Worklet: Enable Gatekeeper on macOS

5 years ago
August 23, 2019
1 reply
56 views

ZachF-Automox
Former Automox Employee
2 replies

Gatekeeper is a built-in security feature of macOS—originally introduced in Mac OS X Lion (10.7.3)—that enforces code signing and verifies downloaded applications before allowing them to run. This worklet ensures that Gatekeeper is always enabled on a macOS system.

Evaluation:

#!/bin/bash



# helper function to check if a command exists

function command_exists {

    type "$1" &> /dev/null

}



# only evaluate if the spctl command is available

if command_exists spctl; then

    # check if gatekeeper is enabled

    spctl --status | grep -q "assessments enabled"



    # yay? or nay?

    exit $?

fi



# spctl command not available, move along

exit 0

Remediation:

#!/bin/bash



# enable gatekeeper for all users

spctl --master-enable



# did we succeed?

exit $?

This topic has been closed for comments

ChristianB
Former Automox Employee
3 replies
5 years ago
September 4, 2019

Type is a shell built in. It maybe return something other than an executable program. Why not use which instead and get the executable path from that?

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos

IPMI User account disablingicon

Changing The Controller VM IP Addresses In Your Nutanix Cluster (CLI Script)

Quick fix for a 'broken' ipmitool - Can't access ipmitool from CVM

error validating ipmi account with "x.x.x.x" IP. SCOMicon

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded

Cookie policy

Cookie settings