I want to install a driver package without internet access and the installation fail. This I think it is due to it need internet to check for signature with Apple Server.
The workaround is to disable System Integrity Protection, but I do not have the administrator password to disable it.
How to install a driver and allow a driver to run without internet access and administrator account? This driver is develop by ourself but how to by pass the code signing and security check for others to use this driver on their Mac PC?
Currently I am following https://developer.apple.com/documentation/systemextensions/ossystemextensionrequest/activationrequest(forextensionwithidentifier:queue:)
to activate the system extension If the extension is inactive, the system may need to prompt the user for approval. Which others API can I use which do not need prompt user for approval?
Beside in order to validate the code signing, it need to communicate with Apple server which required internet access. Any method to by pass this validation?
You definitely need some sort of admin rights. There are two ways to activate a DriverKit driver:
-
Programmatically, via the System Extensions framework
-
With MDM
The first will prompt for admin authentication. The second only works if an admin user has enrolled the Mac into MDM in the first place.
On the Internet access front, I’m less certain. In most cases macOS will trust the notarised ticket stapled to your app. I talk about this more in Notarisation Fundamentals and The Pros and Cons of Stapling DevForums. I’m not sure if the system does additional checks for DriverKit drivers.
However, it seems like this is something you can confirm for yourself:
-
Run the testing described in Testing a Notarised Product, initially starting with just your app.
-
Assuming that works, try installing your driver.
-
Assuming that fails, re-enable networking on your VM and try again.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"