Our team has two products. The first product adds two /Library/LaunchDaemon startup items and one /Library/LaunchAgents startup item, which run normally after installation.
A few months later, our team developed another product, which adds two /Library/LaunchDaemon startup items and one /Library/LaunchAgents startup item. However, we found that on some customers' systems, these startup items for the second product do not load correctly, and the processes do not start. Restarting the system does not resolve the issue. This occurs across systems running versions 14.5 to 14.6.1.
The app's signatures, notarization, and Gatekeeper validations all pass. Eventually, we discovered that by disabling and then re-enabling our team's startup items in the System Settings - Login Items, all the startup items from our team load correctly. Could this be a caching bug related to new startup items from the same team?
Core OS
RSS for tagExplore the core architecture of the operating system, including the kernel, memory management, and process scheduling.
Post
Replies
Boosts
Views
Activity
We are having a problem in our C++ app with dlopen returning memory addresses which were previous reserved using mmap() with the MAP_ANON | MAP_PRIVATE | MAP_JIT flags. The mmap is memory is 4Kb page-aligned and returns normally, however sometime later dlopen() is returning an address within the mmap range when no munmap() has been performed. This looks like a bug in the macOS kernal memory manager.
Back in July, I opened support ticket FB14442215 where one of our Engineers was able to create a similar and reproducible problem using Preview to load a large bitmap. This ticket has not yet been acted upon, still showing a status of "Open" .
Any help or suggestions would be most welcome.
Norm Green
norm(dot)green(at)gemtalksystems(dot)com
I pipe powermetrics' stdout to another process. When the reader process exits, powermetrics will encounter an error the next time it writes to stdout but it is evidently ignoring this because it continues to run forever. This needs to be fixed so powermetrics can function as a useful UNIX citizen.
Hello Team,
I am working on a carrier app and want to get the status of IMS registration and deregistration. I understand that a public API is not available. Can we access a private API through an agreement with Apple? Please guide me. Thanks.
When I install my application there is a notification "added items that can run in background". How to I determine why my app is considered for this. What are the configurations / parameters that cause this?
I'm evaluating a technique to implement a sort of an event logger that uses MAP_SHARED mapping of a file in the app sandbox as an event ring buffer. The reason to use mapping instead of traditionally allocated memory is to achieve log persistence across app termination of any kind (crashes, sigkill, etc.) and keep logs fast by avoiding syscalls.
By definition MAP_SHARED area must be coherent with any other RW operations in the system on that file slice which practically means that kernel has to use page cache that is used to serve RW requests. This in turn means that after app process terminates by any reason - content of that memory will not be discarded but rather will be available on next app start via open()/read() or mmap() for that file.
msync() can be used to tell kernel to initiate "writeback" - to flush modified mapping pages to the corresponding locations in the non-volatile storage but I haven't found any description of what is the writeback policy if user opts to NOT use msync() at all. And similarly no means to control this.
In my case it appears to be important as if kernel does some automatic writebacks on its own - intensive logger traffic would put unneeded IO load to a disk device. After some experiments I was able to figure out that e.g. Linux is able to issue periodical writebacks w/o explicit msync(). For OS X according to "fs_usage -f diskio" no writeback occurs until app terminates (better to say until last reference in the system to that MAP_SHARED area is dropped).
I'm now interested to learn about iOS behavior. Is it the same as OS X (no automatic writebacks)?
Alternatively I'd happy to hear if there are other techniques available for iOS app to "pin" some memory so its content could survive app termination. Shared memory with an associated "retainer" process would work on other platforms but here we are limited to a single process.
Thanks.
What I did.
Started with the example at https://developer.apple.com/documentation/servicemanagement/updating-your-app-package-installer-to-use-the-new-service-management-api
Changed it to configure a system daemon instead
let service = SMAppService.daemon(plistName: "com.xpc.example.daemon.plist")
Disabled automatic register in the package postinstall script (or else pkg install fails)
Built/Installed the package, it just places files in the disk
Validated install files
Ran the test|register commands by hand
sudo ../SMAppServiceSampleCode.app/Contents/MacOS/SMAppServiceSampleCode" register
Dealt with System Settings user interaction to do this
Validated that com.xpc.example.daemon is installed and ready to work
sudo launchctl list | grep example
sudo launchctl print system/com.xpc.example.daemon
Got it to successfully do some work, YAY sudo ../SMAppServiceSampleCode.app/Contents/MacOS/SMAppServiceSampleCode" test
Expectations
My users would obviously download and install this pkg, so to make it easy for them. I would expect that I could call
SMAppService.daemon(plistName: "...")
