Logging in with my Apple ID anywhere in the system (feedback assistant, Xcode, iCloud, etc.) fails when running under virtualization. Is this a known 'issue'? (networking in general is working fine)

I m trying to identify if my launched process is running on a local mac machine(desktop/laptop) or a virtual macOS X instance like AWS EC2, Azure, MacStadium etc. I have followed this link which searched for its limited providers in the output, but I m not bound to any limited providers and looking for a general solution which is applicable to all the providers. Is there some hardware/network/virtualization-related information that can be used to identify if the process is launched on a virtual MacOS instance? OR is there some system Information that I can use to be sure that my process is running on a local machine?

Virtualization framework is a high-level API to create macOS and Linux virtual machines. Hypervisor is a low-level API to build virtualization solutions without the need for a kernel extension. If you’re interested in containers on the Mac, check out the Containerization package and its associated container tool. Virtualization: Forums subtopic: App & System Services > Core OS Forums tag: Virtualization Virtualization framework documentation Using iCloud with macOS virtual machines documentation article Use iCloud on a virtual machine support article Running macOS in a virtual machine on Apple silicon sample code Running Linux in a Virtual Machine sample code Running GUI Linux in a virtual machine on a Mac sample code Building macOS apps with Xcode 26 on macOS 26 VM forums thread — This thread describes how the development experience in VMs has improved recently, and one remaining issue that you might bump in to. Hypervisor: Forums subtopic: App & System Services > Core OS Forums tag: Hypervisor Hypervisor framework documentation Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"

Hi, REQUEST 1: seems Microsoft is ahead of Apple in X86 ARM emulation support at least in features supported.. see: https://blogs.windows.com/windows-insider/2024/11/06/announcing-windows-11-insider-preview-build-27744-canary-channel/ x64 emulated applications through Prism will now have support for additional extensions to the x86 instruction set architecture. These extensions include AVX and AVX2, as well as BMI, FMA, F16C BMI1/2 and F16C aren't yet supported by Rosetta.. would be useful for games like Alan Wake 2.. so asking for Rosetta equaling features to Prism emulator.. REQUEST 2: there is no way to currently enable AVX1/2 on Rosetta Linux.. on macOS using export ROSETTA_ADVERTISE_AVX=1 does the trick.. but not on Linux VM's.. tested setting this via: /bin/launchctl setenv ROSETTA_ADVERTISE_AVX 1 on Mac before VM launch and inside Linux VM but AVX2 isn't exposed..

Hi, been exploring macOS VM on both Parallels and UTM and they lack some "GPU/graphics" things vs native MacOS which could be useful on some situations (testing some non trusted graphics apps on a Mac VM) so providing similar usefulness as Windows Sandbox.. Current limitations: 1)In MacOS VM night mode doesn't work.. 2)HDR support isn't exposed even when enabling HDR on host 3)missing GPTK support for the Paravirtual GPU (Paravitual GPU supports Metal but isn't enough for GPTK to work which complains about unsupported GPU).. 4)OpenCL is supported but only the CPU device.. so expose GPU device in addition to current CPU only device.. 5)OpenGL only supports the software renderer.. I assume OpenGL driver on Apple M1-4 GPUs being Metal based, and being Metal supported no reason for software renderer only thanks..

