How To Generate DDM Components
The primary script for generating DDM components is located here in the macos_security repository:
Directorymacos_security/
Directoryscripts/
- generate_guidance.py
To generate all DDM components, run:
./scripts/generate_guidance.py -D baselines/all_rules.yaml -p -sThis will create DDM components in the following directories:
DirectoryBuild/
DirectoryBASELINENAME/
Directoryactivations/
- org.mscp.all_rules.activation.diskmanagement.settings.json
- org.mscp.all_rules.activation.pam.json
- org.mscp.all_rules.activation.passcode.settings.json
- org.mscp.all_rules.activation.sshd.json
- org.mscp.all_rules.activation.sudo.json
Directoryassets/
- com.apple.pam.zip
- com.apple.sshd.zip
- com.apple.sudo.zip
- org.mscp.all_rules.asset.pam.json
- org.mscp.all_rules.asset.sshd.json
- org.mscp.all_rules.asset.sudo.json
Directoryconfigurations/
- org.mscp.all_rules.config.diskmanagement.settings.json
- org.mscp.all_rules.config.pam.json
- org.mscp.all_rules.config.passcode.settings.json
- org.mscp.all_rules.config.sshd.json
- org.mscp.all_rules.config.sudo.json
For more information, see How to Generate Baselines or review the baseline file layout.