Logging. App and System Extension attempting to share logs with each other

Before:

We had an app with app extension. Both had user privilege. Both wrote file logs to FileManager.default.containerURL(forSecurityApplicationGroupIdentifier: groupID) - /Users/myuser/Library/Group Containers/mygroupid/

Now:

We have to change app extension to system extension. Our previous logging approach broke, because system extension has root context. Result of FileManager.default.containerURL(forSecurityApplicationGroupIdentifier: groupID) for system extension is /private/var/root/Library/Group Containers/mygroupid/

They do not have privilege to write to each other's folder. We can open logs folder for the user, but now the app does not have privilege to open Finder window for root logs folder. Ideally we would write file in a single folder.

Question:

Please suggest where to write logs from user and root process. Maybe there is a different approach on how to store a few days worth of logs and being able to upload them to our backend, or display them to the user, upon request.

Up vote post of Iwan_ua Down vote post of Iwan_ua
876 views
Posted by
Iwan_ua
Reply

  • Just in case, if root can write logs to a folder that the user is able to open in Finder, that would work too

    Iwan_ua
Add a Comment

Accepted Reply

Please suggest where to write logs from user and root process.

There’s no good way to do this, and that’s for a good reason. Your sysex runs with privileges and you really don’t want to share a file system location between privileged and non-privileged code.

The best option here, IMO of course, is to use the system log. See Your Friend the System Log.

Presuming that you’ll ignore that advice, I recommend that you have each program store its logs in its own directory. If you want the sysex’s logs to be visible to your app, have the app request that access via XPC.

One nice thing about XPC is that you can pass back a file descriptor. So, if the sysex opens the log read-only and passes that file descriptor back to the app, it knows that the app can’t mess with it.

It’s still possible for the sysex to mess with the app though. The sysex might continue writing to the log file while the app is reading it. If you’re not careful you can end up with some weird inconsistencies there. One way to avoid that is to have the sysex copy the file and sending a descriptor for that copy. Keep in mind that, on APFS, copies are cheap.

Finally, some general IPC points to keep in mind:

  • It’s possible for multiple users to be running your app simultaneously. You’ll have to decide how to want to handle logging in that case. You could, for example, have each app use XPC to log to your sysex, which would allow it to have a global view of the app’s state. The potential downside to that is that you might leak information between users.

  • You’ll probably want to make sure that only your app can request logging information from the sysex. See this post.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Post marked as solved
Add a Comment

Replies

Please suggest where to write logs from user and root process.

There’s no good way to do this, and that’s for a good reason. Your sysex runs with privileges and you really don’t want to share a file system location between privileged and non-privileged code.

The best option here, IMO of course, is to use the system log. See Your Friend the System Log.

Presuming that you’ll ignore that advice, I recommend that you have each program store its logs in its own directory. If you want the sysex’s logs to be visible to your app, have the app request that access via XPC.

One nice thing about XPC is that you can pass back a file descriptor. So, if the sysex opens the log read-only and passes that file descriptor back to the app, it knows that the app can’t mess with it.

It’s still possible for the sysex to mess with the app though. The sysex might continue writing to the log file while the app is reading it. If you’re not careful you can end up with some weird inconsistencies there. One way to avoid that is to have the sysex copy the file and sending a descriptor for that copy. Keep in mind that, on APFS, copies are cheap.

Finally, some general IPC points to keep in mind:

  • It’s possible for multiple users to be running your app simultaneously. You’ll have to decide how to want to handle logging in that case. You could, for example, have each app use XPC to log to your sysex, which would allow it to have a global view of the app’s state. The potential downside to that is that you might leak information between users.

  • You’ll probably want to make sure that only your app can request logging information from the sysex. See this post.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Post marked as solved
Add a Comment