TCC.db

[TCC.db] ローカルドメインのtcc.dbを操作する

/Library/Application Support/com.apple.TCC/TCC.db を操作します
要管理者権限になります。

ダウンロード - tcc.db.local.scpt.zip




ユーザードメインのカメラ マイク 音声 をONにして
ローカルドメインのフルディスクアクセス 画面収録 アクセシビリティをONにします。

Screencapture_1316x1154_202111012148482



(************************************************************************
この上の▶︎をぽっちっとしてください

TCC.dbに選択したアプリを登録します
登録するのは
ユーザードメイン
カメラ マイク 音声認識です。
ローカルドメイン
フルディスクアクセス スクリーンキャプチャ アクセシビリティ をONにします
20211101 初回作成

************************************************************************)
set theCommandText to ("id -un") as text
set theUserName to (do shell script theCommandText) as text
try
tell application "Finder"
activate
set objDialog to (display dialog "要管理者権限パスワード" default answer "" with title "このMacのログインパスワード" with hidden answer)
end tell
set theAdminPassWord to (text returned of objDialog) as text
on error
"パスワードを取得できませんでした"
return
end try
########################################################


set theCommandText to ("id -un") as text
set theUserName to (do shell script theCommandText) as text


tell application "Finder"
set aliasChooseApp to (choose file "test" with prompt "" of type {"APPL"} default location "/Applications" with multiple selections allowed without showing package contents) as list
end tell

set numCntAppList to (count of aliasChooseApp) as number
set numCntApp to 1 as number

repeat numCntAppList times
set theLineAPP to (item numCntApp of aliasChooseApp) as alias
set theFileInfo to info for theLineAPP as list

tell theFileInfo
set theBundleIdentifier to (bundle identifier as list) as text
end tell
########################################################
try
set theCommandText to ("/usr/bin/tccutil reset Camera " & theBundleIdentifier & "") as text
do shell script theCommandText
delay 0.5
end try
try
set theCommandText to ("/usr/bin/tccutil reset Microphone " & theBundleIdentifier & "") as text
do shell script theCommandText
delay 0.5
end try
try
set theCommandText to ("/usr/bin/tccutil reset SpeechRecognition " & theBundleIdentifier & "") as text
do shell script theCommandText
delay 0.5
end try
########################################################
try
set theCommandText to ("/usr/bin/sudo /usr/bin/tccutil reset SystemPolicyAllFiles " & theBundleIdentifier & "") as text
do shell script theCommandText user name theUserName password theAdminPassWord with administrator privileges
delay 0.5
end try
try
set theCommandText to ("/usr/bin/sudo /usr/bin/tccutil reset ScreenCapture " & theBundleIdentifier & "") as text
do shell script theCommandText user name theUserName password theAdminPassWord with administrator privileges
delay 0.5
end try
try
set theCommandText to ("/usr/bin/sudo /usr/bin/tccutil reset Accessibility " & theBundleIdentifier & "") as text
do shell script theCommandText user name theUserName password theAdminPassWord with administrator privileges
delay 0.5
end try
########################################################
try
set theCommandText to ("/usr/bin/sudo /usr/bin/sqlite3 /Library/Application\\ Support/com.apple.TCC/TCC.db \"INSERT INTO access VALUES('kTCCServiceSystemPolicyAllFiles','" & theBundleIdentifier & "',0,2,2,1, NULL,NULL,NULL,'UNUSED',NULL,0,1606059851);\"") as text
do shell script theCommandText user name theUserName password theAdminPassWord with administrator privileges
delay 0.5
end try
try
set theCommandText to ("/usr/bin/sudo /usr/bin/sqlite3 /Library/Application\\ Support/com.apple.TCC/TCC.db \"INSERT INTO access VALUES('kTCCServiceScreenCapture','" & theBundleIdentifier & "',0,2,2,1, NULL,NULL,NULL,'UNUSED',NULL,0,1606059851);\"") as text
do shell script theCommandText user name theUserName password theAdminPassWord with administrator privileges
delay 0.5
end try
try
set theCommandText to ("/usr/bin/sudo /usr/bin/sqlite3 /Library/Application\\ Support/com.apple.TCC/TCC.db \"INSERT INTO access VALUES('kTCCServiceAccessibility','" & theBundleIdentifier & "',0,2,2,1, NULL,NULL,NULL,'UNUSED',NULL,0,1606059851);\"") as text
do shell script theCommandText user name theUserName password theAdminPassWord with administrator privileges
delay 0.5
end try
########################################################
try
set theCommandText to ("/usr/bin/sqlite3 /Users/" & theUserName & "/Library/Application\\ Support/com.apple.TCC/TCC.db \"INSERT INTO access VALUES('kTCCServiceCamera','" & theBundleIdentifier & "',0,2,2,1, NULL,NULL,NULL,'UNUSED',NULL,0,1606059851);\"") as text
do shell script theCommandText
delay 0.5
end try
try
set theCommandText to ("/usr/bin/sqlite3 /Users/" & theUserName & "/Library/Application\\ Support/com.apple.TCC/TCC.db \"INSERT INTO access VALUES('kTCCServiceMicrophone','" & theBundleIdentifier & "',0,2,2,1, NULL,NULL,NULL,'UNUSED',NULL,0,1606059851);\"") as text
do shell script theCommandText
delay 0.5
end try
try
set theCommandText to ("/usr/bin/sqlite3 /Users/" & theUserName & "/Library/Application\\ Support/com.apple.TCC/TCC.db \"INSERT INTO access VALUES('kTCCServiceSpeechRecognition','" & theBundleIdentifier & "',0,2,2,1, NULL,NULL,NULL,'UNUSED',NULL,0,1606059851);\"") as text
do shell script theCommandText
delay 0.5
end try

