joshua-d-miller
commented
5 years ago Hello @jeolsen,
Unfortunately, I have not been able to build a new build on macOS Catalina as we are involved in a directory conversion in our College. Once I have completed this, I'll be upgrading to Catalina and notarizing the application. I'm very sorry for the delay.
Thank you for understanding
jeolsen
Attempting to run macOSLAPS on Catalina does not seem to work for me. I'm on the latest version, but when it runs i see this in the console: Security policy would not allow process: 9061, /usr/local/laps/macOSLAPS
From talking with Apple, they indicate that the program does not appear to be notarized:
Below are the log entries related to the presented dialog:
debug 2019-10-10 12:17:50.261861 -0400 amfid com.apple.securityd open(/usr/local/laps/macOSLAPS,0x0,0x1b6) = 3 debug 2019-10-10 12:17:50.261955 -0400 amfid com.apple.securityd open(/usr/local/laps/macOSLAPS,0x0,0x1b6) = 4 debug 2019-10-10 12:17:50.262115 -0400 amfid com.apple.securityd 88145 signing bytes in 5 blob(s) from /usr/local/laps/macOSLAPS(x86_64) default 2019-10-10 12:17:50.277105 -0400 amfid /usr/local/laps/macOSLAPS signature not valid: -2147409652 debug 2019-10-10 12:17:50.277486 -0400 amfid com.apple.securityd open(/usr/local/laps/macOSLAPS,0x0,0x1b6) = 3 debug 2019-10-10 12:17:50.277542 -0400 amfid com.apple.securityd open(/usr/local/laps/macOSLAPS,0x0,0x1b6) = 4 debug 2019-10-10 12:17:50.277628 -0400 amfid com.apple.securityd 88145 signing bytes in 5 blob(s) from /usr/local/laps/macOSLAPS(x86_64) default 2019-10-10 12:17:50.286793 -0400 kernel mac_vnode_check_signature: /usr/local/laps/macOSLAPS: code signature validation failed fatally: When validating /usr/local/laps/macOSLAPS: The code contains a Team ID, but validating its signature failed. Please check your system log. default 2019-10-10 12:17:50.286835 -0400 kernel proc 26189: load code signature error 4 for file "macOSLAPS" default 2019-10-10 12:17:50.287168 -0400 kernel Security policy would not allow process: 26189, /usr/local/laps/macOSLAPS
What we are seeing here is the software failing signature validation and securityd shutting it down. This triggered the notification that you received.
At this point it will be up to the developer to address this issue in order for the software to not be shut down by the OS, as they are the ones who can work to address signing issues with the software. They will most likely need to also submit the software for notarization. This will ensure compatibility with macOS Catalina.