I've got a system extension. There's a daemon that talks to it. Because I want the sysex to be able to reach out on its own, the daemon talks to the sysex over XPC, and passes over an anonymous endpoint, so that either side can initiate a message. This all works pretty well, and I'm happy with it. But the design, as is, means that if the sysex goes away for some reason, the daemon can't ever talk to it again. This shouldn't be too difficult a problem to fix -- I can tell when the XPC connections are invalidated, I just have to wait for the sysex to come back up. I am using notify(3) for this, and this does work. And this is the part that is frustrating, and I obviously think should even be impossible: after starting back up, sending a notification, and getting the anonymous endpoint from the daemon, and setting the connection to an NSXPCConnection, the connection ... gets set to nil. The problem is that since I've written this in Swift, I put an observer on the endpoint and log whenever it changes. And in the log, I see "changing it from nil to ", and then a log message saying "connection is non-nil, as it should be" and then... later it says the connection is nil. Without a "changing it from to nil". I am very, very frustrated.

In a deamon, I register using: [[NSDistributedNotificationCenter defaultCenter] addObserver:loader selector:@selector(getNotifications:) name:kProxyStartNotification object:@"MyProxy"]; In the transparent proxy provider, I post using: static let dnc = DistributedNotificationCenter.default() // later Self.dnc.postNotificationName(.proxyStart,                                       object:"MyProxy",                                       deliverImmediately:true) (I also tried putting the same observer code in the containing app, just to be sure.) (Also, btw: the automatic conversion of kProxyStartNotification to Notification.Name.proxyStart is really sweet.) I'm not getting the notification in other processes. I tried putting an observer in the extension, and sure enough that did get the notification, so it is being generated. Just... not leaving my process. I tried checking for sandbox violations, using Quinn's instructions, but see nothing. I also tried [[NSDistributedNotificationCenter defaultCenter] addObserver:loader    selector:@selector(getNotifications:)     name:nil     object:@"MyProxy"]; (and the same in Swift, for the network extension), and -- as can be guessed by my still asking this question -- no luck.

Just to make sure I'm not once again doing something dumb or stupid: this notification only gets sent to the application that loads & starts the VPN? If I want some other process to be aware of it, I have to use the SC* APIs?

Unless I'm missing something (always possible)... there is no way to tell if you get a valid proxy back -- the error handler is asynchronous, and I don't see a way to say "this proxy is valid." Am I missing something?

I followed a tutorial on SwiftUI and macOS (and wow was it worth it, I understand more of what I was doing wrong before!). After the tutorial was done, I thought, okay, let's try adding CloudKit to it. Which was rather trivial to do, I was impressed. Then I thought, ok, let's try being able to have local or CloudKit, depending on runtime. But when I did that, the file was opened readonly, due to "Store opened without NSPersistentHistoryTrackingKey but previously had been opened with NSPersistentHistoryTrackingKey." This seems to be something a lot of people have run into, but for some reason I haven't found any actual fixes. Anyone know?

I've finally been installing our bundle into /Applications, and have noticed that this causes a crash report dialogue to come up whenever one of the components crashes. Which, at this point, is still fairly often (that's what asserts in debug builds are for!). But I really don't want to keep manually dismissing those windows; is there a way to stop them from coming up? (I mean, I still want the crash reports created and logged, but I have my own scripts that go through there to get new ones and cleanup the old ones.)

I'm beating my head against Apple here and it hurts. We made the request for Endpoint Security, and got it granted. However, it was only for development (and as we're looking to do non-app store distribution, I explicitly asked for one to go with our Developer ID Application certificate). At this point, I have used a TSI (thanks Quinn!) and possibly upset an internal contact by asking what I'm supposed to do, and gotten nowhere. At this point, I am sending an email message to the endpoint-review address every week, and I have gotten no responses at all. Has anyone successfully gotten this? If so... how? (No, let me amend that: I know some have, since I've seen it in the wild. I just have no idea what I'm supposed to do!)

