Posted on 06-16-2022 11:38 AM
I have a few questions about the PPPC Utility.
1) This is only the profile that grants permissions, the app will also need to be installed...correct?
2) I'm getting an error trying to install a profile that grants zoom screen recording, and accessibility but I'm getting an error. Where are these logs stored? Or does someone know what I may be doing wrong?
3) I have an app that requires full disk access for itself and a daemon it spawns. I can find the app, but where on earth can I find the daemon to grant the permissions that.
4) I also have to "Allow" for a prompt in security and privacy in order for the app to load. How is that done?
Posted on 06-16-2022 02:33 PM
1) correct, sort of... some things only have the option to "allow standard users" to set
2) go into the policy or config on the page is a logs button
3) dev sheets for deamons should have the info you are looking for Creating Launch Daemons and Agents (apple.com)
4) are you asking how to automate that or literally how to do it?
if just getting started the jamf training catalog is a great place to start
Posted on 06-17-2022 01:58 PM
Just to add to what @jpeters21 has mentioned:
1. The profile can exist in absence of the app and will only affect settings when/if the app is installed.
2. Screen Recording can only be set by the user in the GUI
3. A daemon is more akin to script that runs based on preset conditions. Its either running or not but it wont need full disk access since its not a process.
4. Youre getting the Allow prompt because your install is trying to load a kext or system ext. You can set your profile to automatically approve the Team ID, you can get that running the following:
codesign -dv [PATH OF APPLICATION]
You can view whats loaded running the following;
kextstat | grep -v com.apple