Hi, I've created persistent task from type launchDaemon based on bash script that should run one time upon first load. These are the contents of the plist file : <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>com.blabla.task</string> <key>RunAtLoad</key> <true/> <key>LaunchOnlyOnce</key> <true/> <key>Program</key> <string>/Library/Application\ Support/myComp /script.sh</string> </dict> </plist> However, when i load the plist using launchCtl, nothing happens and no meaningful log appears... However, when the Program location changes to /tmp/script.sh then everything is working great So i conclude that there's permission issue to access Library/Application\ Support, although the file permission is allow for all -rwxrwxrwx. But when I give back full disk access in privacy setting, it's working from the /Library.. path. My question is why does bash launchd task that runs with privileges, also requires this privacy acknowledge in order to run the script?

Hi, I'd like to establish connection between my application and a remote server. Ideally it would be using webSocket since the communication is bi-directional and asynchronous. However, In case the webSocket isn't established properly or failing sometime after it was created (due to firewall, proxy servers, network switching or any other reason), than I'd like to switch to using periodical simple HTTPS POST requests (keep alive messages) where the server-to-client data transferred on the responses. The server should also support both communication methods. The following code should reflect my approach. Please advise if this could work or perhaps there are built-in solutions in the framework. NSURL * reqUrl = [NSURL URLWithString:@"wss://mydomain.com"]; NSURLSession* session = [NSURLSession sessionWithConfiguration: [NSURLSessionConfiguration defaultSessionConfiguration]]; NSMutableURLRequest *req = [NSMutableURLRequest requestWithURL:reqUrl]; webSocketTaskWithURL * socketConnection = [URLSession webSocketTaskWithURL:url]; socketConnection.resume() [socketConnection sendMessage:message completionHandler: ^(NSError * e) { if (e != nil) { // fallback to https [req setHTTPBody:[message dataUsingEncoding:NSUTF8StringEncoding]] NSURLSessionDataTask *data_task_http = [session dataTaskWithRequest:req]; completionHandler: ^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) { /*blabla*/}]; [data_task resume]; }

I've got the following code that I use to communicate with a remote server. However, when the response contain a large enough file, the callback block never called, the only thing that trigger the callback, is when I explicitly invoke the cancel method after some timeout from the NSURLSession task (_dataTask). notice that using tcpdump I did observe that the response was properly received on the client side. NSURLSessionConfiguration* config = [NSURLSessionConfiguration defaultSessionConfiguration]; NSOperationQueue *queue = [[NSOperationQueue alloc] init]; queue.maxConcurrentOperationCount = 1; NSURLSession* session = [NSURLSession sessionWithConfiguration:config delegate:nil delegateQueue:queue]; _dataTask = [session dataTaskWithRequest:req completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) { if ([error code] == NSURLErrorCancelled) { writeLog(LOG_ERROR, "NSURLErrorCancelled"); } else { <my completion callback> } }]; [_dataTask resume] I'd like to know if using dataTask has response size limit (because it's working for small files on response body) and if there is such a limit, so which other method should I use in order to overcome it. I saw that there's an alternative method in NSUrlsession dedicated for downloading files called downloadTaskWithRequest but it doesn't have an async completion block.

Hi, I've set the C++ language dialect in my project to c++2a. Than it failed on compiling .mm file which has the following line @import AppKit; But if replace it with the following line and link with framework from project build phases, than it works. #import <AppKit/AppKit.h> My .mm file is including for adapter swift header file (*-Swift.h) which is auto generated and has this @import directive. is it a known issue, should I file a bug ?

I've got an mach-o executable that runs from launchDaemon plist file, and is communicating with other processes using unix domain socket. The file that backs this socket created in /tmp. However, this cause the executable to fail reading the file unless given full disk access. I'd like to find a location for the socket file, which is shared to all processes and doesn't require full disk access. the executable reside in /Library/Application Support/myProj/bin/exec_file is there such location ? Perhaps can i use the same location of the executable itself ?

