PNO: VISA Please help to tell the reason for error. Thanks a lot. Attached is the log for your investigation Apple Push Log.txt

Hello, I need to develop a Network Extension (Transparent Proxy) that sends data to the host application for analysis. Network Extension - XPC client Host application - XPC service I am trying to implement it with XPC. However, when attempting to connect, I see the following error in the system logs on client side. [0x1015a2050] failed to do a bootstrap look-up: xpc_error=[3: No such process] I assume the problem occurs because the Network Extension cannot find the registered XPC service. On the service side, I see the following message in the logs: 2026-02-24 13:15:36.419345+0300 localhost fgstnehost[58884]: (libxpc.dylib) [com.apple.xpc:connection] [0x100bdee70] activating connection: mach=true listener=true peer=false name=TEAM_ID.group.app_id.netfilter.xpc Entitlements Network Extension: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.developer.networking.networkextension</key> <array> <string>app-proxy-provider-systemextension</string> </array> <key>com.apple.security.application-groups</key> <array> <string>TEAM_ID.group.app_id.netfilter</string> </array> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.xpc.mach-lookup.global-name</key> <array> <string>TEAM_ID.group.app_id.netfilter.xpc</string> </array> </dict> </plist> Entitlements host application: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.developer.networking.networkextension</key> <array> <string>app-proxy-provider-systemextension</string> </array> <key>com.apple.developer.system-extension.install</key> <true/> <key>com.apple.security.application-groups</key> <array> <string>TEAM_ID.group.app_id.netfilter</string> </array> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.xpc.mach-service.name</key> <array> <string>TEAM_ID.group.app_id.netfilter.xpc</string> </array> </dict> </plist> Server.m @interface XPCServer () @property (nonatomic, strong) NSXPCListener *listener; @end @implementation XPCServer - (instancetype) init { self = [super init]; if (self != nil) { _listener = [[NSXPCListener alloc] initWithMachServiceName: XPC_SERVICE_ID]; _listener.delegate = self; } return self; } - (void) start { [self.listener resume]; } - (BOOL) listener:(NSXPCListener *) listener shouldAcceptNewConnection:(NSXPCConnection *) newConnection { return YES; } @end Client.m @interface XPCClient () @property (nonatomic, strong) NSXPCConnection *connection; @end @implementation XPCClient - (void) connect { self.connection = [[NSXPCConnection alloc] initWithMachServiceName: XPC_SERVICE_ID options: NSXPCConnectionPrivileged]; self.connection.invalidationHandler = ^{ [[OSLogger sharedInstance] error: "XPCClient: connection can not be formed or the connection has terminated and may not be re-established"]; }; self.connection.interruptionHandler = ^{ [[OSLogger sharedInstance] error: "XPCClient: the remote process exits or crashes"]; }; [self.connection resume]; } @end What could be the root cause of this issue? Are there any recommendations for implementing IPC between a Network Extension and aß Host Application? Thank you in advance.

Hi everyone, I’m implementing Live Activities in my iOS app and encountering an issue when starting a Live Activity via an APNS push. The Live Activity card appears on the Lock Screen / Dynamic Island for a moment, then immediately disappears. In the console, I see the following error: Content load failed: unable to find or unarchive file for key: [com.meituan.imeituan-beta::com.meituan.imeituan-beta.liveactivity:Attributes type: SAKUniversalReminderAttributes:6DBCC2DC-E613-48F5-B97F-3EF72AA0877B]:[w:fix-374.00-h:dyn-64.00-160.00-cr:23.5-s:1.0.fam:medium]. The session may still produce one shortly. Error: Using url file:///private/var/mobile/Containers/Data/PluginKitPlugin/04F7B437-3C41-4823-8559-42E18F82B283/SystemData/com.apple.chrono/activities/6DBCC2DC-E613-48F5-B97F-3EF72AA0877B-w:fix-374.00-h:dyn-64.00-160.00-cr:23.5-s:1.0.fam:medium.activity-archive ... Error Domain=NSCocoaErrorDomain Code=4 "文件“6DBCC2DC-E613-48F5-B97F-3EF72AA0877B-w/fix-374.00-h/dyn-64.00-160.00-cr/23.5-s/1.0.fam/medium.activity-archive”不存在。" UserInfo={NSFilePath=/private/var/mobile/Containers/Data/PluginKitPlugin/04F7B437-3C41-4823-8559-42E18F82B283/SystemData/com.apple.chrono/activities/6DBCC2DC-E613-48F5-B97F-3EF72AA0877B-w:fix-374.00-h:dyn-64.00-160.00-cr:23.5-s:1.0.fam:medium.activity-archive, NSUnderlyingError=0x712b56820 {Error Domain=NSPOSIXErrorDomain Code=2 "No such file or directory"}<…> The Live Activity is started by sending an APNS payload with the necessary content-state and attributes. I’ve verified that the attributes and content state types match the ones defined in the app, and the app is built with the correct entitlements.This happens on my iPhone 17 Pro device. Has anyone encountered a similar issue? Could it be related to the archive file not being written correctly by the system, or perhaps a mismatch in the activity attributes? Any guidance on debugging or resolving this would be greatly appreciated. Thank you!