After upgrading the virtual machines used for building and testing our macOS application, it seems that something new in Sequoia is preventing virtual machines from running anything signed with a Mac Development certificate. At first glance the issue seems very similar to this thread, but it could be unrelated. We are using the tart toolset to build and run our VMs. People seem to be having related issues there with Sequoia in particular. I have added the VM's hardware UUID to the Devices list of our account. I have included that device in the devices list of our Mac Development provisioning profile. I have re-downloaded the profile, ensured that it is properly getting built into the app, and ensured that the hardware UUID of the VM matches the embedded provisioning profile: Virtual-Machine App.app/Contents % system_profiler SPHardwareDataType | grep UUID Hardware UUID: 0CAE034E-C837-53E6-BA67-3B2CC7AD3719 Virtual-Machine App.app/Contents % grep 0CAE034E-C837-53E6-BA67-3B2CC7AD3719 ../../App.app/Contents/embedded.provisionprofile Binary file ../../App.app/Contents/embedded.provisionprofile matches However, when I try to run the application, it fails, and while I have searched the system logs to find a more informative error message, the only thing I can find is that the profile doesn't match the device somehow: Virtual-Machine App.app/Contents % open ../../App.app The application cannot be opened for an unexpected reason, error=Error Domain=RBSRequestErrorDomain Code=5 "Launch failed." UserInfo={NSLocalizedFailureReason=Launch failed., NSUnderlyingError=0x6000039440f0 {Error Domain=NSPOSIXErrorDomain Code=153 "Unknown error: 153" UserInfo={NSLocalizedDescription=Launchd job spawn failed}}} Virtual-Machine App.app/Contents % log show --info --debug --signpost --last 3m | grep -i embedded.provisionprofile 2025-01-21 16:33:32.369829+0000 0x65ba Error 0x0 2872 7 taskgated-helper: (ConfigurationProfiles) [com.apple.ManagedClient:ProvisioningProfiles] embedded provisioning profile not valid: file:///private/tmp/builds/app/.caches/Xcode/DerivedData/Build/Products/Debug/App.app/Contents/embedded.provisionprofile error: Error Domain=CPProfileManager Code=-212 "Provisioning profile does not allow this device." UserInfo={NSLocalizedDescription=Provisioning profile does not allow this device.} I don't understand why the provisioning profile wouldn't allow the device if the hardware UUID matches. I have also attempted to add the Provisioning UDID in the devices list instead, but the form rejects that value because it's a different format (the form specifically requests a hardware UUID for macOS development, and a provisioning UDID for everything else). If there is any debugging tool that lets me check a provisioning profile against the running hardware and print a more verbose reason for why it's not allowed on the device, please let me know. Otherwise I'd have to conclude that, since I haven't experienced this issue before on an earlier OS, it has something to do with virtual machines running macOS Sequoia. (The same Mac Development-signed application runs just fine on my MacBook Pro running 15.2, as well as the VM host, which is also running 15.2.) I have also tried resetting the VM's hardware UUID and adding that one to the devices list, to no effect. This is obviously seriously impacting our CI/CD pipelines to allow for proper UI testing of our application. If anyone is aware of any workarounds, I would love to hear them!

I have successfully booted the Linux Kernel with VirtIOFS as the rootfs, but file permission issues render it completely unusable. A file on the macOS host belongs to uid 0, gid 0, but on the Linux guest, this file belongs to uid 1000, gid 10. Why does this happen? How are file permissions directly mapped between the host and the guest? If there is no mapping mechanism in place, why does this discrepancy occur? This leads to errors in Linux, such as: sudo: /etc/sudo.conf is owned by uid 1000, should be 0 sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set bootLoader.commandLine = "console=hvc0 rootfstype=virtiofs root=myfs rw" let directorySharingDevice = VZVirtioFileSystemDeviceConfiguration(tag: "myfs") directorySharingDevice.share = VZSingleDirectoryShare(directory: VZSharedDirectory(url: rootURL!, readOnly: false)) The VMM is running as root.

Using VZVirtioFileSystemDeviceConfiguration allows a Linux guest OS to access folders on macOS. However, modifications to the file's uid/gid by the Linux guest OS have no effect, and the file's uid/gid will always appear as the uid/gid of the Linux user currently accessing the file, as if the uid/gid were not stored at all.I hope there’s a way to at least pass through the uid/gid without any mapping.

