My laptop (M1 Pro, macOS 15.3.2) is connected to a dual stack network via Wi-Fi. The home.arpa. domain is supplied as a search domain via both DHCPv4 (options 15 and 119) and DHCPv6 (option 24). "Details…" for the network connection in System Settings show this domain under the DNS tab. The laptop uses a Forwarding DNS Resolver of my router, which in turn forwards requests for home.arpa. (including subdomains) to a local DNS server (CoreDNS) which is authoritative for this zone. The DNS server is configured via the following zone file: $ORIGIN home.arpa. $TTL 3600 @ IN SOA @ nobody.invalid. (1 3600 1200 604800 3600) @ NS @ @ AAAA ….1 gateway A ….1 gateway AAAA …::1 b._dns-sd._udp PTR @ lb._dns-sd._udp PTR @ db._dns-sd._udp PTR @ _services._dns-sd._udp PTR _smb._tcp _smb._tcp PTR Media._smb._tcp Media._smb._tcp SRV 0 0 445 gateway Media._smb._tcp TXT ("path=/media" "u=guest") Output of dig(1) looks like: $ dig @….1 -t PTR lb._dns-sd._udp.home.arpa. ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43291 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;lb._dns-sd._udp.home.arpa. IN PTR ;; ANSWER SECTION: lb._dns-sd._udp.home.arpa. 1993 IN PTR home.arpa. ;; AUTHORITY SECTION: home.arpa. 2771 IN NS home.arpa. $ dig @….1 -t PTR _services._dns-sd._udp.home.arpa. ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9057 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;_services._dns-sd._udp.home.arpa. IN PTR ;; ANSWER SECTION: _services._dns-sd._udp.home.arpa. 3600 IN PTR _smb._tcp.home.arpa. ;; AUTHORITY SECTION: home.arpa. 3600 IN NS home.arpa. $ dig @….1 -t PTR _smb._tcp.home.arpa. ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44220 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;_smb._tcp.home.arpa. IN PTR ;; ANSWER SECTION: _smb._tcp.home.arpa. 3599 IN PTR Media._smb._tcp.home.arpa. ;; AUTHORITY SECTION: home.arpa. 3599 IN NS home.arpa. $ dig @….1 -t SRV Media._smb._tcp.home.arpa. ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45878 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;Media._smb._tcp.home.arpa. IN SRV ;; ANSWER SECTION: media._smb._tcp.home.arpa. 3600 IN SRV 0 0 445 gateway.home.arpa. ;; AUTHORITY SECTION: home.arpa. 3600 IN NS home.arpa. $ dig @….1 -t A gateway.home.arpa. ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2782 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;gateway.home.arpa. IN A ;; ANSWER SECTION: gateway.home.arpa. 86400 IN A 192.168.99.1 ;; AUTHORITY SECTION: home.arpa. 3578 IN NS home.arpa. $ dig @….1 -t AAAA gateway.home.arpa. ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17297 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;gateway.home.arpa. IN AAAA ;; ANSWER SECTION: gateway.home.arpa. 3600 IN AAAA fd6f:9784:5753::1 ;; AUTHORITY SECTION: home.arpa. 3600 IN NS home.arpa. Output of dns-sd(1): /usr/bin/dns-sd -test … Testing for error returns when various strings are > 63 bytes: PASSED Running basic API input range tests with various pointer parameters set to NULL: Basic API input range tests: PASSED $ dns-sd -m -F Looking for recommended browsing domains: DATE: ---Fri 11 Apr 2025--- 8:50:17.846 ...STARTING... Timestamp Recommended Browsing domain 8:50:17.847 Added (More) local 8:50:17.847 Added arpa - > home $ dns-sd -B _smb._tcp home.arpa. Browsing for _smb._tcp.home.arpa. DATE: ---Fri 11 Apr 2025--- 8:59:10.044 ...STARTING... $ dns-sd -L Media _smb._tcp home.arpa. Lookup Media._smb._tcp.home.arpa. DATE: ---Fri 11 Apr 2025--- 9:15:53.328 ...STARTING... $ dns-sd -Q _smb._tcp.home.arpa. PTR IN DATE: ---Fri 11 Apr 2025--- 9:16:52.208 ...STARTING... Timestamp A/R Flags IF Name Type Class Rdata 9:16:52.210 Add 40000002 0 _smb._tcp.home.arpa. PTR IN 0.0.0.0 No Such Record 9:16:52.222 Add 2 0 _smb._tcp.home.arpa. PTR IN 0.0.0.0 No Such Record Similarly, when I open Finder->Network I see home.arpa but it's empty. Of interest is that on the DNS server side I see the following requests being made: 2025-04-11 09:03:15 container,info,debug [INFO] […]:56541 - 21555 "SOA IN _afpovertcp._tcp.home.arpa. udp 44 false 512" NXDOMAIN qr,aa,rd 112 0.000755089s 2025-04-11 09:03:15 container,info,debug [INFO] […]:56077 - 58266 "SOA IN _smb._tcp.home.arpa. udp 37 false 512" NOERROR qr,aa,rd 105 0.001012632s 2025-04-11 09:03:15 container,info,debug [INFO] […]:45274 - 45976 "SOA IN _rfb._tcp.home.arpa. udp 37 false 512" NXDOMAIN qr,aa,rd 105 0.000762339s 2025-04-11 09:03:15 container,info,debug [INFO] […]:54387 - 32090 "SOA IN _adisk._tcp.home.arpa. udp 39 false 512" NXDOMAIN qr,aa,rd 107 0.001058132s 2025-04-11 09:03:15 container,info,debug [INFO] […]:35855 - 51155 "SOA IN _tcp.home.arpa. udp 32 false 512" NOERROR qr,aa,rd 100 0.000664963s I suppose that an attempt to locate services is made but it's unsuccessful and I'm not sure why. What further debugging can I attempt?

