App Sandbox Xcode launch argument file access

I want to be able to access a writable file directly in my Xcode project when I am under Xcode, but access to the bundled app version (as read-only) when running a normal version.

The solution is easy, I provide "-EditBootstrapFile $(PROJECT_DIR)/SomePath" as launch argument in my Xcode Run scheme, then access the file. While executing, if I don't find "-EditBootstrapFile", I use the Bundle.main.url version as read-only.

However, Sandbox interferes with my best intentions. I don't seem to find a way to allow the sandbox system to access that particular file.

Since it's a bootstrapping file, it kinda beats the purpose to add up a new window and delay loading of the list of parameters, it's meant to be always present.

So far, the only workaround I found is adding com.apple.security.temporary-exception.files.home-relative-path.read-write with /Developer/myproduct/SomePath in the entitlements, which is dumb, and mean I need to have two different entitlements for my code (one for xcode debugging and one for archiving) and the value is now hard-coded.

Anyone has experience with this? I'm sure there's something easy I am missing, but for now, I lost a few hours and could still not figure it out.

Up vote post of Misoservices_Michel Down vote post of Misoservices_Michel
1.1k views
Posted by
Misoservices_Michel
Reply
Add a Comment

Replies

Note I’m going to assume terms from On File System Permissions.

The sandbox system does not do anything special with command-line arguments. For example, it does not look at your command-line arguments and extend your sandbox to grant you access to those directories.

Can you explain more about your workflow here? It seems like you want the app, when running in Xcode, to be able to modify a “bootstrap file” that’s actually part of your source code. Is that right?

If so, how often does it make changes? Or every run?

And do you end up committing those changes back to your source control system?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Post not yet marked as solved Up vote reply of eskimo Down vote reply of eskimo

  • That's pretty much it. The goal is to have some static data I can access at launch, and I can fine-tune every single time I run the app while developing it. Then, this will get picked up by git, so I can make final the changes I made, or discard them. The changes will happen every single run. But by design, not all will be kept once I review the changes. Which server to connect, splash to show, delays, volumes, settings. I could write them to Prefs and copy manually, but my mind is forgetful.

    Misoservices_Michel
Add a Comment