We are integrating Apple Pay In-App Provisioning in our banking application using an external SDK. The provisioning flow works on the iOS Simulator (mock sheet appears), but fails on real devices via TestFlight with the error: internalInconsistency: "PKAddPaymentPassViewController can not be created" Environment: Xcode 16 iOS 18 Real device: iPhone (tested via TestFlight / Distribution build) Card network: Mastercard What we've verified: com.apple.developer.payment-pass-provisioning entitlement is set to YES in our .entitlements file The entitlement is confirmed present in our Development provisioning profile via security cms -D -i embedded.mobileprovision | grep payment-pass → returns <true/> PKAddPaymentPassViewController.canAddPaymentPass() returns true on the device The card is NOT already in Apple Wallet (0 local/remote Secure Element passes) All provisioning data is present and valid (encryptedPayload, authorizationCode, primaryAccountSuffix, cardholderName) The external SDK is configured successfully at app launch Diagnostic logs from TestFlight build: canAddPaymentPass: true Local SE passes: 0 Remote SE passes: 0 suffix: 6165 name: [redacted] encryptedPayload length: 1130 authCode length: 514 scheme: Mastercard Card already in Wallet: false Error: internalInconsistency("PKAddPaymentPassViewController can not be created") Testing matrix: Environment Result Simulator Mock sheet appears (not a real test) Device + Debugger attached PKAddPaymentPassViewController error Device + Debugger detached (Dev build) SDK error 903: "device environment unsafe" TestFlight (Distribution) PKAddPaymentPassViewController cannot be created Questions: Can PKAddPaymentPassViewController fail to be created even when canAddPaymentPass() returns true? What other conditions could cause this? Is there a way to verify that the Distribution provisioning profile correctly includes the payment-pass-provisioning entitlement after it has been approved by Apple? Are there any additional Apple Pay entitlements or configurations (e.g., Wallet merchant setup, pass type identifiers) required beyond com.apple.developer.payment-pass-provisioning for In-App Provisioning to work? Does regenerating the Distribution provisioning profile on Apple Developer Portal resolve cases where entitlements were added after the profile was originally created? Any guidance would be greatly appreciated. Thank you.

Dear Apple Carrier Relations / Engineering Team, I am writing to you from MKSmart, a leading smart card and digital security solution provider. We have successfully deployed our SM-DP+ (Subscription Management Data Preparation+) system, which is fully compliant with GSMA standards. Furthermore, MKSmart has officially achieved the GSMA SAS-SM (Security Accreditation Scheme for Subscription Management) certification. Currently, we are facing technical difficulties when attempting to download eSIM profiles onto iPhone devices. The download process fails, and we believe our SM-DP+ server address (FQDN) or Root Certificates may not yet be whitelisted or recognized by Apple’s ecosystem. To ensure a seamless experience for our customers on iOS devices, we would like to request your guidance on the following: Onboarding Process: What are the formal steps for MKSmart to have our SM-DP+ server recognized and trusted by Apple devices? Whitelisting: How can we submit our SM-DP+ FQDN and Root Certificates for Apple’s review and inclusion in the trusted list? Carrier Bundle: Does MKSmart need to coordinate with specific carrier partners to update the Carrier Bundle, or is there a direct integration path for our infrastructure? We have attached our GSMA SAS-SM certification and technical specifications for your reference. We are ready to provide any additional documentation or perform interoperability testing as required. We look forward to your guidance and a successful collaboration. Best regards, Nguyen Do Khanh Software Engineer MKSmart Joint Stock Company https:\mksmart.com.vn

