|;;; package --- Fix permissions for Emacs.app on macOS Catalina|
|;;; Author: Artem Loenko|
|;;; Mail-To: <firstname.lastname@example.org>|
|(defconst _default-emacs-app-plist-path "/Applications/Emacs.app/Contents/Info.plist")|
|(defconst _temp-buffer-name "*fixing Emacs permissions*")|
|(defconst _temp-buffer (get-buffer-create _temp-buffer-name))|
|(with-current-buffer _temp-buffer (erase-buffer))|
|(defun add-description-if-needed (description_key description)|
|"DESCRIPTION_KEY - DESCRIPTION."|
|(defconst read-args (list "read" _default-emacs-app-plist-path description_key))|
|(if (equal 1 (with-temp-buffer (apply 'call-process "defaults" nil (current-buffer) nil read-args)))|
|(princ (format "Missing: %s. Adding...\n" description_key) _temp-buffer)|
|(defconst write-args (list "write" _default-emacs-app-plist-path description_key "-string" description))|
|(apply 'call-process "defaults" nil (current-buffer) nil write-args))|
|(princ (format "Existed: %s. Skipping.\n" description_key) _temp-buffer)))|
|"Emacs requires permission to access the Desktop folder.")|
|"Emacs requires permission to access the Documents folder.")|
|"Emacs requires permission to access the Downloads folder.")|
|"Emacs requires permission to access files on Removable Volumes.")|
|;;; fix-emacs-permissions-catalina.el ends here|
There are some additional privacy restrictions on macOS Catalina related to folder access. Now we have to ask for permission to access
How to use
How to get access to the SIP protected folders
The easiest way is to call
The script will convert the
plutil -convert xml1 /Applications/Emacs.app/Contents/Info.plist
I granted Emacs Full Disk Access under System Preferences -> Security & Privacy -> Privacy.
Clicking the app icon launches Emacs with no access to the files under my account. However, if I launch an executable from the app contents in Finder, a terminal launches which then launches the same version of Emacs but with file access. This may be because I have a already granted permission to Terminal through a popup that appeared earlier.
Running the above script does not change this situation.
GNU Emacs 26.3 (build 1, x86_64-apple-darwin18.2.0, NS appkit-1671.20 Version 10.14.3 (Build 18D109)) of 2019-09-02
The ns-open-file-using-panel bit did the trick for me. However this seemed to be regardless of whether I had run the permission-fix script or not (tried it on multiple machines). I never saw any 'Emacs would like to access XXX' popups. This is on 10.15 release with homebrew cask Emacs.app.
I found that if I do File->Open (or ns-open-file-using-panel) and select ~/Documents/somedir/somefile, emacs can then see everything under ~/Documents/somedir/ (but still not ~/Documents). So to get emacs back to fully functional I had to be sure to open files at the root of the 3 special dirs: ~/Documents/somefile, ~/Downloads/somefile, ~/Desktop/somefile.
Does anyone know what we need to do to get this working better out of the box? I'm curious if it's Apple or Emacs' fault that we're not getting access permission popups by default.
I've tried all of the above, tried different Emacs distributions, and no matter what I do, File > Open crashes Emacs immediately, as does clicking on the File Open button on the tool bar, or "Open a File" on the splash page. This is what I get:
Exactly. Somehow in my case these files should also be "real" files under the ~/Documents (and etc.) folders but not symlinked.
This trick also works for mounted volumes under /Volumes folder.
After spending hours on getting emacs-plus from brew to get access to Documents when run as a service, i finally managed to click the file menu and saw that "bash" needed Accessability access to open the menu. I then added /bin/bash to "Full disk access" as well, and now it is working.