Posts

Post not yet marked as solved
4 Replies
656 Views
I have an application that mounts network shares and for this I use NetFSMountURLSync. Nothing special here, just a plain application calling this. The application is not running as root, and not using launchd and/or a privileged helper or anything that elevates priviliges. On Intel hardware, a Mac Pro trashcan and a 2016 MBP, both running Monterey (12.6), this works flawless and has been for several years now with different macOS versions (obviously). Now I'm trying to build an Apple Silicon version on a MBP M1 Max also with Monterey 12.6. I recompiled this as an Apple Silicon binary, however mounting failed. Next I ran the Intel binary on Apple Silicon, but mounting fails here as well. In both cases I get these error messages in Console (I'm not a Console expert): <Applicationname> (loginsupport) GetNetAuthAuthAgentPort: Calling bootstrap_look_up3() for com.apple.netauth.user.auth; uid = 501, euid = 501 <Applicationname> (loginsupport) GetNetAuthAuthAgentPort: gNetAuthAuthAgentPort = 51463 <Applicationname> (launchservices) LSExceptions shared instance invalidated for timeout. Note: Running either binary (Intel/ARM) as sudo didn't make a difference either. I'm at a point where I can just guess that for some reason the login isn't working, even though it work just fine on an Intel Mac. I've even tried calling NetFSMountURLSync with and without username/password - it didn't make a difference. Note: I develop my application in Lazarus Pascal (latest trunk release), so I'm not sure how useful posting the code is. Being a newbie at this and not being able to find anything useful online, I finally resorted to asking the questions here. Can anyone explain what I'm looking at? Just pointing towards documentation would already be helpful 😊
Posted Last updated
.
Post not yet marked as solved
6 Replies
9.4k Views
I haven't been able to find an answer to this question in this forum, and I have noticed that other developers of similar tools, are running into the same issue (Etcher, CCC, etc).I've developed an application (ApplePi-Baker) to backup or restore external disks (usually these are SD cards for use with Raspberry Pi, but these can be USB drives as well).With the arrival of Mojave, I revamped my application to make it use a so called Privileged Helper Tool, which was a pain to implement, but now it works great.However,... with the arrival of Catalina this no longer seems to work. Trying to open a disk (only external disks) simply fails.The application and helper tool are 64 bit, have the proper plist files, have been signed, and the DMG has been notarized.Also note that the application is NOT sandboxed and NOT distributed through the Apple Store.Adding the application bundle to "Security & Privacy" - "Privacy" - "Full Disk Access" does not seem to make a difference in Catalina.The helper tool is located in the application bundle (../Contents/Library/LaunchServices) with the proper embedded plists and association with the main application (and viceversa). At start of the application, the helper tool (after the user authorizes this) is installed correctly.Note: In Catalina, it appears one cannot add the Helper Tool itself to the "Full Disk Access" list. From what I have found: these rights are inherited from the main application.I'm running the final release of Catalina, not a beta version, and the application is developed with Lazarus Pascal.Interesting observation: I can open the "disk" of a mounted DMG without any issues.Console is not providing me with anything useful either at least nothing I could find anyway - insight is much appreciated.The minute the helper tool tries to open the disk, I get these messages, and honestly I do not have aclue what these messages mean (couldn't find anything online either):default 12:40:31.478127+0200 tccd -[TCCDAccessIdentity staticCode]: static code for: identifier com.tweaking4all.ApplePiBaker, type: 0: 0x7fafa2618ec0 at /Applications/ApplePiBaker.app default 12:40:32.227840+0200 runningboardd Invalidating assertion 313-163-227 (target:executable<applepibaker(501)>) from originator 163 default 12:40:32.332542+0200 runningboardd [executable<applepibaker(501)>:978] Ignoring jetsam update because this process is not memory-managed default 12:40:32.332627+0200 runningboardd [executable<applepibaker(501)>:978] Set darwin role to: UserInteractiveNonFocal default 12:40:32.332809+0200 runningboardd [executable<applepibaker(501)>:978] Ignoring GPU update because this process is not GPU managedCan anyone help me get insight what is going wrong or what I should do?If any additional info is needed, then I'd be happy to provide this info.
Posted Last updated
.
Post not yet marked as solved
3 Replies
3k Views
I have an application that uses a PrivilegedHelper to read/write external disks (eg. backup or restore SD cards).This has been working great and reliable in Mojave.In Catalina (10.15, 19A573A) this no longer works and produces the error:Sandbox: (2301) System Policy: deny(1) file-write-data /dev/rdisk3I was under the assumption that one of the applications of a priviligedhelper tool is to actually have root access rights.Note: running my application with sudo does work, but obviously that is not the right way to do it.Is there anyone who would know how to resolve this issue?Any help would be greatly appreciated, as I have been unable to find proper documentation.Note: both application and helper tool are 64 bit, not sandboxed, signed, notarized (the DMG) and not distributed through the App Store.
Posted Last updated
.