Works: runs-on: ubuntu-24.04-arm container: image: ubuntu:latest env: DEBIAN_FRONTEND: noninteractive steps: - uses: actions/checkout@v4 - run: | apt-get --assume-yes update apt-get --assume-yes install linux-image-generic dracut binutils - run: | dracut --conf $(mktemp) \ --confdir $(mktemp --directory) \ --verbose \ --modules "base bash" \ --add-drivers "virtio-rng bcachefs btrfs virtiofs overlay xfs" \ --kernel-cmdline "console=hvc0" \ --no-early-microcode \ --no-hostonly \ --no-compress \ --no-uefi \ initramfs \ $(ls /lib/modules/) - run: | cp /boot/vmlinuz-$(ls /lib/modules/) vmlinuz - uses: actions/upload-artifact@v4 with: path: | vmlinuz initramfs Will NOT work: runs-on: ubuntu-24.04-arm container: image: ubuntu:latest env: DEBIAN_FRONTEND: noninteractive steps: - uses: actions/checkout@v4 - run: | apt-get --assume-yes update apt-get --assume-yes install linux-image-generic-64k dracut binutils - run: | dracut --conf $(mktemp) \ --confdir $(mktemp --directory) \ --verbose \ --modules "base bash" \ --add-drivers "virtio-rng bcachefs btrfs virtiofs overlay xfs" \ --kernel-cmdline "console=hvc0" \ --no-early-microcode \ --no-hostonly \ --no-compress \ --no-uefi \ initramfs \ $(ls /lib/modules/) - run: | cp /boot/vmlinuz-$(ls /lib/modules/) vmlinuz - uses: actions/upload-artifact@v4 with: path: | vmlinuz initramfs You can try it on Github Actions

I have developed an app to create and run virual machines using mac os virtualization framework for apple siicon and intel macs. I have tried ubuntu, fedora, debian & linux mint distros and they all worked fine with intel macs. But when i try to run other distros like mx linux, manjaro, pop os, endevour os etc on intel mac they all on booting iso just shows the black screen. is there any list of officilay support linux distros for intel macs and apple silicon. the support of linux distros are fairly limited or am i missing something.

Hey there! I’ve got some exciting news about Apple’s virtio_net_hdr implementation on macOS 15.4. It’s making communication a lot smoother, with a noticeable improvement! Now, I’d love to hear your thoughts on a couple of things. First, how do you think we can validate the populated values? And secondly, should we consider reusing populated values for the other endpoint, like the ‘flags’ field? Your insights would be invaluable!

I am using macOS virtualization farmework and able to create nad and run VMS. I need to resize the disk images using hdiutil in app sandbox environment. Is that possible? i tried disabling sandbox and it worked ok. But with sandbox i get the error message device is not configured. If this cant be done in sandbox what could be the alternative way to to achive this in sandboxed app. thanks

Hi, I'm trying save and restore features of VZ Framework with saveMachineStateTo and restoreMachineStateFrom(vzvmsaveFilePath) with completionHandler. Saving feature works well without any errors, .vzvmsave file created on my local mac, but the problem occurs on restore. After creating VM with the same volume mounts I used to make .vzvmsave, restoreMachineStateFrom method sends error. Failed to load VM from .vzvmsave file with Error Domain=VZErrorDomain Code=12 UserInfo={NSLocalizedFailure=<private>, NSLocalizedFailureReason=<private>} Because Localized Failure and its reason are both 'private', I cannot get what exactly happened to this VM app. Only thing I know here is the Code of VZError but nobody summarized what exactly the error code means. Could anyone give me the list of VZError code list please?

Hi, Since recently there is interest in having faster x87 translation speeds than Rosetta offers.. mainly some old PC games getting stuck at less than 5fps using Wine that uses Rosetta..( some world of warcraft game for ex.).. so main case right now, is games using old fmodex library versions (dll or statically)that uses heavy x87 instructions for audio processing , and such games not being threaded ,stalls the render threead, which is the same thread.. Luckily there is a hack, see: https://github.com/Lifeisawful/rosettax87 ”This is an experimental project that modifies Apple's Rosetta technology to use less precise but significantly faster x87 instruction handlers. The benchmarks show approximately 4-5x performance improvement for x87 floating-point operations.” but limitations are: 1)it runs only on specific Mac version (15.4.1) due to searching some fixed offsets in current rosetta library that may change with mac updates.. 2)requires to run two binaries (a server and the launcher program).. 3)currently doesn’t seem to accelerating x87 instruction on Linux programs/binaries i.e. lacking support for Rosetta on Linux if Apple supports similar technology, it could providing some enviroment variable like ROSETTA_FAST_X87 for enabling/disabling this fast emulation similar to how Rosetta AVX support not enabled by default.. thanks..

