Apple File System is the default file system for iOS 10.3 and later, and for macOS High Sierra and later.

Posts under APFS tag

48 Posts
Sort by:

Post

Replies

Boosts

Views

Activity

Image development proposal
Hello everyone, I just want to offer you image modifications that seem useful to get out of a version that has not evolved since the iPhone 3GS/4. The addition of options without redesign after a few years creates a "kind of tidy mess". I arrive from android having not had an iPhone since the 3GS, I am shocked to find the same interface as at the time. (I'm not criticizing, it's an observation). And I'm surprised by the lack of some essential options such as the right back, the missing numeric line in the keyboard, or the missing Touch ID (I don't want to record my face). So since I have been offering improvements to android and these applications, as well as play store applications, for years, and I love doing it, I naturally started thinking about Apple improvements. I let you take part in these different ideas (in French, Google translation can translate the images if you wish). Thank you all for your constructive opinions. Best to you. https://goopics.net/a/4r0fqeqw
2
0
119
3d
APFS snapshot revert
I'm trying to restore an APFS volume to its previous state using a snapshot created with the tmutil command. The only native Apple tool I've found for this purpose is apfs.util. According to the documentation, the correct command for this task is /System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -R </dev/diskXsY>. However, this command is not working for me. It returns the error "No such file or directory" for any existing . If I use a valid file/dir path instead of the as an experiment, I get an "Invalid argument" error. To investigate the issue, I decided to debug apfs.util and found that the fsctl() function is responsible for these errors (ENOENT and EINVAL). The first argument passed to fsctl() is the (or file/dir path in my experiment), and the second argument is the value 0x80084A01, which corresponds to the APFSIOC_REVERT_TO_SNAPSHOT command according to xnu's source code (https://github.com/apple-oss-distributions/xnu/blob/8d741a5de7ff4191bf97d57b9f54c2f6d4a15585/bsd/vfs/vfs_syscalls.c#L174). It seems that this command is not supported by the latest versions of macOS (see https://github.com/apple-oss-distributions/xnu/blob/8d741a5de7ff4191bf97d57b9f54c2f6d4a15585/bsd/vfs/vfs_syscalls.c#L12984) and always returns EINVAL error. Is this correct? Are there any other tools available that can be used to revert APFS snapshots?
3
0
125
5d
obtaining file creation & modified time & size failing 5-10% of time within .onOpenURL when file shared with app
When users share a file with my app I am having trouble 5-10% of the time obtaining the file meta data, specifically creation and modified time and size. Using SwiftUI with the code below.. .onOpenURL { url in var fileSize: Int64 = 0 var creationTime: Date = Date(timeIntervalSince1970: 0) var modificationTime: Date = Date(timeIntervalSince1970: 0) do { let fileAttributes = try FileManager.default.attributesOfItem(atPath: url.path) fileSize = fileAttributes[FileAttributeKey.size] as? Int64 ?? 0 creationTime = fileAttributes[FileAttributeKey.creationDate] as? Date ?? Date(timeIntervalSince1970: 0) modificationTime = fileAttributes[FileAttributeKey.modificationDate] as? Date ?? Date(timeIntervalSince1970: 0) <SNIPPED CODE no other tries though and not involving above variables> } catch { // quite confident I am ending up here because variables after the above code aren’t being set and there are no other try blocks, // so FileManager.default.attributesOfItem(atPath: url.path) must be throwing…. } <SNIPPED CODE> To attempt to resolve this, I added in a 0.5 second wait cycle if creationTime == 0 and modificationTime == 0 , so if obtaining both metadata fails, wait 0.5 seconds and try again, try this a max of 3 times and then give up. I don’t know how often I am entering this code (didn’t instrument the app for it), but am still getting times when metadata comes back blank which means this code wasn’t successful after 3 tries. I assume the file would only become visible and sharable with my app after it has completed being written by the original app/process. Perhaps it hasn’t finalized yet? Is there a way to detect this so I can tell the user in my share screen to wait and try again? I am assuming that the file has finished writing though since when I read the data from the file contents, it’s good data and complete even when metadata failed. I will be instrumenting the above code in my next app version, just hoping to fix it right now since users are emailing saying my app is broken. Thanks!
3
0
384
Sep ’24
What explains the APFS sibling volumes architecture ( / & Data )
As a system & security administrator I started to install a lot of Unixes, 20 years ago with a dual volume for security purpose, inside critical infrastructures: volume mount options ------------------------------------------------ / ro /var rw, nosuid, nodev Everything which could be end user or admin modifiable and to be referenced from / was defined through simple symbolic links: /tmp --> /var/tmp /home --> /var/home /local --> /var/local /opt --> /var/opt /private --> /var/private And through many tests, and real attacks pressure of every day, with such a configuration, even as root, it was impossible to damage the system. Many attacks struck us ( ~ 20 / day )… none succeeded ( at least as I was aware of, and as I wasn't fired ). Why did Apple chose a rather more complex way similar architectures with the 2 volumes: volume mount options ------------------------------------------------ / ro /System/Volumes/Data rw, nosuid, nodev with a new concept of firmlinks which is not compatible with any other Unix FS, which brought Apple to put fundamental components of their new APFS outside of the FS internals ( in plain old files ) and which is rather very tricky to understand and to manage for system and security administrator? To give just one example of an highly deceiving point: it isn't now possible to make a quick carbon copy of a volume with tools as simple as cp or rsync because of new extended attributes. Real life teach us everyday that complexity is one of the biggest enemy of performance and security. What are the advantages of this sibling volumes architecture? ( I am not talking here of the real internal advantages of APFS versus HFS and traditionnal Unix UFS or ZFS, which I much easily grasped and verified in real life. ).