I'd like to add a short script that runs clang-format upon trying to save a file in Xcode project. the script will do the following command : #!/bin/zsh /usr/local/bin/clang-format -i <saved_file> Does Xcode support this feature (in visual studio it's called format-on-save :  https://code.visualstudio.com/updates/v1_6#_format-on-save

Hi, I was wondering if there's any limitation for the context where I initialize my xpc service. This is the code that initialize my xpc service : listener_ = [[NSXPCListener alloc] initWithMachServiceName:@"com.bla.bla"]; xpcService *delegate = [xpcService new]; listener_.delegate = delegate; [listener_ resume];  [[NSRunLoop mainRunLoop] run]; Doing it from the main method and everything works just fine. However, when calling it from different method(main)/thread(main thread)... It doesn't accept remote calls although it seems like the listener was properly initialized. I even tried to wrap this code to run on the main thread using the following wrapper dispatch_sync(dispatch_get_main_queue(), ^{ listener_ = [[NSXPCListener alloc] initWithMachServiceName:@"com.bla.bla"]; xpcService *delegate = [xpcService new]; listener_.delegate = delegate; [listener_ resume]; } where the [[NSRunLoop mainRunLoop] run]; is called from the main method... So my question is what are the requirements to make the XPC work.. is it mandatory to call it from the main method ?

I've got an array of strings that I want to present using swiftUI Picker widget. Each string is composed of multiple words delimited by spaces. I'd like to get the Picker showing the full string of each item in the list, while the selection variable should only get the first word (the selected item is stored in arg) This was my attempt to do so. notice that the object that hold the items called myHandler, and it's shared to the swiftUI view, and can be modified by external swift closure: class myHandler: ObservableObject { @Published var items = [String]() } struct ContentView: View { @State var arg: String = "" @ObservedObject var handler : myHandler ... VStack { Picker("items", selection: $arg) { Text("AAA").tag("xxx") Text("BBB").tag("yyy") Text("CCC").tag("zzz") ForEach(handler.items , id: \.self, content: { Text($0).tag($0.components(separatedBy: " ")[0]) }) } } .frame() TextField("firstword", text: $arg).frame() For the options outside the ForEach statement, I can see that arg get the value written in the tag. However, for all options that derived from the ForEach, I see that arg equals to the iterable item ($0) which is the multi work string, and not to the first word as expected. Any idea how to fix those items that are generated from the ForEach, so that selection of such item, will set the arg to the string value of the first word in the iterator ?

Hi, I was wondering if there's any option to run xcodebuild to compile the project and skip the code signing phase, even though, a signing account is set in the project under signing and capabilities. The motivation for that, is that on some occasions, my project get built using GitLab CI/CD pipeline, which have machine pool that doesn't have Xcode with account. So I'd like to build only and check that nothing got broken. thanks

Hi, I've like to calculate the path mtu between one of the local interfaces and a remote address. Perhaps there's such option using native networking framework like nsurlconnection ? Should I need to set the DF (don't fragment) bit and send to each hop in the path, or can I acquire this value from some cached storage per connection ? thanks

I'm trying to understand where do I get the dns server configuration from. As I understand, if the file /etc/resolve.conf contain no servers, than it fallback to servers that are defined by the physical connection (Wi-Fi) However, once I removed all dns servers from /etc/resolve.conf, I got that my DNS is configured to the loopback address (127.0.0.1) instead of what the connection provides. nslookup > server Default server: 127.0.0.1 Address: 127.0.0.1#53 Default server: ::1 Address: ::1#53 and Here's the the default dns servers from the Wi-Fi connection: Here's what's configured by the interface : Perhaps anyone can tell me why doesn't the default DNS server is selected to 10.196.X.X as provided by the connection (instead I get the loopback address)

After macOS minor upgrade of Monterey I've noticed that a directory of mine that lies under /Library/Application Support/myCompany/myProj/myFolder has been mysteriously deleted. Is there a way to check in retrospect which process deleted my directory ? I know of fs_usage, but it's used to record ongoing file activities... the question is how to get file auditing event from the past. Thanks

