General: DevForums subtopic: App & System Services > Core OS Core OS is a catch-all subtopic for low-level APIs that don’t fall into one of these more specific areas: Processes & Concurrency Resources Files and Storage Resources Networking Resources Network Extension Resources Security Resources Virtualization Resources Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"

Using VZVirtioFileSystemDeviceConfiguration allows a Linux guest OS to access folders on macOS. However, modifications to the file's uid/gid by the Linux guest OS have no effect, and the file's uid/gid will always appear as the uid/gid of the Linux user currently accessing the file, as if the uid/gid were not stored at all.I hope there’s a way to at least pass through the uid/gid without any mapping.

I have a question about the default calling function that is supported by third-party apps on iOS from 18.2. In most cases, it works normally with the default calling app setting, but the problem occurs when connected to the vehicle via Bluetooth. Install the app that sets the default calling app on the device. Keep the phone locked. Connect the Bluetooth to the vehicle. Try to make a call using the phone button on the vehicle's steering wheel. When trying to make a call from the vehicle, the call fails (It seems that the app cannot be opened when the phone is locked even if the default calling app setting is on.) When you unlock the phone and turn on the app, the call is made. As far as I understand, if the app scheme is called with tel:// when set as the default calling app, it only proceeds with the intent connection to the app set as the default calling app, and the permissions that Apple's default call app has cannot be used. Accordingly, my questions are as follows: Is there a way to make a call with an external phone call input when locked on device? If 1 is not possible, can you provide a branch to Apple's default call app (telephony://) in the above situation?

Implementing ACL support in a distributed filesystem, with macOS and Linux clients talking to a remote file server, requires compatibility between the ACL models supported in Darwin-XNU and Linux kernels to be taken into consideration. My filesystem does support EAs to facilitate ACL storage and retrieval. So setting ACLs via chmod(1) and retrieving them via ls(1) does work. However, the macOS and Linux ACL models are incompatible and would require some sort of conversion between them. chmod(1) uses acl(3) to create ACL entries. While acl(3) claims to implement POSIX.1e ACL security API, which, to the best of my knowledge, Linux VFS implements as well, their respective implementations of the standard obviously do differ. Which is also stated in acl(3): This implementation of the POSIX.1e library differs from the standard in a number of non-portable ways in order to support the MacOS/Darwin ACL semantic. Then there's this NFSv4 to POSIX ACL mapping draft that describes the conversion algorithm. What's the recommended way to bridge the compatibility gap there, so that macOS ACL rules are honoured in Linux and vice versa? Thanks.

I’m building a companion app that connects to a custom hardware hub (IoT device) used for home safety monitoring. The hub is installed in homes and is responsible for triggering critical alerts like fire alarms, motion detection, door sensor activity, and baby monitor events. Current Architecture: The hub initially connects to the app via Bluetooth (BLE) for provisioning (to get Wi-Fi credentials). Once provisioned, the hub switches to Wi-Fi and communicates with the app via a WebSocket connection to stream real-time event updates. What I’m Trying to Achieve: My goal is to maintain background communication with the hub even when the app is not actively in use, in order to: Receive real-time updates from the hub while the device is locked or the app is in background. Trigger local notifications immediately when critical sensor events (e.g., fire, motion) occur. Ensure persistence across backgrounding, app swipes (force close), and device reboots, if possible. What I'm Observing: On iOS, WebSocket connection is suspended or dropped shortly after the app goes to the background or is locked. Even though the I've scheduled periodic fetches, notifications are delayed until the app is reopened, at which point all missed WebSocket messages arrive at once. If the app is force-closed or after reboot, no reconnection or notification happens at all. Key Questions I Have: Since the hub is initially provisioned via BLE, and could potentially send BLE flags or triggers for key events, can I use bluetooth-central mode to keep the app active or wake it up on BLE activity? Once the hub switches to Wi-Fi and uses WebSocket, is it possible to combine BLE triggers to wake the app and then reconnect to the WebSocket to fetch the full event payload? Is there a legitimate and App Store-compliant way to maintain a connection or background task with: BLE accessory triggers followed by Real-time data processing via Wi-Fi/WebSocket? Would this use case qualify as a "companion device" scenario under iOS background execution policies? What is the best practice for handling this kind of hybrid BLE + WebSocket alerting flow to ensure timely user notifications, even in background/locked/force-closed states? Any advice, documentation links, implementation patterns, or examples from similar companion device apps would be greatly appreciated. Thanks in advance!

