@Etresoft I have never seen a single Apple app ask for Full Disk Access at all. They most definitely never "auto-add" any permissions. Fair point - but I think to access time machine backups, I require this, unless you know otherwise? Then why do you care about this? Just give your app app Full Disk Access via MDM. MDM? We don't currently use it, but perhaps I'll do some research. It might make some of this stuff easier rather than having people do their own juggling, we could roll out policy level changes. The macOS version of bash is ancient. It is better to use zsh. For scripts, just use "sh". I'm aware, and most devs are using zsh via brew by default. We generally target bash on scripts since it plays nice in most of our environments, and I'm not doing anything dependent on new bash features, but this is a good point. Thanks for the tips!

Ok, so I think I answered my own question. I was getting caught up with the manual granting of full disk access to the script itself, but it turns out, my shebang was borking the permissions. I was doing this: #!/usr/bin/env bash instead of #!/usr/bin Which it turns out, means you would need to grant access to /usr/bin/env rather than /bin/bash. Duh. I don't really want to do either, since it seems like a 5 ton hammer for just getting time machine backup metadata, but unless someone can provide a better way to do this, I think it'll have to do. Thanks for looking!

@etresoft A number of the apple apps ask on first attempt, and then auto-add the permission. Thats why I asked. I don't care about App Store anything - this is a pure shell script to do compliance audits in my company to validate that users are actually performing regular time machine backups as required by our ISO standards. We only use this script internally.