Monterey - Uninstalling Revisited

Hi all (and hopefully Quinn)

I found this WWDC session today (https://developer.apple.com/videos/play/wwdc2021/10130/) dealing with MDM updates for Monterey.

The part that caught my eye was the new RemovableSystemExtensions feature. From the video:

In macOS Monterey, there is a new feature called RemovableSystemExtension.

This will allow an app to deactivate its own system extension, for example, when the app uninstalls itself.

With this feature, there will be no admin password required to remove the system extension.

This may be useful in deployments where the Mac has no admin user.

My question is, do I (we) have to do anything special in our system extension to take advantage of this or is it a free pass from MDM? I already do a call to deactivationRequestForExtension when we uninstall. And that works fine on Big Sur, but doesn't any more on Monterey. That's what led me down the path that found this session and other links.

I know I'm not the only one suffering through the uninstall aspect of system extensions and really hope that this is the holy grail.

Thanks

Up vote post of mdolan Down vote post of mdolan
1.1k views
Posted by
mdolan
Reply

  • We are seeing this also. When calling [OSSystemExtensionManager sharedManager] submitRequest with the result of a call to deactivationRequestForExtension for our extension, our delegate method for didFailWithError is called.

    I have submitted the following via Feedback Assistant ID FB9429149

    When calling [OSSystemExtensionManager sharedManager] submitRequest with the result of a call to deactivationRequestForExtension for our extension, and then entering administrator credentials in the dialog which is presented to the user, our delegate method for didFailWithError is called.

    The code in the NSError is 4, which so far as I can tell is a OSSystemExtensionError.extensionNotFound

    After the failed call, if I try to run "systemextensionsctl list", I get the following output

    root@monterey ~ # systemextensionsctl list 3 extension(s) --- com.apple.system_extension.endpoint_security enabled active  teamID  bundleID (version)  name    [state] 2021-07-30 13:44:19.741 systemextensionsctl[698:7828] unexpectedly trying to fetch info on a non-staged bundle? zsh: abort      systemextensionsctl list

    But after rebooting the machine our extension is listed again and remains as [active enabled].

    paulfrommanchester

  • apologies for the formatting above, I don't understand what's happened there.

    paulfrommanchester

  • I see the same error from systemextensionsctl afterwards too. I filed a FB ticket for that, FB9163360. Keep updating it after each beta when it happens again. I think in beta 1 and 2 (maybe just 1?) that it literally crashed after logging that. That's when I created the ticket.

    mdolan
Add a Comment

Replies

I've just tried this on Monterey Beta 5.

The problem persists however the systemextensionsctl command no longer crashes, but instead still prints out our system extension in a state of [activated enabled], but now two additional lines showing the Team ID, the URI of the system extension, the version, and then "- [realizing]"

Posted by
paulfrommanchester
Post not yet marked as solved Up vote reply of paulfrommanchester Down vote reply of paulfrommanchester
Add a Comment

Hello,

We are have the exact same issue when uninstalling our Network Extension. The behaviour on previous version of macOS Monterey Betas and the behaviour on Beta 5 (the latest one at this point) is exactly the same as the one described by mdolan and paulfrommanchester. We have also submitted a bug report: FB9565942.

Posted by
HoratiuLUPEAN
Up vote reply of HoratiuLUPEAN Down vote reply of HoratiuLUPEAN
Add a Comment

I had a look at the status of some of the bug numbers posted earlier in this thread and it definitely looks like this issue in getting some traction. There’s no fix in macOS 12.0b5, but please do continue to test as new beta releases are seeded.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Post not yet marked as solved Up vote reply of eskimo Down vote reply of eskimo

  • Thanks for the update, Quinn

    mdolan
Add a Comment

Monterey beta 6 is behaving like Big Sur and is working. All is good in (my) the world.

Thank you again, Quinn, for letting us know to test it again.

Posted by
mdolan
Up vote reply of mdolan Down vote reply of mdolan
Add a Comment

I can confirm that beta 6 also resolves the issue for us

Posted by
paulfrommanchester
Up vote reply of paulfrommanchester Down vote reply of paulfrommanchester
Add a Comment