Skip to content

Commit

Permalink
2.1.1 Bluetooth
Browse files Browse the repository at this point in the history
first draft for disabling bluetooth conditionals
  • Loading branch information
krispayne committed Feb 2, 2016
1 parent bd0af1c commit 40ea1b8
Showing 1 changed file with 47 additions and 30 deletions.
77 changes: 47 additions & 30 deletions ElCapitan_CIS.sh
Original file line number Diff line number Diff line change
Expand Up @@ -68,40 +68,57 @@ softwareUpdates() {
systemPreferences() {

echo 2 System Preferences

# 2.1.1 Disable Bluetooth, if no paired devices exist (Scored)
/usr/bin/defaults write /Library/Preferences/com.apple.Bluetooth ControllerPowerState -int 0

# 2.1.2 Disable Bluetooth "Discoverable" mode when not pairing devices (Scored)
# uuid=`/usr/sbin/system_profiler SPHardwareDataType | grep "Hardware UUID" | cut -c22-57`
# /usr/bin/defaults write /Users/$@/Library/Preferences/ByHost/com.apple.Bluetooth.$uuid DiscoverableState -bool no
# /usr/sbin/chown $@ /Users/$@/Library/Preferences/ByHost/com.apple.Bluetooth.$uuid.plist
# Stolen from http://krypted.com/mac-security/disabling-bluetooth-discoverable-mode/
# Need to test.

# 2.1.3 Show Bluetooth status in menu bar (Scored)
/usr/bin/defaults write com.apple.systemuiserver menuExtras -array-add "/System/Library/CoreServices/Menu Extras/Bluetooth.menu"

# 2.2.1 Enable "Set time and date automatically" (Scored)
if [ `/usr/sbin/systemsetup -getusingnetworktime | awk '{ print $3 }'` = "On" ]; then
echo NetworkTime already on. Ensuring server is time.apple.com

if [ `/usr/sbin/systemsetup -getnetworktimeserver | awk '{ print $4 }'` = "time.apple.com" ]; then
echo NetworkTime is set and is set to time.apple.com
echo 2.1 Bluetooth
# 2.1 Bluetooth

# 2.1.1 Turn off Bluetooth, if no paired devices exist (Scored)
if [ `/usr/bin/defaults read /Library/Preferences/com.apple.Bluetooth ControllerPowerState` = "1" ]; then
echo Bluetooth ControllerPowerState is 1

if [ `system_profiler | grep "Bluetooth:" -A 20 | grep Connectable` = "Connectable: Yes"]; then
echo Bluetooth ControllerPowerState is 1 and there are paired devices
elif [ `system_profiler | grep "Bluetooth:" -A 20 | grep Connectable` = "Connectable: No" ]; then
echo Bluetooth ControllerPowerState is 1 and there are no paired devices. Turning off Bluetooth.
/usr/bin/defaults write /Library/Preferences/com.apple.Bluetooth ControllerPowerState -int 0
fi

elif [ `/usr/bin/defaults read /Library/Preferences/com.apple.Bluetooth ControllerPowerState` = "0" ]; then
echo Bluetooth ControllerPowerState is 0
else
/usr/bin/defaults write /Library/Preferences/com.apple.Bluetooth ControllerPowerState -int 0
fi

else
if [ ! -e /etc/ntp.conf ]; then
echo Create /etc/ntp.conf
/usr/bin/touch /etc/ntp.conf
fi
# 2.1.2 Disable Bluetooth "Discoverable" mode when not pairing devices (Scored)
# uuid=`/usr/sbin/system_profiler SPHardwareDataType | grep "Hardware UUID" | cut -c22-57`
# /usr/bin/defaults write /Users/$@/Library/Preferences/ByHost/com.apple.Bluetooth.$uuid DiscoverableState -bool no
# /usr/sbin/chown $@ /Users/$@/Library/Preferences/ByHost/com.apple.Bluetooth.$uuid.plist
# Stolen from http://krypted.com/mac-security/disabling-bluetooth-discoverable-mode/
# Need to test.

# 2.1.3 Show Bluetooth status in menu bar (Scored)
/usr/bin/defaults write com.apple.systemuiserver menuExtras -array-add "/System/Library/CoreServices/Menu Extras/Bluetooth.menu"

echo Set NetworkTime to time.apple.com
/usr/sbin/systemsetup -setnetworktimeserver time.apple.com
echo Ensure it is on
/usr/sbin/systemsetup -setusingnetworktime on

fi
# 2.2.1 Enable "Set time and date automatically" (Scored)
if [ `/usr/sbin/systemsetup -getusingnetworktime | awk '{ print $3 }'` = "On" ]; then
echo NetworkTime already on. Ensuring server is time.apple.com

if [ `/usr/sbin/systemsetup -getnetworktimeserver | awk '{ print $4 }'` = "time.apple.com" ]; then
echo NetworkTime is set and is set to time.apple.com
fi

else
if [ ! -e /etc/ntp.conf ]; then
echo Create /etc/ntp.conf
/usr/bin/touch /etc/ntp.conf
fi

echo Set NetworkTime to time.apple.com
/usr/sbin/systemsetup -setnetworktimeserver time.apple.com
echo Ensure it is on
/usr/sbin/systemsetup -setusingnetworktime on

fi

# 2.3.1 Set an inactivity interval of 20 minutes or less for the screen saver (Scored)
/usr/bin/defaults -currentHost write com.apple.screensaver idleTime 600
Expand Down

0 comments on commit 40ea1b8

Please sign in to comment.