Here’s a fully persistent, single-line setup — runs once, applies all settings, and installs a LaunchDaemon so they re-apply automatically on every boot:
sudo security authorizationdb write system.install.apple-software allow; sudo security authorizationdb write system.install.software allow; sudo security authorizationdb write system.install.pkg allow; sudo spctl --master-disable; defaults write com.apple.LaunchServices LSQuarantine -bool false; sudo defaults write /Library/Preferences/com.apple.security GKAutoRearm -bool false; sudo bash -c 'cat >/Library/LaunchDaemons/com.persist.disable-gatekeeper.plist <<EOF
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key><string>com.persist.disable-gatekeeper</string>
<key>ProgramArguments</key>
<array>
<string>/bin/bash</string>
<string>-c</string>
<string>spctl --master-disable; defaults write com.apple.LaunchServices LSQuarantine -bool false; defaults write /Library/Preferences/com.apple.security GKAutoRearm -bool false</string>
</array>
<key>RunAtLoad</key><true/>
</dict>
</plist>
EOF
'; sudo chmod 644 /Library/LaunchDaemons/com.persist.disable-gatekeeper.plist; sudo chown root:wheel /Library/LaunchDaemons/com.persist.disable-gatekeeper.plist; sudo launchctl load /Library/LaunchDaemons/com.persist.disable-gatekeeper.plist
To undo:
sudo security authorizationdb remove system.install.apple-software; sudo security authorizationdb remove system.install.software; sudo security authorizationdb remove system.install.pkg; sudo spctl --master-enable; defaults write com.apple.LaunchServices LSQuarantine -bool true; sudo defaults write /Library/Preferences/com.apple.security GKAutoRearm -bool true; sudo launchctl unload /Library/LaunchDaemons/com.persist.disable-gatekeeper.plist; sudo rm /Library/LaunchDaemons/com.persist.disable-gatekeeper.plist
NOTE:
Give "Installer" full disk access
/System/Library/CoreServices/Installer.app
------
DETAILS
------sudo security authorizationdb write system.install.apple-software allow
sudo security authorizationdb write system.install.software allow
sudo security authorizationdb write system.install.pkg allow
to undo
sudo security authorizationdb remove system.install.apple-software
sudo security authorizationdb remove system.install.software
sudo security authorizationdb remove system.install.pkg
additionally
sudo spctl --master-disable
(verify from settings after)
disable DMG verify:
defaults write com.apple.LaunchServices LSQuarantine -bool false