MacOS High Sierra KEXT Loading - Are there any ways to cancel user approval?

Question

As some kinds of MacOS developers know, Apple implemented Secure Kernel Extension Loading .

Users can approve third party KEXT by clicking Approve

Answer 1

To echo what people are saying in the comments, I found that the accepted solution did not work. I also had to reset the PRAM.

Working steps:

1. Create the following script somewhere on your filesystem (you will be running this from recovery mode, so you won't be able to copy and paste in that mode). You will need to replace TEAMID1234 with the team ID of the kext(s) you want to revoke consent for. Note that the full paths to /Volumes/Macintosh\ HD are required in recovery mode.

   I called my script /Users/me/revoke_kext_consent.sh, and ran chmod +x /Users/me/revoke_kext_consent.sh.

#!/bin/sh -e
/Volumes/Macintosh\ HD/usr/bin/sqlite3 /Volumes/Macintosh\ HD/var/db/SystemPolicyConfiguration/KextPolicy 'delete from kext_policy where team_id="TEAMID1234";'
/Volumes/Macintosh\ HD/usr/bin/sqlite3 /Volumes/Macintosh\ HD/var/db/SystemPolicyConfiguration/KextPolicy 'delete from kext_load_history_v3 where team_id="TEAMID1234";'

2. Reboot into recovery mode (boot with Cmd-R)

3. Open Terminal, and run the above script (/Volumes/Macintosh\ HD/Users/me/revoke_kext_consent.sh).

4. Reboot and reset the PRAM (boot with Cmd-Opt-P-R)