sudo kmutil create -n boot -B /usr/share/file/magic/kernelcache -k /Library/Extensions Error Domain=KMErrorDomain Code=34 "Missing Developer Kit: As of macOS 13.0, you will need to install a KDK matching your build 23F79 to rebuild kernel collections." UserInfo={NSLocalizedDescription=Missing Developer Kit: As of macOS 13.0, you will need to install a KDK matching your build 23F79 to rebuild kernel collections.} I'm using KDK 14.5(23F5074a) on macOS 14.5(23F79), and trying to build kernel collection. It seems the kernel debug kit for macOS 14.5(23F79) is not supported. Is there any replacement for macOS 14.5(23F79)?

Xcode 15.3 macOS Sonoma 14.5 I'm trying to build an app for macOS that will emulate a HID device (keyboard, mouse, game controller) and send those inputs to an IOS device over Bluetooth. I've figured out how to map the inputs from the relevant documentation (Human Interface Device Profile 1.1, Apple Accessory Design Guidelines) but I can't seem to get the Bluetooth services working. I've found an example of how to implement the Bluetooth service (from macOS Mojave but updated to Swift 5). The code will build without issue and asks for the necessary permissions in settings. After giving permissions and rebuilding, the peripheral simply does not appear on the iPhone Bluetooth settings menu (or the Bluetooth settings menu of any device). I suppose the question I'm asking here is if macOS Sonoma prevents the macOS device from advertising as a keyboard peripheral. Furthermore, is there any documentation that describes these limitations. Here is the full example code (too large to post): https://github.com/MonoidMusician/Bluetooth-Keyboard-Emulator/blob/master/Keyboard%20Connect%20Open%20Source/BTKeyboard.swift

Hello, I am writing an Endpoint Security Client application that is supposed to monitor file creation/writing/deletion. It works fine except for one thing - it doesn't pick up changes to the cron jobs file. I am monitoring directory that stores cron job config file and if I would add/delete/write to any new file manually (using for example vim) it will be picked up on by the ES client (yes I know cron files are not meant to be edited manually). But if I want to make changes with command crontab -e then although the contents of the file change, ES client is not sending a notification about it. Any ideas why? Is the mechanism responsible different than just file writing?

How do I accomplish a postorder enumeration of a directory (that is, get subdirectories before the parents)? Normally I would use FileManager.enumerator(at:includingPropertiesForKeys:options:errorHandler:) for enumeration. And there is a DirectoryEnumerationOptions named includesDirectoriesPostOrder. Unfortunately it does not seem to work. If I create the enumerator like this: FileManager.default.enumerator(at: url, includingPropertiesForKeys: resourceKeys, options: [.skipsPackageDescendants, .skipsHiddenFiles, .includesDirectoriesPostOrder]) The enumerator does not provide the results postorder. And in fact if you check the isEnumeratingDirectoryPostOrder, it returns false. Am I using this incorrectly, or is it just broken? Is there some other way to accomplish this? I see that CFURLEnumerator has a similar option, though I don't know if it works any better. Plus I would rather not wrestle with Core Foundation code if I can avoid it.

I'm writing a virtual file system as my educational project (generic kernel extension). Currently, mostly everything is implemented, however, I'm having trouble using Finder search and tags. The results simply don't show up - despite I am having vnop_... calls to those files. The extended attributes are supported. Inodes are stable. Mmap is implemented. Vnop_ioctl returns KERN_SUCCESS (but no implementation). An important moment: Previously, the search didn't work at all. Researching the web has shown me, that Spotlight indexation and Finder search are tightly glued. So basically I was trying to enable support for spotlight, thinking that would be the source of the problem. I was receiving "Unknown indexing state". All those tricks with mdutil, launchd, manual and reindexation either were doing nothing or returning error. The problem was resolved FOR SONOMA by making by VFS appear as local one (adding flags for MNT_LOLCAL and MNT_DOVOLFS). This has changed the state from Unknown indexing state for spotlight to Indexing is disabled. No need to turn it on for me - I am interested only in search and tags, not the spotlight itself. Basically, whether spotlight recognises my driver as no-error, the Finder works correctly, even with indexation disabled. Whether on Monterey*, or Ventura, I get the same problem. However, neither system logs nor my driver show any kinds of errors. The spotlight simply returns error. Reindexation attempt via Security&Privacy returns "Unknown error occured". The metadata for Ventura and Monterey read attempt (mdls) returns "Unable to locate file", however returns a huge list for Sonoma. *Monterey and Ventura never have .Spotlight-V100 folder. No disable indexing files or other spotlight restrictions are present. No user space solutions seem to help. The kext is unsigned and running in an environment with SIP disabled and Security Mode reduced to Permissive. Maybe there some abstract rules for what is required on VFS side to be recognised okay'ish by Spotlight ? Or maybe something specific right for my case ? Any pointers and/or assistance would be greatly appreciated.