set numCntApp to numCntApp + 1 as number
end repeat

set theCommandText to ("open \"x-apple.systempreferences:com.apple.preference.security?Privacy_SpeechRecognition\"") as text
do shell script theCommandText

|

[TCC.db]zoomインストールとTCC.db操作のサンプル

zoom.us.appはローカルインストールとユーザーインストールが選べます。
zoomをユーザードメインにインストールして
TCC.dbを操作して
カメラ マイク 音声認識 をONにするサンプル
(画面共有→画面収録、ファイル・画面共有→アクセシビリティ+旧ディスクアクセスはローカルTCC.dbなので今回は設定しない)


ダウンロード - zoominstall.zip



zoom.us.commandの拡張子をshに変更すればサイレントインストールとしても利用可能

注意
OS11以上専用





tell current application
activate
end tell

try
set theCommandText to ("id -un") as text
set theUserName to (do shell script theCommandText) as text
end try


try
set theCommandText to ("date '+%Y%m%d_%H%M%S'") as text
set theDate to (do shell script theCommandText) as text
end try

try
set theCommandText to ("echo $HOME") as text
set theHomeDir to (do shell script theCommandText) as text
end try

try
set theCommandText to ("mkdir -p '/tmp/" & theDate & "'") as text
do shell script theCommandText
end try


set theCpuType to (CPU type of (system info)) as text


if theCpuType contains "ARM" then

try
set theCommandText to ("curl -L -o '/tmp/" & theDate & "/Zoom.pkg' 'https://zoom.us/client/latest/Zoom.pkg?archType=arm64' --connect-timeout 20") as text
do shell script theCommandText
end try
else


try
set theCommandText to ("curl -L -o '/tmp/" & theDate & "/Zoom.pkg' 'https://zoom.us/client/latest/Zoom.pkg' --connect-timeout 20") as text
do shell script theCommandText
end try
end if


try
set theCommandText to ("mkdir -p ~/Applications") as text
do shell script theCommandText
end try
try
set theCommandText to ("touch ~/Applications/.localized") as text
do shell script theCommandText
end try
try
set theCommandText to ("chmod 700 ~/Applications") as text
do shell script theCommandText
end try
try
set theCommandText to ("chmod 700 ~/Applications/.localized") as text
do shell script theCommandText
end try



try
set theCommandText to ("killall \"zoom.us\"") as text
do shell script theCommandText
end try

try
set theCommandText to ("killall \"zoom.us Graphics and Media\"") as text
do shell script theCommandText
end try
try
set theCommandText to ("killall \"zoom.us Networking\"") as text
do shell script theCommandText
end try
try
set theCommandText to ("killall \"https://us05web.zoom.us\"") as text
do shell script theCommandText
end try



try
tell application "Finder"
set aliasZoomApp to POSIX file "/Applications/zoom.us.app"
move file aliasZoomApp to trash
end tell
end try


try
set theCommandText to ("installer -verboseR -pkg '/tmp/" & theDate & "/Zoom.pkg' -target CurrentUserHomeDirectory -dumplog -allowUntrusted -lang ja") as text
do shell script theCommandText
end try


try
set theCommandText to ("defaults write com.apple.dock persistent-apps -array-add \"<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>$HOME/Applications/zoom.us.app</string><key>_CFURLStringType</key><integer>0</integer></dict></dict></dict>\"") as text
do shell script theCommandText
end try

