Jamf Nation Community

musat · ‎02-25-2014

Hello,
We have our student accounts defined as non-administrators, of course. However, we keep running into an issue when we push out new applications. They get the Quarantine notice that the application was downloaded from the Internet. However, they get this every time they open the application. So the Quarantine status never gets updated. We pushed out the "defaults write /Library/Preferences/com.apple.LaunchServices LSQuarantine -bool NO" setting to try turning off the LSQuarantine setting completely, but that doesn't seem to have worked.

How should we be doing this?

Tim

tomt · ‎02-25-2014

What I've found is that when packaging a "drag and drop" application with Composer I need to make sure ownership of the app is not set to my account. I will normally highlight the Applications folder and then choose to copy permissions to all enclosed items. That has gotten rid of the warning for me.

View solution in original post

nessts · ‎02-25-2014

sign the applications if you are creating them or Have you opened the application prior to packaging it so that you set the quarantine flag before packaging it?

mm2270 · ‎02-25-2014

You need to clear the quarantine attribute before packaging up the application, assuming you're either capturing or drag and dropping the application into an app like Composer to package it.

One simple way to do this is launch the application at least once under your admin account before dragging into Composer to package it. You'll see the "downloaded from internet" warning, but once you acknowledge under and admin account it should clear the setting and not appear again. I usually just run it a second time for good measure to ensure I don't see the quarantine warning again. This is by far the simplest way.

However, since you've already deployed some apps out there that need to be fixed, use the following syntax. This could be sent via policy Run Command or from Casper Remote, or even through ARD if you happen to use that.

xattr -dr com.apple.quarantine /path/to/application/app-name.app/

musat · ‎02-25-2014

I am packaging these apps from my Mac, and have run them several times on my Mac. And I thought I tried using the xattr command on my Mac prior to packaging as well. That's where my confusion has come in. I've been wondering if it is some rights issue, where they might not have right to the correct preference file.

mm2270 · ‎02-25-2014

That warning has nothing to do with any preference files. The OS sees the quarantine flag on any application downloaded from the internet and will send up that warning unless/until the flag is cleared. Somehow that isn't being cleared. I would try running the xattr command again on an affected system and see what that does.

Other than very occasionally forgetting to launch an app prior to packaging, I haven't run into this issue very often. And either of the above steps typically corrects it.

musat · ‎02-25-2014

Ok, thanks for the clarification. I created a Policy that would use xattr to clear the Quarantine flag on all files in the /Applications folder and that seems to clear up the issue, so this does seem to be an issue with the flag. I'll keep following up on applications we distribute to see if I can figure out any commonality when this happens.

Tim

tomt · ‎02-25-2014

What I've found is that when packaging a "drag and drop" application with Composer I need to make sure ownership of the app is not set to my account. I will normally highlight the Applications folder and then choose to copy permissions to all enclosed items. That has gotten rid of the warning for me.

musat · ‎02-25-2014

Aah, that's probably it. I frequently make packages using the drag 'n' drop method with Composer. I'll go in and change the permissions on the files and see if that fixes it.

Thanks for a new direction to look.

Jamf Nation Community

Non Administrator Quarantine Issue