Help

How To: Remove Previously User-Approved KEXT

tthurman
Contributor III

Posted on ‎09-19-2018 08:06 AM

So, I'm trying to find a way to remove a previously user-approve KEXT from a machine.

The /var/db/SystemPolicyConfiguration/KextPolicy database is read-only and likely protected by SIP anyway - so, deleting a row out of this wouldn't work.

Has anyone found a way to do this?

--
TJ

0 Kudos
Reply
3 REPLIES 3

tthurman
Contributor III

Posted on ‎09-21-2018 08:51 AM

bump

0 Kudos
Reply

dgary1
New Contributor

Posted on ‎09-24-2018 02:39 AM

Run the following as an admin through Terminal:
sudo kextunload /System/Library/Extensions/{ThirdParty}.kext

Or if that doesn't work, you can use

sudo kextunload /Library/Extensions/{ThirdParty}.kext

Make sure that the KEXT is not being used and it should be unloaded that way. Then verify its been unloaded through kextstat or the /var/db/SystemPolicyConfiguration/KextPolicy

0 Kudos
Reply

tthurman
Contributor III

Posted on ‎09-26-2018 09:12 AM

Unfortunately, I don't believe this has worked. To my knowledge, the KEXT that I have in my approved KEXT list is not loaded. However, it still shows up in the kext_policy table in the KextPolicy db.

--
TJ

0 Kudos
Reply