Signing your shell script for macOS

Ivanti EPMM requires you to sign your shell scripts using the Ivanti EPMM script signing tool.

Before you begin 

Testing your shell script for macOS


  1. Download the Ivanti EPMM signing tool and place it in your $PATH. You can download it from Ivanti Support ; a login may be required.
  2. Open a terminal window.
  3. Sign your script by issuing a command with the following syntax:

    sign -s “My Signer” -r yes

    “My Signer” is the signing identity you created in Creating certificates for your shell scripts for macOS

    -r yes is an optional parameter. Include it only if you want to run the script as root because the script requires root permissions. Without -r yes, the script runs as the device user. This parameter is applicable to Ivanti Mobile@Work 1.1.0 for macOS or supported newer versions.

    script_name is the name of your macOS script.

The script signing tool produces a signed script called, where script_name is the name of the script.