Empty BSSID CoreWLAN scanForNetworksWithName

Any help on this appreciated. Thanks.

I recommend that you try this with native code built in to a native app. TCC, the subsystem within macOS that manages the privileges visible in System Preferences > Security & Privacy > Privacy, doesn’t work well for scripts.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Thanks for the reply. But my requirement is through script only, how can I get it done? There has to be some way around it, right?

I recommend that you try this with native code built in to a native app. - I have created native app only with the help of py2app and for that I am giving location permission as well. But still I don't get those values.

There has to be some way around it, right?

I admire your optimism.

I have created native app only with the help of py2app

Did you sign your app with a stable code signing identity? For TCC to work reliably the calling code must be signed with a code signing identity that TCC can use to track the code from build to build. I go into gory details about this in TN3127 Inside Code Signing: Requirements but the executive summary is:

• Not unsigned

• No ad hoc signed (Signed to Run Locally in Xcode).

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Thanks for the explanation.

So I am wondering that if my application is going to be used in background only from CLI, will signing my code will give BSSID? Otherwise I can avoid spending time on this to understand how process works to sign code and all

On similar line, on MAC OS 13.x behaviour has changed looks like, once I allow Python location service from UI, I can see BSSID values. So behaviour has changed from at least older release.

So behaviour has changed from at least older release.

That doesn’t surprise me. This area of macOS is the subject of ongoing development as we work to increase user privacy. Most of the time we can do that in a way that’s binary compatible but that’s not always the case.

I am wondering that if my application is going to be used in background only from CLI,

Please clarify what you mean by “background only from CLI”. There many potential ways you can run a command-line tool:

• From Terminal

• Over SSH

• Via a launchd agent

• Via a launchd daemon

• And so on

Is your final goal one of these?

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Thanks for the prompt response. I am writing one agent which need to scan WiFi and check for BSSID into golang, so once I compile this executable I currently run it from terminal(ssh into apple machine and run it manually through CMD) during development phase, once I am done developing it, will be run through separate process Via a launchd agent or Via a launchd daemon so user does not need to run it every time manually after boot. If you want to see sample code part, I can host it over github for your reference as well, let me know which ever way works for you.

First up, make sure that your code is signed with a stable code signing identity. TCC uses this to track to confirm that version N+1 of your code is the ‘same code’ as version N. See TN3127 Inside Code Signing: Requirements for more about this.

Second, if your final goal is to run this as a launchd agent running in the Aqua session type [1], don’t test it over SSH. In situations like this context matters, and an SSH login session is not the same as an Aqua login session.

Ideally you’d test this by loading it as a launchd agent. To test that, connect to the Mac’s GUI login session using screen sharing and than load and start your agent from Terminal.

Third, is this agent going to be part of a GUI app? If so, make sure you either install it using SMAppService or set AssociatedBundleIdentifiers in your launchd.plist. If not, you may end up needing to embed it within an app-like structure to make TCC happy.

Via a launchd daemon

That’s unlikely to work. CoreWLAN checks for the Location privilege and that’s hard for a daemon to get.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

[1] See LimitLoadToSessionType in the launchd.plist man page. Aqua is the default value, causing your agent to load in GUI login sessions.

Thank you for such prompt reply.
I was going through the article and I must say it is very heavy to understand. I have one suggestion, It is totally missing one example where we can get all the steps to sign any code with respect to for example, App wants permission to get Location or any other type of permission with Apple Developer Account and how to sign/use that app in context of executable binary launchd (not developed with xcode, we can consider it developed in some other language, as normal xcode development process has handled through UI, I guess.).

• I tried with launchd and looks like it is not working for me, I guess some info.plist or any other issue. Very hard to understand as not being Mac Developer hurting my chance to get into RCA.