523 lines
28 KiB
YAML
523 lines
28 KiB
YAML
# Structure documented in "docs/collections.md"
|
|
os: macos
|
|
scripting:
|
|
language: shellscript
|
|
startCode: |-
|
|
#!/usr/bin/env bash
|
|
# {{ $homepage }} — v{{ $version }} — {{ $date }}
|
|
if [ "$EUID" -ne 0 ]; then
|
|
script_path=$([[ "$0" = /* ]] && echo "$0" || echo "$PWD/${0#./}")
|
|
sudo "$script_path" || (
|
|
echo 'Administrator privileges are required.'
|
|
exit 1
|
|
)
|
|
exit 0
|
|
fi
|
|
endCode: |-
|
|
echo 'Your privacy and security is now hardened 🎉💪'
|
|
echo 'Press any key to exit.'
|
|
read -n 1 -s
|
|
actions:
|
|
-
|
|
category: Privacy cleanup
|
|
children:
|
|
-
|
|
category: Clear terminal history
|
|
children:
|
|
-
|
|
name: Clear bash history
|
|
recommend: standard
|
|
code: rm -f ~/.bash_history
|
|
-
|
|
name: Clear zsh history
|
|
recommend: standard
|
|
code: rm -f ~/.zsh_history
|
|
-
|
|
name: Clear CUPS printer job cache
|
|
recommend: strict
|
|
code: |-
|
|
sudo rm -rfv /var/spool/cups/c0*
|
|
sudo rm -rfv /var/spool/cups/tmp/*
|
|
sudo rm -rfv /var/spool/cups/cache/job.cache*
|
|
-
|
|
name: Empty trash on all volumes
|
|
recommend: strict
|
|
code: |-
|
|
# on all mounted volumes
|
|
sudo rm -rfv /Volumes/*/.Trashes/* &>/dev/null
|
|
# on main HDD
|
|
sudo rm -rfv ~/.Trash/* &>/dev/null
|
|
-
|
|
name: Clear system cache files
|
|
recommend: strict
|
|
code: |-
|
|
sudo rm -rfv /Library/Caches/* &>/dev/null
|
|
sudo rm -rfv /System/Library/Caches/* &>/dev/null
|
|
sudo rm -rfv ~/Library/Caches/* &>/dev/null
|
|
-
|
|
name: Clear system log files
|
|
recommend: strict
|
|
code: |-
|
|
sudo rm -rfv /private/var/log/asl/*.asl &>/dev/null
|
|
sudo rm -rfv /Library/Logs/DiagnosticReports/* &>/dev/null
|
|
sudo rm -rfv /Library/Logs/Adobe/* &>/dev/null
|
|
rm -rfv ~/Library/Containers/com.apple.mail/Data/Library/Logs/Mail/* &>/dev/null
|
|
rm -rfv ~/Library/Logs/CoreSimulator/* &>/dev/null
|
|
sudo rm -rfv /var/log/*
|
|
-
|
|
category: Clear browser history
|
|
children:
|
|
-
|
|
category: Clear Google Chrome history
|
|
children:
|
|
-
|
|
name: Clear Google Chrome browsing history
|
|
code: |-
|
|
rm -rfv ~/Library/Application\ Support/Google/Chrome/Default/History &>/dev/null
|
|
rm -rfv ~/Library/Application\ Support/Google/Chrome/Default/History-journal &>/dev/null
|
|
-
|
|
name: Google Chrome Cache Files
|
|
code: sudo rm -rfv ~/Library/Application\ Support/Google/Chrome/Default/Application\ Cache/* &>/dev/null
|
|
-
|
|
category: Clear Safari history
|
|
children:
|
|
-
|
|
name: Clear Safari browsing history
|
|
code: |-
|
|
rm -f ~/Library/Safari/History.plist
|
|
rm -f ~/Library/Safari/HistoryIndex.sk
|
|
-
|
|
name: Clear Safari downloads history
|
|
code: rm -f ~/Library/Safari/Downloads.plist
|
|
-
|
|
name: Clear Safari top sites
|
|
code: rm -f ~/Library/Safari/TopSites.plist
|
|
-
|
|
name: Clear Safari last session history
