Restoring the Default Gatekeeper Database

As I’ve mentioned previously, spctl is the command line tool to manage signing for Gatekeeper. This file edits the information stored in /var/db/SystemPolicy. Regrettably, this information can become corrupted (like all information in a database. And when it does, Apple has done us a favor by making a hidden default database with this information in the same directory, called .SystemPolicy-default.

To restore the default database, we just copy it over the top of the old one. Here, we’ll rename the old one first:

mv /var/db/SystemPolicy /var/db/SystemPolicyOLD

And then we’ll copy the defaults to make it the production database:

cp /var/db/.SystemPolicy-default /var/db/SystemPolicy

Then reboot and you should be good to go.

Comments are closed.