Hi there.
In short: I've been unsuccessful at getting the Endpoint Security sample app https://developer.apple.com/documentation/endpointsecurity/monitoring_system_events_with_endpoint_security to operate properly.
When run, taskgated-helper logs com.example.apple-samplecode.SampleEndpointAppXXXXXXXXXXX.Extension: Unsatisfied entitlements: com.apple.developer.endpoint-security.client repeatedly (where XXXXXXXXXX is the team ID).
I have SIP disabled and systemextensionsctl developer on. Despite this I've also dragged the built product into /Applications before launching, yet it makes no difference.
(Note: there also appears to be an oversight in the setup instructions; it proved necessary to manually insert my team ID into the [OSSystemExtensionRequest activationRequestForExtension:queue:] call in ViewController.m:28. Unlike the NetworkExtension sample project, this one doesn't try to determine the bundle ID programmatically.)
The video at https://developer.apple.com/videos/play/wwdc2020/10159/ (around 8:30) implies that a specific provisioning profile must be generated by Apple on request. Is that accurate? The “request an entitlement” form at https://developer.apple.com/contact/request/system-extension/ doesn't ask for a bundle identifier or anything like that, so it's not clear how the granting of this entitlement is supposed to manifest.
Furthermore, the text at https://developer.apple.com/system-extensions/ implies that turning off SIP should be sufficient for development testing—that certainly proves true for a NetworkExtension content filter, for example. Is it also supposed to be true for Endpoint Security, or are the entitlement and bespoke provisioning required in advance of being able to even test locally?
thanks,
b
In short: I've been unsuccessful at getting the Endpoint Security sample app https://developer.apple.com/documentation/endpointsecurity/monitoring_system_events_with_endpoint_security to operate properly.
When run, taskgated-helper logs com.example.apple-samplecode.SampleEndpointAppXXXXXXXXXXX.Extension: Unsatisfied entitlements: com.apple.developer.endpoint-security.client repeatedly (where XXXXXXXXXX is the team ID).
I have SIP disabled and systemextensionsctl developer on. Despite this I've also dragged the built product into /Applications before launching, yet it makes no difference.
(Note: there also appears to be an oversight in the setup instructions; it proved necessary to manually insert my team ID into the [OSSystemExtensionRequest activationRequestForExtension:queue:] call in ViewController.m:28. Unlike the NetworkExtension sample project, this one doesn't try to determine the bundle ID programmatically.)
The video at https://developer.apple.com/videos/play/wwdc2020/10159/ (around 8:30) implies that a specific provisioning profile must be generated by Apple on request. Is that accurate? The “request an entitlement” form at https://developer.apple.com/contact/request/system-extension/ doesn't ask for a bundle identifier or anything like that, so it's not clear how the granting of this entitlement is supposed to manifest.
Furthermore, the text at https://developer.apple.com/system-extensions/ implies that turning off SIP should be sufficient for development testing—that certainly proves true for a NetworkExtension content filter, for example. Is it also supposed to be true for Endpoint Security, or are the entitlement and bespoke provisioning required in advance of being able to even test locally?
thanks,
b