I have a LaunchdAgent (e.g. /etc/someDir/myAgent) running, which asks permission to record the screen. System Popup pops - user permits screen-recording in the System-Preferences "Security & Privacy" panel, the "Privacy" tab. It is clearly visible there.
Now when I wish to uninstall/remove this agent, I also want to remove its permissions.
I should be able to use the tccutil command-line tool to either
tccutil reset ALL myAgent
or
tccutil reset ScreenCapture myAgent
However, I always receive the following error:
tccutil: No such bundle identifier "myAgent": The operation couldn’t be completed. (OSStatus error -10814.)
I tried to use the path to the launchAgent, its label "com.mycompany.myAgent" from the .plist I install in /Library/LaunchAgents to run it, I even tried unique identifiers from its [NSProcessInfo processInfo] -- to no avail.
man tccutil is worthless, and I cannot find any documentation on the subject.
Idea anyone? how can I clear privacy database of my Agent once it is no longer needed?
You need to pass the app's bundle identifier to the
tccutil resetcommand. That's the value for theCFBundleIdentifierproperty in the app's Info.plist, not the display name or executable name.For single-binary (rather than bundled) executables, you can embed the Info.plist directly into the binary, which opens up a bunch of features which require a bundle identifier, such as entitlements, etc.. If using Xcode to build, enable the "Create Info.plist Section in Binary" target setting. Otherwise, you'll have to manually add the
--sectcreate __info_plistoption during linking.)Another option is to place the executable inside a generic
.bundletarget. Then the bundle identifier of the bundle applies.