How to install "Helper Tools" via script

[samerfarida]

Hello,

We are going to install Privileges.app remotely and we would like to also execute the --remove after that but looks like there are additional installs needed like the helper tools /Library/PrivilegedHelperTools/corp.sap.privileges.helper and /Library/LaunchDaemons/corp.sap.privileges.helper.plist its seems like these are only triggered or prompted when using or launch privileges.app and getting an error when using PrivilegesCLI --remove.

Test01@TestMac ~ % su -l "$currentUser" -c "/Applications/Privileges.app/Contents/Resources/PrivilegesCLI --status"
User Test01 has admin rights

Test01@TestMac ~ % su -l "$currentUser" -c "/Applications/Privileges.app/Contents/Resources/PrivilegesCLI --remove"
Helper connection invalidated!
Failed to execute XPC method!: NSCocoaErrorDomain (4099)
Failed to execute XPC method!

With that said, is there a workaround via script to install Helper Tools to initial execution of the PrivilegesCLI --remove for the end users instead of waiting for the end users to initial that.

Thank you

Sammy

[rtrouton]

Here's how to build an installer package for Privileges:

https://derflounder.wordpress.com/2019/03/20/building-an-installer-package-for-privileges-app/

There are also AutoPkg recipes available, if you use AutoPkg's search function: autopkg search com.github.rtrouton.Privileges

Packages built using either the manual or AutoPkg-driven methods linked above will install the helper tools along with Privileges.

The error you're seeing is expected behavior. Privileges is hardened against having outside processes connect to the helper tools. For more details, please see the release notes for Privileges 1.5.1: https://github.com/SAP/macOS-enterprise-privileges/tree/1.5.1