try
set theCommandText to ("defaults write com.apple.dock persistent-others -array-add \"<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>file://$HOME/Applications/</string><key>_CFURLStringType</key><integer>15</integer></dict><key>file-label</key><string>Applications</string><key>file-type</key><integer>2</integer></dict><key>tile-type</key><string>directory-tile</string></dict>\"") as text
do shell script theCommandText
end try

try
set theCommandText to ("/usr/bin/tccutil reset Microphone us.zoom.xos") as text
do shell script theCommandText
end try
try
set theCommandText to ("/usr/bin/tccutil reset Camera us.zoom.xos") as text
do shell script theCommandText
end try
try
set theCommandText to ("/usr/bin/tccutil reset SpeechRecognition us.zoom.xos") as text
do shell script theCommandText
end try

try
set theCommandText to ("/usr/bin/sqlite3 $HOME/Library/Application\\ Support/com.apple.TCC/TCC.db \"INSERT INTO access VALUES('kTCCServiceCamera','us.zoom.xos',0,2,2,1, NULL,NULL,NULL,'UNUSED',NULL,0,1606059851);\"") as text
do shell script theCommandText
end try

try
set theCommandText to ("/usr/bin/sqlite3 $HOME/Library/Application\\ Support/com.apple.TCC/TCC.db \"INSERT INTO access VALUES('kTCCServiceMicrophone','us.zoom.xos',0,2,2,1, NULL,NULL,NULL,'UNUSED',NULL,0,1606059851);\"") as text
do shell script theCommandText
end try
try
set theCommandText to ("/usr/bin/sqlite3 $HOME/Library/Application\\ Support/com.apple.TCC/TCC.db \"INSERT INTO access VALUES('kTCCServiceSpeechRecognition','us.zoom.xos',0,2,2,1, NULL,NULL,NULL,'UNUSED',NULL,0,1606059851);\"") as text
do shell script theCommandText
end try





try
set theCommandText to ("killall Dock") as text
do shell script theCommandText
end try



tell application "Finder"
open the (path to applications folder from user domain) as alias
end tell

|

[TCC.db]TCC.dbを操作してプライバシー設定を変更する(カメラ・マイク・音声認識)

一部修正
SPEECH_RECOGNITION→SpeechRecognition
OS11 OS12専用 OS10.15以下とTTC.DBは互換がありません

選択したアプリケーションを
システム環境設定>>セキュリティとプライバシー>>プライバシー

カメラ・マイク・音声認識を有効にする

ダウンロード - tcc.db.user.scpt.zip


Screencapture_1302x1158_202111010057322

(************************************************************************
この上の▶︎をぽっちっとしてください

TCC.dbに選択したアプリを登録します
登録するのは
カメラ マイク 音声認識です。
20211101 初回作成

************************************************************************)






set theComandText to ("id -un") as text
set theUserName to (do shell script theComandText) as text


tell application "Finder"
set aliasChooseApp to (choose file "test" with prompt "" of type {"APPL"} default location "/Applications" with multiple selections allowed without showing package contents) as list
end tell

set numCntAppList to (count of aliasChooseApp) as number
set numCntApp to 1 as number

repeat numCntAppList times
set theLineAPP to (item numCntApp of aliasChooseApp) as alias
set theFileInfo to info for theLineAPP as list

tell theFileInfo
set theBundleIdentifier to (bundle identifier as list) as text
end tell
try
set theCmdText to ("/usr/bin/tccutil reset Camera " & theBundleIdentifier & "") as text
do shell script theCmdText
delay 0.5
end try
try
set theCmdText to ("/usr/bin/tccutil reset Microphone " & theBundleIdentifier & "") as text
do shell script theCmdText
delay 0.5
end try
try
set theCmdText to ("/usr/bin/tccutil reset SpeechRecognition " & theBundleIdentifier & "") as text
do shell script theCmdText
delay 0.5
end try


try
set theCmdText to ("/usr/bin/sqlite3 /Users/" & theUserName & "/Library/Application\\ Support/com.apple.TCC/TCC.db \"INSERT INTO access VALUES('kTCCServiceCamera','" & theBundleIdentifier & "',0,2,2,1, NULL,NULL,NULL,'UNUSED',NULL,0,1606059851);\"") as text
do shell script theCmdText
delay 0.5
end try
try
set theCmdText to ("/usr/bin/sqlite3 /Users/" & theUserName & "/Library/Application\\ Support/com.apple.TCC/TCC.db \"INSERT INTO access VALUES('kTCCServiceMicrophone','" & theBundleIdentifier & "',0,2,2,1, NULL,NULL,NULL,'UNUSED',NULL,0,1606059851);\"") as text
do shell script theCmdText
delay 0.5
end try
try
set theCmdText to ("/usr/bin/sqlite3 /Users/" & theUserName & "/Library/Application\\ Support/com.apple.TCC/TCC.db \"INSERT INTO access VALUES('kTCCServiceSpeechRecognition','" & theBundleIdentifier & "',0,2,2,1, NULL,NULL,NULL,'UNUSED',NULL,0,1606059851);\"") as text
do shell script theCmdText
delay 0.5
end try