I’ve developed a virtual machine manager application using the macOS Virtualization framework. The application currently supports both NAT and bridged networking configurations. I’m now looking to implement host-only networking, where the guest VM can communicate with the host but not with external networks. Is this networking mode supported by the Virtualization framework, and if so, what is the recommended approach to set it up? Additionally, I would like to implement port forwarding from the host to the guest (e.g., redirecting traffic from a specific port on the host to a port on the guest). Is there a way to configure port forwarding using the built-in APIs of the Virtualization framework, or would this require a custom networking solution? Any guidance or best practices for implementing these features within the constraints of the framework would be greatly appreciated.

Hello, According to the official documentation, the macOS Virtualization Framework currently supports only macOS and Linux guest operating systems. I would like to know if there is any way—officially or through a supported workaround—to run Windows 11 as a guest using this framework. Additionally, is there any indication or roadmap suggesting that support for Windows guests might be introduced in a future release, such as in macOS 16? Any insights or official clarification would be greatly appreciated. Thank you.

Hello, I'm developing a macOS application that uses the Virtualization framework to run Linux virtual machines (specifically Ubuntu and Fedora) on Apple Silicon Macs. I've noticed that while the macOS host properly supports all trackpad gestures, the two-finger tap gesture for right-click does not work within the Linux guest. Only the primary click is recognized. This behavior is consistent across different Linux distributions and desktop environments (GNOME, KDE, etc.). I would like to confirm: Is the macOS Virtualization framework expected to support trackpad gestures such as two-finger tap for right-click within Linux guest VMs? If not currently supported, is there a known workaround to enable right-click functionality for the trackpad in Linux guests? (e.g., configuration changes in the VM, Linux kernel input modules, or framework-level adjustments.) Any insights or suggestions would be greatly appreciated. Thank you!

I’m encountering an issue when trying to start a macOS VM using Apple’s Virtualization framework in a sandboxed environment. When I create a standalone Xcode project, the VM launches successfully. However, when I integrate the same code into my existing project—where the VM is launched by a service started via launchd and running in a sandbox—it fails with the following error: Internal Virtualization Error: Failed to issue USB HCI sandbox extension To resolve this, I tried adding the com.apple.security.device.usb entitlement. But after doing that, the app started crashing with the following trace : Application Specific Signatures: SYSCALL_SET_USERLAND_PROFILE Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 libsystem_secinit.dylib 0x19a7141bc _libsecinit_appsandbox.cold.9 + 84 1 libsystem_secinit.dylib 0x19a713324 _libsecinit_appsandbox + 2080 2 libsystem_trace.dylib 0x18c2326cc _os_activity_initiate_impl + 64 3 libsystem_secinit.dylib 0x19a712ab0 _libsecinit_initializer + 80 4 libSystem.B.dylib 0x19a72a32c libSystem_initializer + 280 5 dyld 0x18c162efc invocation function for block in dyld4::Loader::findAndRunAllInitializers(dyld4::RuntimeState&) const + 444 6 dyld 0x18c19f864 invocation function for block in dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const + 324 7 dyld 0x18c1bf58c invocation function for block in mach_o::Header::forEachSection(void (mach_o::Header::SectionInfo const&, bool&) block_pointer) const + 240 8 dyld 0x18c1bc318 mach_o::Header::forEachLoadCommand(void (load_command const*, bool&) block_pointer) const + 208 9 dyld 0x18c1bda58 mach_o::Header::forEachSection(void (mach_o::Header::SectionInfo const&, bool&) block_pointer) const + 124 10 dyld 0x18c19f334 dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const + 516 11 dyld 0x18c162cb4 dyld4::Loader::findAndRunAllInitializers(dyld4::RuntimeState&) const + 176 12 dyld 0x18c16e530 dyld4::PrebuiltLoader::runInitializers(dyld4::RuntimeState&) const + 44 13 dyld 0x18c1848b0 dyld4::APIs::runAllInitializersForMain() + 88 14 dyld 0x18c147e00 dyld4::prepare(dyld4::APIs&, mach_o::Header const*) + 3092 15 dyld 0x18c1471d8 dyld4::start(dyld4::KernelArgs*, void*, void*)::$_0::operator()() const + 236 16 dyld 0x18c146b4c start + 6000 I suspect this might be due to the provisioning profile, which doesn’t seem to include the required entitlement. However, I haven’t found a way to explicitly add this entitlement to the provisioning profile. My questions are: How can I add com.apple.security.device.usb to the provisioning profile? Is there a way to confirm that adding this entitlement would resolve the issue? Are there recommended steps to debug and test Virtualization framework usage in a sandboxed environment (especially when launched as a service)? I also tried disabling SIP and AMFI, but the crash still occurs. Is there a better way to work around or test this in development? Any insights or suggestions would be greatly appreciated!