I have installed the following configuration profile: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>PayloadContent</key> <array> <dict> <key>PayloadDisplayName</key> <string>Enable Private Data Logging for Unified Logging</string> <key>PayloadEnabled</key> <true/> <key>PayloadIdentifier</key> <string>com.apple.system.logging.2BFB8109-8829-4020-AEB7-BA21761AE50C</string> <key>PayloadType</key> <string>com.apple.system.logging</string> <key>PayloadUUID</key> <string>2BFB8109-8829-4020-AEB7-BA21761AE50C</string> <key>PayloadVersion</key> <integer>1</integer> <key>System</key> <dict> <key>Enable-Private-Data</key> <true/> </dict> </dict> </array> <key>PayloadDisplayName</key> <string>Enable Private Logging Data</string> <key>PayloadIdentifier</key> <string>Kentzo-Macbook.D000DF5D-AE7A-4D22-B1DC-8F9CD71A2DD2</string> <key>PayloadRemovalDisallowed</key> <false/> <key>PayloadType</key> <string>Configuration</string> <key>PayloadUUID</key> <string>1CF75441-D3C2-4E5B-B36A-394C397E8529</string> <key>PayloadVersion</key> <integer>1</integer> <key>ConsentText</key> <dict> <key>default</key> <string>Warning: Installing this profile will enable private data logging for all of unified logging.</string> </dict> </dict> </plist> But both Console.app and log show values like <mask.hash: 'Z9xIxlLTn0KlWPUjmpOSkg=='> for the com.apple.mDNSResponder subsystem. What do I need to do to reveal this information?

Recently Apple's remotepairingd crashed and the report had the following "Path": /Library/Apple/*/RemotePairing.framework/Versions/A/XPCServices/remotepairingd.xpc/Contents/MacOS/remotepairingd Why *? The actual path on disk is /Library/Apple/System/Library/PrivateFrameworks/RemotePairing.framework/Versions/A/XPCServices/remotepairingd.xpc/Contents/MacOS/remotepairingd.

Assuming I have a static library where all global symbols need to be re-exported by the target executable. How do I extract these symbols into a file to be used with ld's -exported_symbols_list and Xcode's EXPORTED_SYMBOLS_FILE? I was thinking about nm -gUjo … + sed but maybe there is abetter way?

I'm trying to use autofs to mount some macFUSE filesystems. However, autofs requires custom filesystems to provide /sbin/mount_* and this directory is not writable nor modifiable via synthentic.conf Using a launch agent or daemon is not desirable as there is a non-blocking delay before the filesystem gets mounted which causes a race condition. Is there any other option to let diskarbitrationd or autofs to automatically mount a macFUSE filesystem?

Cannot figure out what topic / technology to use send a feedback about Terminal.app? Found a bug where New Remote Connection… via ssh cannot handle hosts with ProxyJump set.

Which category should I pick to report bugs against command line tools bundled by macOS? In particular, I'm trying to send a feedback against an incorrect hardcoded path in /usr/share/zsh/5.8.1/functions/run-help. It's written as local HELPDIR="${HELPDIR:-/AppleInternal/Library/BuildRoots/9e200cfa-7d96-11ed-886f-a23c4f261b56/Library/Caches/com.apple.xbs/Binaries/zsh/install/TempContent/Root/usr/share/zsh/5.8.1/help}" but needs to be local HELPDIR="${HELPDIR:-/usr/share/zsh/5.8.1/help}"

I have a local APFS filesystem (sparsebundle disk image) mounted read-only: /dev/disk5s1 on /opt/homebrew (apfs, local, nodev, nosuid, read-only, journaled, noowners, nobrowse) There are no open files as reported by $ sudo lsof +f -- /opt/homebrew However, an attempt to remount via the -u and -w options fails with the following error: $ sudo mount -u -w /opt/homebrew mount_apfs: volume could not be mounted: Permission denied mount: /opt/homebrew failed with 66 Is there a configuration option that I'm missing?

