Currently, I use NSFileProviderItemCapabilitiesAllowsAddingSubitems on a folder to control the creation of sub-items (either folders or files) within a parent folder. However, this capability doesn't allow me to meet a requirement where I need to permit file creation but restrict folder creation. I am seeking input on different options to achieve this requirement. Note: One reactive approach would be to intercept folder creation within the createItem() event handler and reject it with an ExcludedFromSync error (without uploading to cloud). This would prevent createItem() from being reattempted on that folder, but the folder would still remain on the mount. Is there any way to delete it?

We create plug-ins for Adobe Creative Cloud and have run into an issue with respect to file/folder permissions. First, all of our libraries, code is code-signed and notarized as per Apple requirements but distribute outside of the Mac App store. We install a Photoshop plug-in and its mainly a UI which then executes a background app containing the business logic to read/write files. The background app runs as a separate process and is not in the Photoshop sandbox space so it doesn't inherit Photoshop permissions/scoping rules. Our plug-in communicates with the background process via ports etc. When a user chooses a file to process from lets say the Desktop, generally macOS first pops up a message that says ABCD background app is trying to access files from the Desktop do you grant it permission etc...This is also true for network mounted volumes or downloads folder. This message generally appears properly when everything is under an account with admin rights. However, when our tool is installed from a Standard Account, the macOS messages asking for confirmation to access the Desktop or Documents or Downloads folder doesn't appear and access to the file/folders is denied. Thus our background only process errors out. Looking at the Security and Privacy->Files and Folders the button to enable access is in the Off position. If we turn these on Manually, everything works. But this is a really poor user experience and sometimes our users think our software is not working. Does anybody have any idea how to allow for the file/folder permissions to be registered/granted in such a case? Should we try to register these as Full Disk Access? Any ideas and/or solutions are welcome.

I reported this as a bug (FB18614667), but also wanted to ask here in case this is actually just me doing something wrong, or maybe I'm misunderstanding the entire use case of metadataRead. (My understanding is that metadataRead is basically read but it checks a cache that the kernel manages before trying to read the physical resource, and in the case of a cache miss it would just go to the physical resource and then add the bytes to the cache. Is that right?) I’m encountering an issue in an FSKit file system extension where (for example) read(into: buf, startingAt: 0, length: Int(physicalBlockSize)) works, but metadataRead(into: buf, startingAt: 0, length: Int(physicalBlockSize)) throws an EIO error (Input/output error) no matter what I do. (Note: physicalBlockSize is 512 in this example.) The documentation (https://developer.apple.com/documentation/fskit/fsblockdeviceresource/metadataread(into:startingat:length:)) indicates that the restrictions on metadataRead are that the operations must be sector-addressed (which is the case here, especially as regular read has the same restriction and succeeds) and that partial reading of metadata is not supported. (I don’t think that applies here?) In a sample project I was able to replicate this behavior where the module only ever reads the block device in its enumerateDirectory implementation, and so trying to list the contents of a directory leads to an "Input/output error" when e.g. running ls on the volume. The enumerateDirectory sample implementation is like so: func enumerateDirectory(_ directory: FSItem, startingAt cookie: FSDirectoryCookie, verifier: FSDirectoryVerifier, attributes: FSItem.GetAttributesRequest?, packer: FSDirectoryEntryPacker) async throws -> FSDirectoryVerifier { let buf = UnsafeMutableRawBufferPointer.allocate(byteCount: Int(blockDevice.physicalBlockSize), alignment: 1) defer { buf.deallocate() } // metadataRead will throw... try blockDevice.metadataRead(into: buf, startingAt: 0, length: Int(blockDevice.physicalBlockSize)) // but read will work. // try await blockDevice.read(into: buf, startingAt: 0, length: Int(blockDevice.physicalBlockSize)) // ... return dummy file here (won't reach this point because metadataRead throws) } I'm observing this behavior on both macOS 15.5 (24F74) and macOS 15.6 beta 3 (24G5074c). Has anyone been able to get metadataRead to work? I see it used in Apple's msdos FSKit implementation so it seems like it has to work at some level.

