From c5c8e6578f5089ef43b6b92a0cad71cd3eb17432 Mon Sep 17 00:00:00 2001
From: Tim Deeb-Swihart <tim@deebswih.art>
Date: Fri, 15 Mar 2019 16:29:15 -0400
Subject: [PATCH] Add script for creating service users on macos

---
 bin/add-system-user.sh | 49 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100755 bin/add-system-user.sh

diff --git a/bin/add-system-user.sh b/bin/add-system-user.sh
new file mode 100755
index 0000000..24f7ee9
--- /dev/null
+++ b/bin/add-system-user.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+if (( $(id -u) )) ; then
+    echo "This script needs to run as root"
+    exit 1
+fi
+
+if [[ -z "$1" ]] ; then
+    echo "Usage: $(basename $0) [username] [realname (optional)]"
+    exit 1
+fi
+
+username=$1
+realname="${2:-$username}"
+
+echo "Adding daemon user $username with real name \"$realname\""
+
+for (( uid = 500;; --uid )) ; do
+    if ! id -u $uid &>/dev/null; then
+        if ! dscl /Local/Default -ls Groups gid | grep -q [^0-9]$uid\$ ; then
+          dscl /Local/Default -create Groups/_$username
+          dscl /Local/Default -create Groups/_$username Password \*
+          dscl /Local/Default -create Groups/_$username PrimaryGroupID $uid
+          dscl /Local/Default -create Groups/_$username RealName "$realname"
+          dscl /Local/Default -create Groups/_$username RecordName _$username $username
+
+          dscl /Local/Default -create Users/_$username
+          dscl /Local/Default -create Users/_$username NFSHomeDirectory /var/empty
+          dscl /Local/Default -create Users/_$username Password \*
+          dscl /Local/Default -create Users/_$username PrimaryGroupID $uid
+          dscl /Local/Default -create Users/_$username RealName "$realname"
+          dscl /Local/Default -create Users/_$username RecordName _$username $username
+          dscl /Local/Default -create Users/_$username UniqueID $uid
+          dscl /Local/Default -create Users/_$username UserShell /usr/bin/false
+
+          dscl /Local/Default -delete /Users/_$username AuthenticationAuthority
+          dscl /Local/Default -delete /Users/_$username PasswordPolicyOptions
+          break
+        fi
+    fi
+done
+
+echo -e "Created system user $username (uid/gid $uid):\n"
+
+dscl /Local/Default -read Users/_$username
+
+echo -e "\nYou can undo the creation of this user by issuing the following commands:\n"
+echo "sudo dscl /Local/Default -delete Users/_$username"
+echo "sudo dscl /Local/Default -delete Groups/_$username"
\ No newline at end of file