Hello, Our app is going to be used in an industrial setting where users will connect to many devices a day via Bluetooth to complete an installation process. They will only connect to one device at a time, so connection limit isn't an issue. What we're wondering about is the limit on number of pairings (found in Settings > Bluetooth > MY DEVICES). This is important because pairings can't be removed programatically. I seem to remember reading somewhere the limit was ~30 devices, but I can't find that document anymore. Does anyone know if this limit is correct, or where I could find a document regarding this?

I'm not getting satisfactory answer so I'm trying here to see if there is any workaround. Xamarin support ended in May and our current app (Xamarin forms) crashes on iOS 18 beta. I understand that we may have to upgrade our app to MAUI but is that truly only solution? I'm currently targeting Xcode 15 SDK (iOS 17). Would Xcode 16 SDK for iOS 18 work for Xamarin forms?

Hello, I have a problem with an iOS app that is deployed via the MDM system Intune. The app closes immediately after starting. The APP works without distribution via the MDM. Devices with iOS 17 also work. I am attaching a crash report. (txt is ips) Unfortunately I have no idea how to solve the problem because it only occurs via the MDM and therefore I cannot debug it. The problem occurs in production environment. Please help me with the solution. Insight Mobile-2024-06-24-144828.txt Best regards Moritz

I am using #canImport(JournalingSuggestions), but something is going wrong and my app is attempting to import the framework on iPad, and crashing on launch. How can I ensure that it's properly filtered out from everything except iPhone? import SwiftUI #if canImport(JournalingSuggestions) import JournalingSuggestions #endif struct JournalingSuggestionsView: View { var body: some View { #if canImport(JournalingSuggestions) JournalingSuggestionsPicker { Text("Open Journaling Suggestions") } onCompletion: { suggestion in print(suggestion) } #else Text("Journaling suggestions not available on this platform.") #endif } } Error: dyld[8689]: Library not loaded: /System/Library/Frameworks/JournalingSuggestions.framework/JournalingSuggestions Referenced from: <A656E6BC-4883-3245-BE71-3F84C2F41119> /private/var/containers/Bundle/Application/C6C11F57-AFAA-442A-B726-7AADDDB50D79/Catalog.app/Catalog Reason: tried: '/System/Library/Frameworks/JournalingSuggestions.framework/JournalingSuggestions' (no such file), '/private/preboot/Cryptexes/OS/System/Library/Frameworks/JournalingSuggestions.framework/JournalingSuggestions' (no such file), '/System/Library/Frameworks/JournalingSuggestions.framework/JournalingSuggestions' (no such file, not in dyld cache) System info: Xcode 15.2 iPadOS 17.3.1

Branching from a previous post titled "Privileged daemon using SMAppService in macOS Sequoia," I have a privileged daemon using SMAppSerice that works in Sonoma and Ventura. In the previous OS versions, privilege is applied in System Settings: Login Items, Allow in the Background. Under macOS sequoia, the daemon appears by its bundle id instead of the parent app, and underneath it reads "Item from unidentified developer" and does not run, even when enabled. I'm wondering if additional steps are needed in the new OS to sign privileged daemons properly?

Hello do not find the new iPhone mirror function / app at the beta on macOS?! or is it coming later ?

The presenter in this WWDC session from 2019 (https://asciiwwdc.com/2019/sessions/701) states: "So, now in macOS Catalina, executables that are denied access to files due to a lack of Full Disk Access approval are now prepopulated unchecked." I'm unable to make this work. Included is a minimal test app that tries to access a resource that would require Full Disk Access (FDA) and then opens Privacy & Security ... FDA in settings. When I run this from Xcode or manually run the app from Finder the test app does not appear in the list of apps in FDA. If I manually drag and drop the app from the build folder into the FDA window and enable it then the app is granted FDA access successfully. To be clear I understand that even the app is automatically populated in the FDA list the user will still need to toggle the switch to enable it. But I'd like to avoid making the user hunt down the app manually add it. Testing on macOS Sonoma 14.5. Xcode 15.4. Link to project file: https://akiairzavu3i3x4dmaya-public.s3.amazonaws.com/FDA+test.zip

