shoarthing Posted November 19, 2007 Share Posted November 19, 2007 Hi - recently downloaded [Firefox, in Leopard 10.5.1] the latext netkas AppleSMBIOS, in a *.zip archive. Extracted to Desktop, then ran xattr -l AppleSMBIOS.kext . . & on finding the 'com.apple.quarantine' extended attribute, ran: sudo xattr -d com.apple.quarantine AppleSMBIOS.kext . . after which, running xattr -l showed no extended attribute. Then deleted the original & installed this kext, set correct permissions, deleted Extensions.mkext & the kernelcache. On next boot, not only was it sloooow; but a little 'ghostbusters' no-entry image appeared over the Apple Logo, just before it eventually booted to the Desktop. This persisted at next boot. Switched to a Tiger install, redownloaded the same file from the same source, reinstalled from Tiger with exactly the same permissions, deleted Extensions.mkext & kernelcache . . . Result a clean boot with no warning. There clearly is a deeper level of marking downloaded files in metadata than it appears; & this seems to me to be even more a feature of 10.5.1 than it was in 10.5.0 Removing 'com.apple.quarantine' appears inadequate - does anyone here know what is going on & how to completely remove such metadata from downloads? BTW: yes, I do know about this folder-action hack [doesn't work in 10.5.1] & this nice use of Launch Agent [also doesn't work, tho' pebcak always a partner here]. Here's an interesting post on the Apple Support forums. BTW2: I've also noticed this same 'ghostbusters' icon overlaid on a copy of Transmission.app [also with the com.apple.quarantine attribute removed] which I'd dragged into the Applications folder - this appeared to persist for about 24 hours, but is now not visible. Link to comment Share on other sites More sharing options...
fishyeah Posted November 19, 2007 Share Posted November 19, 2007 It seems 'com.apple.quarantine' attribute is set for all the files contained within a kext. Have you tried this: sudo find AppleSMBIOS.kext -exec xattr -d com.apple.qurantine {} \; Link to comment Share on other sites More sharing options...
shoarthing Posted November 19, 2007 Author Share Posted November 19, 2007 It seems 'com.apple.quarantine' attribute is set for all the files contained within a kext. Have you tried this:sudo find AppleSMBIOS.kext -exec xattr -d com.apple.qurantine {} \; . . aha . . . that sounds likely [bar the spelling] . . . many thanks & will check it out. . . but then why would this 'ghostbusters' logo overlay a downloaded *.app [with the com.apple.quarantine attribute removed] dragged into the Applications folder . . . ? I thought *.apps were blobs? [Edit] this is what I mean by the 'ghostbusters' overlaid icon: Link to comment Share on other sites More sharing options...
SA22C Posted November 19, 2007 Share Posted November 19, 2007 The weird thing is that in my case I used several .kexts that had the quarantine attribute without any ill effect for quite a few days, so just having the quarantine attribute present or not is not necessarily the explaination for a non-working .kext. Link to comment Share on other sites More sharing options...
Recommended Posts