I'd like to be able to do the equivalent of getrusage(3) for some of our other processes. These are daemons, so they're not connected in any way. Obviously, Activity Monitor and top can do the things I want, but I'm not Apple. 😄 I went down a maze of twisty APIs, all a-Mach, and have decided to ask. (We're trying to keep track of the processes in the field. We also want to know what's going on if a process has stopped responding but hasn't died. I suppose I could, absolute worst case, periodically send getrusage(3) info to the monitoring process.)

Multiple times a day, every time I open a new window for forums.developer.apple.com, if I'm signed in, it asks me if I want to opt in to notifications. Even if I click on the opt in button. I've just reproduced it five times in a row here. What is going on?

I added ES_EVENT_TYPE_AUTH_SIGNAL to the event list, and added logging: os_log_debug(esfLogger, "antitampering signal %d from process %{public}s to process %{public}s", esm.signal, signing.UTF8String, targetSigning.UTF8String); I get some logs, such as 2024-12-09 10:21:47.668034+0000 0xc2c562 Debug 0x0 29448 0 DopeMonitorService: [security.dope:anti-tamper] antitampering signal 0 from process com.apple.spindump to process com.apple.mds_stores But when I do sudo kill -9 ${ourappprocess}, the proess dies with no log generated. (This is a different process than the one using ESF; the goal is, obviously, to keep our processes from being killed, but I'm only at the logging stage so far.) sudo kill -INFO ${ourappprocess} works: 2024-12-09 10:21:38.410851+0000 0xc2c562 Debug 0x0 29448 0 Monitor: [debug:anti-tamper] antitampering signal 29 from process com.apple.csh to process Worker So it is getting through to the monitoring process. But kill -9 ... isn't. Am I missing something obvious again?

For login purposes, we may want to try automatically checking to see if an email address is set up in certain databases. It looks like the preferred way to do this is via ABAddressBook.shared().me(), then get the right key via in the properties? This, however, is treated as accessing the whole address book and brings up a confirmation dialogue. However, as I thought about it, that might not be the real way we'd want -- we'd want to go through Active Directory, perhaps? Am I making any sense, or just being incoherent? 😄

On one test machine, our extension wouldn't load, because [NETransparentProxyManager loadAllFromPreferencesWithCompletionHandler] can't find a manager, saying Skipping configuration appname because it is of the wrong type. This is the first time I've seen this behaviour. (The containing app tries to find a configuration, if it can't find it it creates one, then modifies whatever it found or created, then stores it. I don't have the right logging yet for that, so I can't see the error messages. [NSLog instead of os_log_error.])

This has happened a few times, including out in the field; it's happened on macOS 14 and 15 I think. "This" is: our app runs, activates the extension, it has to get user approval, and... the system dialogue window never appears. The extension stays waiting for user approval. I've got sysdiagnose from one of the systems, and I see the system log about it going into the user approval needed state, and... nothing else. It's there in Settings, and can be approved then. Has anyone run into this? Ever?

I spent 20 minutes trying to figure out why codesigning was failing -- I had the pf block set up correctly, my keychains were unlocked, and then, eventually, it occurred to me, hey, maybe an IP address changed, so I disabled IPv6 except for link local, and then amazingly, it went back to working. I filed FB13706261 over a year ago. This is ridiculous.

We're trying out using a 3rd party java applet as part of our suite, but we're getting inconsistent results that seem to be related to signing. "Fortunately," I can trivially reproduce it! It pops up a dialogue saying "Apple could not verify “java” is free of malware that may harm your Mac or compromise your privacy"; if I click through the dialogue and the system settings, it then does the same for each of the dylib files. The file seems to be signed, so is this a matter of it not being notarized? Will we have to sign and notarize them all on our own?

We have a customer reporting a bunch of problems with our (Transparent Proxy Provider-based) suite. Looking at a sysdiagnose, I see that our GUI applet was killed: Termination Reason: Namespace PORT_SPACE, Code 14123288431434181290 (Limit 305834 ports) Exceeded system-wide per-process Port Limit Looking at the top.txt file from it, I see that it has 193,086 ports -- compared to about ~250 on one of my test systems. Has anyone run into this? Any idea what might be causing it? (I'm still poring over the sysdiagnose, but I don't see any kernel logs around that time -- except that our process does close a dozen or so ports because of cancellation.)