|
|
code: rm -f ~/Library/Safari/LastSession.plist
|
|
-
|
|
name: Clear Safari caches
|
|
code: |-
|
|
rm -f ~/Library/Caches/com.apple.Safari/Cache.db
|
|
rm -f ~/Library/Safari/WebpageIcons.db
|
|
rm -rf ~/Library/Caches/com.apple.Safari/Webpage Previews
|
|
-
|
|
name: Clear copy of the Safari history
|
|
code: rm -rf ~/Library/Caches/Metadata/Safari/History
|
|
-
|
|
name: Clear search history embedded in Safari preferences
|
|
code: defaults write ~/Library/Preferences/com.apple.Safari RecentSearchStrings '( )'
|
|
-
|
|
name: Clear Safari cookies
|
|
code: rm -f ~/Library/Cookies/Cookies.plists
|
|
-
|
|
name: Clear Safari zoom level preferences per site
|
|
code: rm -f ~/Library/Safari/PerSiteZoomPreferences.plists
|
|
-
|
|
name: Clear URLs that are allowed to display notifications in Safari
|
|
code: rm -f ~/Library/Safari/UserNotificationPreferences.plist
|
|
-
|
|
name: Clear Safari per-site preferences for Downloads, Geolocation, PopUps, and Autoplays
|
|
code: rm -f ~/Library/Safari/PerSitePreferences.db
|
|
-
|
|
category: Clear Firefox history
|
|
children:
|
|
-
|
|
name: Clear Firefox cache
|
|
code: |-
|
|
sudo rm -rf ~/Library/Caches/Mozilla/
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/netpredictions.sqlite
|
|
-
|
|
name: Delete Firefox form history
|
|
code: |-
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/formhistory.sqlite
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/formhistory.dat
|
|
-
|
|
name: Delete Firefox site preferences
|
|
code: rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/content-prefs.sqlite
|
|
-
|
|
name: Delete Firefox session restore data (loads after the browser closes or crashes)
|
|
code: |-
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/sessionCheckpoints.json
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/sessionstore*.js*
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/sessionstore.bak*
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/sessionstore-backups/previous.js*
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/sessionstore-backups/recovery.js*
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/sessionstore-backups/recovery.bak*
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/sessionstore-backups/previous.bak*
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/sessionstore-backups/upgrade.js*-20*
|
|
-
|
|
name: Delete Firefox passwords
|
|
docs: http://kb.mozillazine.org/Password_Manager
|
|
code: |-
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/signons.txt
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/signons2.txt
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/signons3.txt
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/signons.sqlite
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/logins.json
|
|
-
|
|
name: Delete Firefox HTML5 cookies