I'm working on some app that has LaunchDaemon running on the background, and thus it requires some operations to be removed, prior to deleting the data/exe files. Is there an option to call an uninstall script upon drag-and-drop my app into the trash bin ? or at least, prevent the uninstallation and trigger popup window that tells the user this app cannot be removed until he unload the service (sudo launchctl stop /Library/LaunchDaemons... or sudo launchctl unload -w /Library/LaunchDaemons...) my app uses pkg file format for deployment, but I couldn't find any uninstall callback within this format. is there a way to do so ? Thanks

I have a MacOS network extension that activates 3 network "Proxies" (TransparentProxy, AppProxy and DNSProxy). To activate the proxies I do: NEAppProxyProviderManager.loadAllFromPreferences { saveToPreferences { error in if (error) { /* failed to save */ } /* saved */ } } Now I do this 3 times (once for each proxy). The behavior I observe is the following: Once the "saveToPreferences()" is called for the first time the app is installed, user gets an approval popup. Even before user clicks anything, the first 2 calls to "saveToPreferences" fail (both with the same message): Failed to save configuration MyTransparentProxy: Error Domain=NEConfigurationErrorDomain Code=10 “permission denied” UserInfo={NSLocalizedDescription=permission denied} The third call to "saveToPreferences()" does NOT return until a user either accepts or rejects the "allow vpn configuration" pop up. My question is, how can I make all the calls to block the completion callback until user decision ? For now, I figured out that this works as workaround: In the initialization of the first proxy I do: NEAppProxyProviderManager.loadAllFromPreferences { saveToPreferences { error in if (error) { /* failed to save */ } /* saved */ /* here I start the “next” proxies */ StartNextProxy(); } } In this case the first one is blocked until user accepts the pop up and once he does I start the second and the third proxies. This ensure avoidance of "permission denied" error as only one "saveToPreferences()" call waits for user approval. This doesn’t feel like the correct method to me, is there a way for multiple proxy manager to wait for "VPN Configuration" approval event ? Thanks !

Hi, I've made a pkg installation file that usually works. However, for some setups I gets the following failure after postinstall finish (return 0) 2023-01-12 10:52:00-08 ESXBigSurVM-5 package_script_service[815]: Responsibility set back to self. 2023-01-12 10:52:00-08 ESXBigSurVM-5 installd[781]: PackageKit: Writing receipt for com.myprod.mycomp to / 2023-01-12 10:52:00-08 ESXBigSurVM-5 install_monitor[814]: Re-included: /Applications, /Library, /System, /bin, /private, /sbin, /usr 2023-01-12 10:52:01-08 ESXBigSurVM-5 installd[781]: PackageKit: releasing backupd 2023-01-12 10:52:01-08 ESXBigSurVM-5 installd[781]: PackageKit: allow user idle system sleep 2023-01-12 10:52:01-08 ESXBigSurVM-5 installd[781]: PackageKit: Cleared responsibility for install from 773. 2023-01-12 10:52:01-08 ESXBigSurVM-5 installd[781]: PackageKit: Cleared permissions on Installer.app 2023-01-12 10:52:01-08 ESXBigSurVM-5 installd[781]: PackageKit: Install Failed: Error Domain=NSCocoaErrorDomain Code=513 "You don't have permission to save the file "com.myprod.mycomp.bom" in the folder "receipts"." UserInfo={NSFilePath=/var/db/receipts/com.myprod.mycomp.bom, NSUnderlyingError=0x7f92fe515760 {Error Domain=NSPOSIXErrorDomain Code=1 "Operation not permitted"}} { NSFilePath = "/var/db/receipts/com.myprod.mycomp.bom"; NSUnderlyingError = "Error Domain=NSPOSIXErrorDomain Code=1 \"Operation not permitted\""; } 2023-01-12 10:52:01-08 ESXBigSurVM-5 installd[781]: PackageKit: Running idle tasks I've used the installer command with sudo, but i'm still getting the permissions issue ... sudo /usr/sbin/installer -pkg /path/to/my/file.pkg -target / Any idea why this is happening only in some setups (usually VMs running BigSur) ? and how could i prevent it ?