Endpoint Security System Extension can't be removed by deleting Host Application on Sonoma 1

App & System Services Core OS
andrew_chersky
andrew_chersky OP
Created 3d
Replies 1
Boosts 1
Views 31
Participants 2

I have an Electron Application which is hosting Endpoint Security System Extension.

Usually I'm uninstalling it by deleting host application from /Applications/ folder.

However, after updating multiple of my machines to Sonoma 15.3.2, this uninstallation flow doesn't work anymore.

When I delete host app, it shows promt (approximately) "This application is hosting SysEx which will be removed..."

After that, application is moved to .trash, however System Extension remains active and visible in System Settings. Host application name is changed to file name (Some Application -> Some Applciation.app) and this entry has no icon for Host App.

I would appreciate any assistance on how to fix that or maybe create a bug report.

Answered by DTS Engineer in 831608022

First, terminology. On Apple systems the host application is the one using the extension, which in this case is macOS itself. You’re talking about the container application, that is, the one in which your extension is embedded.

As a first step, I recommend that you try reproducing this on a ‘clean’ machine. I typically use a VM for this sort of thing, so I can restore from a fresh snapshot between each test. That’ll tell you whether the issue is being triggered by your product or is caused by something environmental on your test machines.

If it’s triggered by your product then it’s reasonable you for you to file a bug about that. Even if your product is malformed, the system shouldn’t get itself tied up in knots like this. Please post your bug number, just for the record.

You’ll also want to look at what in your product is causing the issue. A good step here is to create a minimal app-with-ES-sysex test project and use that to try to reproduce the issue. It it reproduces then, yeah, it’s likely that your product is fine and this is just a bug in the system. If it doesn’t, you can start tweaking your test project and your real project to see if you can isolate the difference.

Finally, you can try to recover the affected machines:

  1. Disable SIP.

  2. Use systemextensionsctl to remove the sysex.

  3. Re-enable SIP.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Replies  1
Boosts  1
Views  31
Participants  2
Apple Staff, DTS Engineer
DTS Engineer OP
Apple
2d
Recommended

First, terminology. On Apple systems the host application is the one using the extension, which in this case is macOS itself. You’re talking about the container application, that is, the one in which your extension is embedded.

As a first step, I recommend that you try reproducing this on a ‘clean’ machine. I typically use a VM for this sort of thing, so I can restore from a fresh snapshot between each test. That’ll tell you whether the issue is being triggered by your product or is caused by something environmental on your test machines.

If it’s triggered by your product then it’s reasonable you for you to file a bug about that. Even if your product is malformed, the system shouldn’t get itself tied up in knots like this. Please post your bug number, just for the record.

You’ll also want to look at what in your product is causing the issue. A good step here is to create a minimal app-with-ES-sysex test project and use that to try to reproduce the issue. It it reproduces then, yeah, it’s likely that your product is fine and this is just a bug in the system. If it doesn’t, you can start tweaking your test project and your real project to see if you can isolate the difference.

Finally, you can try to recover the affected machines:

  1. Disable SIP.

  2. Use systemextensionsctl to remove the sysex.

  3. Re-enable SIP.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
Endpoint Security System Extension can't be removed by deleting Host Application on Sonoma 1
First post date Last post date
 
 
Q