“eskimo”

Just now, I had already updated to the latest version Xcode 26.4.1, but the problem still persists. Indeed. That’s expected. Xcode 26.4.1 does not contain a fix for FB22439399. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

I’m glad you got your main issue resolved. Regarding this: [quote='884737022, nathan-pierce-veertu, /thread/822670?answerId=884737022#884737022, /profile/nathan-pierce-veertu'] Opened FB22523292 as suggestion [/quote] Hmmm, the title of that bug is “Support Virtualization without the host having a logged in user”, which makes it about this overall issue. That’s not what I suggested, which was: [quote='884713022, DTS Engineer, /thread/822670?answerId=884713022#884713022'] file an enhancement request for documentation as to what is or isn’t expected to work in [non-GUI] contexts [/quote] The bug you filed is fine in and of itself, but it’s a much harder ‘ask’ than my suggestion, which was about improved documentation. But nevermind, I’ve filed my own bug against the documentation (r. 174993212). Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

@Z_L_Z, @G-null, I want to be clear about what’s going upthread. The folks having this issue are using Rosetta to run the simulator. In my earlier post I made it clear that that’s not a supported configuration. So: If you’re also using Rosetta to run the simulator, I recommend that you stop doing that and see if the problem persists. If you’re not using Rosetta to run the simulator, I recommend that you start a new thread here on the forums with the details of your issue. That’ll ensure that folks reading your thread don’t get distracted by the Rosetta history in this thread. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

[quote='884547022, rbmanian75, /thread/822025?answerId=884547022#884547022, /profile/rbmanian75'] The primary challenge is that the network configuration cannot be modified while it is active. [/quote] [quote='884694022, DTS Engineer, /thread/822025?answerId=884694022#884694022'] I’m gonna check on that though, just to be sure. [/quote] So, yeah, your analysis is correct. We already have a bug on file about this limitation for port forwarding (r. 166418644). I wasn’t able to find an equivalent bug for DHCP reservations, so I recommend that your file your own about that. Please post your bug number, just for the record. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

[quote='884778022, rbmanian75, /thread/822658?answerId=884778022#884778022, /profile/rbmanian75'] Wow. that worked. [/quote] Cool. The good news is that this confirms a theory that was raised during my discussion of your issues with the vmnet team. The bad news is that this is a known limitation of vmnet (FB7731708). We hope to fix it sooner rather than later, but I don’t have any concrete timeline to share. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

[quote='884763022, unni0786, /thread/822908?answerId=884763022#884763022, /profile/unni0786'] is any possible method to fetch or read certificates available on IOS system keychain from enterprise in-house app or not ? [/quote] Not that I’m aware of [1]. [quote='884763022, unni0786, /thread/822908?answerId=884763022#884763022, /profile/unni0786'] Our end goal is that the app requires the com.apple.managed-keychain entitlement [/quote] AFAICT there is no such entitlement. What makes you think this is a thing? Can you point me to the documentation you’re following? Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com [1] To be clear, there is no such thing as the “system keychain” on iOS. Rather, there is one keychain where every item is assigned a keychain access group. Your app has access to a limited set of keychain access groups, as determined by your entitlements. Sharing access to keychain items among a collection of apps has

Let’s focus this discussion on your updated thread. ps I realised you tried to do the right thing here. That failed due to an issue at our end. Sorry )-: Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

Please try this again with Xcode 26.4.1. Quoting the release note: Fixed crash for MetricKit apps built with Xcode 26.4 due to missing symbols when running on iOS, macOS, and visionOS versions below 26.4. Please rebuild your app with the updated Xcode to resolve the issue. (173827073) (FB22384135) Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

Virtualization is not daemon safe [1]: % dyld_info -linked_dylibs /System/Library/Frameworks/Virtualization.framework/Versions/A/Virtualization … weak-link /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit … So if you use it from outside of a non-GUI login context you will inevitably encounter some weirdness. I think it’d be reasonable for you to file an enhancement request for documentation as to what is or isn’t expected to work in these contexts. And if you do that, please post your bug number, just for the record. Having said that, I’ve been talking with some folks here and we have a theory as to what might be going on in this specific case. When you log in via SSH, it doesn’t unlock the keychain, and those errors you posted suggest that the keychain is involved. If you manually unlock the keychain, does that help? Specifically: Boot the host Mac without autologin, so there’s no GUI login context. SSH into that Mac. From the SSH session, run this command: % security unlock-keychain password to