set numCntApp to numCntApp + 1 as number
end repeat

set theCmdText to ("open \"x-apple.systempreferences:com.apple.preference.security?Privacy_SpeechRecognition\"") as text
do shell script theCmdText

|

[OS12]PrivacyTCCServices

PrivacyTCCServices
kTCCServiceAddressBook
serviceNameCONTACTS
serviceIcon-by-bundleidcom.apple.AddressBook
noServicesInTableStringCONTACTS_EMPTY_APP_LIST
serviceSummaryCONTACTS_SUMMARY
quitRevokeTitleForAppNameCONTACTS_QUIT_REVOKE_TITLE
quitAllowTitleForAppNameCONTACTS_QUIT_ALLOW_TITLE
revealElementKeyNamePrivacy_Contacts
kTCCServiceCalendar
serviceNameCALENDARS
serviceIcon-by-bundleidcom.apple.iCal
noServicesInTableStringCALENDARS_EMPTY_APP_LIST
serviceSummaryCALENDARS_SUMMARY
quitRevokeTitleForAppNameCALENDARS_QUIT_REVOKE_TITLE
quitAllowTitleForAppNameCALENDARS_QUIT_ALLOW_TITLE
revealElementKeyNamePrivacy_Calendars
kTCCServiceReminders
serviceNameREMINDERS
serviceIcon-by-bundleidcom.apple.reminders
noServicesInTableStringREMINDERS_EMPTY_APP_LIST
serviceSummaryREMINDERS_SUMMARY
quitRevokeTitleForAppNameREMINDERS_QUIT_REVOKE_TITLE
quitAllowTitleForAppNameREMINDERS_QUIT_ALLOW_TITLE
revealElementKeyNamePrivacy_Reminders
kTCCServiceCamera
serviceNameCAMERA
serviceIconprivacy-cameraservices
noServicesInTableStringCAMERA_EMPTY_APP_LIST
serviceSummaryCAMERA_SUMMARY
quitRevokeTitleForAppNameCAMERA_QUIT_REVOKE_TITLE
quitAllowTitleForAppNameCAMERA_QUIT_ALLOW_TITLE
revealElementKeyNamePrivacy_Camera
kTCCServiceMicrophone
serviceNameMICROPHONE
serviceIconprivacy-microphoneservices
noServicesInTableStringMICROPHONE_EMPTY_APP_LIST
serviceSummaryMICROPHONE_SUMMARY
quitRevokeTitleForAppNameMICROPHONE_QUIT_REVOKE_TITLE
quitAllowTitleForAppNameMICROPHONE_QUIT_ALLOW_TITLE
revealElementKeyNamePrivacy_Microphone
kTCCServiceSystemPolicyAllFiles
serviceNameALL_FILES
serviceIcon-by-imagenamedNSFolder
serviceIconprivacy-allfiles
serviceSummaryALL_FILES_SUMMARY
quitRevokeTitleForAppNameALL_FILES_QUIT_REVOKE_TITLE
quitAllowTitleForAppNameALL_FILES_QUIT_ALLOW_TITLE
revealElementKeyNamePrivacy_AllFiles
requiresAdmintrue
supportsDroppingAppstrue
supportsAddRemoveBartrue
kTCCServiceScreenCapture
requiresAdmintrue
serviceNameSCREEN_CAPTURE
supportsAddRemoveBartrue
supportsDroppingAppstrue
serviceIcon-by-path/System/Library/PreferencePanes/Displays.prefPane/Contents/Resources/Displays.icns
serviceIconprivacy-screencapture
noServicesInTableStringSCREEN_CAPTURE_EMPTY_APP_LIST
