DisabledTokens -array com.apple.CryptoTokenKit.pivtoken Index: build/cackey_osx_build/build_osx.sh ================================================================== --- build/cackey_osx_build/build_osx.sh +++ build/cackey_osx_build/build_osx.sh @@ -146,11 +146,11 @@ if [ "${LIONBUILD}" = 1 ]; then TAR=gnutar else TAR=tar fi - TOKENDSHA256="800a1d307df4117b2096a824dfc7ccca1ebecb5caf5fa98c1e531ac6f6b672a0" + TOKENDSHA256="f4a27bcec02effc39f1bc9a6dc7943b8c1c3e570431782a874a1082bb1332ef3" curl http://devel.kvanals.org/PKCS11_Tokend/PKCS11_tokend-latest.tar.gz > PKCS11_tokend-latest.tar.gz if [ "${TOKENDSHA256}" != "`shasum -a 256 PKCS11_tokend-latest.tar.gz | awk '{print $1}'`" ]; then echo "SHA-256 Checksum does NOT match for TokenD! Verify there was a new upstream release and update the build script!" rm -f PKCS11_tokend-latest.tar.gz exit 1 DELETED build/cackey_osx_build/cackey_osx_uninstall.sh Index: build/cackey_osx_build/cackey_osx_uninstall.sh ================================================================== --- build/cackey_osx_build/cackey_osx_uninstall.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Script to remove current and previous releases of CACKey from Mac OS X - -if [ "`whoami`" != "root" ]; then - echo "Please rerun this script with sudo or directly as root." - exit 1 -fi - -# Remove Directories and Files -echo "Removing CACKey-related files and directories, if they exist..." -rm -rf /usr/lib/pkcs11/*cackey* -rm -rf /usr/local/lib/pkcs11/*cackey* -rm -rf /Library/CACKey -rm -rf /System/Library/Security/tokend/PKCS11.tokend -rm -rf /Library/Security/tokend/PKCS11.tokend - -# Forget about packages installed -echo "Removing saved Mac OS X package information for CACKey..." -for package in `pkgutil --pkgs | grep -i CACKey`; do - pkgutil --forget ${package} -done - -# If on Sierra or newer, reenable the pivtoken CryptoTokenKit -echo "Reenabling the builtin pivtoken CryptoTokenKit..." -if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then - security smartcards token -e com.apple.CryptoTokenKit.pivtoken - defaults delete /Library/Preferences/com.apple.security.smartcard DisabledTokens -array com.apple.CryptoTokenKit.pivtoken -fi