-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathAllowed_Apps-Full_Disk_Access.sh
More file actions
41 lines (34 loc) · 1.02 KB
/
Allowed_Apps-Full_Disk_Access.sh
File metadata and controls
41 lines (34 loc) · 1.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#!/bin/bash
# Jamf Extension Attribute
# Checks system + per-user TCC databases for kTCCServiceSystemPolicyAllFiles.
SERVICE="kTCCServiceSystemPolicyAllFiles"
SYSTEM_TCC="/Library/Application Support/com.apple.TCC/TCC.db"
RESULTS=()
query_tcc() {
local db="$1"
if [[ -f "$db" ]]; then
sqlite3 "$db" \
"SELECT client FROM access \
WHERE service = '$SERVICE' \
AND auth_value = 2 \
ORDER BY client;" 2>/dev/null
fi
}
# System-level TCC
while IFS= read -r line; do
[[ -n "$line" ]] && RESULTS+=("$line")
done < <(query_tcc "$SYSTEM_TCC")
# Per-user TCC databases
for USER_HOME in /Users/*; do
USER_TCC="$USER_HOME/Library/Application Support/com.apple.TCC/TCC.db"
while IFS= read -r line; do
[[ -n "$line" ]] && RESULTS+=("$line")
done < <(query_tcc "$USER_TCC")
done
# Deduplicate and sort
UNIQUE=$(printf '%s\n' "${RESULTS[@]}" | sort -u)
if [[ -z "$UNIQUE" ]]; then
echo "<results>None</results>"
else
echo "<results>$UNIQUE</results>"
fi