I'll preface by saying I am new to MacOS development. I've struggled with this issue for several days and have nowhere else to go for help. My MacOS app is an Electron build. It needs application-groups entitlement for IPC. But the developer portal, when generating the provisioning profile, always appends "groups." to the start and I am unable to remove it. This renders my provisioning profile invalid and causes my app to be rejected by Transporter because it is not supposed to start with "groups", but with my team identified for MacOS. Maybe I can still use the provisioning profile as is, but I've not found any way to do that. So I'm stuck unable to deliver. Any help with this is appreciated.

I want to implement quota feature to my file provider extension. I am able to keep track of materialized files total size. (Content download and edit operations) However I cannot detect file eviction operation (User right click to file and select "Remove Download"). Is there anyway to detect this action Or any suggestion to keep track of materialized files total size?

Is there a way for the bluetooth peripheral device to remain connected to iOS even after the app which was used to pair with it has been swipe killed by the user? I have - enabled Background Modes (Uses Bluetooth LE Accessory) given all the relevant permissions (Background refresh) implemented state preservation and restoration. properly handled Connection Events with proper options (CBConnectPeripheralOptionNotifyOnConnectionKey and CBConnectPeripheralOptionNotifyOnDisconnectionKey) e.g Fitbit shows as connected in bluetooth settings even after the app has been swipe killed by the user.

How can i decode all this message I found in File name BaseSystem.chunklist because I use all decode online tool not work at all?

Hi Is there a way to check if a file at a specified URL is open and being edited by another application. Assuming that we have permission to access the file at the URL.

Works: runs-on: ubuntu-24.04-arm container: image: ubuntu:latest env: DEBIAN_FRONTEND: noninteractive steps: - uses: actions/checkout@v4 - run: | apt-get --assume-yes update apt-get --assume-yes install linux-image-generic dracut binutils - run: | dracut --conf $(mktemp) \ --confdir $(mktemp --directory) \ --verbose \ --modules "base bash" \ --add-drivers "virtio-rng bcachefs btrfs virtiofs overlay xfs" \ --kernel-cmdline "console=hvc0" \ --no-early-microcode \ --no-hostonly \ --no-compress \ --no-uefi \ initramfs \ $(ls /lib/modules/) - run: | cp /boot/vmlinuz-$(ls /lib/modules/) vmlinuz - uses: actions/upload-artifact@v4 with: path: | vmlinuz initramfs Will NOT work: runs-on: ubuntu-24.04-arm container: image: ubuntu:latest env: DEBIAN_FRONTEND: noninteractive steps: - uses: actions/checkout@v4 - run: | apt-get --assume-yes update apt-get --assume-yes install linux-image-generic-64k dracut binutils - run: | dracut --conf $(mktemp) \ --confdir $(mktemp --directory) \ --verbose \ --modules "base bash" \ --add-drivers "virtio-rng bcachefs btrfs virtiofs overlay xfs" \ --kernel-cmdline "console=hvc0" \ --no-early-microcode \ --no-hostonly \ --no-compress \ --no-uefi \ initramfs \ $(ls /lib/modules/) - run: | cp /boot/vmlinuz-$(ls /lib/modules/) vmlinuz - uses: actions/upload-artifact@v4 with: path: | vmlinuz initramfs You can try it on Github Actions

macos 15.4 beta claims to support FSKit. Is there an FSKit sample available? I don't see anything useful in the published docs.

Hi everyone, I'm facing an issue where I cannot write a file to a shared App Group container in my tvOS app when running on a real device. My code works perfectly on the simulator, but fails on a physical device with a permissions error. I’ve set up an App Group with a custom identifier (e.g., group.<my.identifier>), and it’s correctly configured in the Capabilities section of Xcode for both my main app and widget targets. Here’s the code I’m using to save a test file: func saveTestFile() { guard let groupURL = FileManager.default.containerURL(forSecurityApplicationGroupIdentifier: "group.<my.identifier>") else { print("Couldn't access the Group URL.") return } let containerURL = groupURL.appendingPathComponent("Library", isDirectory: true) if FileManager.default.isWritableFile(atPath: containerURL.path) { print("Directory IS writable") } else { print("Directory IS NOT writable") } let fileURL = containerURL.appendingPathComponent("test.txt") let content = "Hello App Group!" do { try content.write(to: fileURL, atomically: true, encoding: .utf8) print("File test.txt is saved at: \(fileURL.path)") } catch { print("Error while saving the file: \(error)") } } Console: Directory IS NOT writable Error while saving the file: Error Domain=NSCocoaErrorDomain Code=513 "You don’t have permission to save the file “test.txt” in the folder “”." UserInfo={NSFilePath=/private/var/mobile/Containers/Shared/AppGroup//Library/test.txt, NSURL=file:///private/var/mobile/Containers/Shared/AppGroup//Library/test.txt, NSUnderlyingError=0x14387fbe0 {Error Domain=NSPOSIXErrorDomain Code=1 "Operation not permitted"}} I’ve tried saving the file in different subdirectories within the App Group container: Directly in groupURL (root of the container). In groupURL.appendingPathComponent("Library"). In groupURL.appendingPathComponent("Caches"). Do you have any ideas what is the problem? Thanks in advance for any help!