We are using VZVirtualMachine instances in a Swift actor. It works fine but we hit a major problem when we decided that we want to attach it to a VZVirtualMachineView to show it / allow user interactions. VZVirtualMachineView and its virtualMachine property is isolated to @MainActor, so if we directly assign our vm instance to it, we receive a concurrency error: @MainActor public func createView() -> VZVirtualMachineView { let view = VZVirtualMachineView() view.virtualMachine = vm // x: Actor-isolated property 'vm' can not be referenced from the main actor return view } Is there any way we can make this work?

Can the Xcode 26 code assist feature be used in a macOS 26 virtual machine? I am not seeing a way to enable it... Also asking on https://github.com/insidegui/VirtualBuddy/discussions/524

I'm pleased to share some significant updates that have recently been released for our Hypervisor and Virtualization frameworks. We've focused on enhancing efficiency, expanding capabilities, and addressing common developer needs. I believe these will be valuable for many of you. Here’s a look at what’s new: Hypervisor Updates We've introduced support for configuring the intermediate physical address (IPA) memory granularity of a VM. This allows for more granular memory mappings, enabling granularity sizes down to 4KB. This is particularly useful for certain specialized device drivers requiring finer memory control. Virtualization Framework Updates More Efficient VM Image Storage with ASIF: We've integrated support for the Apple Sparse Image Format (ASIF). This results in a smaller disk footprint and optimized transfer for VM disk images when using VZDiskImageStorageDeviceAttachment, improving storage efficiency. Custom Network Topologies with vmnet: We've added support for vmnet custom network topologies. This enables more flexible VM-to-VM communication based on logical networks with customized configurations, useful for complex testing or development environments. See VZVmnetNetworkDeviceAttachment to get started. Simplified VM Queue Discovery: It's now easier to discover a VM’s on-process thanks to a new property on VZVirtualMachine. This should aid in development and debugging when interacting directly with the VM's queue. These are some of the key highlights of the first beta, and I'm looking forward to seeing how these improvements will be utilized. I encourage you to explore the documentation for full details on these features.

I'm trying to setup a macOS 26 build environment in a VM (using UTM and the virtualization framework Apple provides). I have Xcode 26 installed and have logged into my Apple ID and verified that the team and other configuration looks fine in Xcode settings. When trying to build the macOS app, I see errors saying the VM's device ID has not been registered. I have confirmed that the device ID is registered both in the Provisioning portal AND the downloaded .provisionprofiles (in Library > Developer > Xcode > UserData). This problem appears on multiple targets (e.g. the main app and extensions). If I try to manually provision the app, using the Provisioning portal, I can build the product, but it will not launch because of Gatekeeper issues. Finally, signing to run locally doesn't work either. As the app launches, frameworks refuse to load because Team IDs don't match. With ad hoc provisioning, there are no Team IDs. I've come to the conclusion that this just isn't possible. Which is a shame because I need to support products with a build environment on macOS 15 and cannot move over to macOS 26 yet. I suspect many developers outside of Apple are in a similar position.