[quote='884547022, rbmanian75, /thread/822025?answerId=884547022#884547022, /profile/rbmanian75'] Given this, my current focus has shifted to resolving the port forwarding issue. [/quote] Fair enough. I just post an update to your other thread about that specific issue. Regarding the issue here, I don’t think vmnet can do what you want, for the reasons you’ve identified: [quote='884547022, rbmanian75, /thread/822025?answerId=884547022#884547022, /profile/rbmanian75'] The primary challenge is that the network configuration cannot be modified while it is active. [/quote] I’m gonna check on that though, just to be sure. [quote='884547022, rbmanian75, /thread/822025?answerId=884547022#884547022, /profile/rbmanian75'] The documentation suggests using CFRelease, but this is not directly compatible with ARC. [/quote] Right. If you’re using ARC, or Swift, the equivalent technique is to drop any strong references you have to the object. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ App

I’ve been discussing your issue with the vmnet folks and I think I have a handle on what’s going on here. However, I want to run some things past you before I say anything definitive. Consider this setup: ---+--------+--------- Wi-Fi to Internet | | host Mac X | ---+---+-------------- vmnet | guest VM My understanding is that software running on the host Mac is unable to connect to a server running on the VM via the public port (8000), even though you have forwarding configured in vmnet. Have you tried doing the same from some other machine on the host’s network, so X in this case? Well, using the host Mac’s Wi-Fi IP address, obviously, not using localhost (-: Also, you wrote: [quote='884688022, rbmanian75, /thread/822658?answerId=884688022#884688022, /profile/rbmanian75'] But i found that reaching http://guestip:port worked fine. [/quote] Is that when only using the API? Or with pfctl hackery? If it’s the latter, I’d appreciate you concentrating on the former, because that’s the only thing we support [1]. As

And that’s why it’s good when folks post their bug numbers (-: Looking up the status of FB21130604 I see that we actually passed a workaround on to the originator. And one of my colleagues also sent them the workaround via an issue filed against their test project. See here. Nice! Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

[quote='884571022, idopte, /thread/822656?answerId=884571022#884571022, /profile/idopte'] My main concern is that … [/quote] I’m not sure what I can do to alleviate that concern here on the forums. Given that you have a working system but you’re concerned that the documentation is not sufficiently clear to determine whether that’s correct, I think your best option is to file a bug for better documentation. Please post your bug number, just for the record. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

[quote='884572022, kpatel1991, /thread/821961?answerId=884572022#884572022, /profile/kpatel1991'] the ShareableCredential one appears but even if we check it - Xcode still isn't allowing us to deploy. [/quote] Right. That is the nature of the bug in question here (FB22439399). You need to apply for the Contactless Pass Provisioning (deprecated) capability. There’s no form to do that specifically, so use the common Contactless Pass Provisioning capability form. [quote='884560022, Nagavendra, /thread/821961?answerId=884560022#884560022, /profile/Nagavendra'] It’s working now with the following approach … [/quote] Excellent news. [quote='884560022, Nagavendra, /thread/821961?answerId=884560022#884560022, /profile/Nagavendra'] However, this does not seem like a proper or permanent solution. [/quote] Indeed. The permanent solution will involve a fix to Xcode, which is what we’re tracking with the above-mentioned bug. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail =

[quote='822908021, unni0786, /thread/822908, /profile/unni0786'] Is com.apple.managed-keychain the correct entitlement for this use case? [/quote] I don’t think so. I’ve never even heard of that before, and there’s certainly no documented way to apply for it. [quote='822908021, unni0786, /thread/822908, /profile/unni0786'] the cert profile configured as always available in MDM. [/quote] Again, that’s not something I’m aware of. It’s possible that you’re talking about the AllowAllAppsAccess property, as documented here. If so, that’s a Mac-only thing. In general, iOS apps cannot access credentials installed via MDM configuration profiles [1]. Historically, folks with this general requirement didn’t have a good path forward. These days we have an excellent new option, the ManagedApp framework. It’s super cool. For a short intro, watch WWDC 2025 Session 203 Get to know the ManagedApp Framework. However, I don’t think it’ll help you, because your app is specifically concerned with the state of credentials there w