I've enjoyed using an existing app to connect over BLE to a camera which allows for photo transfer. For some reason though early on in iOS 18, it seems the bluetooth advertising name was corrupted. As a result, the camera no longer connects to the app. I've checked on another phone that the camera connects. I was wondering how to go about clearing the bluetooth cache or maybe specifically the BLE cache. The existing app developer is non responsive and I'm assuming the issue will never be fixed. I was planning on clearing the cache within my own personal unreleased app. Just wondering if there's any cache clearing API.

Security scoped bookmarks that were created before updating to macOS 14.7.5 cannot be resolved anymore after updating to macOS 14.7.5. Reproduction: Sandboxed app on macOS version 14.7.4 Create and store a security scoped bookmark to a user selected folder: let url: URL = <user selected url from NSOpenPanel> let data = try url.bookmarkData(options: [.withSecurityScope], includingResourceValuesForKeys: nil, relativeTo: nil) <persistently store data> Update to macOS 14.7.5 Resolve the previously stored bookmark: let data: Data = <restore data from persistent storage> var stale: Bool = true let url = try URL(resolvingBookmarkData: data, options: [.withSecurityScope], relativeTo: nil, bookmarkDataIsStale: &stale) Expected: The bookmark is resolved correctly and the resulting url can be used to access the folder/file in the sandboxed app after starting access. Observed: URL(resolvingBookmarkData:) throws an error: Error Domain=NSCocoaErrorDomain Code=259 "The file couldn’t be opened because it isn’t in the correct format." New security scoped bookmarks created on macOS 14.5.7 can be resolved without issue. The same appears to happen with macOS 13.7.5. Entitlements: com.apple.security.app-sandbox com.apple.security.files.bookmarks.app-scope com.apple.security.files.user-selected.read-write This is very disruptive, as it appears that Sandboxed apps cannot access any previously stored bookmarks anymore. Particularly after the recent ScopedBookmarkAgent issues in 14.7.1 and 15.0, which were resolved in 14.7.3/15.1 respectively: https://developer.apple.com/forums/thread/764435

Hello all, I'm the developer of REHex, a hex editor which I have been distributing as an app bundle outside of the app store for a few years. REHex allows assigning various bits of metadata (comments, data types, etc) which get stored as filename.rehex-meta alongside the original filename, this works fine when the app is just a standalone bundle, however, when distributed via the app store, sandboxing seems to be mandatory, and there doesn't appear to be any obvious way to get permission to read/write such files. As fallbacks, I've considered adding support for storing the metadata as an extended attribute instead (which breaks compatibility, and won't translate when the file is on a FAT/etc filesystem or network share), or popping up the save/load dialog a second time for the user to select a .rehex-meta file, adding it to the list of whitelisted files for the application (keeps compatibility, but UX is clunky). Are there any ways I can work around this, or perhaps other methods I should consider for storing the metadata in an Apple-tolerant manner? Thanks

We’re receiving increasing user reports that our macOS app is unexpectedly terminated in the background—without crash reports or user action. Our app is a sandboxed status-bar app (UIElement, NSStatusItem) running continuously, syncing data via CloudKit and Core Data. It has no main window unless opened via the status bar. Observed patterns: Happens more frequent on macOS 15 (Sonoma), though earlier versions are affected too. Often occurs when disk space is limited (~10% free), but occasionally happens with ample free space. System logs consistently show: CacheDeleteAppContainerCaches requesting termination assertion for &lt;our bundle ID&gt; No crash reports are generated, indicating macOS silently terminates our app, likely related to RunningBoard or CacheDelete purging caches during disk pressure. Since our app is meant to run persistently, these silent terminations significantly disrupt user experience. We’re seeking guidance on: Can we prevent or reduce these terminations for persistently running status bar apps? Are there recommended APIs or configurations (e.g., NSProcessInfo assertions, entitlements, LaunchAgents) to resist termination or receive notifications under low disk conditions? What are Apple’s best practices for ensuring sandboxed apps reliably run during disk pressure? We understand macOS terminates apps to reclaim space but would appreciate recommendations to improve resilience within platform guidelines. Thank you!

