Jump to content

ESET 6.7.500.0 and 10.14 Mojave TCC issue)


Recommended Posts

Ah. Thanks very much for your clarification. I guess I got some bad advice from a support rep who advised that I should watch this thread and that the update would make a difference. Sounds like I'll need to get TCC profiles set up to work around this.

Link to post
Share on other sites
  • 1 month later...
On 12/7/2018 at 11:00 AM, brandobot said:

Just installed this new version. No pop-up once installed. I used my existing TCC exclusion profile. I will continue monitoring to make sure no other unexpected behavior pops up.

Greetings, all! @TomasP @brandobot I too am testing this in Jamf for a client and was wondering if you could share your configuration profile details.

More specifically, here's what I was also able to confirm:

codesign --verify --verbose /Applications/ESET\ Endpoint\ Security.app
/Applications/ESET Endpoint Security.app: valid on disk
/Applications/ESET Endpoint Security.app: satisfies its Designated Requirement
vm-admins-MacBook-Pro:~ vm-admin$ codesign --display --verbose /Applications/ESET\ Endpoint\ Security.app
Executable=/Applications/ESET Endpoint Security.app/Contents/MacOS/esets_gui
Identifier=com.eset.ees.6
Format=app bundle with Mach-O thin (x86_64)
CodeDirectory v=20200 size=39438 flags=0x0(none) hashes=1227+3 location=embedded
Signature size=9053
Timestamp=Jan 29, 2019 at 1:05:07 PM
Info.plist entries=29
TeamIdentifier=P8DQRXPVLP
Sealed Resources version=2 rules=13 files=424
Internal requirements count=1 size=176

Based on the above details, I would like clarification on what should be entered in the Code Requirement field within the Jamf  Pro PPPC payload that has since become available natively in the web console. Keep in mind that the above details are consistent with what others have previously posted. Can you please verify these details? I have provided a screen capture below for reference.

Screen Shot 2019-03-05 at 7.34.40 AM.png

I have a hunch it's this:

identifier "com.eset.ees.6" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = P8DQRXPVLP

 

Edited by sepiemoini
Link to post
Share on other sites
18 hours ago, sepiemoini said:

Greetings, all! @TomasP @brandobot I too am testing this in Jamf for a client and was wondering if you could share your configuration profile details.

More specifically, here's what I was also able to confirm:


codesign --verify --verbose /Applications/ESET\ Endpoint\ Security.app
/Applications/ESET Endpoint Security.app: valid on disk
/Applications/ESET Endpoint Security.app: satisfies its Designated Requirement
vm-admins-MacBook-Pro:~ vm-admin$ codesign --display --verbose /Applications/ESET\ Endpoint\ Security.app
Executable=/Applications/ESET Endpoint Security.app/Contents/MacOS/esets_gui
Identifier=com.eset.ees.6
Format=app bundle with Mach-O thin (x86_64)
CodeDirectory v=20200 size=39438 flags=0x0(none) hashes=1227+3 location=embedded
Signature size=9053
Timestamp=Jan 29, 2019 at 1:05:07 PM
Info.plist entries=29
TeamIdentifier=P8DQRXPVLP
Sealed Resources version=2 rules=13 files=424
Internal requirements count=1 size=176

Based on the above details, I would like clarification on what should be entered in the Code Requirement field within the Jamf  Pro PPPC payload that has since become available natively in the web console. Keep in mind that the above details are consistent with what others have previously posted. Can you please verify these details? I have provided a screen capture below for reference.

Screen Shot 2019-03-05 at 7.34.40 AM.png

I have a hunch it's this:


identifier "com.eset.ees.6" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = P8DQRXPVLP

 

I'm not sure if the validation is necessary, but otherwise, your hunch is right.

Link to post
Share on other sites

Thanks, @SysEPr! The post took a while to show up but I was able to verify all of this yesterday morning. All is well here and I even ran the silent install feature too. Here's how I was able to achieve that:

mkdir "/Library/Application Support/ESET/"
mkdir "/Library/Application Support/ESET/esets/"
mkdir "/Library/Application Support/ESET/esets/cache/" 
touch "/Library/Application Support/ESET/esets/cache/do_not_launch_esets_gui_after_installation"

This script ran just before the installer via an MDM policy. I then ran a post-install script to activate the product using the script below.

sudo /Applications/ESET\ Endpoint\ Security.app/Contents/MacOS/esets_daemon --wait-respond --activate key=<KEY>

The directions for the above command found here didn't include the full path so I had to investigate a bit and looked inside the wrapped PKG file (there was a post-install script showing the full path) inside the provided DMG.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...