I have discovered a gap in my understanding of user selected URLs in iOS, and I would be grateful if someone can put me right please. My understanding is that a URL selected by a user can be accessed by calling url.startAccessingSecurityScopedResource() call. Subsequently a call to stopAccessingSecurityScopedResource() is made to avoid sandbox memory leaks. Furthermore, the URL can be saved as a bookmark and reconstituted when the app is run again to avoid re-asking permission from the user. So far so good. However, I have discovered that a URL retrieved from a bookmark can be accessed without the call to url.startAccessingSecurityScopedResource(). This seems contrary to what the documentation says here So my question is (assuming this is not a bug) why not save and retrieve the URL immediately in order to avoid having to make any additional calls to url.startAccessingSecurityScopedResource? Bill Aylward You can copy and paste the code below into a new iOS project to illustrate this. Having chosen a folder, the 'Summarise folder without permission' button fails as expected, but once the 'Retrieve URL from bookmark' has been pressed, it works fine. import SwiftUI import UniformTypeIdentifiers struct ContentView: View { @AppStorage("bookmarkData") private var bookmarkData: Data? @State private var showFolderPicker = false @State private var folderUrl: URL? @State private var folderReport: String? var body: some View { VStack(spacing: 20) { Text("Selected folder: \(folderUrl?.lastPathComponent ?? "None")") Text("Contents: \(folderReport ?? "Unknown")") Button("Select folder") { showFolderPicker.toggle() } Button("Deselect folder") { folderUrl = nil folderReport = nil bookmarkData = nil } .disabled(folderUrl == nil) Button("Retrieve URL from bookmark") { retrieveFolderURL() } .disabled(bookmarkData == nil) Button("Summarise folder with permission") { summariseFolderWithPermission(true) } .disabled(folderUrl == nil) Button("Summarise folder without permission") { summariseFolderWithPermission(false) } .disabled(folderUrl == nil) } .padding() .fileImporter( isPresented: $showFolderPicker, allowedContentTypes: [UTType.init("public.folder")!], allowsMultipleSelection: false ) { result in switch result { case .success(let urls): if let selectedUrl = urls.first { print("Processing folder: \(selectedUrl)") processFolderURL(selectedUrl) } case .failure(let error): print("\(error.localizedDescription)") } } .onAppear() { guard folderUrl == nil else { return } retrieveFolderURL() } } func processFolderURL(_ selectedUrl: URL?) { guard selectedUrl != nil else { return } // Create and save a security scoped bookmark in AppStorage do { guard selectedUrl!.startAccessingSecurityScopedResource() else { print("Unable to access \(selectedUrl!)"); return } // Save bookmark bookmarkData = try selectedUrl!.bookmarkData(options: .minimalBookmark, includingResourceValuesForKeys: nil, relativeTo: nil) selectedUrl!.stopAccessingSecurityScopedResource() } catch { print("Unable to save security scoped bookmark") } folderUrl = selectedUrl! } func retrieveFolderURL() { guard let bookmarkData = bookmarkData else { print("No bookmark data available") return } do { var isStale = false let url = try URL( resolvingBookmarkData: bookmarkData, options: .withoutUI, relativeTo: nil, bookmarkDataIsStale: &isStale ) folderUrl = url } catch { print("Error accessing URL: \(error.localizedDescription)") } } func summariseFolderWithPermission(_ permission: Bool) { folderReport = nil print(String(describing: folderUrl)) guard folderUrl != nil else { return } if permission { print("Result of access requrest is \(folderUrl!.startAccessingSecurityScopedResource())") } do { let contents = try FileManager.default.contentsOfDirectory(atPath: folderUrl!.path) folderReport = "\(contents.count) files, the first is: \(contents.first!)" } catch { print(error.localizedDescription) } if permission { folderUrl!.stopAccessingSecurityScopedResource() } } }

Getting "Error Domain=NSCocoaErrorDomain Code=513 "You don’t have permission to save the file" unexpectedly while attempting to create a small log file. Here's some background. This is a Swift app I wrote for my own use six years ago. A week ago, I made a small update to the app, which has not been changed in over two years. First time using Xcode 16.4 on this app, which required some code updates of course. The code creating this file has not been changed. Now for the first time, I'm getting this permissions error on a folder with wide-open permissions. This is the code. Worked for years under previous versions of Xcode. * if let outputURL = URL(string: "file://" + logPath + "/output_" + outputFormatter.string(from:Date()) + ".txt"){ do{ try outputString.write(to: outputURL, atomically:false, encoding: .utf8) }catch let error as NSError{ print ("log write error (error) (nl) (outputString)") } }

I have a simple impossible task, to restore /var/root/Library/Application Support/multipassd/qemu/vault/instances/gcc-cobol/ubuntu-22.04-server-cloudimg-arm64.img as of 8:02 Saturday morning. Because /var/root is owned by, well, root, the usual techniques don't work. This is a VM image hosted by qemu via Canonical's Multipass. ISTM the strategy would be to first mount the NAS filesystem and then use tmutil(8) to list the backups and recover the file. But $ sudo mount -v -o rdonly -t smb //nasa.local/TimeMachine /usr/local/mnt/ mount: exec /Library/Filesystems/smb.fs/Contents/Resources/mount_smb for /usr/local/mnt: No such file or directory mount: /usr/local/mnt failed with 72 Must I defeat SIP to do this?

