Skip to content

Frequently Asked Questions

Jump to bottom
rtrouton edited this page May 12, 2022 · 2 revisions

PrivilegesBanner

Frequently Asked Questions

Why does the icon for Privileges.app change colors in the Dock?

This is by design. The icon is green and displays a locked padlock icon when you are a standard user.

The first Dock icon is for macOS Big Sur and the second Dock icon for macOS Catalina and earlier:

Privileges_icon_locked Privileges_icon_locked_catalina

The icon is yellow and displays an unlocked padlock icon when you are an administrator.

The first Dock icon is for macOS Big Sur and the second Dock icon for macOS Catalina and earlier:

Privileges_icon_unlocked Privileges_icon_unlocked_catalina

By default, is there a time limit on the admin rights granted by Privileges?

No. Admin rights are granted until some process (like running Privileges again) takes them away.

Can I set Privileges to give me administrator rights for a defined amount of time?

Yes. You can use the Toggle Privileges option on the dock icon to get admin rights for a set amount of time (the default amount is 20 minutes.)

Privileges_icon_unlocked_catalina

Privileges_icon_unlocked_catalina

To set the amount of time used by the Toggle Privileges option, use the following procedure:

  1. Launch Privileges.
  2. Click on the Privileges menu and select Preferences.
  3. Select the desired amount of time from the available options.

Privileges_icon_unlocked_catalina

What actions do the Lock Screen and Login Window toggle options perform?

The Lock Screen toggle option locks your screen. Privileges_icon_unlocked_catalina

The Login Window toggle option returns you to the Login Window without logging you out.

Privileges_icon_unlocked_catalina

How do I use Privileges.app in a script or from the command line?

Privileges supports command line use. To use the PrivilegesCLI command line tool, run /Applications- /Privileges.app/Contents/Resources/PrivilegesCLI followed by the option you want to use.

The PrivilegesCLI command line tool currently supports the following options:

/Applications/Privileges.app/Contents/Resources/PrivilegesCLI --add : Adds the logged-in user to the admin group.

PrivilegesCLI_add

/Applications/Privileges.app/Contents/Resources/PrivilegesCLI --remove : Removes the logged-in user from the admin group.

PrivilegesCLI_remove

/Applications/Privileges.app/Contents/Resources/PrivilegesCLI --status : Displays the current user's privileges.

PrivilegesCLI_status1

PrivilegesCLI_status2

For assistance, please run the following command to display all available options:

/Applications/Privileges.app/Contents/Resources/PrivilegesCLI

PrivilegesCLI_help

How do I access logs for Privileges?

Privileges uses the system log for logging. To see all logs for Privileges in the Console app, you can filter for the corp.sap.privileges.helperprocess.

console_show_privileges_process

To see only the logging associated with changing admin rights in the Console app, you can filter for log messages containing SAPCorp.

console_show_privileges_process_filtered_for_admin

To access the same logs from the command line, the log command can be used. To see all logs for Privileges using the log command, the following command can be used:

log show --style syslog --predicate 'process == "corp.sap.privileges.helper"'

log_show_privileges_process

To see only the logging associated with changing admin rights, the following command can be used:

log show --style syslog --predicate 'process == "corp.sap.privileges.helper" && eventMessage CONTAINS
"SAPCorp"'

log_show_privileges_process_filtered_for_admin

Clone this wiki locally