Editing the TCC.db with sqlite3

Jason
Contributor II

Is anyone else successfully editing the "/Library/Application Support/com.apple.TCC/TCC.db" file? I had been doing so in El Cap and Yosemite since that is the Database for the Accessibility list (System Preferences > Security & Privacy > Privacy > Accessibility). But when I try on Sierra I get the error:

Error: attempt to write a readonly database

I don't see anything else on this online, other than to check the permissions. But I'd think sudo would have permissions on it. Any thoughts?

sqlite3 /Library/Application Support/com.apple.TCC/TCC.db "INSERT INTO access VALUES('kTCCServiceAccessibility','<APP>',0,1,1,NULL,NULL);"
6 REPLIES 6

rtrouton
Release Candidate Programs Tester

The TCC database is protected by SIP as of macOS Sierra:

http://applehelpwriter.com/2016/09/20/dropbox-hack-blocked-by-apple-in-sierra/

Jason
Contributor II

Bummer. I had been using that technique to get ADPassMon silently setup. Don't see a newer version of ADPassMon, so I guess I'll have to figure something else out...

mm2270
Legendary Contributor III

Well, technically the replacement or update for ADPassMon is NoMAD. At least @bentoms seems to say so.

I would read through the link above. It seems there will be no more development on ADPassMon, so you'd be better served with moving to something else that doesn't require making modifications to the TCC.db at this point.

bentoms
Release Candidate Programs Tester

@mm2270 as the last maintainer of ADPassMon.. yep.. ADPassMon is dead, long live NoMAD

mm2270
Legendary Contributor III

@bentoms Haha! Yes, I know you maintained it. My comment was somewhat playful, since if you are saying to move to NoMAD from ADPassMon, then it's kind of coming straight from the horse's (or is that the Mule's?) mouth. :)

bentoms
Release Candidate Programs Tester

@mm2270 heh i got it.. was just being an ass mule :P