I've faced with some performance issues developing my readonly filesystem using fskit. For below screenshot: enumerateDirectory returns two hardcoded items, compiled with release config 3000 readdirsync are done from nodejs. macos 15.5 (24F74) I see that getdirentries syscall takes avg 121us. Because all other variables are minimised, it seems like it's fskit<->kernel overhead. This itself seems like a big number. I need to compare it with fuse though to be sure. But what fuse has and fskit seams don't (I checked every page in fskit docs) is kernel caching. Fuse supports: caching lookups (entry_timeout) negative lookups (entry_timeout) attributes (attr_timeout) readdir (via opendir cache_readdir and keep_cache) read and write ops but thats another topic. And afaik it works for both readonly and read-write file systems, because kernel can assume (if client is providing this) that cache is valid until kernel do write operations on corresponding inodes (create, setattr, write, etc). Questions are: is 100+us reasonable overhead for fskit? is there any way to do caching by kernel. If not currently, any plans to implement? Also, additional performance optimisation could be done by providing lower level api when we can operate with raw inodes (Uint64), this will eliminate overhead from storing, removing and retrieving FSItems in hashmap.

Hi there, I have discovered that the behavior of file copying has changed starting from iOS 18.4. When using FileManager.copyItem(atPath:toPath:) to copy a directory specified as an argument, whether or not there is a trailing slash ('/') affects whether the copy process works correctly. The same process operates as expected in the iOS 18.3.1 Simulator. Is this the correct behavior, or could it be a bug? The application's build environment is Xcode 16.2. Below is an example of the code. In practice, the file copying is performed within the application's folder. // Both iOS 18.3.1 and iOS 18.4 successfully complete the copy process. FileManager.default.copyItem(atPath: "/path/from/dirA", toPath: "/path/to/dirB") FileManager.default.copyItem(atPath: "/path/from/dirA/", toPath: "/path/to/dirB/") // iOS 18.3.1 successfully complete the copy process, but iOS 18.4 fails. FileManager.default.copyItem(atPath: "/path/from/dirA/", toPath: "/path/to/dirB") I hope this helps Apple engineers and other developers experiencing the same issue. Feedback or additional insights would be appreciated.

Question: What is the standard, most reliable way to manage temporary files associated with a URLSessionDownloadTask that has been terminated abnormally due to a network error or other issues? Details Hello, I'm currently developing a feature to download multiple files concurrently on iOS using URLSessionDownloadTask, and I have a question regarding the lifecycle of the temporary files created during this process. As I understand it, URLSessionDownloadTask stores incoming data in a temporary file within the tmp directory, typically with a name like CFNetworkDownload_*.tmp. In my testing, temporary files are managed correctly in the normal scenario. For instance, when I call the cancel() method on an active downloadTask and then release all references to it, the corresponding temporary file is automatically cleaned up from the tmp directory shortly after. However, the problem occurs when a download is interrupted abnormally due to external factors, such as a lost network connection. In this situation, the urlSession(_:task:didCompleteWithError:) delegate method is called, but the associated temporary file is not deleted and remains in the tmp directory. I've observed a particularly interesting behavior related to this. Immediately after the error occurs, if I check my app's storage usage in the iOS Settings app, the data size appears to have decreased momentarily. However, the tmp file has not actually been deleted, and after a short while, the storage usage is recalculated to include the size of this orphaned temporary file. Since my app does not support resuming interrupted downloads, these leftover files become orphaned and unnecessarily consume storage. Therefore, I want to ensure they are all reliably deleted. With this context, I'd like to ask the community: What is the standard, most reliable way to manage temporary files associated with a URLSessionDownloadTask that has been terminated abnormally due to a network error or other issues? I am wondering if there is an official guide or a framework-level API to handle these orphaned files. I would appreciate any advice from those with experience in this area. Thank you.

