How to Add Gatekeeper Exceptions from Command Line in Mac OS X
Typically if you want to have an application launch approved by the GateKeeper feature on a Mac, you right-click on the unidentified developers application and choose “Open”, or go through System Preferences to bypass Gatekeeper that way. Another option is to manually add application approvals and exceptions to Gatekeeper by turning to the command line in Mac OS X.
This is great for advanced users who want to script or automate application approvals, but it can also be helpful for remote administration and in other situations as well.
We’ll turn to the spctl command to achieve the desired effect here, which, as we’ve discussed before, users can also interact with to enable and disable Gatekeeper from Terminal.
Add an Application to Gatekeeper Approval from the Command Line in Mac OS X
To add an application to Gatekeepers exceptions and approved application launch list, use the –add flag with spctl to approve an application launch. The following syntax style is appropriate:
spctl --add /Path/To/Application.app
For example, to add approval for the imaginary application called “GooseRoute” that resides in the users downloads folder, the syntax string would look like the following:
spctl --add ~/Downloads/GooseRoute.app
You’ll need to enter an administrator password to approve the application with Gatekeeper, otherwise you can prefix the command with sudo if you’re performing this from SSH or want to automate the process.
Remove an Applications Gatekeeper Exception with spctl in Mac OS X
Removing an application from the Gatekeeper approval list is just as easy, simply switch out the –add flag with –remove, the syntax is otherwise the same:
spctl --remove /Path/To/Application.app
Again, you can prefix the command with sudo if desired, otherwise the familiar admin authentication pop-up will appear in Mac OS X to complete the removal of the application from Gatekeepers authorization list.
Remember, if you’re adding or removing applications that are buried in the file system with long complex paths, you can always drag and drop it into the Terminal window to print out the full path.