Signing your shell script for macOS

Ivanti EPMM requires you to sign your shell scripts using the Ivanti EPMM script signing tool.

Before you begin 

Testing your shell script for macOS

Procedure 

  1. Download the Ivanti EPMM signing tool and place it in your $PATH.
  2. Open a terminal window.
  3. Sign your script by issuing a command with the following syntax:

    sign -s “My Signer” -r yes script_name.sh

    “My Signer” is the signing identity you created in Creating certificates for your shell scripts for macOS

    -r yes is an optional parameter. Include it only if you want to run the script as root because the script requires root permissions. Without -r yes, the script runs as the device user. This parameter is applicable to [email protected] 1.1.0 for macOS or supported newer versions.

    script_name is the name of your macOS script.

The script signing tool produces a signed script called script_name.sh.p7s, where script_name is the name of the script.