Hello All,
I'm stuck. I hope anyone can help me :)
I need to check all apps status on full disk access. Is there any command to find status or other way? My manager want to know 2 things.
1. Is XXX.app added to full disk access ?
2. Is XXX.app open on full disk access ?
Thank you.
@foreverkan - you can only check which applications are granted with Full Disk Access (either by end-user or via MDM) using the following command from an CLI. The output will list the application BundleIdentifier name.
sudo sqlite3 /Library/Application\\ Support/com.apple.TCC/TCC.db \\
'select client from access where auth_value and service = "kTCCServiceSystemPolicyAllFiles"'
Ensure you grant full disk access to the Terminal application if you are running the above command from Terminal.
Here's my EA which greps out the various Apple services:
#!/bin/bash
# 1.1 added grep to filter out stock components and strip /Library/App Support (ie Nexthink)
#
# query the TCC.db to return all SystemPolicyAllFiles entitlements
#
# sample return:
#
# com.jamfsoftware.Composer
# com.cisco.anyconnect.gui
# NexthinkVersions/23.8.3.7_1/nxtupdater
#
# when using interactively in the shell: printf "%s\\n" $results
results=$(/usr/bin/sqlite3 /Library/Application\\ Support/com.apple.TCC/TCC.db 'select * from access' | awk -F'|' ' { print $2 } ' | grep -Ev "com.apple|System" | sed 's/\\/Library\\/Application Support\\///g' )
echo "<result>$results</result>"
@foreverkan - you can only check which applications are granted with Full Disk Access (either by end-user or via MDM) using the following command from an CLI. The output will list the application BundleIdentifier name.
sudo sqlite3 /Library/Application\\ Support/com.apple.TCC/TCC.db \\
'select client from access where auth_value and service = "kTCCServiceSystemPolicyAllFiles"'
Ensure you grant full disk access to the Terminal application if you are running the above command from Terminal.
Thank you for your reply. Command is worked but it is not listed all allowed apps. What can i do?
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.