I have an app that seems to be properly signed and notarized which I installed using Homebrew. Upon the first launch macOS warned that the app was downloaded from the internet and asked whether I want to proceed, to which I agreed. Subsequent launches do not show this warning. However, launchd refuses to launch its login item: 2023-01-11 10:23:16.258575 (gui/501/org.p0deje.Maccy-LaunchAtLoginHelper [16190]) <Warning>: Could not find and/or execute program specified by service: 155: Refusing to execute/trust quarantined program/file: org.p0deje.Maccy-LaunchAtLoginHelper Indeed, the com.apple.quarantine is still set on the app itself and all is contents, including this helper: $ ls -la@ /Applications/Maccy.app total 0 drwxr-xr-x@ 3 kentzo staff 96 Aug 31 14:20 . com.apple.macl 72 com.apple.provenance 11 com.apple.quarantine 67 drwxrwxr-x 84 root admin 2688 Jan 11 10:20 .. drwxr-xr-x@ 11 kentzo staff 352 Aug 31 14:29 Contents com.apple.quarantine 67 codesign and scptl seem to be happy though: $ codesign --verify -vvv /Applications/Maccy.app --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftObjectiveC.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftObjectiveC.dylib --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftCoreImage.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftCoreImage.dylib --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftXPC.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftXPC.dylib --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftCore.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftCore.dylib --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftAppKit.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftAppKit.dylib --prepared:/Applications/Maccy.app/Contents/Library/LoginItems/LaunchAtLoginHelper.app --validated:/Applications/Maccy.app/Contents/Library/LoginItems/LaunchAtLoginHelper.app --prepared:/Applications/Maccy.app/Contents/XPCServices/org.sparkle-project.Downloader.xpc --validated:/Applications/Maccy.app/Contents/XPCServices/org.sparkle-project.Downloader.xpc --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftCoreGraphics.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftCoreGraphics.dylib --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftMetal.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftMetal.dylib --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftCoreData.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftCoreData.dylib --prepared:/Applications/Maccy.app/Contents/XPCServices/org.sparkle-project.InstallerConnection.xpc --validated:/Applications/Maccy.app/Contents/XPCServices/org.sparkle-project.InstallerConnection.xpc --prepared:/Applications/Maccy.app/Contents/XPCServices/org.sparkle-project.InstallerStatus.xpc --validated:/Applications/Maccy.app/Contents/XPCServices/org.sparkle-project.InstallerStatus.xpc --prepared:/Applications/Maccy.app/Contents/XPCServices/org.sparkle-project.InstallerLauncher.xpc --validated:/Applications/Maccy.app/Contents/XPCServices/org.sparkle-project.InstallerLauncher.xpc --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftos.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftos.dylib --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftDispatch.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftDispatch.dylib --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftDarwin.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftDarwin.dylib --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftCoreFoundation.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftCoreFoundation.dylib --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftQuartzCore.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftQuartzCore.dylib --prepared:/Applications/Maccy.app/Contents/Frameworks/Sparkle.framework/Versions/Current/. --validated:/Applications/Maccy.app/Contents/Frameworks/Sparkle.framework/Versions/Current/. --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftIntents.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftIntents.dylib --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftIOKit.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftIOKit.dylib --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftCoreLocation.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftCoreLocation.dylib --prepared:/Applications/Maccy.app/Contents/Frameworks/libswiftFoundation.dylib --validated:/Applications/Maccy.app/Contents/Frameworks/libswiftFoundation.dylib /Applications/Maccy.app: valid on disk /Applications/Maccy.app: satisfies its Designated Requirement $ codesign --display -vvv /Applications/Maccy.app Executable=/Applications/Maccy.app/Contents/MacOS/Maccy Identifier=org.p0deje.Maccy Format=app bundle with Mach-O universal (x86_64 arm64) CodeDirectory v=20500 size=6460 flags=0x10000(runtime) hashes=191+7 location=embedded Hash type=sha256 size=32 CandidateCDHash sha256=fab018cde6fe6239b18e2a5a9055b9b6c0ca7ee2 CandidateCDHashFull sha256=fab018cde6fe6239b18e2a5a9055b9b6c0ca7ee2f1d34d9cb8e114a1f72b28b5 Hash choices=sha256 CMSDigest=fab018cde6fe6239b18e2a5a9055b9b6c0ca7ee2f1d34d9cb8e114a1f72b28b5 CMSDigestType=2 Launch Constraints: None CDHash=fab018cde6fe6239b18e2a5a9055b9b6c0ca7ee2 Signature size=8981 Authority=Developer ID Application: Alexey Rodionov (MN3X4648SC) Authority=Developer ID Certification Authority Authority=Apple Root CA Timestamp=Aug 31, 2022 at 2:21:06 PM Info.plist entries=29 TeamIdentifier=MN3X4648SC Runtime Version=12.3.0 Sealed Resources version=2 rules=13 files=186 Internal requirements count=1 size=208 $ spctl -a -t exec -vvv /Applications/Maccy.app /Applications/Maccy.app: accepted source=Notarized Developer ID origin=Developer ID Application: Alexey Rodionov (MN3X4648SC) Other apps with login items that I downloaded with Safari and manually moved to /Applications seem to work properly. What could be wrong with Homebrew's installation process? Tested on 13.1 with M1 processor, homebrew 3.6.15