I'm specifically thinking about a transparent proxy provider, since that's what we're using, so what happens if: Process /Applications/Foo.app/Contents/MacOS/Foo opens a connection to, say, google port 443 After getting the connection set up, it then fork&execs /bin/sh (or whatever 😄). Does a new flow get created? Or does it continue to use the existing one?

Consider: sef% mdfind 'kMDItemDisplayName =[c] "Zoom.us"' sef% sef% mdfind 'kMDItemDisplayName =[c] "zoom.us"' sef% vs sef% mdfind 'kMDItemDisplayName == "zoom.us"' /Applications/zoom.us.app (Using '==' vs '=' doesn't seem to make a difference.)

I have several executables, and I want them to be able to trust each other, since they grew up together and have had many bonding adventures together. When getting an XPC (or AppleEvents, thank you Quinn 😄) from another process, is there an easy way to find out if the other process is signed the same way the receiving process is? The code signing identity is easy to check, but of course it's also pretty easy to forge. (So this would be a variant, I think, of a question I asked a few months ago, how to see if a process is "properly" signed [which, as I said then, means it's got a valid code signature, and that is anchored "properly," which is to say something that would pass gatekeeper]. Only easier, because I really just want to say "here is my SecCode, here is this other process', are they both comparable?) Although I guess another thing would be to see if they're both in the same app group?

I'm trying to get the URL used to launch an application. (Quinn helped me do the other part of this -- getting information about who sent the event -- in a TSI.) In the will-finish-launching method in the app delegate, I do:         eventManager.setEventHandler(self, andSelector: #selector(handleGetURLEvent(_:withReplyEvent:)), forEventClass: AEEventClass(kInternetEventClass), andEventID: AEEventID(kAEGetURL)) And that does work: it launches the application if it's not running, and switches over to it if it is running. But... when I try to use keyDirectObject to get the URL it doesn't work -- I get nil as the result. But if I iterate through the event's items... I find the item.         #if false         let url = event.attributeDescriptor(forKeyword: keyDirectObject)         print(url)         #else         let count = event.numberOfItems         print("\(count) items")         for index in 1...count {             let keyword = event.keywordForDescriptor(at: index)             if keyword == keyDirectObject {                 if let d = event.atIndex(index), let str = d.stringValue {                     url = URL(string: str)                     break                 }             }         }         #endif Later on (and this was due to Quinn), I have         guard let aeAuditToken = event.attributeDescriptor(forKeyword: keySenderAuditTokenAttr) and that works, so I don't think I'm asking for the URL incorrectly. Any ideas?

I got the permission from Apple (yay), and when I generate a profile on the portal, I can select it. But when I download it... it doesn't have it. Looking at the profile on the portal again, it says I have "Enabled Capabilities Endpoint Security, In-App Purchase". (Although how did that get there?)

The main question I have, honestly, is how do I do that? Or what do I do? The goal, of course, is to allow IT to deploy our product to macs. Our product has a network system extension, and the ability to install without asking user permission is very attractive. But... I'm not sure how to get started! My software-trained mind thinks that I should be able to write up my own provisioning file, but then I read the specifications and the part of my mind that keeps me from doing too many stupid things starts kicking the other part below the table. Is there a good resource for this from a developer's perspective? A tool that can create sample files for me, or documentation that can tell me what files and information I need to provide to someone using, say, JAMF?

The layout I'm looking at: • A daemon which queries various things, and at times decides it's time to log in (or log back in) • An application that handles the logging in, configuration, etc., which registers a custom url scheme • A LaunchAgent which would get an XPC (or just mach message, I suppose) from the daemon, and sends an open-url request for the custom url scheme, eg x-kithrup:login?reason=ihateyou All of that is pretty straightforward to me! But... on a mac, can I tell who sent the request? That is, can my application see that it was my LaunchAgent that made the open-url request? On iOS, it looks like I can, as the UIApplicationDelegate has a method that passes in a sourceApplication. But the NSAppleEventDescriptors confused me a lot.

We started discussing how we'll deal with captive portals, and I realized I don't know if CNA results in network change events. Does it? (I don't have a captive network here, and lockdown makes it hard to go find one, and making one would be ... quite a bit of work.)