serviceSummarySCREEN_CAPTURE_SUMMARY
quitRevokeTitleForAppNameSCREEN_CAPTURE_REVOKE_TITLE
quitAllowTitleForAppNameSCREEN_CAPTURE_QUIT_ALLOW_TITLE
revealElementKeyNamePrivacy_ScreenCapture
kTCCServiceListenEvent
serviceNameLISTEN_EVENT
serviceIconprivacy-listenevents
noServicesInTableStringLISTEN_EVENT_EMPTY_APP_LIST
serviceSummaryLISTEN_EVENT_SUMMARY
quitRevokeTitleForAppNameLISTEN_EVENT_REVOKE_TITLE
quitAllowTitleForAppNameLISTEN_EVENT_QUIT_ALLOW_TITLE
revealElementKeyNamePrivacy_ListenEvent
requiresAdmintrue
supportsDroppingAppstrue
supportsAddRemoveBartrue
kTCCServiceSpeechRecognition
serviceNameSPEECH_RECOGNITION
serviceIconprivacy-speechrecognition
noServicesInTableStringSPEECH_RECOGNITION_EMPTY_APP_LIST
serviceSummarySPEECH_RECOGNITION_SUMMARY
quitRevokeTitleForAppNameSPEECH_RECOGNITION_EVENT_REVOKE_TITLE
quitAllowTitleForAppNameSPEECH_RECOGNITION_EVENT_QUIT_ALLOW_TITLE
revealElementKeyNamePrivacy_SpeechRecognition
kTCCServiceDeveloperTool
serviceNameDEV_TOOLS
serviceIcon-by-bundleidcom.apple.dt.Xcode
serviceSummaryDEV_TOOLS_SUMMARY
revealElementKeyNamePrivacy_DevTools
requiresAdmintrue
supportsDroppingAppstrue
supportsAddRemoveBartrue
hideWhenEmptytrue
kTCCServiceBluetoothAlways
serviceNameBLUETOOTH
serviceIconprivacy-bluetooth
noServicesInTableStringBLUETOOTH_EMPTY_APP_LIST
serviceSummaryBLUETOOTH_SUMMARY
quitRevokeTitleForAppNameBLUETOOTH_QUIT_REVOKE_TITLE
quitAllowTitleForAppNameBLUETOOTH_QUIT_ALLOW_TITLE
revealElementKeyNamePrivacy_Bluetooth
supportsDroppingAppstrue
supportsAddRemoveBartrue
kTCCServiceMediaLibrary
serviceNameMEDIA
serviceIconprivacy-medialibrary
noServicesInTableStringMEDIA_EMPTY_APP_LIST
serviceSummaryMEDIA_SUMMARY
quitRevokeTitleForAppNameMEDIA_QUIT_REVOKE_TITLE
quitAllowTitleForAppNameMEDIA_QUIT_ALLOW_TITLE
revealElementKeyNamePrivacy_Media
kTCCServiceWillow
serviceNameHOMEKIT
serviceIcon-by-bundleidcom.apple.Home
noServicesInTableStringHOMEKIT_EMPTY_APP_LIST
serviceSummaryHOMEKIT_SUMMARY
quitRevokeTitleForAppNameHOMEKIT_QUIT_REVOKE_TITLE
quitAllowTitleForAppNameHOMEKIT_QUIT_ALLOW_TITLE
revealElementKeyNamePrivacy_HomeKit
requiresAdmintrue
kTCCServiceFocusStatus
serviceSummaryDND_SUMMARY
serviceNameDND_SERVICE_NAME
quitAllowTitleForAppNameDND_QUIT_ALLOW_TITLE
quitRevokeTitleForAppNameDND_QUIT_REVOKE_TITLE
noServicesInTableStringDND_EMPTY_APP_LIST
revealElementKeyNamePrivacy_Focus
serviceIconprivacy-dnd

