We have a main app that handles UI and interaction with the user. And we also have daemon contained inside of it. Daemon has all the business logic and FDA and root permissions. Now we want to add a network extension. First we added the Network Extension to Main app and it was working fine (to test the waters). But then we decided to move it to Daemon since it has all the business logic and NE mostly contains business logic and no UI. It needs to be there. Now NE activationRequest(forExtensionWithIdentifier
is working fine. But deactivationRequest(forExtensionWithIdentifier:
during uninstall always fails with this error
System Extension deactivationRequest fails with error he operation couldn’t be completed. (OSSystemExtensionErrorDomain error 13.)
OSSystemExtensionError Code 13 says "An error code that indicates the system was unable to obtain the proper authorization."
What does this actually mean. Also if there is an error why is it throwing it during uninstall rather than install?
To make it more clear this is our app structure is
Main.app -> Contents -> Mac OS -> Daemon.app -> Contents -> Library -> SystemExtensions -> System Extension Bundle
Apple doc says
@discussion This method creates a new request to activate/deactivate a System Extension.
Extensions are discovered from the `Contents/Library/SystemExtensions`
directory of the main application bundle.
Our System Extension is present on the main app bundle and has Contents/Library/SystemExtensions structure but one extra layer deep. Is this supported app structure?. If not is there any way to succesfully uninstall NE from code. Right now systemextensionsctl uninstall won't work without System Integrity Protection disabled. Keeping NE on the main app will break our project structure and require major rewrite of the app.
Also whenever I run systemextensionsctl with SIP on I get this message
At this time, this tool cannot be used if System Integrity Protection is enabled. This limitation will be removed in the near future. Please remember to re-enable System Integrity Protection!
Apple introduced System Extensions in 2019. It is still not there yet. Does anybody have any idea when will Apple make it work? if at all?