Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

No prompt for system extension #31

Open
JohnMacVeteran opened this issue Sep 17, 2023 · 8 comments
Open

No prompt for system extension #31

JohnMacVeteran opened this issue Sep 17, 2023 · 8 comments
Assignees

Comments

@JohnMacVeteran
Copy link

JohnMacVeteran commented Sep 17, 2023

I have downloaded the package from the releases page and the installation went well. After starting "Red Canary Mac Monitor" there was no prompt regarding the installation of the extension. Selecting the install command in the "Security Extension" menu does nothing. I am on 13.5.2.

@Brandon7CC
Copy link

Hey @JohnMacVeteran,
Can you make sure that you've done both of these in System Settings?

  • "Allow"ed the System Extension (most people forget this -- it displays directly above Accessory Security settings)
  • and enabled Full Disk Access
Screenshot 2023-09-22 at 3 53 20 PM

@JohnMacVeteran
Copy link
Author

Hi @Brandon7CC,

there is no option to do this:

Bildschirmfoto 2023-09-23 um 10 55 52 Bildschirmfoto 2023-09-23 um 10 56 20

@Brandon7CC
Copy link

@JohnMacVeteran thank you for providing the screenshots!

  • Here's what I'm interested in now... what state is the System Extension currently in? Can you grab this for me by running systemextensionsctl list? Which state is the Red Canary Security Extension in?
    • activated waiting for user
    • or activated enabled?
  • This give me a bit more information to dive into. Have you also tried installing on a non-MDM enrolled device? I'm wondering if a configuration profile is blocking the request.

Pre-install

> sudo systemextensionsctl list
0 extension(s)

Before user-allow

activated waiting for user

1 extension(s)
--- com.apple.system_extension.endpoint_security
enabled	active	teamID	bundleID (version)	name	[state]
	*	UA6JCQGF3F	com.redcanary.agent.securityextension (1.0.5/1)	Red Canary Security Extension	[activated waiting for user]

After user-allow

activated enabled

1 extension(s)
--- com.apple.system_extension.endpoint_security
enabled	active	teamID	bundleID (version)	name	[state]
*	*	UA6JCQGF3F	com.redcanary.agent.securityextension (1.0.5/1)	Red Canary Security Extension	[activated enabled]

Thank you for your patience!

@JohnMacVeteran
Copy link
Author

Hi @Brandon7CC ,

this is the output:
systemextensionsctl list
1 extension(s)
--- com.apple.system_extension.network_extension
enabled active teamID bundleID (version) name [state]

    • VBG97UB4TA com.objective-see.lulu.extension (2.5.1/2.5.1) Extension [activated enabled]

I had no chance to try the install on a non-MDM Mac so far.

@wawava
Copy link

wawava commented Mar 12, 2024

Hi @Brandon7CC i also have this promble on mac os 14.2,i use brew install mac-monitor and the situtation is same to John,when i run sudo systemextensionsctl list can't find com.redcanary.agent.securityextension

@wawava
Copy link

wawava commented Mar 14, 2024

@JohnMacVeteran block by some antivirus software,so you can test uninstall some antivirus software

@teemomiko
Copy link

We use (vmware workspace one) to management mac , when i install monitor , extension still not found . How can i fix it ? Pls help me to fix it , 3ks .
image

@changheluor007
Copy link

Apple M3 Pro
mac sequioa: 15.1.1 (24B91)
Also encountered this problem

3 extension(s)
--- com.apple.system_extension.network_extension (Go to 'System Settings > General > Login Items & Extensions > Network Extensions' to modify these system extension(s))
enabled active teamID bundleID (version) name [state]

    • NXELXU5YLW com.initex.proxifier.v3.macos.ProxifierExtension (3.11.0/3.11.0) ProxifierExtension [activated enabled]
    • VBG97UB4TA com.objective-see.lulu.extension (2.6.3/2.6.3) Extension [activated enabled]
      --- com.apple.system_extension.endpoint_security (Go to 'System Settings > General > Login Items & Extensions > Endpoint Security Extensions' to modify these system extension(s))
      enabled active teamID bundleID (version) name [state]
    • UA6JCQGF3F com.redcanary.agent.securityextension (1.0.5/1) Red Canary Security Extension [activated waiting for user]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

5 participants