Completely reset TCC services database in macOS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| """ | |
| Completely reset TCC services database in macOS | |
| Note: Both the system and individual users have TCC databases; run the script as both | |
| a user and as root to completely reset TCC decisions at all levels. | |
| 2018-08-15: Resetting the 'Location' service fails; unknown cause | |
| 2018-08-16: Confirmed the 'All' service does not really reset _all_ | |
| services, so individual calls to each service is necessary. | |
| 2019-06-04: Still working in 10.15 beta :) | |
| 2019-08-16: Added new Catalina services (thanks @frogor) | |
| 2020-11-27: Corrected line `SystemPolicyDownloadsFolder` (thanks @tie) | |
| """ | |
| import subprocess | |
| SERVICES = [ | |
| "Accessibility", | |
| "AddressBook", | |
| "All", | |
| "AppleEvents", | |
| "Calendar", | |
| "Camera", | |
| "ContactsFull", | |
| "ContactsLimited", | |
| "Facebook", | |
| "FileProviderDomain", | |
| "FileProviderPresence", | |
| "LinkedIn", | |
| "Liverpool", | |
| "Location", | |
| "MediaLibrary", | |
| "Microphone", | |
| "Motion", | |
| "Photos", | |
| "PhotosAdd", | |
| "PostEvent", | |
| "Reminders", | |
| "ScreenCapture", | |
| "ShareKit", | |
| "SinaWeibo", | |
| "Siri", | |
| "SpeechRecognition", | |
| "SystemPolicyAllFiles", | |
| "SystemPolicyDesktopFolder", | |
| "SystemPolicyDeveloperFiles", | |
| "SystemPolicyDocumentsFolder", | |
| "SystemPolicyNetworkVolumes", | |
| "SystemPolicyRemovableVolumes", | |
| "SystemPolicySysAdminFiles", | |
| "SystemPolicyDownloadsFolder", | |
| "TencentWeibo", | |
| "Twitter", | |
| "Ubiquity", | |
| "Willow", | |
| ] | |
| if __name__ == "__main__": | |
| for service in SERVICES: | |
| cmd = ["/usr/bin/tccutil", "reset", service] | |
| try: | |
| subprocess.check_call( | |
| cmd, stderr=subprocess.PIPE | |
| ) | |
| print "Reset", service | |
| except subprocess.CalledProcessError: | |
| print "Unable to reset", service |
Line 51, SysyemPolicyDownloadsFolder should be SystemPolicyDownloadsFolder.
The print commands needs to be updated
print ("Reset"), service
print ("Unable to reset"), service
or they error
"Syntax errors detected :
Line 67:
print "Reset", service
^
SyntaxError: Missing parentheses in call to 'print'"
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The cause that reseting 'location' fails is because Location Service itens are not managed via TCC database.
All those location items listed under Privacy -> Location Services are managed by the locationd daemon.
They are all configured inside a plist file located at:
/var/db/locationd/clients.plist