3
0
456
Aug ’24
What is the forum to use to discuss of system administration?
Hello, I have many problems to manage the new structure of the volumes introduced with High Sierra and Big Sur around the use and configuration of the APFS. Where could I find a technical documentation about this APFS organisation? By technical documentation I don't mean a theoretical nice PowerPoint for the boss. I mean a real technical documentation which will permit me for example: • to understand how is built and organized the complete set of different APFS volumes to install a new macOS, • to build an installer on an USB key which will be usabel for a highly secured environment where an Internet connection is not allowed and not possible, • to build a script to check that an actual APFS set of volumes doesn't present any major discrepency, a kind of meta-fsck, not the Disk Utility way, but the engineer way, essentially running through command line, and fully compatible with the traditionnal system, network and security administration. Sorry, I am a very special case of developper. I only develop tools from shell scripts to make system, network and security administration. And to build more scripts withm them. My answer to Select a Subtopic could have been: system administration, technical documentation
1
0
352
Aug ’24
/System/Library/Frameworks dylibs are ... not quite there
While playing with this app I found something odd: let dylib1 = dlopen("/System/Library/Frameworks/CreateMLComponents.framework/CreateMLComponents", O_RDONLY)! let s1 = dlsym(dylib1, "CreateMLComponentsVersionString")! var info1 = Dl_info() let success1 = dladdr(s1, &info1) precondition(success1 != 0) print(String(cString: info1.dli_sname!)) // CreateMLComponentsVersionString let path1 = String(cString: info1.dli_fname!) print(path1) // /System/Library/Frameworks/CreateMLComponents.framework/Versions/A/CreateMLComponents let exists1 = FileManager.default.fileExists(atPath: path1) print(exists1) // true let dylib2 = dlopen("/System/Library/Frameworks/Foundation.framework/Foundation", O_RDONLY)! let s2 = dlsym(dylib2, "NSAllocateMemoryPages")! // var info2 = Dl_info() let success2 = dladdr(s2, &info2) precondition(success2 != 0) print(String(cString: info2.dli_sname!)) // NSAllocateMemoryPages let path2 = String(cString: info2.dli_fname!) print(path2) // /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation let exists2 = FileManager.default.fileExists(atPath: path2) print(exists2) // false The app runs fine and prints true for exists1 and false for exists2. That means that while both dlsym calls succeed and both dladdr calls return paths (within CreateMLComponents.framework and Foundation.framework correspondingly) the first file exists while the second file doesn't exist. This raises quite a few questions: Why some of the dylib files (in fact – most dylibs inside /System/Library/Frameworks hirerarchy) don't exist at the expected locations? Why do we have symbolic link files (like Foundation.framework/Foundation) that point to those non-existent locations? What is the purpose of those symbols links? Where are those missing dylib files in fact? They must be somewhere, no?! I guess to figure out the answer I could search the whole disk raw bytes for a particular byte pattern to know the answer but hope there's an easier way to know the truth! Why do we have some exceptional cases like "CreateMLComponents.framework" and a couple of others that don't follow the rules established by the rest? Thanks!
4
0
461
Aug ’24
Live Activity is starting app in the background while device is locked
Our team has recently added support to our app for Live Activities where the source of the data is driven from the app itself (not push notifications). We've noticed a crash happening in our core data code caused by the following error thrown by the addPersistentStore function where it would attempt to recover and eventually crash. Here's an error we created to help us debug that contains the error details: Domain: CoreData Code: 1 NSLocalizedDescription: Error performing migration for databaseName=mydb.sqlite. Error details=The file couldn’t be saved because you don’t have permission. - userinfo: ["reason": No permissions to create file; code = 1] After some trouble shooting, we managed to reproduce the issue by doing a hard reboot while we're running a live activity. It appears that when the device starts back up, the Live Activity starts which triggers the app to hit didFinishLaunchingWithOptions which is where we get our Core Data store initialized. The problem is that our app uses Data Protection using NSFileProtectionCompleteUntilFirstUserAuthentication and we'd prefer to keep it that way. The Core Data db is present in the app sandbox and we're also seeing logs to suggest a failure trying to access NSUserDefaults as well. Is there an accepted solution for this? Is it expected that a Live Activity would cause an application to launch prior to the device being unlocked for the first time? Is there a way to change that?
5
1
631
3w
account type , Cant change to business from personal
This is the worse service, Developer support do not respond its been 2 months and I cant even put the app live and am losing a lot of business, I can’t go live with this problem. We have been trying to change this account type from individual to business. This is frustrating, What kind of support that do not respond to their customers, Android fixed this long time, I can’t go live with this , I am even struggling to get the DNS number. What does one has to do here to get help, Honestly . So disappointed on apple support Sindi
