Catalina (macos 10.15.5) - Operation not permitted

Question

Catalina (macos 10.15.5) - Operation not permitted

siftuser opened this issue 4 years ago · comments

Anybody noticed Operation not permitted error on filesystem operations such as listing or collecting files from agents running catalina ? If so, any workaround ? Thank you

Mario D · Answer 1 · Thu Jun 25 2020 16:28:50 GMT+0800 (China Standard Time)

Hello @siftuser - is your GRR agent signed/notarised? Catalina now enforces integrity checks via GateKeeper by default. See https://support.apple.com/en-us/HT202491 .

If you are a member of the grr-users Google Group you might find this discussion helpful: https://groups.google.com/forum/#!topic/grr-users/a4xWecZm_AA

siftuser · Answer 2 · Thu Jun 25 2020 23:47:58 GMT+0800 (China Standard Time)

Thanks @mari0d for sharing both useful links. The code signing steps described in google groups seems bit tricky ... appreciate if anybody has working guide or procedure. Thanks

mbushkov · Answer 3 · Thu Jun 25 2020 23:59:48 GMT+0800 (China Standard Time)

There was a similar request concerning the Windows binary signing documentation. Our GRR client signing instructions are out of date. Unfortunately, I didn't have free cycles to update them yet - will do that on Monday of the coming week.

siftuser · Answer 4 · Fri Jun 26 2020 00:04:29 GMT+0800 (China Standard Time)

Thank you @mbushkov. Greatly appreciated

mbushkov · Answer 5 · Thu Jul 02 2020 05:52:07 GMT+0800 (China Standard Time)

@siftuser - I did an iteration on our GRR client signing docs. The PR is here (will submit it soon):
https://github.com/google/grr-doc/pull/121/files

Hope this helps.

siftuser · Answer 6 · Thu Jul 02 2020 13:56:22 GMT+0800 (China Standard Time)

Thank you @mbushkov