mirrors/Mole
1
0
Fork 0
mirror of https://github.com/tw93/Mole.git synced 2026-02-16 21:39:11 +00:00
Code Activity

Sip check optimization

Browse Source
This commit is contained in:
Tw93
2025-12-01 14:52:09 +08:00
parent 05c59c130b
commit 4056ad5245
3 changed files with 41 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/clean_system.sh
View File

@@ -34,8 +34,15 @@ clean_deep_system() {
safe_sudo_find_delete "/var/log" "*.gz" "$MOLE_LOG_AGE_DAYS" "f" safe_sudo_find_delete "/var/log" "*.gz" "$MOLE_LOG_AGE_DAYS" "f"
log_success "Old system logs (${MOLE_LOG_AGE_DAYS}+ days)" log_success "Old system logs (${MOLE_LOG_AGE_DAYS}+ days)"
# Clean Library Updates safely - iterate and delete individual items # Clean Library Updates safely - skip if SIP is enabled to avoid error messages
# SIP-protected files in /Library/Updates cannot be deleted even with sudo
if [[ -d "/Library/Updates" && ! -L "/Library/Updates" ]]; then if [[ -d "/Library/Updates" && ! -L "/Library/Updates" ]]; then
if is_sip_enabled; then
# SIP is enabled, skip /Library/Updates entirely to avoid error messages
# These files are system-protected and cannot be removed
: # No-op, silently skip
else
# SIP is disabled, attempt cleanup with restricted flag check
local updates_cleaned=0 local updates_cleaned=0
while IFS= read -r -d '' item; do while IFS= read -r -d '' item; do
# Skip system-protected files (restricted flag) # Skip system-protected files (restricted flag)
@@ -51,6 +58,7 @@ clean_deep_system() {
done < <(find /Library/Updates -mindepth 1 -maxdepth 1 -print0 2> /dev/null) done < <(find /Library/Updates -mindepth 1 -maxdepth 1 -print0 2> /dev/null)
[[ $updates_cleaned -gt 0 ]] && log_success "System library updates" [[ $updates_cleaned -gt 0 ]] && log_success "System library updates"
fi fi
fi
# Clean orphaned cask records (delegated to clean_brew module) # Clean orphaned cask records (delegated to clean_brew module)
clean_orphaned_casks clean_orphaned_casks

18
lib/common.sh
View File

@@ -58,6 +58,24 @@ declare -a DEFAULT_WHITELIST_PATTERNS=(
"$FINDER_METADATA_SENTINEL" "$FINDER_METADATA_SENTINEL"
) )
# Check if System Integrity Protection is enabled
# Returns: 0 if SIP is enabled, 1 if disabled or cannot determine
is_sip_enabled() {
if ! command -v csrutil > /dev/null 2>&1; then
# If csrutil not available, assume SIP is enabled for safety
return 0
fi
local sip_status
sip_status=$(csrutil status 2> /dev/null || echo "")
if echo "$sip_status" | grep -qi "enabled"; then
return 0
else
return 1
fi
}
# Get spinner characters (overridable via MO_SPINNER_CHARS) # Get spinner characters (overridable via MO_SPINNER_CHARS)
mo_spinner_chars() { mo_spinner_chars() {
local chars="${MO_SPINNER_CHARS:-|/-\\}" local chars="${MO_SPINNER_CHARS:-|/-\\}"

2
mole
View File

@@ -22,7 +22,7 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$SCRIPT_DIR/lib/common.sh" source "$SCRIPT_DIR/lib/common.sh"
# Version info # Version info
VERSION="1.11.5" VERSION="1.11.6"
MOLE_TAGLINE="can dig deep to clean your Mac." MOLE_TAGLINE="can dig deep to clean your Mac."
# Check if Touch ID is already configured # Check if Touch ID is already configured