Encountering Error Domain=NSCocoaErrorDomain Code=513 while creating hard link between files on MacOS(Mac Catalyst App)

Hi,

I am trying to create a hard link on MacOS(Mac Catalyst App) between files using

[self linkItemAtURL:fromURL toURL:toURL error:&error];

Source Path for MacOS -

/var/folders/lf/dt_4nxd945jdry2241phx0_40000gn/T/net.appname.AppName/documents/...

Destination Path for MacOS -

/Users/username/Library/Group Containers/group.net.appname.AppName.shared/Message/Media/...

Although the same code works fine on iOS, but getting following error on MacOS

Error Domain=NSCocoaErrorDomain Code=513 couldn’t be linked because you don’t have permission to access, Operation not permitted

Source Path for iOS -

/Users/user/Library/Developer/CoreSimulator/Devices/B4054540-345F-4D90-A3C5-DA6E6469A3FC/data/Containers/Data/Application/B4AB7D70-491C-49E5-9A3F-27E66EC3423D/tmp/documents/...

Destination Path for iOS -

/Users/user/Library/Developer/CoreSimulator/Devices/B4054540-345F-4D90-A3C5-DA6E6469A3FC/data/Containers/Shared/AppGroup/842B248E-CCA6-4B5C-82BD-2858EADD3A90/Message/Media/...

However, interestingly if I try to copy the file, it works perfectly fine on MacOS as well. I am unable to understand if it is the permission issue, it should not work with copy as well.

Does anyone have any reason/solution to this behaviour?

Up vote post of ritubala Down vote post of ritubala
922 views
Posted by
ritubala
Reply
Add a Comment

Replies

The Operation not permitted in the error message corresponds to EPERM, which suggests that this is not a standard file system access access issue but rather something specific to the sandbox or MAC. For more context on that, see On File System Permissions.

I can’t think of any obvious reason why these would prevent you from an app group container to the temporary directory, but these technologies are rather subtle and so it’s easy to miss the rationale for such restrictions.

Why do you need to hard link here?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Thanks for your revert! I need to have access to the file from app groups to the temporary directory. I don't want to make a copy as it would acquire more space, hence going for hard link.

What I fail to understand is if there is some issue with the permissions, then why copying works successfully but not hard linking.

Posted by
ritubala
Up vote reply of ritubala Down vote reply of ritubala
Add a Comment

What I fail to understand is if there is some issue with the permissions, then why copying works successfully but not hard linking.

Because the sandbox / MAC access control system is way more complex than you might think.

I’m not saying that the behaviour you’re seeing is correct, btw, just that it’s easy for things to go wrong in such a complex system.

I don't want to make a copy as it would acquire more space, hence going for hard link.

Two things:

  • Why do you need it in both places? Most folks with this issue work on the file in the temporary directory and then move it into the correct location.

  • Also, do you need changes from one place to show up in the other? If not, you can do the copy, which is has very low performance and disk space impact because of APFS’s copy-on-write feature.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

HI I'm having the same issue - and same need. Ideally I would like to link the file so the app extension can access it. But if I have to - a copy is ok.

Posted by
michaelr
Up vote reply of michaelr Down vote reply of michaelr
Add a Comment

Ideally I would like to link the file so the app extension can access it.

Can you explain more about this requirement? Specifically, where is the file located originally? And if it’s not within your bundle or within one of your container, how did you initially get access to it?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment