Apple - Latest macOS Mojave update (10.14.4) and Mail.app Google accounts issue
No.
The update broke access to some Library configs that are under control of System Integrity Protection(SIP).
Boot to the recover console, disable SIP with 'csrutil disable' in the terminal, then boot into the OS, go into Internet Accounts and select Google as normal.
After following the steps to give your Mac permissions to your Google objects(mail, calendar, etc.), boot back into the recovery console and re-enable SIP by running 'csrutil enable'. Boot back into the OS and compute on.
I got the hint to do this by looking into the console logs in the console utility, but I have no idea which log I searched for 'google' or 'accounts' in, but I found a problem mentions an error with a 'file-write-xattr', so that gave me the idea that SIP was involved.
Someone should be able to track down the issue and get the errant permissions logged with Apple so the fix can go out with the next patch, or set a sticky here with a more detailed explanation and fix, and not just a work-around.
A quick Google search reveals that it's a bug in Mail.app in macOS Mojave 10.14.4 update.
From this post on MacRumors, a popular independent Apple news blog:
- Mac Mail App Broken for Some Gmail Users in macOS Mojave 10.14.4
Apple earlier this week released macOS Mojave 10.14.4, which has had the unfortunate side effect of rendering the Mail app unusable for some who use Gmail services for their email addresses.
After installing the macOS 10.14.4 update and opening the Mail app, Gmail users are asked to authenticate their email addresses using a Google web login form.
Unfortunately, the authentication process does not stick, and shortly after authenticating, the Mail app asks for authentication once again or refuses to work, listing all Gmail accounts as offline.
Additionally,
Some users have had success setting up their email accounts using IMAP as a workaround. Those who have contacted Apple support have been told that a fix is in the works, so the bug could be addressed in the near future.
Appears that the issue has been acknowledged and the fix is a work in progress.
Some other links worth checking which points to possible resolution:
The TL;DR on Apple’s macOS Mojave 10.14.4 Gmail/G-Suite Issue: It’s Fixed
Apple’s macOS Mojave 10.14.4 Update Includes Gmail Bug – We Have a Possible Fix
Some macOS Mojave 10.14.4 users having problems with Gmail & G Suite authentication in Apple Mail
Some macOS Mojave 10.14.4 users having problems with Gmail and G Suite authentication in Apple Mail
The issue:
As an update to what I've commented above, I had exactly this issue with accounts which were originally created as [email protected]
instead of [email protected]
. Since I always migrated my macOS, it is likely now expecting a @googlemail response during verification, but Google is returning the @gmail instead.
The solution:
To everyone that is still having issues, this solution simply overwrites the response that Google's servers are issuing. I'm reproducing the following how-to posted by Gannet on the MacRumours Forums:
- Download, install and run the app Charles. If this is your first time using Charles it should prompt you to authorize automatic proxy configuration. Do this. (Otherwise just make sure the macOS proxy is enabled and working)
- From the "Help" menu choose "SSL Proxying" > "Install Charles Root Certificate". Once the certificate is installed, find it in your keychain (type Charles into the search), open it, expand the Trust section and set to Always Trust. You will be prompted for your password when closing it.
- Back in Charles, select "SSL Proxying Settings..." from the "Proxy" menu .
- Add a new location with Host:
people.googleapis.com
. - From the Tools menu choose "Rewrite…", enable Rewrite, and click the "Add" button.
Add a new location with Host: people.googleapis.com. Add a new action with the following details:
- Type: Body
- Where: Response
- Replace Value:
{"names":[{"metadata":{"primary":true},"displayName":"User Name}],"emailAddresses":[{"value":"[email protected]"}]}
where of course you put in your actualUser Name
and[email protected]
values. In the end, it should look similar to this:
- Once you "apply" this, you're all set. Open "Internet Accounts" in the system preferences (or open Mail.app), and follow the authorisation procedure.
- Once everything is working, you can either repeat the steps for each of your problematic accounts, or Quit Charles and feel free to delete the rewrite rules as well as the certificate from your Keychain.