Hi, I have written a script to install CS falcon on Mac via JAMF, but script successfully install the CS falcon on Mac system but "Falcon” Would Like to Filter Network Content" in network extension and "The System Extension Blocked message" in Security & Privacy, which need to "Allow" manually.
Need help to correct the script for automatically run the process without user interaction, following script.
#!/bin/bash
# Set the installation parameters
CLIENT_ID="YOUR_CLIENT_ID"
CLIENT_SECRET="YOUR_CLIENT_SECRET"
INSTALL_TOKEN="YOUR_INSTALL_TOKEN"
# Define the installation directory
INSTALL_DIR="/Applications/Falcon.app"
# Define the Crowdstrike bundle identifier
BUNDLE_IDENTIFIER="com.crowdstrike.falcon.Agent"
# Define the Crowdstrike team identifier
TEAM_IDENTIFIER="X9E956P446"
# Copy the Falcon Sensor package
cp /private/tmp/
# Install the Falcon Sensor package
echo "Installing Falcon Sensor..."
sudo installer -pkg "/private/tmp/FalconSensor.pkg" -target /
# Wait for the installation to complete
sleep 5
# Configure the Falcon Sensor
echo "Configuring Falcon Sensor..."
sudo "/Applications/Falcon.app/Contents/Resources/falconctl" license $INSTALL_TOKEN
# Start the Falcon Sensor
echo "Starting Falcon Sensor..."
sudo "/Applications/Falcon.app/Contents/Resources/falconctl" -s --cid="$CLIENT_ID" --cs-host="https://falconapi.crowdstrike.com"
# Verify the installation
echo "Verifying Falcon Sensor installation..."
if [ -d "$INSTALL_DIR" ]; then
echo "Falcon Sensor installed successfully."
else
echo "Failed to install Falcon Sensor."
exit 1
fi
# Configure Privacy Preferences Policy Control
echo "Configuring Privacy Preferences Policy Control..."
sudo /usr/bin/tccutil.py --insert "$BUNDLE_IDENTIFIER" --service "/System/Library/PreferencePanes/Security.prefPane/Contents/Resources/SystemPolicyAllFiles" --allow
# Configure Approved Kernel Extensions
echo "Configuring Approved Kernel Extensions..."
sudo /usr/bin/kmutil trigger -f "${TEAM_IDENTIFIER}"
# Configure System Extensions
echo "Configuring System Extensions..."
sudo /usr/bin/systemextensionsctl enable "${TEAM_IDENTIFIER}"
# Set Network Content Filter preference to Allow
echo "Setting Network Content Filter preference..."
sudo /usr/bin/defaults write /Library/Preferences/com.apple.networkextension.plist com.apple.networkextension.packet-tunnel-network-settings -dict ContentFilterAllowed -bool true
# Clean up the downloaded package
echo "Cleaning up..."
rm -f "/private/tmp/FalconSensor.pkg"
# Exit with success
exit 0
Thank you