Recently I've been converting our iOS Network Extension (an NEDNSProxyProvider) to macOS. I've got the extension building, running and intercepting DNS requests. But whatever I try I can't ever seem to do any useful debugging of the Extension. I can attach to the process and Pause it, but any attempt to stop at a breakpoint never works and I also can't do stuff such as gather the Memory Graph ("Unable to acquire required task port(588:0)").
It is a non-optimized build and checking the entitlements of the systemextension does list com.apple.security.get-task-all set to true in the debug build.
Here are the full (slightly redacted) entitlements:
<plist version="1.0">
<dict>
<key>com.apple.application-identifier</key>
<string>XXXXXXXXXX.com.mycompany.PersephoneMac.CerberusMac</string>
<key>com.apple.developer.networking.networkextension</key>
<array>
<string>dns-proxy</string>
</array>
<key>com.apple.developer.team-identifier</key>
<string>XXXXXXXXXX</string>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.application-groups</key>
<array>
<string>XXXXXXXXXX.com.mycompany.PersephoneRedux-Mac</string>
</array>
<key>com.apple.security.get-task-allow</key>
<true/>
<key>com.apple.security.network.client</key>
<true/>
</dict>
</plist>
I'm assuming this should be doable, after all simpler debugging was called out at WWDC as to an advantage over kexts.