We have an enterprise mac OS X application which uses the UserDefaults to store the onboarding states. The strange part here is that the newly installed mac OS X app is still be able to access the UserDefalus data of removed application. Because of this, the application never becomes as a freshly installed app. Is it any limitation to Enterprise mac OS X apps? Could you please provide us the resolution for this issue.

Hi there! Sorry in advance, this is going to be a long post of Apple developer pains which I want to share with you, and, hopefully, find the answer and help Apple become better. I'm at the very beginning of my new and exciting personal project which (I hope) may one day feed me and be my daily source of inspiration. I'm not a newbie in Apple development nor am I a senior-level developer — just a fellow developa'. Here's the problem I bring to you — why Apple promotes Unified Logging System and recommends using it as the primary way to implement logging in 3rd-party apps? No doubt, OSLog is a great, secure, efficient, and centralized way to gather diagnostics information, and I, starting my new project, am itching to choose exactly this 1st-party logging infrastructure. This decision in theory has a number of benefits: I don't have to depend on 3rd-party logging frameworks which may eventually be discontinued; I have extensive documentation, great WWDC sessions explaining how to use the framework, and stackoverflow answers from the whole Apple dev community in case I experience any troubles; I have this cool Console.app and upcoming Xcode 15 tools with great visualization and filtering of my logs; It's quite a robust and stable infrastructure which I may restfully rely on. But... the thing is there's this big elephant in the room — this API is non-customizable, inconvenient, and hard to use in terms of the app architecture. I can't write my own protocol wrapper around it to abstract my domain logic from implementation details or just simplify the usage at the call site. I can't configure my own format for log messages (this is debatable, since Console.app doesn't provide "naked strings" as Xcode 14 and earlier, but still). And what's most important — I can't conveniently retrieve the logs! I can't implement the functionality where my user just taps the button, and the logs are sent on the background queue to my support email (eskimo's answer). They would have to go through this monstrous procedure of holding volume buttons on the iPhone, connecting their device to the Mac, gathering sysdiagnose, entering some weird Terminal commands (jeez, these nerdy developers...), etc. If it ever succeeds, of course, and something doesn't go wrong, leaving my user angry and dissatisfied with my app. Regarding the protocol wrapper, I can't do something like this: protocol Logging { var logger: Logger { get } func info(_ message: OSLogMessage) } extension Logging { var logger: Logger { return Logger( subsystem: "com.my.bundle.id", category: String(describing: Self.self) ) } func info(_ message: OSLogMessage) { logger.info(message) } } class MyClass: Logging { func someImportantMethod() { // ... self.info("Some useful debug info: \(someVar, privacy: .public)") } } I've been investigating this topic for 2 days, and it's the farthest I want to go in beating my head over how to do two simple things: How to isolate logging framework implementation decision from my main code and write convenience wrappers? How to easily transfer the log files from the user to the developer? And I'm not the only one struggling. Here's just one example among hundreds of other questions that are being asked on dev forums: https://www.hackingwithswift.com/forums/ios/unified-logging-system-retrieve-logs-on-device/838. I've read almost all Apple docs which describe the modern Unified Logging System, I've read through eskimo's thread on Apple Developer Forum about the API, but I still haven't found the answer. Maybe, I've misperceived this framework and it's not the tool I'm searching for? Maybe, it focuses on different aspects of logging, e.g. signposting, rather than logging the current state of the app? What am I missing?

It seems like this is not supported in the Simulator because when I run my Unit tests and I try to read protection key-value the value is always nil, even if I set the data protection level when I write the file. On device this key returns the expected value. Is it possible to have the simulator support the data protection classes to run my unit tests? FYI Im testing on iOS

I have developed an app to create and run virual machines using mac os virtualization framework for apple siicon and intel macs. I have tried ubuntu, fedora, debian & linux mint distros and they all worked fine with intel macs. But when i try to run other distros like mx linux, manjaro, pop os, endevour os etc on intel mac they all on booting iso just shows the black screen. is there any list of officilay support linux distros for intel macs and apple silicon. the support of linux distros are fairly limited or am i missing something.