Catalina (10.15) behaves differently if a service installed via sudo or Finder.
I want our service to be shown in "Full Disk Access" view of the Security tab (the Security and Privacy pane).
I see that macOS 10.15 handles a service (LaunchDaemon) differently when .pkg is installed via sudo or Finder.
If a user clicks .pkg file from Finder it is successfully installed and our service is started.
It tries to access protected folders. Then it shown in "Full Disk Access" view. A user needs to put a tick to
give required permissions. It is expected.
But if I install .pkg using 'sudo /usr/sbin/installer -pkg [pkgname] -target' (it is installed without errors).
But in that case the service is not shown in the "Full Disk Access" view.
I tried to solve the issue and found several ways to make the service shown in "Full Disk Access" view.
1. You need to copy a service bundle to /Applications or ~/Desktop. It becomes visible "Full Disk Access" view.
2. Invoke 'open' command for the service bundle.
I did some investigations.
It seems that there is PackageKit API which registers bundles. Different UIDs are used
when a package is installed via sudo (with uid 0) and Finder (with user uid).
Our service resides in /Library/Application Support folder. May be OS handles this folder somehow differently.
Is there an official API to register a service bundle to make it visible in "Full Disk Access" view ?
Regards,
Yaroslav