Crossposted using Lemmit.

Original post from /r/macsysadmin by /u/thefold25 on 2023-06-30 11:30:33+00:00.

I have a number of users who all need a very specific shared folder setup on their devices. In the past I’ve done this by manually setting up a “Sharing Only” account, creating a folder in /Users/Shared, sharing that via File Sharing and giving the new account read/write permissions.

I’ve had a ticket come through saying they need this set up on another ~20 devices so I think it’s time to automate it!

So far I’ve written a script that will use dscl to create the user account (tips on how to pass a password not in plain text into this would be helpful!), enables the file sharing services, creates the folder and shares it.

What I need to do now is add the sharing account to the permission list of the shared folder, but I’m having difficulty finding some good documentation on this. I managed to get it semi-working by doing a chmod -R +a "sharinguser allow read,write,delete", and this shows up in the list of shared folder permissions, but it shows the access type as ‘Custom’. This will also show up if I run ls -lte /Users/Shared/. However if I add a permission via the GUI for a user, it doesn’t show up with ls, so where is it?

Does anyone know of a way to add and modify share permissions from the terminal? I’ve been looking into the dscl command, but I can’t see anything linking the “SharePoint” (useful choice of name there Apple!) with the user account.