We are investigating an intermittent package installation failure on macOS Tahoe 26.5 and are trying to understand the conditions under which PackageKit may return the following errors during an upgrade installation:
- PKInstallErrorDomain Code=120
- NSPOSIXErrorDomain Code=1 ("Operation not permitted")
The package successfully passes validation and authorization, and pre-install scripts complete successfully. The failure occurs during the final PackageKit commit phase when PackageKit attempts to move/relink content from the installer sandbox to the destination volume.
Relevant log snippets:
PackageKit: Shoving <sandbox>/Root to /
Error relinking file (primary): .../Contents/_CodeSignature/CodeResources
failed _relinkFile(...) Operation not permitted
PackageKit: Install Failed: Error Domain=PKInstallErrorDomain Code=120
NSUnderlyingError: Error Domain=NSPOSIXErrorDomain Code=1 "Operation not permitted"
The issue is intermittent and only affects a subset of systems. The same package installs successfully on many machines running the same macOS version.
Has anyone encountered similar _relinkFile / CodeResources failures during package upgrades?
In particular, we are interested in understanding:
- Common causes of NSPOSIXErrorDomain Code=1 during PackageKit relink operations.
- Whether existing signed application bundle metadata (CodeResources) can cause relink failures during upgrades.
- Any Installer or PackageKit changes in recent Tahoe releases that could affect bundle replacement during package installation.
Any insights would be appreciated.
