I can get the security path "easily" enough, but for bundles, that gives me the top director, whereas I am trying to get the name of the executable. (I would have used kern.proc.pathname.$pid on FreeBSD, but that's not there for macOS, and kern.procname only gives the current process' name. I also found eskimo's post about getting process arguments, and I could use that to get all the arguments and only care about argv[0], but since the kernel does have p->p_name it'd be nice if there were a nicer way to get just that...) This is in the context of a network extension. Endpoint Security is much nicer in that regard. 😄

Coworkers are trying it and it's not working -- the google response says there was a problem with it, and not much else. I do not have a yubikey (at least not yet 😄), and I'm really not good at the GUI stuff so I don't know as much about it as I probably should. Searching the fora here found a question and comment that didn't make a lot of sense to me, but again I admit to a lot of ignorance here. So any pointers to where I should be look would be appreciated.

Title says it all -- there are a couple of things we might do differently during upgrades, but also we'd like to know for our own statistics. This is on macOS, so we can use /usr/bin/profiles, but I was curious if there was a way to tell programmatically that didn't involves system() or posix_spawn().

We include a root CA with our product. Is there a way to prevent a user from changing the trust settings? I couldn't find anything, but as this is on the outer edge of my current knowledge set, it's just as likely that I missed something.

sef% mdls /Applications/Google\ Chrome.app/Contents/Frameworks/Google\ Chrome\ Framework.framework/Versions/112.0.5615.137/Helpers/Google\ Chrome\ Helper.app kMDItemFSContentChangeDate = 2023-04-17 23:59:16 +0000 kMDItemFSCreationDate = 2023-04-17 23:59:16 +0000 kMDItemFSCreatorCode = "" kMDItemFSFinderFlags = 0 kMDItemFSHasCustomIcon = 0 kMDItemFSInvisible = 0 kMDItemFSIsExtensionHidden = 0 kMDItemFSIsStationery = 0 kMDItemFSLabel = 0 kMDItemFSName = "Google Chrome Helper.app" kMDItemFSNodeCount = 1 kMDItemFSOwnerGroupID = 0 kMDItemFSOwnerUserID = 0 kMDItemFSSize = 1 kMDItemFSTypeCode = "" sef% mdfind 'kMDItemFSName == "Google Chrome Helper.app"' So there's a metadata key that has a value... but mdfind won't find it. I haven't tried writing a small program to see if it would find it yet, although I am somewhat curious if it would.

I searched and couldn't find anything, which shocks me, I can't be the only person to ask this. Therefore my search skills are once again demonstrated to be weak. Given an EKCalendar, I can get the source thence sourceIdentifier... but that's just a UUID; can I get the actual URL for that? I assume it's somewhere?

Playing with EventKit, I wanted to test requesting access. Which I did once. Yay. Now it's stuck in System Settings... and I don't know how to reset it. (This is on Ventura.)

I don't have enough physical machines to install Sonoma; I do, however, have lots of CPU cycles, memory, and disk space -- so can I get Sonoma running in VMWare Fusion? Ideally on both AS and Intel. I searched to see if this had been asked, but I will be the first to admit my searching skills are bad. (This is why I like find and grep.)

In some cases, one of our daemons will end up with thousands of threads. Clearly a bug somewhere, but I can't see it in the code. (Admittedly, it's C++ which is a bit alien to me still. Anyway.) If I wanted to just be notified each time a thread was created in the process, what are some ways to do that? I assume dtrace and lldb have ways to od it, but I'm not quite sure what.

Is it possible to use SwiftData in a CLI tool, or is it only designed to work with SwiftUI?

This seems to show that a bunch of memory being allocated in... mach_vm_deallocate. That doesn't seem likely, so I have to assume I'm misreading the output? (This is on macOS.)

We have our own root CA that is installed with our application. For non-MDM installs, the system asks if the user wants to do that, which is all well and good. It also used to ask us when removing that certificate. It doesn't now. So now I am wondering if I dreamed it, except other people say they also got prompted and don't now. It's being installed and removed using the security command, in scripts.

macOS, really, so there are a bunch of things that may be running during various types of sleep. I know I can get notifications from IOKit about the system going to sleep or waking up, but if I've got a daemon that crashed, and is then relaunched automatically, can I tell whether the machine is awake, or in some sort of sleep state other than hibernation?

I just wrote code for our app to use ASWebAuthenticationSession for 3rd-party authentication (in particular, YUBIKEYS WOOHOO). Our app registers a URI scheme of x-com-kithrup for launch services events, so I used x-com-kithrup-yubi for ASWebAUthenticationSession. Only, I didn't change the back end, so it still redirects to x-com-kithrup://success on a successful login. And... ASWebAuthenticationSession is still calling the handler when it gets a URL with the x-com-kithrup URI, instead of the x-com-kithrup-yubi URI scheme.

I've got @Environment(\.managedObjectContext) var context private var home: Home private var predicate: NSPredicate @State var sortBy: SortDescriptor<Room> @FetchRequest private var rooms: FetchedResults<Room> init(home: Home) { self.home = home _sortBy = State(initialValue: SortDescriptor<Room>(\.name)) self.predicate = NSPredicate(format: "%K = %@", "home", self.home) _rooms = FetchRequest<Room>( sortDescriptors: [self.sortBy], predicate: self.predicate) } But it won't compile -- it says Variable 'self.rooms' used before being initialized. But... how?