Skip to main content
Solved

Help packaging Security & Privacy

  • December 29, 2015
  • 6 replies
  • 51 views
D
Forum|alt.badge.img+6

Hey everyone. In the past I have baked all my settings into the base, but wanted to try my hand at a clean base OS via AutoDMG and customizing it after the fact. I'm having trouble with settings I normally set in System Preferences > Security & Privacy.

The two things I'd like to control are:
2. Allow apps downloaded from: Anywhere
3. Advanced... check 'Require an administrator password to access system-wide preferences'

Composer doesn't seem to capture what is being changed/modified when I make these changes, so I am not sure how to set these settings en mass.

Best answer by thoule

You can shut off gatekeeper with 

spctl --master-disable

..That may be overkill, but that may be what you're looking for.

As for 'Require Admin', I think that needs to done via the authorization.db, but need to look it up to be sure.

    6 replies

    T
    Forum|alt.badge.img+15
    • thoule
    • Contributor
    • Answer
    • December 29, 2015

    You can shut off gatekeeper with 

    spctl --master-disable

    ..That may be overkill, but that may be what you're looking for.

    As for 'Require Admin', I think that needs to done via the authorization.db, but need to look it up to be sure.

    L
    Forum|alt.badge.img+1
    • ljungholms
    • New Contributor
    • December 29, 2015

    Are you talking about a configuration profile?
    Security and Privacy/Allow Apps From Anywhere
    Restrictions/Restrict Items in System Preferences

    D
    Forum|alt.badge.img+6

    @thoule you were right on the money with both. I removed all the directories Composer ignores by default and voila... found both. @ljungholms thanks for chiming in; I'll check that out as an option as well.

    bentoms
    Forum|alt.badge.img+35
    • bentoms
    • Hall of Fame
    • January 1, 2016

    @Kaminski as per @ljungholms advised. Some of these should be managed via a profile.

    I say "some" as GateKeeper will reset it status after 30 Days as per this

    donmontalvo
    Forum|alt.badge.img+36
    • donmontalvo
    • Hall of Fame
    • January 6, 2016

    @bentoms Wow, I really need to bookmark @rtrouton's blog for nightly reeding. Great find!

    --https://donmontalvo.com
    T
    Forum|alt.badge.img+15

    ^^ That made me laugh Don, as yours, Ben's, and Rich's blogs are all ones I read regularly :) Figured the 3 of you had known each other for a long time!

    Terms & ConditionsCookie settingsAccessibility statement