|
|
code: rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/webappsstore.sqlite
|
|
-
|
|
name: Delete Firefox crash reports
|
|
code: |-
|
|
rm -rfv ~/Library/Application\ Support/Firefox/Crash\ Reports/
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/minidumps/*.dmp
|
|
-
|
|
name: Delete Firefox backup files
|
|
code: |-
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/bookmarkbackups/*.json
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/bookmarkbackups/*.jsonlz4
|
|
-
|
|
name: Delete Firefox cookies
|
|
code: |-
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/cookies.txt
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/cookies.sqlite
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/cookies.sqlite-shm
|
|
rm -fv ~/Library/Application\ Support/Firefox/Profiles/*/cookies.sqlite-wal
|
|
rm -rfv ~/Library/Application\ Support/Firefox/Profiles/*/storage/default/http*
|
|
-
|
|
category: Clear third party application data
|
|
children:
|
|
-
|
|
name: Clear Adobe cache
|
|
recommend: standard
|
|
code: sudo rm -rfv ~/Library/Application\ Support/Adobe/Common/Media\ Cache\ Files/* &>/dev/null
|
|
-
|
|
name: Clear Gradle cache
|
|
recommend: strict
|
|
code: |-
|
|
if [ -d "/Users/${HOST}/.gradle/caches" ]; then
|
|
rm -rfv ~/.gradle/caches/ &> /dev/null
|
|
fi
|
|
-
|
|
name: Clear Dropbox cache
|
|
recommend: standard
|
|
code: |-
|
|
if [ -d "/Users/${HOST}/Dropbox" ]; then
|
|
sudo rm -rfv ~/Dropbox/.dropbox.cache/* &>/dev/null
|
|
fi
|
|
-
|
|
name: Clear Google Drive file stream cache
|
|
recommend: standard
|
|
code: |-
|
|
killall "Google Drive File Stream"
|
|
rm -rfv ~/Library/Application\ Support/Google/DriveFS/[0-9a-zA-Z]*/content_cache &>/dev/null
|
|
-
|
|
name: Clear Composer cache
|
|
recommend: strict
|
|
code: |-
|
|
if type "composer" &> /dev/null; then
|
|
composer clearcache &> /dev/null
|
|
fi
|
|
-
|
|
name: Clear Homebrew cache
|
|
recommend: strict
|
|
code: |-
|
|
if type "brew" &>/dev/null; then
|
|
brew cleanup -s &>/dev/null
|
|
rm -rfv $(brew --cache) &>/dev/null
|
|
brew tap --repair &>/dev/null
|
|
fi
|
|
-
|
|
name: Clear any old versions of Ruby gems
|
|
recommend: strict
|
|
code: |-
|
|
if type "gem" &> /dev/null; then
|
|
gem cleanup &>/dev/null
|
|
fi
|
|
-
|
|
name: Clear Docker
|
|
recommend: strict
|
|
code: |-
|
|
if type "docker" &> /dev/null; then
|
|
docker system prune -af
|
|
fi
|
|
-
|
|
name: Clear Pyenv-VirtualEnv cache
|
|
recommend: strict
|
|
code: |-
|
|
if [ "$PYENV_VIRTUALENV_CACHE_PATH" ]; then
|
|
rm -rfv $PYENV_VIRTUALENV_CACHE_PATH &>/dev/null
|
|
fi
|
|
-
|
|
name: Clear NPM cache
|
|
recommend: strict
|
|
code: |-
|
|
if type "npm" &> /dev/null; then
|
|
npm cache clean --force
|
|
fi
|
|
-
|
|
name: Clear Yarn cache
|
|
recommend: strict
|
|
code: |-
|
|
if type "yarn" &> /dev/null; then
|
|
echo 'Cleanup Yarn Cache...'