|

[OS12]PrivacyTCCServices

NOserviceNameserviceIcon-by-bundleidnoServicesInTableStringserviceSummaryquitRevokeTitleForAppNamequitAllowTitleForAppNamerevealElementKeyNamerequiresAdminsupportsDroppingAppssupportsAddRemoveBarhideWhenEmpty
kTCCServiceAddressBookCONTACTScom.apple.AddressBookCONTACTS_EMPTY_APP_LISTCONTACTS_SUMMARYCONTACTS_QUIT_REVOKE_TITLECONTACTS_QUIT_ALLOW_TITLEPrivacy_Contacts
kTCCServiceCalendarCALENDARScom.apple.iCalCALENDARS_EMPTY_APP_LISTCALENDARS_SUMMARYCALENDARS_QUIT_REVOKE_TITLECALENDARS_QUIT_ALLOW_TITLEPrivacy_Calendars
kTCCServiceRemindersREMINDERScom.apple.remindersREMINDERS_EMPTY_APP_LISTREMINDERS_SUMMARYREMINDERS_QUIT_REVOKE_TITLEREMINDERS_QUIT_ALLOW_TITLEPrivacy_Reminders
kTCCServiceCameraCAMERAprivacy-cameraservicesCAMERA_EMPTY_APP_LISTCAMERA_SUMMARYCAMERA_QUIT_REVOKE_TITLECAMERA_QUIT_ALLOW_TITLEPrivacy_Camera
kTCCServiceMicrophoneMICROPHONEprivacy-microphoneservicesMICROPHONE_EMPTY_APP_LISTMICROPHONE_SUMMARYMICROPHONE_QUIT_REVOKE_TITLEMICROPHONE_QUIT_ALLOW_TITLEPrivacy_Microphone
kTCCServiceSystemPolicyAllFilesALL_FILESNSFolderprivacy-allfilesALL_FILES_SUMMARYALL_FILES_QUIT_REVOKE_TITLEALL_FILES_QUIT_ALLOW_TITLEPrivacy_AllFilesTRUETRUETRUE
kTCCServiceListenEventLISTEN_EVENTprivacy-listeneventsLISTEN_EVENT_EMPTY_APP_LISTLISTEN_EVENT_SUMMARYLISTEN_EVENT_REVOKE_TITLELISTEN_EVENT_QUIT_ALLOW_TITLEPrivacy_ListenEventTRUETRUETRUE
kTCCServiceSpeechRecognitionSPEECH_RECOGNITIONprivacy-speechrecognitionSPEECH_RECOGNITION_EMPTY_APP_LISTSPEECH_RECOGNITION_SUMMARYSPEECH_RECOGNITION_EVENT_REVOKE_TITLESPEECH_RECOGNITION_EVENT_QUIT_ALLOW_TITLEPrivacy_SpeechRecognitionTRUETRUE
kTCCServiceBluetoothAlwaysBLUETOOTHprivacy-bluetoothBLUETOOTH_EMPTY_APP_LISTBLUETOOTH_SUMMARYBLUETOOTH_QUIT_REVOKE_TITLEBLUETOOTH_QUIT_ALLOW_TITLEPrivacy_Bluetooth
kTCCServiceMediaLibraryMEDIAprivacy-medialibraryMEDIA_EMPTY_APP_LISTMEDIA_SUMMARYMEDIA_QUIT_REVOKE_TITLEMEDIA_QUIT_ALLOW_TITLEPrivacy_Media
kTCCServiceWillowHOMEKITcom.apple.HomeHOMEKIT_EMPTY_APP_LISTHOMEKIT_SUMMARYHOMEKIT_QUIT_REVOKE_TITLEHOMEKIT_QUIT_ALLOW_TITLEPrivacy_HomeKitTRUE
kTCCServiceFocusStatusDND_SUMMARYDND_SERVICE_NAMEDND_QUIT_ALLOW_TITLEDND_QUIT_REVOKE_TITLEDND_EMPTY_APP_LISTPrivacy_Focusprivacy-dnd
kTCCServiceDeveloperToolDEV_TOOLScom.apple.dt.XcodeDEV_TOOLS_SUMMARYPrivacy_DevToolsTRUETRUETRUETRUE
kTCCServiceScreenCaptureSCREEN_CAPTUREprivacy-screencaptureSCREEN_CAPTURE_EMPTY_APP_LISTSCREEN_CAPTURE_SUMMARYSCREEN_CAPTURE_REVOKE_TITLESCREEN_CAPTURE_QUIT_ALLOW_TITLEPrivacy_ScreenCaptureTRUETRUETRUE

|

[macOS12]PrivacyServicesOrder

PrivacyServicesOrder
PrivacyLocationServicesType
PrivacyAccessibilityServicesType
PrivacyFileAccessType
PrivacyAutomationType
kTCCServiceAddressBook
kTCCServiceCalendar
kTCCServiceReminders
kTCCServiceCamera
kTCCServiceMicrophone
kTCCServiceSpeechRecognition
kTCCServiceListenEvent
kTCCServiceSystemPolicyAllFiles
kTCCServiceScreenCapture
kTCCServiceMediaLibrary
kTCCServiceWillow
kTCCServiceBluetoothAlways
kTCCServiceFocusStatus
kTCCServiceDeveloperTool

|

[Mac Admin]TCC.dbを操作する【その1】TCC (Transparency Consent Control)の基本情報

※OS10.15での操作になりますOS11とはテーブルの内容が異なりますので留意してください。

Transparency Consent Control Data Base
TCC.dbを操作します。


目的
TCC.dbを操作することで、WACOMのペンタブや
Microsoft Teamsでの画面共有の設定を速やかに行う


TCC.dbは
ローカルドメインとユーザードメインの2箇所に存在します。
ローカルドメイン
/Library/Application Support/com.apple.TCC/TCC.db
ユーザードメイン
/Users/ユーザー名/Library/Application Support/com.apple.TCC/TCC.db