A user of my app reported that when trying to remove a file it always fails with the error "file couldn't be removed because you don't have permission to access it (Cocoa Error Domain 513)". After some testing, we found out that it's caused by trying to delete non-empty directories. I'm using FileManager.removeItem(atPath:) which has worked fine for many years, but it seems that with their particular NAS, it doesn't work. I could work around this by checking if the file is a directory, and if it is, enumerating the directory and remove each contained file before removing the directory itself. But shouldn't this already be taken care of? In the source code of FileManager I see that for Darwin platforms it calls removefile(pathPtr, state, removefile_flags_t(REMOVEFILE_RECURSIVE)) so it seems that it should already work. Is the REMOVEFILE_RECURSIVE flag perhaps ignored by the device? But then, is the misleading "you don't have permission to access the file" error thrown by the device or by macOS? For the FileManager source code, see https://github.com/swiftlang/swift-foundation/blob/1d5d70997410fc8b7700c8648b10d6fc28194202/Sources/FoundationEssentials/FileManager/FileOperations.swift#L444

I attempted to mount a WebDAV server on macOS using Finder. The mount was successful when using the server's IPv4 address or hostname, but failed when using its IPv6 address. I also tested the mount using the NetFS framework API via NetFSMountURLSync. The results were consistent: the mount succeeded with the IPv4 address and hostname but failed when using the IPv6 address. While observing live logs via Console.app, I saw that the process NetAuthSysAgent produced the following error during the IPv6 mount attempt: GetServerInfo failed with error 5

My app for framing and arranging pictures from Photos on visionOS allows users to write the arrangements they create to .reality files using RealityKit entity.write(to:) that they then display to customers on their websites. This works perfectly on visionOS 2, but fails with a fatal protection error on visionOS 26 beta 1 and beta 2 when write(to:) attempts to write to its internal cache: 2025-06-29 14:03:04.688 Failed to write reality file Error Domain=RERealityFileWriterErrorDomain Code=10 "Could not create parent folders for file path /var/mobile/Containers/Data/Application/81E1DDC4-331F-425D-919B-3AB87390479A/Library/Caches/com.GeorgePurvis.Photography.FrameItVision/RealityFileBundleZippingTmp_A049685F-C9B2-479B-890D-CF43D13B60E9/41453BC9-26CB-46C5-ADBE-C0A50253EC27." UserInfo={NSLocalizedDescription=Could not create parent folders for file path /var/mobile/Containers/Data/Application/81E1DDC4-331F-425D-919B-3AB87390479A/Library/Caches/com.GeorgePurvis.Photography.FrameItVision/RealityFileBundleZippingTmp_A049685F-C9B2-479B-890D-CF43D13B60E9/41453BC9-26CB-46C5-ADBE-C0A50253EC27.} Has anyone else encountered this problem? Do you have a workaround? Have you filed a feedback? ChatGPT analysis of the error and my code reports: Why there is no workaround • entity.write(to:) is a black box — you cannot override where it builds its staging bundle • it always tries to create those random folders itself • you cannot supply a parent or working directory to RealityFileWriter • so if the system fails to create that folder, you cannot patch it 👉 This is why you see a fatal error with no recovery. See also feedbacks: FB18494954, FB18036627, FB18063766

Apple claims you can share files to the Xcode simulator. The first step works (share-to-simulator context menu exists). But when you execute this nothing happens. This contradicts the apple documentation which states: a Simulator opens the Files app, and lets you select where to save the files. If I instead try to drag and drop between the Mac and the simulator's file manger I receive the message: Simulator device failed to open file:///Users/me/Downloads/Exchange/ExampleExport.json. So what is the trick? Is there a missing authorisation that I need to set in the simulator's settings for example? MacOS: 15.5 Xcode: 16.4 (16F6) ... the latest stable Apple versions.

Dear Apple Support, We are experiencing a critical issue affecting some of our macOS users during application updates via DMG. In certain cases, when users attempt to update the app by dragging it from the mounted DMG to the /Applications folder (replacing the old version), the application becomes corrupted. Users receive an error indicating that the app cannot be opened. On retry, they are met with an error stating that the app cannot be overwritten. Upon inspection, the resulting application bundle is incomplete and contains only the following structure: . └── Contents └── CodeResources The only known workaround is to completely remove the existing app from /Applications before copying the new version — this resolves the issue consistently. We’ve observed this issue in the field with increasing frequency, which negatively impacts user trust. We also found similar reports from other developers (e.g., https://github.com/warpdotdev/Warp/issues/5492), suggesting a broader issue. Questions: What could be the underlying cause of this behavior on macOS (e.g., MDM, security policies, filesystem behavior)? Are there any recommended practices to prevent or mitigate this issue when updating apps via DMG? We would appreciate any guidance or clarification you can provide. Best regards, Ivan Poluianov

Seems like converting groups into folders looks like a great way to clear up the project file and reduce merge conflicts for large teams, started trying it today and it even lead us to find some untracked/unused files in the project. This structure also seems to be the default now after Xcode 16. The question is, are there any downsides to converting groups to folders, the one ones that come to mind is losing Xcode virtual file ordering, which is no biggie. If you have an "enterprise level app" would love to hear your experience if your team decided to convert to a folder structure.

