I have a LaunchDaemon written in C++ that occasionally needs to mount an SMB share via a runtime created mount point and copy some files to that share.
With 10.14, this stil works just fine.
With 10.15, the share mounts just fine, but any attempt to read or write to it gives "operation not permitted".
If as a logged in user I go to system preferences/Security and grant full disk access to the executable file of my LaunchDaemon, it can read and write the share just fine.
Before turning on the full disk access in system prefs, It doesn't matter where I mount the drive. I can mount it from a terminal window or from my LaunchDaemon.
From a terminal window I can read/write the drive just fine.
The LaunchDaemon can not even "ls" the files on the drive
Looking for a way to do this programatically (code or script) without user intervention so it can be done during install.
I realize com.apple.security.files.all is listed as deprecated in the documentation, but I figured it might still work, so re-signed this executable with the entitlement but no luck. I have seen comments in this forum somewhere saying the the full disk access must be set by a user, and I'm guessing it was refering to the same thing.
Is there any way to get this to work on Catalina in a non-sandboxed executable?
alf