I am developing a macOS application that depends on noticing when the user's computer switches WiFi association, and the SSID determines specific actions. I am currently testing on Tahoe and found that using CoreWLAN can even get notifications and discover the actual SSID inside an app, as long as the app is signed with a real certificate and a corresponding profile is installed on my development machine. The app, however, installs and launches a launchctl agent, which will always be running and hence the component to discover changes and act upon them. Although app and agent both have their own bundle identifier, both configured in the portal, the agent always received a redacted SSID (nil), while the app does not. The only app entitlement currently is "com.apple.security.get-task-allow = true", which I don't think has anything to do with this. The agent has: com.apple.application-identifier com.apple.developer.team-identifier com.apple.security.get-task-allow com.apple.security.personal-information.location Both have asked for permission, and both have location services enabled in system settings. The agent runs as an LSUIElement=1, headless/background configuration. So, am I missing something, a step, or is there a fundamental restriction on an agent that makes this an impossible task? (Right now, it runs a shortcut to discover the name, but requires the user to create it, and it has side effects I'd rather not see, like the flashing indicator in the menu bar)

Hello, I am a Bluetooth Engineer at Google investigating an interoperability bug between an Android device and AirPods 4. When requesting an L2CAP connection (with PSM = AVDTP) to the AirPods during SDP service discovery, The AirPods L2CAP layer incorrectly responds with a "refused - no resources available" status followed by a Pending status and a Success status. This violates the specification, which says that the request has been fully rejected after the refused status and should not receive followup responses. I suspect the "no resources available" response is a bug. This prevents A2DP from working with the AirPods. This bug does not exist with AirPods 2 firmware. Here is a packet capture: 1602 1969-12-31 16:07:04.805261 0.062473 localhost () Apple_6b:db:09 (AirPods) L2CAP 17 Sent Connection Request (AVDTP, SCID: 0x22c6) 1603 1969-12-31 16:07:04.810953 0.005692 controller host HCI_EVT 8 Rcvd Number of Completed Packets 1604 1969-12-31 16:07:04.811078 0.000125 Apple_6b:db:09 (AirPods) localhost () SDP 27 Rcvd Service Search Attribute Request : Device Information: [Bluetooth Profile Descriptor List 0x0009] 1605 1969-12-31 16:07:04.821249 0.010171 localhost () Apple_6b:db:09 (AirPods) SDP 19 Sent Service Search Attribute Response 1606 1969-12-31 16:07:04.876396 0.055147 controller host HCI_EVT 8 Rcvd Number of Completed Packets 1607 1969-12-31 16:07:04.876464 0.000068 Apple_6b:db:09 (AirPods) localhost () L2CAP 21 Rcvd Connection Response - Refused - no resources available (SCID: 0x22c6) 1608 1969-12-31 16:07:04.942539 0.066075 Apple_6b:db:09 (AirPods) localhost () SDP 41 Rcvd Service Search Attribute Request : Unknown: [Bluetooth Profile Descriptor List 0x0009] 1609 1969-12-31 16:07:04.951052 0.008513 localhost () Apple_6b:db:09 (AirPods) SDP 19 Sent Service Search Attribute Response 1610 1969-12-31 16:07:05.010605 0.059553 controller host HCI_EVT 8 Rcvd Number of Completed Packets 1611 1969-12-31 16:07:05.080593 0.069988 Apple_6b:db:09 (AirPods) localhost () SDP 27 Rcvd Service Search Attribute Request : GATT: [Bluetooth Profile Descriptor List 0x0009] 1612 1969-12-31 16:07:05.087636 0.007043 localhost () Apple_6b:db:09 (AirPods) SDP 19 Sent Service Search Attribute Response 1613 1969-12-31 16:07:05.209417 0.121781 controller host HCI_EVT 8 Rcvd Number of Completed Packets 1614 1969-12-31 16:07:05.279491 0.070074 Apple_6b:db:09 (AirPods) localhost () L2CAP 21 Rcvd Connection Response - Pending (SCID: 0x22c6) 1615 1969-12-31 16:07:05.280731 0.001240 Apple_6b:db:09 (AirPods) localhost () L2CAP 21 Rcvd Connection Response - Success (SCID: 0x22c6, DCID: 0x0406) Please file this bug with the AirPods Bluetooth team.

