How to Add Gatekeeper Exceptions from Command Line in Mac OS X

Jul 15, 2015 - 7 Comments

Gatekeeper app approval and removal with command line in OS X

Typically if you want to have an application launch approved by the GateKeeper feature on a Mac, you right-click on the unidentified developers application and choose “Open”, or go through System Preferences to bypass Gatekeeper that way. Another option is to manually add application approvals and exceptions to Gatekeeper by turning to the command line in OS X.


This is great for advanced users who want to script or automate application approvals, but it can also be helpful for remote administration and in other situations as well.

We’ll turn to the spctl command to achieve the desired effect here, which, as we’ve discussed before, users can also interact with to enable and disable Gatekeeper from Terminal.

Add an Application to Gatekeeper Approval from the Command Line in OS X

To add an application to Gatekeepers exceptions and approved application launch list, use the –add flag with spctl to approve an application launch. The following syntax style is appropriate:

spctl --add /Path/To/Application.app

For example, to add approval for the imaginary application called “GooseRoute” that resides in the users downloads folder, the syntax string would look like the following:

spctl --add ~/Downloads/GooseRoute.app

You’ll need to enter an administrator password to approve the application with Gatekeeper, otherwise you can prefix the command with sudo if you’re performing this from SSH or want to automate the process.

Remove an Applications Gatekeeper Exception with spctl in OS X

Removing an application from the Gatekeeper approval list is just as easy, simply switch out the –add flag with –remove, the syntax is otherwise the same:

spctl --remove /Path/To/Application.app

Again, you can prefix the command with sudo if desired, otherwise the familiar admin authentication pop-up will appear in OS X to complete the removal of the application from Gatekeepers authorization list.

Remember, if you’re adding or removing applications that are buried in the file system with long complex paths, you can always drag and drop it into the Terminal window to print out the full path.

Enjoy this tip? Subscribe to the OSXDaily newsletter to get more of our great Apple tips, tricks, and important news delivered to your inbox! Enter your email address below:

Related articles:

Posted by: Paul Horowitz in Command Line, Mac OS X, Tips & Tricks

7 Comments

» Comments RSS Feed

  1. Wharf Xanadu says:

    Great stuff thanks

  2. Avenged110 says:

    Not that it’s really that important, but I like how whoever edited the picture up top decided they should use the current Terminal icon, but not the current Security/Gatekeeper icon. Was that a conscious decision or rather, why is it that at this point, all article icons aren’t just the Yosemite versions? Again, this doesn’t really matter, but I just feel like pointing it out because I see this all over the place and it’s usually the Security icon that is outdated which I find almost a bit ironic.

  3. I use Flavors app to modify the OS to improve the look and feel and “flavor”… The developers say they CANNOT make a compatible app for El Capitan – is this method a possible workaround?

  4. Rex Rollman says:

    That sounds like the result of the upcoming security improvement to OS X, Rootless, which protects system files.

  5. Kyrodes says:

    There’s a fastest way: don’t double click. Right click the app and click in Open.

    The OS will ask if you really want to open it.

  6. After you right-click and select Open, Gatekeeper doesn’t prevent the app from launching anymore. Therefore, adding an exception in Terminal really isn’t needed unless maybe you want to push an unsigned app out to a large group of Mac users who are too lazy or too dumb to right-click.

Leave a Reply

 

Shop for Apple & Mac Deals on Amazon.com

Subscribe to OSXDaily

Subscribe to RSS Subscribe to Twitter Feed Follow on Facebook Subscribe to eMail Updates