Just noticed that a number of system frameworks on my machine do not pass codesign verification: $ codesign --verify --verbose=8 /System/Volumes/Data/Library/Apple/Library/Bundles/IncompatibleAppsList.bundle /System/Volumes/Data/Library/Apple/Library/Bundles/IncompatibleAppsList.bundle: a sealed resource is missing or invalid file added: /System/Volumes/Data/Library/Apple/Library/Bundles/IncompatibleAppsList.bundle/Contents/Resources/pt_BR.lproj/IncompatibleAppsList.strings  $ codesign --verify --verbose=8 /System/Volumes/Data/Library/Apple/System/Library/StagedFrameworks/Safari/WebCore.framework /System/Volumes/Data/Library/Apple/System/Library/StagedFrameworks/Safari/WebCore.framework: a sealed resource is missing or invalid file added: /System/Volumes/Data/Library/Apple/System/Library/StagedFrameworks/Safari/WebCore.framework/Versions/Current/Resources/modern-media-controls/images/Brightness.svg  $ codesign --verify --verbose=8 /System/Volumes/Data/Library/Apple/System/Library/StagedFrameworks/Safari/WebInspectorUI.framework /System/Volumes/Data/Library/Apple/System/Library/StagedFrameworks/Safari/WebInspectorUI.framework: a sealed resource is missing or invalid file added: /System/Volumes/Data/Library/Apple/System/Library/StagedFrameworks/Safari/WebInspectorUI.framework/Versions/Current/Resources/Images/IgnoreCaches.svg  $ codesign --verify --verbose=8 /System/Volumes/Data/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework         /System/Volumes/Data/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework: a sealed resource is missing or invalid ... $ codesign --verify --verbose=8 /System/Volumes/Data/Library/Apple/System/Library/StagedFrameworks/Safari/SafariShared.framework /System/Volumes/Data/Library/Apple/System/Library/StagedFrameworks/Safari/SafariShared.framework: a sealed resource is missing or invalid ... $ codesign --verify --verbose=8 /System/Volumes/Data/private/var/db/gkopaque.bundle                                              /System/Volumes/Data/private/var/db/gkopaque.bundle: a sealed resource is missing or invalid file modified: /System/Volumes/Data/private/var/db/gkopaque.bundle/Contents/Resources/gkopaque.db Should I worry about that?

chdir (2) with relative paths that involve firmlink black magic behave awkwardly. Consider the following sample code: #include <assert.h> #include <string.h> #include <stdio.h> #include <unistd.h> int main(int argc, const char * argv[]) { chdir("/System/Volumes/Data/usr/libexec"); assert(strcmp(getwd(NULL), "/System/Volumes/Data/usr/libexec") == 0); chdir("cups"); assert(strcmp(getwd(NULL), "/System/Volumes/Data/usr/libexec/cups") == 0); return 0; } The problem is that the second chdir will jump to "/usr/libexec/cups". I have reported this issue via the feedback assistant (FB11432545) but it got closed as "Works as currently designed" without much explanation. Especially if you take into account that FTS (3) and tools like ls (1) and find (1) are broken: $ find /System/Volumes/Data/usr/share | grep '^/System/Volumes/Data/usr/share/' | wc -l 179 $ find /System/Volumes/Data/usr | grep /System/Volumes/Data/usr/share/ | wc -l 14956

I know there is https://github.com/apple/llvm-project but how can I know which commit was used to compile lldb that got shipped with Xcode?

My current implementation has the following structure: In my implementation of NSXPCListenerDelegate I create the Remote object via the remoteObjectProxy* family of API. I then create the Local object that has a strong reference to Remote Local is then set as exportedObject of the Connection object Did I just create a reference cycle (Connection -> Local -> Remote -> Connection)? The strategy I'm considering right now is to drop the reference to Remote and request it from Connection (unless invalidated) whenever it's needed. But that's a bit inconvenient as I need to somehow refer to Connection from Local. The latter can be solved via a weak (or unowned?) reference from Local to Connection. But then it's important to know whether Connection will retain Local (its exportedObject) until deallocated or until invalidated. Please advise what'd be the best way to proceed.