.register()
during the package postinstall installation step and the system daemon would be configured.
Observations
After getting all my teeth pulled why can't I just do that?
Why so many hurdles for the dev and the end user, asking them to code sign this and that, notarize this and that, click here and there, accepting this and that?
I understand the job of a developer but for the end user this should be relatively easy.
Questions
Do I need to start a DTS ticket to get this simple flow to work?
It could be I'm missing step 42 in my endeavor :-)
Hello,
I am working on app which must prevent attaching any USB devices to Mac due to security.
Unfortunately I have not found any direct way to implement such blocking:
Looks like IOKit does not allow to block USB (at least in user space)
ES_EVENT_TYPE_AUTH_IOKIT_OPEN (Endpoint Security) does not prevent using USB device if I send response ES_AUTH_RESULT_DENY for "AppleUSBHostDeviceUserClient"
I have found several similar problems on forum but no any solution:
https://developer.apple.com/forums/thread/671193
(https://developer.apple.com/forums/thread/756573
https://developer.apple.com/forums/thread/741051
What is the easiest way to implement such blocking?
Thank you in advance!
I'm writing ES client, as part of that I want to monitor when an user is being added/removed to/from a group. From my understanding I should be able to get the name of the user with
msg->event.od_group_remove->member->member_value.name.data
but it looks like this field gets populated randomly. I will trigger similiar event a couple of times, for example adding user to a group and on one occasion this will hold value, on another it will be empty.
I also tried to check different fields, and surprisingly
od_create_user->user_name
holds the name of the group I am editing, not the name of the user I am adding to the group (but I'm not sure if it should even be engaged at this point).
Am I missing something? Is there a workaround? Or is this a bug?
Hello,
I am working on updating an app to see if we can remove deprecated API usage, and am running into an issue after migrating from SMJobBless to SMAppService. If there is no current solution, I know that SMJobBless still works, but I wish to move to non-deprecated APIs whenever possible.
The app is a text editor that installs a privileged helper for when users need to edit text files with root privileges. The example I'll use here is /etc/ssh/sshd_config. When using SMJobBless, the privileged helper was able to write to this location. When using SMAppService.daemon, the daemon is not able to write to this location.
Neither the app nor the daemon are sandboxed. Both use the hardened runtime, and the daemon does not have any hardened runtime exceptions.
I'm not sure how to attach a debugger to the daemon, but I was able to add logging to the daemon to confirm that getuid() and geteuid() are both 0, so the daemon appears to be running as root.
However, the daemon is returning permission errors when attempting to replace the file.
{Error Domain=NSPOSIXErrorDomain Code=1 "Operation not permitted"}
I've tried both atomic saving and writing directly to the file. When this code is run by the privileged helper installed with SMJobBless, it works without permissions problems.
Here is some simplified code I tried for atomic saving.
do {
let fileManager = FileManager.default
try? fileManager.createDirectory(at: originalItemURL.deletingLastPathComponent(), withIntermediateDirectories: true)
_ = try fileManager.replaceItemAt(originalItemURL, withItemAt: newItemURL, options: options)
completionHandler(nil)
}
catch {
completionHandler(error)
}
And the code for writing directly to the file
do {
try data.write(to: url)
completionHandler(nil)
}
catch {
completionHandler(error)
}
One thing I should note is that the privileged helper tool had a launchd plist embedded in the binary. When moving to SMAppService, I removed it from the build settings and added BundleProgram to it. It gets placed in my app bundle in Contents/Library/LaunchDaemons, while the daemon itself gets put in Contents/MacOS. The plist only contains the following keys: BundleProgram, Label, MachServices, and AssociatedBundleIdentifiers.
is there anything additional I can do to give my daemon permission to edit these files, or do I need to stick with SMJobBless for the time being?
I've file provider implementation where, in some cases, we must force download items, so they get materialized in local cache.
I've used requestdownloadforitem based on following documentation
https://developer.apple.com/documentation/fileprovider/nsfileprovidermanager/requestdownloadforitem(withidentifier:requestedrange:)
I'm calling this within Extension code, but this does not trigger the download.
How can I force file provider to download a file?
cheers,
First, for the employees reading, I filed FB14844573 over the weekend, because this is a reproducible panic or hang. whee
I ran our stress tests for an entire long weekend, and my machine panicked, due to mbufs. Normally, I tell my coworkers that we can't really do anything to cause a panic -- but we're doing network things, so this is an exception. I started periodically testing the mbufs while the tests were running -- netstat -m | grep 'mbufs in use' -- and noticed that in fact they were going up, and never decreasing. Even if I killed our code and uninstalled the extensions. (They're increasing at about ~4mbufs/sec.)
