Post

Replies

Boosts

Views

Activity

Reply to macOS application hangs if accessibility changed while using CGEventTap
You don’t need ‘full’ accessibility access to listen for events. There’s a specific TCC service for that, namely ListenEvent. You can check where you have that privilege using CGPreflightListenEventAccess. @eskimo As written in my post, I have other feature which require kCGEventTapOptionDefault, so ‘full’ accessibility access is needed. I'm not sure whether access tcc.db is a good idea, it might stop working in the future. Is there an approach which use public API?
Aug ’23
Reply to PreLoginAgents unable to log if built with XCode
Finally I found out why os_log is not working. Add code: #import <os/log.h> os_log_t log = os_log_create("com.example.preLoginAgent", "test"); os_log_debug(log, "test log: %{public}s"); Then in SSH terminal, you should run: log stream --predicate 'subsystem="com.example.preLoginAgent"' --level debug So what happened here: os_log is not logged in /var/log/system.log, that's why syslog -w won't work. os_log_debug(OS_LOG_DEFAULT, ...) log into default subsystem and it could be difficult to find it in sea of logs (or maybe use grep) use os_log_create to add subsystem for log predicate to found it by default, log stream won't show INFO & DEBUG, so add --level debug or use os_log_error by default, dynamic string will show as , add {public} if you would like to show it Thanks eskimo for the hint!
Aug ’23
Reply to How to access login keychain of all users when runs as root?
Sorry for late reply. I'm busy these days. The implementation is about saving SSH key passphrase into keychain, so it must save locally. SSH agent can save it using "ssh-add --apple-use-keychain", but it can't work on libssh bind, so I have to save/load passphrase without agent. Then it has issue when IT tool which need to renew all users SSH keys. Thanks to @Hoffman, I came up with an idea that set a global date flag. If app found SSH key is older than the global date when startup, it expires and renew. This method don't require IT tool to access other user keychain and work with data protection keychain. Perfect :-)
Dec ’23
Reply to How to reset macOS 15 Local Network privacy settings?
Here is my test under macOS 15 beta 8. First, according to FAQ-17, NECP use LC_UUID to identify the program. https://forums.developer.apple.com/forums/thread/737416 In fact it is NO. I ran dwarfdump to make sure builds are different LC_UUID, but still can't bring up the privacy alert. Instead I have to change product name. Second, the sample code provided here is not working. Sending packet to localhost would not bring up the privacy alert. https://developer.apple.com/forums/thread/664775 Also, I found that FAQ-2 is incorrect too. https://developer.apple.com/forums/thread/663874 The operations that require local network access: Sending a UDP unicast — yes Sending a UDP broadcast — NO Receiving an incoming UDP unicast — no Receiving an incoming UDP broadcast — NO I wonder which is correct behavior. This is very confusing.
Aug ’24
Reply to How to reset macOS 15 Local Network privacy settings?
I tested my app with macOS 15 RC. Something strange happened on one of our test devices after upgraded from Beta 8. In the system settings LNP list, it recognizes the app as two items. The UDP connection works fine, but the TCP connection fails for both inbound and outbound. I’m not sure what could be causing this. We have only tested with the same signed app recently. The problem is, currently there is no way to reset LNP without reinstalling the OS. Our app has special requirements, so we must test without a VM. Not being able to reset LNP is very troubling. Is there really no way to reset LNP? Should I file a TSI to ask more deeply? Thanks.
Sep ’24
Reply to How to reset macOS 15 Local Network privacy settings?
Updates for Newcomers using macOS 15 RC: LNP is now automatically removed after delete APP and restart Mac. However, this may not apply to items added from macOS 15 Beta. LNP of Apps built with Xcode are also automatically removed too, after clean build folder and restart Mac. Since LNP is user permission, it’s advisable to create a test account if you need to do some experiment. There’s no need to reinstall macOS.
Sep ’24
Reply to How to reset macOS 15 Local Network privacy settings?
Found another bug. If you restart Mac after allow LNP, the LNP of APP will not working. I filed feedback: FB15118138 Local Network Privacy not working after restart Mac Here's test steps: Prepare two Mac, A is macOS 15 RC, B can be 14 or 15 Install Packet Sender on A & B, and launch it A send TCP packet to B, allow Local Network A send TCP packet to B again, B received TCP success A restart A launch Packet Sender, send TCP packet to B, A throw error: Could not connect, B not received packet PS. If A toggle LNP in system settings after restart, TCP works, but fail again if do another restart.
Sep ’24