Hi,
I’ve developed a custom Authorization Plugin and placed it under: /Library/Security/SecurityAgentPlugins/AuthPlugin.bundle
I also updated the corresponding right in the authorization database (authorizationdb) to point to my plugin’s mechanism.
However, when I invoke the right, my plugin does not get loaded. The system log shows the following errors:
AuthorizationHostHelper: Init: unable to load bundle executable for plugin: AuthPlugin.bundle
AuthorizationHostHelper: Processing request: Failed to create agent mechanism AuthPlugin:auth.startup.authenticate, failing authentication!
Here’s what I’ve verified so far:
The plugin bundle and its executable are signed and notarized successfully.
The executable inside the bundle is universal (arm64 + x86_64).
The bundle structure looks correct (Contents/Info.plist, Contents/MacOS/..., etc.).
Despite that, the plugin fails to load at runtime.
Could anyone provide advice on how to debug or trace why the SecurityAgent cannot load the bundle executable? Are there any entitlements, permissions, or SIP-related restrictions that might prevent custom authorization plugins from being loaded on modern macOS versions?
Thanks in advance for any insights!