TCC.dbはデータベースですので
操作には『sqlite3』を利用します。
/usr/bin/sqlite3


リセットツールとして
『tccutil』が用意されています
/usr/bin/tccutil

 

 


留意事項
OSのバージョンによって設定項目数が異なります。
ここでは10.15で説明します。

|

[Mac Admin]TCC.dbを操作する【その2】コントロールパネルのアンカー

いきなり脱線ですが
管理ユーザーが多い場合はこのような配慮が必要になります
コントロールパネルをアンカー指定で開く

Screen_capture_20201123_13_09_57

 

ユーザーに『セキュリティとプライバシー』のシステム環境設定を操作させる場合に
操作先を指定して開いておいてあげる場合

 

Screen_capture_20201123_13_18_48

 


--セキュリティとプライバシーのコントロールパネルを開く(最後に閉じた画面で)
try
set theCommand to ("open \"x-apple.systempreferences:com.apple.preference.security\"") as text
do shell script theCommand
end try
---カメラをアンカーにして開く
try
set theCommand to ("open \"x-apple.systempreferences:com.apple.preference.security?Privacy_Camera\"") as text
do shell script theCommand
end try

 

『セキュリティとプライバシー』のアンカーは以下
Privacy_Reminders
Privacy_SystemServices
Privacy_Calendars
Privacy_Assistive
Privacy_LocationServices
Privacy_Contacts
Privacy_Accessibility
Privacy_Camera
Privacy_AllFiles
Privacy_Microphone
General
Advanced
Firewall
FDE
Privacy

 

 

アンカー名はこのように取得できる


try
set theComand to ("open \"x-apple.systempreferences:com.apple.preference.security\"") as text
do shell script theComand
end try

delay 5

tell application "System Preferences"
set theAnchors to get name of anchors of current pane
end tell

log theAnchors

theAnchors

 

この方法で開けるシステム環境設定はこちらの一覧を参照してください

 


システム環境設定の一覧
com.apple.ClassroomSettings
com.apple.Localization
com.apple.preference.datetime
com.apple.preference.desktopscreeneffect
com.apple.preference.digihub.discs
com.apple.preference.displays
com.apple.preference.dock
com.apple.preference.energysaver
com.apple.preference.expose
com.apple.preference.general
com.apple.preference.ink
com.apple.preference.keyboard
com.apple.preference.mouse
com.apple.preference.network
com.apple.preference.notifications
com.apple.preference.printfax
com.apple.preference.screentime
com.apple.preference.security
com.apple.preference.sidecar
com.apple.preference.sound
com.apple.preference.speech
com.apple.preference.spotlight
com.apple.preference.startupdisk
com.apple.preference.trackpad
com.apple.preference.universalaccess
com.apple.preferences.AppleIDPrefPane
com.apple.preferences.appstore
com.apple.preferences.Bluetooth
com.apple.preferences.configurationprofiles
com.apple.preferences.extensions
com.apple.preferences.FamilySharingPrefPane
com.apple.preferences.icloud
com.apple.preferences.internetaccounts
com.apple.preferences.parentalcontrols
com.apple.preferences.password
com.apple.preferences.sharing
com.apple.preferences.softwareupdate
com.apple.preferences.users
com.apple.preferences.wallet
com.apple.prefpanel.fibrechannel
com.apple.prefs.backup
com.apple.Xsan

|

[Mac Admin]TCC.dbを操作する【その3】tccutil

tccutil
/usr/bin/tccutil
TCC(Transparency Consent Control)のユーティリティ
早い話が『TCCのリセットツール』

 

全リセット(オプションAllのAは大文字lは小文字)
/usr/bin/sudo /usr/bin/tccutil reset All
特定のサービスのみリセット
/usr/bin/sudo /usr/bin/tccutil reset サービス名
特定のアプリの全部リセット
/usr/bin/sudo /usr/bin/tccutil reset All アプリ名
特定のアプリの特定のサービスのみリセット
/usr/bin/sudo /usr/bin/tccutil reset サービス名 アプリ名

 

どんな時に使うか
■うっかりセキュリティ警告画面で『拒否』を選んじゃったとき(逆の『許可』の時もそう)
■環境移行しながらデバイスが変わった時
■各種ドライバーがバージョンアップして動作が不安定になった時

 

個別のアンカーのリセットは以下のように行う
/usr/bin/sudo /usr/bin/tccutil reset Microphone
/usr/bin/sudo /usr/bin/tccutil reset Camera
/usr/bin/sudo /usr/bin/tccutil reset Accessibility
/usr/bin/sudo /usr/bin/tccutil reset ListenEvent
/usr/bin/sudo /usr/bin/tccutil reset ScreenCapture
/usr/bin/sudo /usr/bin/tccutil reset SystemPolicyAllFiles

