Can't get app added to Privacy/Automation

Targets macOS
21
  • Inherited entitlements, allows the system to pass down security settings to helper apps when launched from the main application (at least in theory), however launching the helper from outside the application won’t work.
  • Main Entitlements, allows the helper to be launched by an external source, but it is isolated security wise from the rest of the bundle.

Right, so there’s three ways I can see to do this.

  1. Add the entitlement to the main application’s entitlements, so it is propagated throughout.
  2. If you use App Wrapper to add the helper to your main application, you can specify “Don’t code sign” in the “Add Files” section of “Bundle Contents”. Use an App Wrapper script in your helper’s project to make sure it is code signed at build time.
    Screen Shot 2022-03-15 at 9.01.44 AM
  3. If you manually add the helper to your main application, you can still tell App Wrapper to ignore the helper.
    Select “Modify Files” from the “Bundle Contents” pane.
    Click on the “+” button in the top right hand corner, then “Select From Source Application”.
    Navigate through to find and select your helper.
    Select “Do not code sign” or “Ignore this item” from the right hand side popup menu next to the helper in the list.
22

Yeah!!! Number 1 didn’t work, number 2 wasn’t applicable, but number 3 did the trick!

23

Beatrix,

Thank you for this thread and I have something to add. My main computer is an M1 MacMini. I also have an old iMac(Late 2013) running Catalina. My AppleEvent communication between 2 apps worked great on both machines.

Then something strange happened to the iMac and I did a system restore. Now the iMac would no longer work with AEs. I used the tccutil reset and the DeterminePermissionToAutomateTarget example. On my MacMini, I could correctly eliminate automation entries in System Preferences and get new approval dialogs, but on the iMac, the example would continually return “not permitted” when trying to reenable an approval dialog. My 2 apps would not show in System Preferences nor could I get a permissions dialog to enable.

I even did a fresh install of Catalina on a new volume and still couldn’t get it to work.

It finally dawned on me that the restriction is machine-specific so I zapped the PRAM and got the permission dialogs again. Apparently, a denial of approval is stored in PRAM, at least on this 10yo iMac. You can put this at the top of your troubleshooting list if it happens to another client.

Thanks

1 Like