|
|
yarn cache clean --force
|
|
fi
|
|
-
|
|
category: iOS Cleanup
|
|
children:
|
|
-
|
|
name: Clear iOS applications
|
|
recommend: strict
|
|
code: rm -rfv ~/Music/iTunes/iTunes\ Media/Mobile\ Applications/* &>/dev/null
|
|
-
|
|
name: Clear iOS photo caches
|
|
recommend: standard
|
|
code: rm -rf ~/Pictures/iPhoto\ Library/iPod\ Photo\ Cache/*
|
|
-
|
|
name: Remove iOS Device Backups
|
|
recommend: strict
|
|
code: rm -rfv ~/Library/Application\ Support/MobileSync/Backup/* &>/dev/null
|
|
-
|
|
name: Clear iOS Simulators
|
|
recommend: strict
|
|
code: |-
|
|
if type "xcrun" &>/dev/null; then
|
|
osascript -e 'tell application "com.apple.CoreSimulator.CoreSimulatorService" to quit'
|
|
osascript -e 'tell application "iOS Simulator" to quit'
|
|
osascript -e 'tell application "Simulator" to quit'
|
|
xcrun simctl shutdown all
|
|
xcrun simctl erase all
|
|
fi
|
|
-
|
|
name: Clear the list of iOS devices connected
|
|
recommend: strict
|
|
code: |-
|
|
sudo defaults delete /Users/$USER/Library/Preferences/com.apple.iPod.plist "conn:128:Last Connect"
|
|
sudo defaults delete /Users/$USER/Library/Preferences/com.apple.iPod.plist Devices
|
|
sudo defaults delete /Library/Preferences/com.apple.iPod.plist "conn:128:Last Connect"
|
|
sudo defaults delete /Library/Preferences/com.apple.iPod.plist Devices
|
|
sudo rm -rfv /var/db/lockdown/*
|
|
-
|
|
name: Clear XCode Derived Data and Archives
|
|
recommend: strict
|
|
code: |-
|
|
rm -rfv ~/Library/Developer/Xcode/DerivedData/* &>/dev/null
|
|
rm -rfv ~/Library/Developer/Xcode/Archives/* &>/dev/null
|
|
rm -rfv ~/Library/Developer/Xcode/iOS Device Logs/* &>/dev/null
|
|
-
|
|
name: Clear DNS cache
|
|
recommend: standard
|
|
code: |-
|
|
sudo dscacheutil -flushcache
|
|
sudo killall -HUP mDNSResponder
|
|
-
|
|
name: Purge inactive memory
|
|
recommend: standard
|
|
code: sudo purge
|
|
-
|
|
category: Reset privacy permissions for all applications
|
|
children:
|
|
-
|
|
name: Reset camera permissions
|
|
code: tccutil reset Camera
|
|
-
|
|
name: Reset microphone permissions
|
|
code: tccutil reset Microphone
|
|
-
|
|
name: Reset accessibility permissions
|
|
code: tccutil reset Accessibility
|
|
-
|
|
name: Reset screen capture permissions
|
|
code: tccutil reset ScreenCapture
|
|
-
|
|
name: Reset reminders permissions
|
|
code: tccutil reset Reminders
|
|
-
|
|
name: Reset photos permissions
|
|
code: tccutil reset Photos
|
|
-
|
|
name: Reset calendar permissions
|
|
code: tccutil reset Calendar
|
|
-
|
|
name: Reset full disk access permissions
|
|
code: tccutil reset SystemPolicyAllFiles
|
|
-
|
|
name: Reset contacts permissions
|
|
code: tccutil reset SystemPolicyAllFiles
|
|
-
|
|
name: Reset desktop folder permissions
|
|
code: tccutil reset SystemPolicyDesktopFolder
|
|
-
|
|
name: Reset documents folder permissions
|
|
code: tccutil reset SystemPolicyDocumentsFolder
|
|
-
|
|
name: Reset downloads permissions
|
|
code: tccutil reset SystemPolicyDownloadsFolder
|
|
-
|
|
name: Reset all app permissions
|
|
code: tccutil reset All
|
|
-
|
|
category: Configure programs
|
|
children:
