Topic: Definitive solution for macOS "driver not loaded" Security problems
Since Apple released MacOS 10.13 the so called Secure Kernel Extension Loading (SKEL) has caused continued frustration, and wasted tons of time for both customers and supporters - because it doesn't act reliably, predictably and always in the same way for everyone.
RME drivers (kernel extensions) are signed and notarized, compiled with the latest XCode, and therefore in most cases an easy and quick installation. But for some it can mean multiple installations, manually deleting files and countless reboots until the dreaded Security & Privacy Allow dialog pops up. Worst: for some that never happens.
There is a working solution to this problem. If all the following steps have failed:
- manually performimg the 'allow' function in the Security & Privacy app. Will only work if the RME driver is shown there.
- reinstalling the driver including reboots several times until the dialog comes up
- deleting the driver's kernel extension manually prior to reinstalling it
then the user can add the RME driver manually to the Mac's Trusted List. Instead of dectivating the whole System Integrity Protection (SIP), which also works, but obviously is not the best approach, adding the RME kernel extension (precisely: the RME team identifier) to the trusted list disables the SIP only for RME kernel extensions. No harm done and the computer is still protected as most users want it to be.
- Boot into macOS Recovery mode. To do so turn on the computer and immediately press and hold the keys Command (⌘) and R. Release the keys when you see an Apple logo, spinning globe, or other startup screen. Enter your password if requested to do so. Startup is complete when you see the utilities window.
- Open Terminal from the Utilities menu in the menu bar.
- Run the command: /usr/sbin/spctl kext-consent add 67AK2U2X7M
- Reboot the computer
It should not be necessary, but in case the driver is still not loaded check that everything worked as expected by using this command in the Terminal (Recovery mode not required):
/usr/sbin/spctl kext-consent list
This should give the following result:
Allowed Team Identifiers:
Thanks to our forum user arikaspi for making us aware of this procedure.
Mac OS Recovery: https://support.apple.com/en-ca/HT201314
Sophos SKEL Troubleshooting: https://community.sophos.com/kb/en-us/132813
RME Forum thread: https://forum.rme-audio.de/viewtopic.ph … 65#p152665
Debugging SKEL issue: https://forum.rme-audio.de/viewtopic.php?id=30416