We have a test tool our engineers use to launch various versions of our application during development and verification. Each daily build of our application is stored on a server. As well, each push of a change generates a new build of our application that is stored on a server. These are added to a database and the developer application accesses the server via REST to find the desired version to run, retrieves a server path and launches the application. This tool is valuable in finding pushes that introduced regressions. The developer application (Runner) is using the launchApplicationAtURL:options:configuration:error: (deprecated I know) to launch the app. Prior to Catalina, this was working great. However, as of Catalina, this process is taking a VERY long time due to the app needing to be "verified". the app seems to need to be copied to the users machine and verified. It only occurs the first launch, but as most of the time the users are running new push or daily builds, it has made the app useless. With the new remote work environment it is even worse as VPN copy can take forever. I have switched to using NSTask with a shell script to open the executable in the bundle. If I add the developer tool (Runner) to the Developer Tools in Privacy this seems to launch the application without the need for verification. However this just seems wrong. It also provides little feedback to know when the application is up and running, which makes my user experience poor. As well many of the systems we use this tool on for verification do not have Developer Tools installed. They are VMs. Is there a way for me to use the launchApplicationAtURL:options:configuration:error: (or the new openApplicationAtURL:configuration:completionHandler:) to launch these versions of the application without the need for the lengthy verification process? Adding our application to the Developer Tools did not seem to help.

I'm seeking some help or guidance. I'm attempting to write an app for private use that listens for HID events from a RF reader and responds. I have a functional app, which has to be launched via sudo, to be able to execute IOHIDManagerOpen(manager, IOOptionBits(kIOHIDOptionsTypeSeizeDevice)) correctly. I'm trying to modify this app, now, to use SMAppService and bypass the need for terminal and sudo, but I'm getting confused at what parts of my code need to be embedded into the helper and how to manage communications between the different components. I make it to step 8 in https://developer.apple.com/forums/thread/721737 before I start getting lost. Does anyone know of a functional, SIMPLE, sample app I could take a look at, or a good guide that lays out all parts of an example? Everything I've found gives the bones but no meat.

_IOW and friends, defined in <sys/ioccom.h>, help build ioctl() calls. Is there an equivalent function in Swift?

What are we supposed to use now, since Debugger() was deprecated in 10.8:

Hello, I use setCodeSigningRequirement: in sandboxed XPCService and it seems that no matter what I always get errSecCSNoSuchCode[1] when the app is signed with development certificate. The same application signed with DeveloperID is fine. I use following CSR for development signed builds. identifier com.example.app and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.1] exists and certificate leaf[field.1.2.840.113635.100.6.1.12] exists But also tried to simplify to identifier com.example.app or just true. If I validated the CSR with codesign -R I get "explicit requirement satisfied". I spotted this log line: Sandbox: com.example.app(67058) deny(1) file-read-data /Users/(...)/example-app/build/arm64-mac/src/mac/app/Debug/Example App.app/Contents/MacOS/ExampleApp So I disabled the sandbox for XPCService and now everything works. But then why the DeveloperID signed build works with XPCService sandboxed? ...or does it really? :) Just for completeness the CSR which I use in production build are: identifier com.example.app and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] exists and certificate leaf[field.1.2.840.113635.100.6.1.13] exists and certificate leaf[subject.OU] = EXAMPLE

Hi folks! I'm David Barsky and I work on rust-analyzer, which is the IDE for the Rust programming language. For a while, we've had issues with VS Code not sending the correct changed files to the language server (such as changing commits or rebasing), so I started using rust-analyzer's native, off-by-default file watching functionality that binds to FSEvent via the notify library. This has helped a bunch, but I'm not sure how completely reliable it is. Before I consider changing the default file watching behavior for our (many!) users, I wanted to check: is it possible to combine "walk &amp; watch" into a single, atomic operation? My goal is that upon getting a notification for a file change event, rust-analyzer can read the changed file and not worry about TOCTOU-esque conditions (rust-analyzer has a pretty robust incremental computation system, so we're able to invalidate changes pretty reliably). That being said, based off: this response from Quinn "The Eskimo!" about 8 years ago, and FSEventStreamCallback being a bit limited in the number of args, ...it seems like the answer appears to be "no". (I'm also familiar with Watchman, but it'd be great if the big pile of heuristics that Watchman uses were less necessary.)

Our companies security policies require that SIP be enabled all the time which makes it difficult to develop my System Extension since I need to uninstall anytime I need to test any changes to a newly compiled extension. Is there anyway to uninstall the extension with SIP enabled? I already have developer mode on. Is there anything in XCode that can do this? Thx

I would like to create an Apple Watch only app that queries data such as blood oxygenation, heart varibility, number of steps, energy consumed, and other data of a similar nature recorded over the past month and performs calculations on them. I read from the HealthKit documentation that Apple Watch synchronizes data with iPhone and periodically deletes older data, and that I can get the date from which the data is available with earliestPermittedSampleDate(). Is there a risk that in general, by making queries to retrieve data up to a month old, the data will no longer be available? I need the app to work properly without needing an iPhone.