Repeated amfi_allow_any_signature=1 in com.apple.Boot.plist

[sbytnar]

Is https://github.com/dosdude1/macos-catalina-patcher/compare/1.4.6...1.4.7#diff-b02c43ae7ed225e4526062b8638d36cfa58b8fd78bb3dcb6782bdbea19e1c8b2R40

a fix for this:

% cat /Library/Preferences/SystemConfiguration/com.apple.Boot.plist <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

Kernel Flags -no_compat_check amfi_allow_any_signature=1 amfi_allow_any_signature=1 amfi_allow_any_signature=1

Why not add "amfi_allow_any_signature=1" to nvram boot-args instead? (Forgive my ignorance on why that woudln't be good in this case.) My nvram boot-args are currently: -v keepsyms=1 kext-dev-mode=1 -no_compat_check amfi_get_out_of_my_way=1

Will try 1.4.7 soon.

Thanks, --Steve

[sbytnar]

I installed and upgraded to the 1.4.7 patches by copying the macOS Post Install.app to /Applications/Patcher1.4.7/ and running it via Terminal from a Catalina Patcher 1.4.4 USB Recovery stick in recovery mode. Is that a valid? Or does the entire USB partition need to be nuked and rebuilt?

After rebooting, I now have 4 copies of amfi_allow_any_signature=1 in /Library/Preferences/SystemConfiguration/com.apple.Boot.plist.

[NeoBlizzard-verbose]

I guess the no. of times amfi_allow_any_signature=1 appears depends on the no. of times one runs (intentionally/unintentionally (like Post-First-Boot Patch)) Library Validation Patch? Either way, adding those commands to boot-args makes more sense to me as it fixed all my app crashing issues. Maybe the Boot.plist does not get executed on time when the system starts, rendering its function obsolete at times (and making it work like a charm at some boots when it loads fast?)