1 files changed, 29 insertions, 0 deletions

diff --git a/osx/scripts/postinstall.in b/osx/scripts/postinstall.in
new file mode 100755
index 0000000..9a21e74
--- /dev/null
+++ b/osx/scripts/postinstall.in
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+set -e
+
+user="@PRIVSEP_USER@"
+group="@PRIVSEP_GROUP@"
+
+dscl=/usr/bin/dscl
+$dscl . -read "/Users/${user}" &> /dev/null || {
+    # We need to find a free UID/GID
+    uid=200
+    while $($dscl . -list /Users uid | grep -q "\b${uid}$") || \
+        $($dscl . -list /Groups gid | grep -q "\b${uid}$"); do
+        uid=$((${uid} + 1))
+    done
+    $dscl . -create /Groups/${group}
+    $dscl . -create /Groups/${group} PrimaryGroupID ${uid}
+    $dscl . -create /Groups/${group} Password "*"
+    $dscl . -create /Groups/${group} RealName "lldpd privilege separation group"
+    $dscl . -create /Users/${user}
+    $dscl . -create /Users/${user} UserShell /usr/bin/false
+    $dscl . -create /Users/${user} NFSHomeDirectory /var/empty
+    $dscl . -create /Users/${user} PrimaryGroupID ${uid}
+    $dscl . -create /Users/${user} UniqueID ${uid}
+    $dscl . -create /Users/${user} Password "*"
+    $dscl . -create /Users/${user} RealName "lldpd privilege separation user"
+}
+
+/bin/launchctl load "/Library/LaunchDaemons/im.bernat.lldpd.plist"