Reputation: 83
Running apple script from bash
I have this apple script code that works fine from the Script Editor app:
tell application "Finder" to delete ((POSIX file "/Applications/Symantec Solutions/Symantec Endpoint Protection.app") as alias)
Now, I need to run that from my MDM solution (JAMF), so I'm trying to get it into a bash file as this:
osascript -e "tell application \"Finder\" to delete (POSIX file \"/Applications/Symantec Solutions/Symantec Endpoint Protection.app\") as alias"
but when run it from my editor (CodeRunner) it fails with: execution error: Not authorised to send Apple events to System Events. (-1743)
I think it's related with the Privacy Preferences Policy Control but I cannot make it work.
What I want to accomplish ultimately is that by running a script from my MDM I can get the same dialog that when I drag the app to the bin: "The application “Symantec Endpoint Protection” is hosting system extensions. These extensions will be removed if you continue." which I don't get if I just rm -rf the whole app.
Sorry if I can't be any clearer. Any clues?
Upvotes: 0
Views: 1178
Answers (3)
Reputation: 382
I had a very similar issue with a Python script executing AppleScript in CodeRunner. I just couldn't figure out how to manually add CodeRunner to the Automation section of Security & Privacy in System Preferences.
What ended up working for me, might work for others as well. I had to manually trigger the osascript command within CodeRunner, in order to get the prompt to allow CodeRunner to control Apple Events. Specifically System Events. I did that by creating a new shell script file in CodeRunner and running it.
#!/bin/bash
osascript -e 'tell App "System Events" to display dialog "Testing"'
Upon running that, I was prompted to allow CodeRunner to control System Events. For your particular issue, you'd just want to run the osascript command with AppleScript for Finder instead of System Events
osascript -e 'tell App "Finder to display dialog "Testing This"'
Since you're using an MDM, such as Jamf, you should be able to create a Privacy Preferences Policy Control (PPPC) configuration profile and deploy it to the Mac prior to running the script. You'd just want to ensure that Terminal has access to control Finder or System Events.
The PPPC Utility is a great app for creating those configuration profiles.
Upvotes: 0
Reputation: 83
Thanks a lot Ted, that was the issue, having a lot of contexts chained. I had to tick Finder under CodeRunner in the Automation section of PPPC.
Upvotes: 0
Reputation: 3184
Script Editor is (by default) authorized to apple events to other applications. If you want to run an AppleScript that controls other apps from some different context, you have to grant permission to that new context to control other apps. You do this by adding the controlling application to the 'Accessibility' section of System Preferences ➦ Security & Privacy ➦ Privacy.
This gets a bit dicy when you shift contexts a lot. For instance, you seem to be using CodeRunner to execute a shell script to execute OSAScript, which might get a security violation at any level. Try giving permissions to CodeRunner and see if that clears things up.
Upvotes: 1
Related Questions
- Granting permissions to AppleScript script
- Allow AppleScript script to run without asking for permission
- How to use applescripts do shell script without quotes
- How to make a script that doesn't ask permission every time it's opened
- How to grant Applescript permissions through Applescript?
- “is not allowed for assistive access” error when running AppleScript in Mac app
- Applescript Issue: "Not Allowed Assistive Access. (-1719)"
- osx - Permission denied (126) using AppleScript with Administrator Privileges
- Run AppleScript with Elevated Privileges from Objective C
- Running script with admin permissions on OS X