|
|
-
|
|
name: Disable Firefox telemetry
|
|
recommend: standard
|
|
docs: https://github.com/mozilla/policy-templates/blob/master/README.md
|
|
code: |-
|
|
# Enable Firefox policies so the telemetry can be configured.
|
|
sudo defaults write /Library/Preferences/org.mozilla.firefox EnterprisePoliciesEnabled -bool TRUE
|
|
# Disable sending usage data
|
|
sudo defaults write /Library/Preferences/org.mozilla.firefox DisableTelemetry -bool TRUE
|
|
revertCode: |-
|
|
sudo defaults delete /Library/Preferences/org.mozilla.firefox EnterprisePoliciesEnabled
|
|
sudo defaults delete /Library/Preferences/org.mozilla.firefox DisableTelemetry
|
|
-
|
|
name: Disable Microsoft Office diagnostics data sending
|
|
recommend: standard
|
|
code: defaults write com.microsoft.office DiagnosticDataTypePreference -string ZeroDiagnosticData
|
|
revertCode: defaults delete com.microsoft.office DiagnosticDataTypePreference
|
|
-
|
|
name: Uninstall Google update
|
|
recommend: strict
|
|
code: |-
|
|
googleUpdateFile=~/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/ksinstall
|
|
if [ -f "$googleUpdateFile" ]; then
|
|
$googleUpdateFile --nuke
|
|
echo Uninstalled google update
|
|
else
|
|
echo Google update file does not exist
|
|
fi
|
|
-
|
|
name: Disable Homebrew user behavior analytics
|
|
recommend: standard
|
|
docs: https://docs.brew.sh/Analytics
|
|
call:
|
|
-
|
|
function: PersistUserEnvironmentConfiguration
|
|
parameters:
|
|
configuration: export HOMEBREW_NO_ANALYTICS=1
|
|
-
|
|
name: Disable NET Core CLI telemetry
|
|
recommend: standard
|
|
call:
|
|
-
|
|
function: PersistUserEnvironmentConfiguration
|
|
parameters:
|
|
configuration: export DOTNET_CLI_TELEMETRY_OPTOUT=1
|
|
-
|
|
name: Disable PowerShell Core telemetry
|
|
recommend: standard
|
|
docs: https://github.com/PowerShell/PowerShell/tree/release/v7.1.1#telemetry
|
|
call:
|
|
-
|
|
function: PersistUserEnvironmentConfiguration
|
|
parameters:
|
|
configuration: export POWERSHELL_TELEMETRY_OPTOUT=1
|
|
-
|
|
category: Configure OS
|
|
children:
|
|
-
|
|
category: Configure Apple Remote Desktop
|
|
children:
|
|
-
|
|
name: Deactivate the Remote Management Service
|
|
recommend: strict
|
|
code: sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -deactivate -stop
|
|
revertCode: sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -restart -agent -console
|
|
-
|
|
name: Remove Apple Remote Desktop Settings
|
|
recommend: strict
|
|
code: |-
|
|
sudo rm -rf /var/db/RemoteManagement
|
|
sudo defaults delete /Library/Preferences/com.apple.RemoteDesktop.plist
|
|
defaults delete ~/Library/Preferences/com.apple.RemoteDesktop.plist
|
|
sudo rm -r /Library/Application\ Support/Apple/Remote\ Desktop/
|
|
rm -r ~/Library/Application\ Support/Remote\ Desktop/
|
|
rm -r ~/Library/Containers/com.apple.RemoteDesktop
|
|
-
|
|
name: Disable Internet based spell correction
|
|
code: defaults write NSGlobalDomain WebAutomaticSpellingCorrectionEnabled -bool false
|
|
revertCode: defaults delete NSGlobalDomain WebAutomaticSpellingCorrectionEnabled
|
|
-
|
|
name: Disable Remote Apple Events
|
|
recommend: strict
|
|
code: sudo systemsetup -setremoteappleevents off
|
|
revertCode: sudo systemsetup -setremoteappleevents on
|
|
-
|
|
name: Do not store documents to iCloud Drive by default
|
|
docs: https://macos-defaults.com/finder/nsdocumentsavenewdocumentstocloud.html
|
|
recommend: standard
|
|
code: defaults write NSGlobalDomain NSDocumentSaveNewDocumentsToCloud -bool false
|
|
revertCode: defaults delete NSGlobalDomain NSDocumentSaveNewDocumentsToCloud