 

サービス名の一覧

Location Services
Contacts
Calendars
Reminders
Photos
Camera
Accessibility
Microphone
Speech Recognition
Input Monitoring
Full Disk Access
Files & Folders
Screen Recording
Automation
Analytics
Advertising

 

 

 

 

----tccutilのGeneral Commands Manual 内容は以下
NAME
tccutil -- manage the privacy database

 

SYNOPSIS
tccutil command service [bundle_id]

 

DESCRIPTION
The tccutil command manages the privacy database, which stores decisions
the user has made about whether apps may access personal data.

 

One command is current supported:

 

reset Reset all decisions for the specified service, causing apps to
prompt again the next time they access the service. If a bundle
identifier is specified, the service will be reset for that bun-
dle only.

 

EXAMPLES
To reset all decisions about whether apps may access the address book:

 

tccutil reset AddressBook
tccutil reset All com.apple.Terminal

|

[Mac Admin]TCC.dbを操作する【その4】Bundle identifierを取得する

TCC.dbに各種アプリケーションからのアクセスを許可するには
『Bundle identifier』バンドルIDで指定します。

 

AppleScriptだと

id of application "アプリケーション名"
例:id of application "Terminal" 

get bundle identifier of (info for (path to application "アプリケーション名"))
例:get bundle identifier of (info for (path to application "Terminal"))で
取得できる

 

コマンドだと
mdls -name kMDItemCFBundleIdentifier -r "UNIXパス"
例:mdls -name kMDItemCFBundleIdentifier -r "/System/Applications/Utilities/Terminal.app"
とか
/usr/libexec/PlistBuddy -c 'Print CFBundleIdentifier' /アプリケーションまでのUNIXパス/Contents/Info.plist
例:/usr/libexec/PlistBuddy -c 'Print CFBundleIdentifier' /Applications/Safari.app/Contents/Info.plist

 

等で取得します。
手動で一度TCCに登録してから…も良いかもしれません。

 

|

その他のカテゴリー

Accessibility AccessibilityCheck AccessibilityForm AccessibilityInDesign AccessibilityPDF Acrobat Acrobat Action Acrobat Annotation Acrobat AppleScripts Acrobat Character Acrobat Layer Acrobat PDF Embed API Acrobat PDF Form Print Acrobat Plug-ins Acrobat Portfolios Acrobat Print AcrobatBarcode AcrobatDialog AcrobatForm AcrobatJS AcrobatMenu AcrobatPDF AcrobatStamp AcrobatYouTube AddressBook Adobe Adobe InDesign Adobe Photoshop AdobeAppleScript AdobeBridge AdobeIllustrator AdobeJSX aed Alfresco Android AnimationGif Apple Apple Support AppleScript AppleScriptBasics AppleScriptCharacter AppleScriptColor AppleScriptDroplet AppleScriptErrorNum AppleScriptFolder AppleScriptFontBook AppleScriptRename AppleScriptTools AppleSymbols Applications Barcode Barcode2D BarcodePostal BetterHTMLExport Book BOX Browser buzz Certificates CharacterEntity CharacterSets Colors Cool Site CSS Cutting DecoMail DecorationMail Design Desktop Diff DJ dmg DNS Documents Download DTP eBook Editer eMail Envelopes ExifTool Facebook FFmpeg File System Fonts FontsTool FontsWeb FOOD FormPrint ftp Gadget Gif Animation Google Google Chrome Enterprise HexEditor HTML info iPhoto ISBN ISO iTunes iWork iWorkNumbers iWorkNumbersCalendar iWorkNumbersTimecard iWorkPages JavaScript JeditX JeditX Regexp JeditXAppleScript JIS jquery Letterpress Library logo Mac Admin Mac Archiver Mac Browser Mac Browser Plugin Mac QuickLook Mac Setup Mac Spotlight Mac Video Map Memo Microsoft Teams Mobby mobileconfig Moto Movies Music Network Basic ntp OCR Office OfficePowerPoint OSX Paint Pantone Paper PDFlib Permission Photo Pictograms Print Public Python QuickLook QuickTime QuickTimeSetting QuickTimeSound Real Media ReName ResourceFork ruby Sample Screen ScreenCast Search Security SEO Sharing SLAResource Sound Spotlight Stamp SWF TCC.db Tutorial PSD TV Twitter Typography Unicode Utilities Video WEB APP WebFont Wedding Windows WindowsMedia XML XMP XPS YouTube YouTube Rss