Having voice control enabled now puts three menu bar items. The blue icon it has always had, supplemented with an orange microphone and an orange dot next to control center. I know this orange icon is there to notify me that a third-party application is accessing the microphone, but this is a first-party system service that is always running. If another app starts accessing the microphone I won't know, since the orange icon is always there anyway. It's like a California prop 65 warning. Maybe it was a good idea in principal but with it being ubiquitous everyone just ignores it. Siri is also always accessing the microphone, but doesn't trigger this orange eyesore because it's a system service. Both Siri and voice control are always on in the background, are first-party system services that must be specifically enabled, and both have their own menu bar icon that can be removed if not wanted. This orange icon with voice control potentially introduces MORE risk by training me to ignore the orange icon. Please return to the pre-26.3 behaviour of using this orange icon for third-party apps and not first-party system services. FB22036182 -- "Voice control causes extra menu bar icon"

Apple provides sample code for compressing a single file here, but the "aa" command and Finder cannot decompress these files. I needed to write a custom decompresser using Apple's sample code here. Apple provides sample code for creating an "aar" file for directories here and a single string here, and the aa command and Finder can deal with these. However, I have struggled creating an ".aar" file for a single file. The file could be quite large, so reading it into memory and writing it as a blob is not an option. Does anyone have suggestions or can point me to Apple documentation that can create a ".aar" file for a single file?

I've got a streaming Radio app that loads an HLS stream into an AVAudioPlayer. I've set up an Intents extension that notifies SiriKit that my app must handle the INPlayMediaIntent in app, and, I'm able to successfully initiate the stream playing from my phone using the string "Play ". My intent handler in app looks like this: completionHandler(INPlayMediaIntentResponse(code: .success, userActivity: nil)) DispatchQueue.main.async { AudioPlayerService.shared.play() } The Audio Player service, in its init, does the following: try AVAudioSession.sharedInstance().setCategory( .playback, mode: .default, policy: .longFormAudio ) Additionally, in my Info.plist, I have the AirPlay optimization policy set to Long Form Audio. Having said all that, when I try to route my app to play "on a given HomePod speaker" ("play on ") the speaker routing instructions are never followed. I've looked and not been able to find where I might be able to instruct my app to follow the correct path here. I was assuming I could not trigger this behavior manually, as I believe I don't really have any control over AirPlay routing. Is there any guidance for working with SiriKit to do the right thing with regards to audio routing?

Hi, We’re building an iOS app that uses the Screen Time APIs (FamilyControls and DeviceActivity) to display a user’s own usage metrics inside the app. With the appropriate permissions granted, we are successfully reading and presenting metrics such as: Total screen time Device pickups These metrics are already visible to the user inside our app. We would now like to introduce a user-initiated “Share” feature. The idea is to: Render selected Screen Time metrics into a shareable image card generated locally on device. Present the standard iOS share sheet (UIActivityViewController). Allow the user to share that image to Messages, social apps, etc., if they choose. Important clarifications: This is fully user-initiated. The app does not automatically transmit Screen Time data. The metrics are already displayed in-app with user permission. The share asset would be generated locally. No background export or server-side posting would occur unless explicitly triggered by the user via the share sheet. We are seeking clarification on whether there are any policy or API restrictions around: Rendering Screen Time-derived metrics into a user-facing share card Allowing user-initiated export of those metrics via the standard iOS share flow Are there any additional privacy requirements, entitlement constraints, or App Review considerations we should be aware of when implementing this? Thanks in advance for any guidance.

Hi, I develop an ES client applying rule-engine evaluating ES events (mostly File-system events). It is a bit non-standard not being deployed as a System-Extension, but rather as a global daemon. On some Macs, I sometimes see "crash reports" for the ES process, all sharing Termination Reason: Namespace ENDPOINTSECURITY, Code 2 EndpointSecurity client terminated because it failed to respond to a message before its deadline All of these happen not while normal Mac usage, but rather right at Mac wakeup time after sleep. My guess is, some ES_AUTH events (with deadline) arrive when Mac goes to sleep, and somehow my high-priority dispatch_queue handling them is "put to sleep" mid processing them, so when the Mac wakes up - event handling continues long after the deadline passed, and MacOS decides to kick the process. Questions: What is the recommended behavior with ES vs Sleep/Wake cycles? (we're not an antivirus, and we don't care much to clear events or go "blind" for such time) Can I specify somewhere in the info.plist of my bundle (this is built like an App) that my process should't be put to sleep, or that the OS should sleep it only when it becomes idle, or some other way tells the OS it is "ready for sleep" ? If not -- How do I observe the scenario so I can suspend my event handling IN TIME and resume on wake? Thanks!