This is probably super simple answer that I missed, but: I have an app that has a database; I'd like to create a second app (actually a CLI tool), and access the same database. Is that possible? And, if so, how? 😄

On three different machines (all running Xcode 13 and Big Sur), it always tells me that the command-line developer tools need to be installed. I've "installed" them four times so far on one machine, and at least twice on the other two.

Our app has a network extension (as I've mentioned lots 😄). We do an upgrade by downloading the new package, stopping & removing all of our components except for the network extension, and then installing the new package, which then loads a LaunchAgent causing the containing app to run. (The only difference between a new install and upgrade is the old extension is left running, but not having anything to tell it what to do, just logs and continues.) On some (but not all) upgrades... nothing ends up able to communicate via XPC with the Network Extension. My simplest cli program to talk to it gets Could not create proxy: Error Domain=NSCocoaErrorDomain Code=4099 "The connection to service named blah was invalidated: failed at lookup with error 3 - No such process." UserInfo={NSDebugDescription=The connection to service named bla was invalidated: failed at lookup with error 3 - No such process.} Could not communicate with blah Restarting the extension by doing a kill -9 doesn't fix it; neither does restarting the control daemon. The only solution we've come across so far is rebooting. I filed FB11086599 about this, but has anyone thoughts about this?

This seems to show that a bunch of memory being allocated in... mach_vm_deallocate. That doesn't seem likely, so I have to assume I'm misreading the output? (This is on macOS.)

Continuing my standard weekend project of just playing with things, and I have a little inventory app. Basically something like @Model final class Room { var id: UUID var name: String @Relationship(deleteRule: .cascade, inverse: \Item.room) var items: [Item] } @Model final class Item { var id: UUID var name: String @Relationship(deleteRule: .nullify) room: Room } Then in a SwiftUI view for each Room, I use another ItemsView that constructs a query predicate based on the room ID that is passed in. And then on that, I've got a sheet to edit it, which is passed in @Bindable var item: Item, and has a form to edit it, and cancel & save buttons. Standard stuff. But if I edit the fields in the Item, they get reflected immediately, which, ok, that's actually what I wanted so yay. But the "Save" button calls context.save() while the "Cancel" button doesn't -- it calls context.rollback() (and I have auto-save off). And the problem I've got is: when I do that, the ItemsView updates, in real time, but when I cancel, it doesn't update; I have to quit and relaunch the app to get that properly in sync. The easiest change I can make, I presume, is to simply not use the passed in Item, but simply copy its values around to a new instance, but that won't update the item, so I'd have to delete it and re-insert it, or copy the fields back in the completion handler, or any number of things. So my question really is: assuming what I just described makes sense, what's the proper way to deal with it?

I've come to the conclusion that TPP and UDP are just utterly wonky together. This is my relevant code: let host = NWHostEndpoint(hostname: "", port: "0") let udpRule = NENetworkRule(destinationNetwork: host, prefix: 0, protocol: .UDP) let tcpRule = NENetworkRule(destinationNetwork: host, prefix: 0, protocol: .TCP) let settings = NETransparentProxyNetworkSettings(tunnelRemoteAddress:"127.0.0.1") /* * These three lines are a hack and experiment */ let quicHost_1 = NWHostEndpoint(hostname: "", port: "80") let quicHost_2 = NWHostEndpoint(hostname: "", port: "443") let quicRule_1 = NENetworkRule(destinationNetwork: quicHost_1, prefix: 0, protocol: .UDP) let quicRule_2 = NENetworkRule(destinationNetwork: quicHost_2, prefix: 0, protocol: .UDP) settings.includedNetworkRules = [quicRule_1, quicRule_2, tcpRule] settings.excludedNetworkRules = nil Directing UDP through a TPP breaks FaceTime, AirDrop, and a bunch of VPNs Despite the documentation implication that you can't do DNS control with a TPP ("A port string of 53 is not allowed. Use Destination Domain-based rules to match DNS traffic."), if I opt into UDP (settings.includedNetworkRules = [udpRule, tcpRule]), then I see traffic to port 53, and can do things with it. If I use a wild-card network rule (the code above), then the TPP does not seem to get any UDP flows at all. If I use a wild-card exclusion rule (using NWHostEndpoint(hostname: "", port: "53")), then everything starts breaking. If I use NENetworkRule(destinationHost: host, protocol: .UDP), it complains because the prefix must be 32 or less. I've filed feedbacks, and engaged with eskimo (really, thank you), and looked at previous threads, so mostly this is begging: has anyone gotten this to work as expected? I no longer think I'm being obviously wrong with my code, but I would be super delighted to find out I've missed some tricks or angles.