Posted on 10-23-2018 02:10 PM
I'm trying to add "/Volumes" as an exclusion but am getting the error "Could not write domain". I've tried adding "Terminal" and "defaults" to the full disk access permissions to no avail. I'm guessing at this point, programmatic modification of that file via script/defaults is going to require disabling SIP, which isn't an option.
Does anyone know of any other options to programmatically add exclusions to spotlight?
Posted on 10-23-2018 03:52 PM
Rich Trouton covers the move of /Volumes to no longer being world writable as of Sierra (10.12)
As for your issue in writing to the VolumeConfiguration.plist, I don't see it listed in the rootless.conf but I don't believe that Spotlight indexes network drives by default (I'll have to check my notes on this).
Posted on 10-24-2018 07:44 AM
With SIP enabled, the command "defaults read /.Spotlight-v100/VolumeConfiguration.plist" results in 'domain not found', however "cat /.Spotlight-v100/VolumeConfiguration.plist" shows the contents. With SIP disabled you can read and write to the plist using the defaults command, which confirms my suspicion that rootless.conf is not a live configuration file, but rather just a documentation list that may or may not be up to date with any given release.
Anyway, still looking for an alternative means of configuration.
Posted on 10-24-2018 07:57 AM
@MrP I ran into this. I submitted feedback to Apple to allow
mdutil the option to manage exclusion paths for Spotlight index with the options of: add-path, remove-path, and reset exclusion and perhaps some support for reading from a plist. I'm not sure whether they'll oblige but you should submit similar feedback if interested. Also just so you know this is only a problem in 10.14. In 10.13, it seems to work fine.
Posted on 10-24-2018 08:12 AM
@bpavlov I submitted feedback as well. Thanks! Yeah, I have to re-certify all of our configurations every major os release, as I assume most do. Didn't see this until 10.14.