In the WWDC 2019 session "Extended Runtime for WatchOS apps" the video talks about an entitlement being required to use the HR sensor judiciously in the background. It provides a link to request the entitlement which no longer works: http://developer.apple.com/contect/request/health-monitoring The session video is also quite hard to find these days. Does anyone know why this is the case? Is the API and entitlement still available? Is there a supported way to run, even periodically, in the background on the Watch app (ignoring the background observer route which is known to be unreliable) and access existing HR sensor data

While testing record creation in public CloudKit database for authenticated user I am able to do so without any issues. But for devices missing iCloud account or authentication expired I am seeing the below error: ▿ <CKError 0x97a959200: "Permission Failure" (10/2007); server message = "CREATE operation not permitted"; op = 67331DE3AF3DD666; uuid = 1F3ACD4F-A799-4CD4-ADF0-EDE9E12F2DCB; container ID = "***"> _nsError : <CKError 0x97a959200: "Permission Failure" (10/2007); server message = "CREATE operation not permitted"; op = 67331DE3AF3DD666; uuid = 1F3ACD4F-A799-4CD4-ADF0-EDE9E12F2DCB; container ID = "***"> I am unable to add create/write permission to _world security role in dashboard. Is this something not supported by Cloudkit? Only authenticated iCloud users will be able to create and write data to public database as well?

iOS App terminated by Watchdog (Signal 9) in Background state despite reporting call Description I have successfully implemented VoIP pushes for the Killed state, where CallKit triggers correctly. However, when the app is in the Background state (suspended), it consistently crashes with an NSInternalInconsistencyException. The app process is killed by the iOS Watchdog because it fails to satisfy the requirement of posting an incoming call in the same run loop as the push receipt, or the completion handler is not being released fast enough by the JS bridge. Environment React Native Version: .78 React Native CallKeep Version: 4.3.14 React Native VoIP Push Notification Version: 3.3.3 iOS Version: 18.x Device: Physical iPhone [iphone 13 pro] The Issue When a VoIP push arrives while the app is in the Background: pushRegistry:didReceiveIncomingPushWithPayload: is called. RNCallKeep.reportNewIncomingCall is triggered on the Main Thread. The app is terminated by the system before the CallKit UI is fully established or before the completion() closure is executed. Current Implementation (AppDelegate.swift) func pushRegistry(_ registry: PKPushRegistry, didReceiveIncomingPushWith payload: PKPushPayload, for type: PKPushType, completion: @escaping () -> Void) { let payloadDict = payload.dictionaryPayload let callerName = payloadDict["callerName"] as? String ?? "Unknown Caller" let callUUIDString = payloadDict["uuid"] as? String ?? UUID().uuidString let userGUID = payloadDict["guid"] as? String ?? "0" RNCallKeep.reportNewIncomingCall( callUUIDString, handle: userGUID, handleType: "generic", hasVideo: false, localizedCallerName: callerName, supportsHolding: true, supportsDTMF: true, supportsGrouping: true, supportsUngrouping: true, fromPushKit: true, payload: ["userGuid": userGUID], withCompletionHandler: { } ) RNVoipPushNotificationManager.didReceiveIncomingPush(with: payload, forType: type.rawValue) completion() } Logs Exception Type: EXC_CRASH (SIGKILL) Exception Note: EXC_CORPSE_NOTIFY Termination Reason: TCC 1 | [CoreFoundation] Killing app because it never posted an incoming call to the system after receiving a PushKit VoIP push. Observed Behavior Killed State: Works perfectly. Foreground State: Works perfectly. Background State: The phone may vibrate once, but the app process is killed before the CallKit UI appears. Questions/Suspected Causes Is RNVoipPushNotificationManager.addCompletionHandler causing a delay in the background run loop that triggers the Watchdog? Should completion() be called immediately in Swift for the Background state, rather than waiting for VoipPushNotification.onVoipNotificationCompleted in JS? Is there a known issue with RNCallKeep not being able to present the UI while the app is in a suspended background state?

