How to get past developer cannot be identified restrictions on command line

This is part of the Semicolon&Sons Code Diary - consisting of lessons learned on the job. You're in the bash category.

Last Updated: 2024-10-12

I installed the chromedriver binary with Homebrew but it would not execute, showing Apple's warning "cannot be opened because developer could not be identified".

The fix was this line of code:

xattr -d com.apple.quarantine chromedriver

The more interesting and generalizable question is what this does. The overall keyword is that is uses the Extended File Attributes system, while enables users to associate computer files with metadata.

Typical uses: - storing the author of a document - the character encoding of a plain-text document - a checksum - discretionary access control information.

In linux, any regular file or directory may have extended attributes consisting of a name and associated data. The name consists of a namespace identifier and a dot character. Currently, four namespaces exist: user, trusted, security and system This data is not stored in the main data for files, but in the attributes area of the volume metadata (i.e. they are stored centrally). As such they are out of reach of normal file tools, and can only be accessed using tools specifically intended to work with xattrs.

Since macOS 10.5, files originating from the web are marked with com.apple.quarantine

Be careful when writing from one file system to another: sometimes the xattrs will be stripped (e.g. writing from HFS+ to NFS)

Resources