|
|
-
|
|
category: Security improvements
|
|
children:
|
|
-
|
|
category: Configure macOS Application Firewall
|
|
children:
|
|
-
|
|
name: Enable firewall
|
|
recommend: standard
|
|
docs: https://www.stigviewer.com/stig/apple_os_x_10.13/2018-10-01/finding/V-81681
|
|
code: /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on
|
|
revertCode: /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate off
|
|
-
|
|
name: Turn on firewall logging
|
|
recommend: standard
|
|
docs: https://www.stigviewer.com/stig/apple_os_x_10.13/2018-10-01/finding/V-81671
|
|
code: /usr/libexec/ApplicationFirewall/socketfilterfw --setloggingmode on
|
|
revertCode: /usr/libexec/ApplicationFirewall/socketfilterfw --setloggingmode off
|
|
-
|
|
name: Turn on stealth mode
|
|
recommend: standard
|
|
docs: https://www.stigviewer.com/stig/apple_os_x_10.8_mountain_lion_workstation/2015-02-10/finding/V-51327
|
|
code: /usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode on
|
|
revertCode: /usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode off
|
|
-
|
|
name: Disable Spotlight indexing
|
|
code: sudo mdutil -i off -d /
|
|
revertCode: sudo mdutil -i on /
|
|
-
|
|
name: Disable Captive portal
|
|
docs:
|
|
- https://web.archive.org/web/20171008071031if_/http://blog.erratasec.com/2010/09/apples-secret-wispr-request.html#.WdnPa5OyL6Y
|
|
- https://web.archive.org/web/20130407200745/http://www.divertednetworks.net/apple-captiveportal.html
|
|
- https://web.archive.org/web/20170622064304/https://grpugh.wordpress.com/2014/10/29/an-undocumented-change-to-captive-network-assistant-settings-in-os-x-10-10-yosemite/
|
|
code: sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.captive.control.plist Active -bool false
|
|
revertCode: sudo defaults delete /Library/Preferences/SystemConfiguration/com.apple.captive.control.plist Active
|
|
-
|
|
name: Require a password to wake the computer from sleep or screen saver
|
|
code: defaults write /Library/Preferences/com.apple.screensaver askForPassword -bool true
|
|
revertCode: sudo defaults delete /Library/Preferences/com.apple.screensaver askForPassword
|
|
-
|
|
name: Do not show recent items on dock
|
|
docs: https://developer.apple.com/documentation/devicemanagement/dock
|
|
code: defaults write com.apple.dock show-recents -bool false
|
|
revertCode: defaults delete com.apple.dock show-recents
|
|
-
|
|
name: Disable AirDrop file sharing
|
|
recommend: strict
|
|
code: defaults write com.apple.NetworkBrowser DisableAirDrop -bool true
|
|
revertCode: defaults write com.apple.NetworkBrowser DisableAirDrop -bool false
|
|
functions:
|
|
-
|
|
name: PersistUserEnvironmentConfiguration
|
|
parameters: [ configuration ]
|
|
code: |-
|
|
command='{{ $configuration }}'
|
|
declare -a profile_files=("$HOME/.bash_profile" "$HOME/.zprofile")
|
|
for profile_file in "${profile_files[@]}"
|
|
do
|
|
touch "$profile_file"
|
|
if ! grep -q "$command" "${profile_file}"; then
|
|
echo "$command" >> "$profile_file"
|
|
echo "[$profile_file] Configured"
|
|
else
|
|
echo "[$profile_file] No need for any action, already configured"
|
|
fi
|
|
done
|
|
revertCode: |-
|
|
command='{{ $configuration }}'
|
|
declare -a profile_files=("$HOME/.bash_profile" "$HOME/.zprofile")
|
|
for profile_file in "${profile_files[@]}"
|
|
do
|
|
if grep -q "$command" "${profile_file}" 2>/dev/null; then
|
|
sed -i '' "/$command/d" "$profile_file"
|
|
echo "[$profile_file] Reverted configuration"
|
|
else
|
|
echo "[$profile_file] No need for any action, configuration does not exist"
|
|
fi
|
|
done |