Seems like converting groups into folders looks like a great way to clear up the project file and reduce merge conflicts for large teams, started trying it today and it even lead us to find some untracked/unused files in the project. This structure also seems to be the default now after Xcode 16. The question is, are there any downsides to converting groups to folders, the one ones that come to mind is losing Xcode virtual file ordering, which is no biggie. If your have an "enterprise level app" would love to hear your experience if your team decided to convert to a folder structure.

what is that makes the TLS be the TLS/SErver ?

Hello Apple Developer Community, I'm encountering a persistent issue while attempting to create a new partition on my Mac, and I'm hoping to get some assistance or insights from anyone who might have faced a similar problem. Issue Description: I'm trying to partition my internal drive. I initially used Disk Utility.app for this purpose. The partitioning process starts, but consistently freezes when it reaches approximately 10-20% completion. I've left it running overnight (for over 9 hours), but there was no progress, and the application remained unresponsive at that percentage. After several attempts with Disk Utility, I decided to try using the diskutil commands in Terminal to see if that would yield a different result. I used commands such as diskutil apfs resizeContainer and diskutil partitionDisk. Unfortunately, these commands also result in the same behavior: the process starts, reports progress up to about 10-20%, and then completely freezes without any further output or completion, requiring me to force-quit Terminal. Mac Model: Apple M4 Pro MacOS Version: Sequoia 15.6

Hi All, I searched for this feedback but didn't see it, so apologies if this has been covered by another thread. Exploring the new camera app, It doesn't seem to recognize that external storage has been connected, so the additional features that allow ProRes high frame rates will throw an error dialog stating that "to use this you need external storage" even when external storage is connected. Using the Files app, the phone recognizes the storage, and this is something I can do with this external storage device on the previous version of IOS. It is clear that this release of the camera has been rewritten significantly since the last version. Is it possible that this is an oversight, a bug, or just functionality that has not been completed? Interested if anybody else is seeing this, or if it is just my setup.