Today I confirmed that this only happens if we include UDP packets:
let udpRule = NENetworkRule(destinationNetwork: host, prefix: 0, protocol: .UDP)
let tcpRule = NENetworkRule(destinationNetwork: host, prefix: 0, protocol: .TCP)
...
settings.includedNetworkRules = [udpRule, tcpRule]
If I comment out that udpRule, part, mbufs don't leak.
Our handleNewUDPFlow(:, initialRemoteEndpoint:) method checks to see if the application is a friendly one, and if so it returns false. If it isn't friendly, we want to block QUIC packets:
if let host = endpoint as? NWHostEndpoint {
if host.port == "80" || host.port == "443" {
// We need to open it and then close it
flow.open(withLocalEndpoint: nil) { error in
Self.workQueue.asyncAfter(deadline: .now() + 0.01) {
let err = error ?? POSIXError(POSIXErrorCode.ECONNABORTED)
flow.closeReadWithError(err)
flow.closeWriteWithError(err)
}
}
return true
}
}
return false
Has anyone else run into this? I can't see that it's my problem at that point, since the only thing we do with UDP flows is to either say "we don't want it, you handle it" or "ok sure, we'll take it but then let's close it immediately".
Hello,
We are implementing an mVOIP service using CallKit.
I have a question.
When receiving a call with CallKit, the CXEndCallAction callback is received by the provider after one minute. We didn't request this separately on our end.
Is this a policy from Apple?
If so, is it possible to modify this behavior, and are there any related APIs or documentation?
Thank you.
While using a variety of apps in MacOS15 beta 6 & 7 they will freeze. It seems like they happen when you stop typing in Pages or while doing something Preview. Forcing it to quit and restarting sometime allows sometime more progress but it is very slow. Printing is unworkable.
This first started in Beta 6 and I hoped Beta 7 would fix it but no, it seems to be worse. I'm using a Mac M2 Mini with 24 Gb of memory.
No problems with Mail or Safari.
Haven't tried working with Xcode
Hi there:
Following document: https://developer.apple.com/documentation/mattersupport to add wifi sensor to my own fabric.
I added MatterExtension,
Matter Allow Setup Payload = YES,
Add following to info.plist
_matter._tcp
_matterc._udp
_matterd._udp
_meshcop._udp
I can still not get callback from MatterAddDeviceExtensionRequestHandler commissionDevice. I know print log can not be seen in Extension, but I can still not see any logs even use os_log.
Every time I attempt to install the macOS Sequoia 15.1 Beta 2 IPSW (UniversalMac_15.1_24B5024e_Restore.ipsw) it fails with the following error in installWithCompletionHandler:
Error Domain=com.apple.MobileDevice.MobileRestore Code=3194 "Declined to authorize this DFU file on this device for this user." UserInfo={NSLocalizedDescription=Declined to authorize this DFU file on this device for this user., NSLocalizedFailureReason=Bei der Installation ist ein unbekannter Fehler aufgetreten.}
I'm running macOS Sonoma 14.6.1, tried with both MobileDevice.pkg from Xcode 16 beta installed and with the official Device Support for macOS 15 beta installed. In either cases it fails with the same error.
The upgrade also fails within a VM for both macOS Sequoia 15.0 Beta 7 and macOS Sequoia 15.1 Beta 2. After pressing Update Now in System Settings › General › Software Update the VM restarts and shows a crash report which unfortunately doesn't contain any useful info (and can't be sent since Apple ID login is only supported with a macOS 15 host...)
Anyone know how to solve this?
If an iPhone receives an incoming call with some partial sip content (for example it contains a name but not an image, or vice versa) and if there is an app enabled for Live Caller ID Lookup, and the result of that lookup supplies data not in the sip (i.e. the lookup returns an image, but not a name, or vice versa). Then could the OS combine data from both sources, or is whatever is returned from the LCIDL what gets displayed in the call screen. I suppose that is the case but just want to enquire to make sure.
Thank you
When I try to delete events in iCalendar or Reminders, they reappear in about 10 seconds. This happened right after I updated to IOS 18 Beta.
SecKeychain API has been declared deprecated a long time ago.
Do people from Apple or developers have a rough idea when this API will be definitely removed?
One year from now? More? Less?
Hello, I Use NetworkExtension NEFilterSocketFlow description.
I received it to String, or UsafeMutableBufferPointer etc ...
It always has memory leak.
So, I just call it NEFilterSocketFlow.description or description.utf8String, and It was not received as any variable.
But, It also has memoryleak.
What do I do for?