This one is a bit more confusing. Check to make sure that the process is not hung somehow by looking for the Network Extension name in the Activity Monitor.
I had rebooted and sure the process is not running in activity monitor . so it ws surprising.
Post
Replies
Boosts
Views
Activity
fine matt . will try out . thank you.
thankyou eskimo .
thankyou.
there are 2 states/messages seen on systemextensionsctl list comand: on deactivation without reboot: "terminated waiting to uninstall on reboot"
on deactivation after reboot: "uninstalling"
so the confusion .
@tartempion : that is a very detaild answer . the answer helped me to move ahead . many thank you .
many thanks Matt. that was of great help.
No . only on container app and extension .
thank you --!
i see that everything in the first is allowed in second . Dumping the output here
Entitlement for app
<dict>
<key>com.apple.application-identifier</key>
<string>TeamID.com.company.abcappn</string>
<key>com.apple.developer.networking.networkextension</key>
<array>
<string>content-filter-provider</string>
</array>
<key>com.apple.developer.system-extension.install</key>
<true/>
<key>com.apple.developer.team-identifier</key>
<string>TeamID</string>
</dict>
In the Embedded Profile for app
key>Entitlements</key>
<dict>
<key>com.apple.developer.system-extension.install</key>
<true/>
<key>com.apple.developer.networking.networkextension</key>
<array>
<string>packet-tunnel-provider-systemextension</string>
<string>app-proxy-provider-systemextension</string>
<string>content-filter-provider-systemextension</string>
<string>dns-proxy-systemextension</string>
<string>dns-settings</string>
</array>
<key>com.apple.application-identifier</key>
<string>TeamID.com.company.abcappn</string>
<key>keychain-access-groups</key>
<array>
<string>TeamID.*</string>
</array>
<key>com.apple.developer.team-identifier</key>
<string>TeamID</string>
</dict>
Anything else you suggest need to be examined .
thank you matt .
if it is serialised, wouldn't there will be lot of impact on performance .
@tartempion :
Am facing the same issue . do you host The XPC service in an app . i have a .xpc as target (not a daemon application containing .xpc ) which is directly used in launchd . have published the MachServices properly . any pointers would really help .
With default Network Extension Target the NEMachServiceName is already added.
should we just connect from the app to this NEMachServiceName and then start exchanging message.
was just curious whether I create the listener in the app and connect (from client) from the Network Extension. is it a good idea ?
thank you eskimo .
it is a NetworkExtension .
howz the setting up different in NetworkExtension & EndpointSecurity ?
thnsk you eskimo for the answer .is "App Sandbox entitlement" required for Driverkit ?
thank you eskimo.
it is Content filter