I'm trying to make an FSKit module for NTFS read-write filesystem and at the stage where everything is more or less working fine as long as I mount the volume via mount -F and that volume is a RAM disk. However, since the default NTFS read-only driver is already present in macOS, this introduces an additional challenge. Judging by the DiskArbitration sources, it looks like all FSKit modules are allowed to probe anything only after all kext modules. So, in this situation, any third-party NTFS FSKit module is effectively blocked from using DiskArbitration mechanisms at all because it's always masked during the probing by the system's read-only kext. This leaves mount -F as the only means to mount the NTFS volume via FSKit. However, even that doesn't work for volumes on real (non-RAM) disks due to permission issues. The logs in Console.app hint that the FSKit extension is running; however, it looks like the fskitd itself doesn't have permissions to access real disks if it's initiated from the mount utility? default 16:42:41.939498+0200 fskitd New module list <private> default 16:42:41.939531+0200 fskitd Old modules (null) default 16:42:41.939578+0200 fskitd Added 2 identifiers: <private> default 16:42:41.939651+0200 fskitd [0x7fc58020bf00] activating connection: mach=true listener=true peer=false name=com.apple.filesystems.fskitd debug 16:42:41.939768+0200 fskitd main:RunLoopRun debug 16:42:41.939811+0200 fskitd -[liveFilesMountServiceDelegate listener:shouldAcceptNewConnection:]: start default 16:42:41.939870+0200 fskitd Incomming connection, entitled 0 debug 16:42:41.940021+0200 fskitd -[liveFilesMountServiceDelegate listener:shouldAcceptNewConnection:]: accepting connection default 16:42:41.940048+0200 fskitd [0x7fc580006120] activating connection: mach=false listener=false peer=true name=com.apple.filesystems.fskitd.peer[1816].0x7fc580006120 default 16:42:41.940325+0200 fskitd Hello FSClient! entitlement no default 16:42:41.940977+0200 fskitd About to get current agent for 503 default 16:42:41.941104+0200 fskitd [0x7fc580015480] activating connection: mach=true listener=false peer=false name=com.apple.fskit.fskit_agent info 16:42:41.941227+0200 fskitd About to call to fskit_agent debug 16:42:42.004630+0200 fskitd -[fskitdAgentManager currentExtensionForShortName:auditToken:replyHandler:]_block_invoke: Found extension for fsShortName (<private>) info 16:42:42.005409+0200 fskitd Probe starting on <private> debug 16:42:42.005480+0200 fskitd -[FSResourceManager getResourceState:]:not_found:<private> debug 16:42:42.005528+0200 fskitd -[FSResourceManager addTaskUUID:resource:]:<private>: Adding task (<private>) debug 16:42:42.005583+0200 fskitd applyResource starting with resource <private> kind 1 default 16:42:42.005609+0200 fskitd About to get current agent for 503 info 16:42:42.005629+0200 fskitd About to call to fskit_agent debug 16:42:42.006700+0200 fskitd -[fskitdXPCServer getExtensionModuleFromID:forToken:]_block_invoke: Found extension <private>, attrs <private> default 16:42:42.006829+0200 fskitd About to get current agent for 503 info 16:42:42.006858+0200 fskitd About to call to fskit_agent, bundle ID <private>, instanceUUID <private> default 16:42:42.070923+0200 fskitd About to grab assertion on pid 1820 default 16:42:42.071058+0200 fskitd Initializing connection default 16:42:42.071141+0200 fskitd Removing all cached process handles default 16:42:42.071185+0200 fskitd Sending handshake request attempt #1 to server default 16:42:42.071223+0200 fskitd Creating connection to com.apple.runningboard info 16:42:42.071224+0200 fskitd Acquiring assertion: <RBSAssertionDescriptor| "com.apple.extension.session" ID:(null) target:1820> default 16:42:42.071258+0200 fskitd [0x7fc58001cdc0] activating connection: mach=true listener=false peer=false name=com.apple.runningboard default 16:42:42.075617+0200 fskitd Handshake succeeded default 16:42:42.075660+0200 fskitd Identity resolved as osservice<com.apple.filesystems.fskitd> debug 16:42:42.076337+0200 fskitd Adding assertion 183-1817-1669 to dictionary debug 16:42:42.076385+0200 fskitd +[FSBlockDeviceResource(Project) openWithBSDName:writable:auditToken:replyHandler:]:bsdName:<private> default 16:42:42.076457+0200 fskitd [0x7fc5801092e0] activating connection: mach=true listener=false peer=false name=com.apple.fskit.fskit_helper default 16:42:42.077706+0200 fskitd +[FSBlockDeviceResource(Project) openWithBSDName:writable:auditToken:replyHandler:]_block_invoke: Open device returned error Error Domain=NSPOSIXErrorDomain Code=13 info 16:42:42.077760+0200 fskitd +[FSBlockDeviceResource(Project) openWithBSDName:writable:auditToken:replyHandler:]: failed to open device <private>, Error Domain=NSPOSIXErrorDomain Code=13 default 16:42:42.077805+0200 fskitd [0x7fc5801092e0] invalidated because the current process cancelled the connection by calling xpc_connection_cancel() debug 16:42:42.077830+0200 fskitd +[FSBlockDeviceResource(Project) openWithBSDName:writable:auditToken:replyHandler:]:end info 16:42:42.078459+0200 fskitd openWith returned err Error Domain=NSPOSIXErrorDomain Code=13 dev (null) error 16:42:42.078501+0200 fskitd -[fskitdXPCServer getRealResource:auditToken:reply:]: Unable to convert proxy FSBlockDeviceResource into open resource error 16:42:42.078538+0200 fskitd -[fskitdXPCServer applyResource:targetBundle:instanceID:initiatorAuditToken:authorizingAuditToken:isProbe:usingBlock:]: Can't get the real resource of <private> default 16:42:42.105443+0200 fskitd [0x7fc580006120] invalidated because the client process (pid 1816) either cancelled the connection or exited The mount utility call I use is the same for RAM and real disks with the only difference being the device argument and this permission error is only relevant for real disks case. So, the proper solution (using DiskArbitration) seems to be blocked architecturally in this use case due to FSKit modules being relegated to the fallback role. Is this subject to change in the future? The remaining workaround with using the mount directly doesn't work for unclear reasons. Is that permission error a bug? Or am I missing something?