|;;; package --- Fix permissions for Emacs.app on macOS Catalina|
|;;; Author: Artem Loenko|
|;;; Mail-To: <email@example.com>|
|(defconst _default-emacs-app-plist-path "/Applications/Emacs.app/Contents/Info.plist")|
|(defconst _temp-buffer-name "*fixing Emacs permissions*")|
|(defconst _temp-buffer (get-buffer-create _temp-buffer-name))|
|(with-current-buffer _temp-buffer (erase-buffer))|
|(defun add-description-if-needed (description_key description)|
|"DESCRIPTION_KEY - DESCRIPTION."|
|(defconst read-args (list "read" _default-emacs-app-plist-path description_key))|
|(if (equal 1 (with-temp-buffer (apply 'call-process "defaults" nil (current-buffer) nil read-args)))|
|(princ (format "Missing: %s. Adding...\n" description_key) _temp-buffer)|
|(defconst write-args (list "write" _default-emacs-app-plist-path description_key "-string" description))|
|(apply 'call-process "defaults" nil (current-buffer) nil write-args))|
|(princ (format "Existed: %s. Skipping.\n" description_key) _temp-buffer)))|
|"Emacs requires permission to access the Desktop folder.")|
|"Emacs requires permission to access the Documents folder.")|
|"Emacs requires permission to access the Downloads folder.")|
|"Emacs requires permission to access files on Removable Volumes.")|
|;;; fix-emacs-permissions-catalina.el ends here|
There are some additional privacy restrictions on macOS Catalina related to folder access. Now we have to ask for permission to access
How to use
How to get access to the SIP protected folders
The easiest way is to call
The script will convert the
plutil -convert xml1 /Applications/Emacs.app/Contents/Info.plist
I granted Emacs Full Disk Access under System Preferences -> Security & Privacy -> Privacy.
Clicking the app icon launches Emacs with no access to the files under my account. However, if I launch an executable from the app contents in Finder, a terminal launches which then launches the same version of Emacs but with file access. This may be because I have a already granted permission to Terminal through a popup that appeared earlier.
Running the above script does not change this situation.
GNU Emacs 26.3 (build 1, x86_64-apple-darwin18.2.0, NS appkit-1671.20 Version 10.14.3 (Build 18D109)) of 2019-09-02
The ns-open-file-using-panel bit did the trick for me. However this seemed to be regardless of whether I had run the permission-fix script or not (tried it on multiple machines). I never saw any 'Emacs would like to access XXX' popups. This is on 10.15 release with homebrew cask Emacs.app.
I found that if I do File->Open (or ns-open-file-using-panel) and select ~/Documents/somedir/somefile, emacs can then see everything under ~/Documents/somedir/ (but still not ~/Documents). So to get emacs back to fully functional I had to be sure to open files at the root of the 3 special dirs: ~/Documents/somefile, ~/Downloads/somefile, ~/Desktop/somefile.
Does anyone know what we need to do to get this working better out of the box? I'm curious if it's Apple or Emacs' fault that we're not getting access permission popups by default.