1
0
403
Jul ’24
How to Install a Binary in SIP-Protected Locations in macOS without Recovery Mode
I'm looking for a solution to install a binary on a macOS system where System Integrity Protection (SIP) is enabled, and the target installation location is protected by SIP. I need to achieve this without booting into recovery mode to disable SIP. Is there any method to achieve this, such as by creating separate packages that can handle SIP-protected locations, developing or using installer applications capable of navigating SIP constraints, leveraging specific entitlements or permissions to facilitate the installation, or utilising Mobile Device Management (MDM) solutions for deployment? If anyone has experience or insights on any reliable ways to accomplish this, please share any detailed steps, tools, or best practices that could be useful.
3
0
668
Jun ’24
where is macOS APIs including user space file system support?
Hi there, From "Platforms State of the Union" Video macOS section I know macOS has new API of user space file system and iPhone mirroring, and delivers new APIs including user space file system support and major improvements to MapKit. But I lookup the API diff, I don't find any added API. Where can I find the user space file system API ? I really want to develop an APP which need user space file system API. Platforms State of the Union Video corresponding timeline detail: https://youtu.be/YJZ5YcMsgD4?t=3153
7
1
686
Jun ’24
FileDescriptor writing to an unexpected file
I'm using a file descriptor to write into a file. I've encountered a problem where if the underlying file is removed or recreated, the file descriptor becomes unstable. I have no reliable way to confirm if it's writing on the expected file. let url = URL(fileURLWithPath: "/path/") try FileManager.default.removeItem(at: url) FileManager.default.createFile(atPath: url.path, contents: .empty) let filePath = FilePath(url.path) var fileDescriptor = try FileDescriptor.open(filePath, .readWrite) // The file is recreated - may be done from a different process. try FileManager.default.removeItem(at: url) // L9 FileManager.default.createFile(atPath: url.path, contents: .empty) // L10 let dataToWrite = Data([1,1,1,1]) try fileDescriptor.writeAll(dataToWrite) // L13 let dataWritten = try Data(contentsOf: url) print(dataToWrite == dataWritten) // false I would expect L13 to result in an error. Given it doesn't: Is there a way to determine where fileDescriptor is writing? Is there a way to ensure that fileDescriptor is writing the content in the expected filePath?
8
0
894
Jun ’24
Filevault encryption key on macOS
Hello, It is possible to encrypt a mac's hard-drive with Filevault. All home user folders are encrypted with the same encryption key. (This is the same encryption key for the whole hard-drive). This encryption key is encrypted with user password. But i don't understand how it works when there are multiple user accounts. Maybe there is a table: The same encryption key is stored several times (one per user account) ? Is there a way for a user to read the filevault encryption key ? Thanks
0
0
494
May ’24
Allow full disk access for all users.
Hi, I’m developing a program which requires writing files to a volume mounted on a remote server. I've set up the volume on the server and shared a folder within there using a sharing-only account as a first test. The permissions are set to allow read and write for the sharing-only user in both the parent volume and the shared folder within it. However it will only let me access the directory over the network if I enable “Allow full disk access for all users” within the sharing settings in the server. What does this setting actually do? If I disable this option and then disable file sharing all together and then re-enable, it will switch that setting back on. It seems to tie in with the process smbd getting “full disk access” even though that process runs as root anyway. Allow full disk access for all users doesn't seem to grant my sharing-only user any more access than I’ve defined locally so I‘m really confused as to its use and why I need it for this to work. I’m on macOS Sonoma 14.4 for both systems.
1
0
665
Apr ’24
Duplicate Apps???
I noticed that I have duplicate Apps on my iPhone! I've signed up for the Public Beta program, so this might be a feature/bug in the Beta. What I first noticed was that one of my apps showed up in the Doc (I don't remember putting it there) a few days ago, and in looking around, I still have the same app in a folder on my home screen. I thought this could be a nice feature allowing me quick access to it from the Dock and from my folder, but it wasn't the app that I'd want there. I thought I might be able to move it off the dock and back to the folder, but when I did that, the app showed up twice in the folder! I moved a different app to the dock, and it disappeared from the folder which is what I'd expect. So...if I delete 1 of the duplicates in the folder (or from the dock), will that delete both? Here you can see the Alula app in both the 'Remote Control' folder and the Dock: Here too (although the dock is fuzzy because the folder is open): I moved the app from the dock back to the folder, and now there are two there: Here's the Public Beta that I'm running
1
0
1.3k
Apr ’24
/System/Volumes/Data/home empty
I have an ansible provisioner that is being triggered, but keeps failing because it cannot write a file out under /System/Volumes/Data/home. There are no files in that directory to clean up. When I do a df it shows that filesystem mount size as 0Bi. I ran the disk utility, but that did not resolve it either. Any help would be greatly appreciated. This is blocking my local development.
0
0
483
Apr ’24