Hello, I currently am designing a data backup solution, and have an unsandboxed launch agent written in DotNet 6 that needs read access to files in order to back them up. It is configured together with its own App Group (with the sandboxed GUI). However, this Launch Agent cannot access files or enumerate directories in ~/Library/Group Containers/com.apple.notes whatsoever (even after enabling full disk access for the calling app, the files are not restricted either). I am trying to access the NoteStore.sqlite and similar files so that the Launch Agent can read the file and upload it to S3. Is there some entitlement I need to add, or access prompt? It seems like there is additional security layers for Sandboxed folders for apps that I'm trying to bypass. What is the recommended solution for my use case?
(For Ventura and Sonoma users)
Post
Replies
Boosts
Views
Activity
Hello,
Currently my macOS application registers itself as a login item in the AppDelegate applicationDidFinishLaunching method (see code below)
However, I'm running into a problem that if the user is auto upgraded (internal 3rd party implementation) that the .pkg postinstall script runs, the last step which is launching the GUI application. Because of this, if a user unselects our app as a LoginItem, when it is relaunched, it will add itself back. I have checked the SMAppService statuses (.enabled, .notRegistered, .notFound) and discovered that when a user disables the app as a login item, the status is returned as .notFound. I am trying to find a way to detect if the user previously removed our app from login items and not register the app as a login item back, but for the first time the user opens the app the app is registered as a login item. Would checking if the status is .notRegistered work in this case for a first time install? What should i do differently?
func applicationDidFinishLaunching(_ aNotification: Notification) {
...
guard !Runtime.isDebug else {
self.logger.debug("Detected Xcode host; Skipping installation of helper components.")
return
}
self.logger.info("Setting UI login item")
if mainApp.status != .enabled { //old code, incorrect. What should go here?
do {
try mainApp.register()
} catch {
logger.error("Failed to initialize UI login item: \(error.localizedDescription)")
}
}
}