I work on an open source app called Meteorologist (https://sourceforge.net/projects/heat-meteo/). One of the sources the users are allowed to use is Apple's WeatherKit. The app is compiled by me and free to download by anybody. My developer account has the free level of WeatherKit so 500,000 calls/month and every once in a while the app actually hits that limit, shutting that weather source/service down for the app. Is there any way to ask users of the app to somehow get their own account (or already have a developer account) and can register their license so it doesn't all bump up against the one (my) "license"? If so, how would that be passed to WeatherKit? The only thought I have is that they would need to compile the code on their own and sign their own copy. Thanks for any and all feedback and thoughts. Ed

Hello, I have a iOS app I was looking at porting to Mac. I'm having an issue with both the Mac (Designed for iPad) and Mac Catalyst Destinations. I can't test Mac due to too many build issues. I'm trying to assign a new NSManagedObject into a NSPersistentStore. let object = MyObject(context: context) context.assign(object, to: nsPersistentStore) This works fine for iOS/iOS Simulator/iPhone/iPad. But on the Mac it's crashing with FAULT: NSInvalidArgumentException: Can't assign an object to a store that does not contain the object's entity.; { Thread 1: "Can't assign an object to a store that does not contain the object's entity."

I'm implementing payment processing with Apple Pay on the web, but I've been stuck right at the final step of the flow: decrypting the payment data sent by Apple. Here is a summary of my implementation: The backend language is Java. The frontend portal requests the session and performs the payment using the endpoints exposed by the backend. I created .p12 files from the .cer files returned by the Apple Developer portal for both certificates (Merchant Identity and Payment Processing) and I'm using them in my backend. The merchant validation works perfectly; the user is able to request a session and proceed to the payment sheet. However, when the frontend sends the encrypted token back to my sale endpoint, the problem begins. My code consistently fails when trying to decrypt the data (inside the paymentData node) throwing a javax.crypto.AEADBadTagException: Tag mismatch! I can confirm that the certificate used by Apple to encrypt the payment data is the correct one. The hash received from the PKPaymentToken (header.publicKeyHash) object exactly matches the hash generated manually on my side from my .p12 file. In the decryption process, I'm using Bouncy Castle only to calculate the Elliptic Curve (ECC) shared secret. For the final AES-GCM decryption, I am using Java's native provider since I already have the bytes of the shared secret calculated. (Originally, I was doing it entirely with BC, but it failed with the exact same error). We have exhaustively verified our cryptographic implementation: We successfully reconstruct the ephemeralPublicKey and compute the ECDH Shared Secret using our Payment Processing Certificate's private key (prime256v1). We perform the Key Derivation Function (KDF) using id-aes256-GCM, PartyU as Apple, and counter 00000001. For PartyV, we have tried calculating the SHA-256 hash of our exact Merchant ID string. We also extracted the exact ASN.1 hex payload from the certificate's extension OID 1.2.840.113635.100.6.32 and used it as PartyV. We have tried generating brand new CSRs and Processing Certificates via OpenSSL directly from the terminal. Despite having the correct ECDH shared secret (and confirming Apple used our public key via the hash), the AES tag validation always fails.et, the AES tag validation always fails. Given that the math seems correct and the public key hashes match, could there be an environment mismatch (Sandbox vs. Production) or a domain validation issue causing Apple to encrypt the payload with a dummy PartyV or scramble the data altogether? Any guidance on this behavior or the exact PartyV expected in this scenario would be highly appreciated.

I have started from here: Apple's guide on the sharing core data objects between iCloud users and I have created a sample project that has Collections and Items. Everything works great while I stay on Swift 5, like with the initial project. I would like to migrate to Swift 6 (Default Actor Isolaton @MainActor, Approachable Concurrency: Yes) on the project and I am stuck at extension CDCollection: Transferable { ... }. When compiling with Swift 5, there is a warning: Conformance of 'NSManagedObject' to 'Sendable' is unavailable in iOS; this is an error in the Swift 6 language mode. After resolving almost all compile-time warnings I'm left with: Conformance of 'CDCollection' to protocol 'Transferable' crosses into main actor-isolated code and can cause data races. Which I don't think will work, because of the warning shown above. It can be worked around like: nonisolated extension CDCollection: Transferable, @unchecked Sendable Then there are errors: let persistentContainer = PersistenceController.shared.persistentContainer Main actor-isolated static property 'shared' can not be referenced from a nonisolated context. I've created the following class to have a Sendable object: struct CDCollectionTransferable: Transferable { var objectID: NSManagedObjectID var persistentContainer: NSPersistentCloudKitContainer public static var transferRepresentation: some TransferRepresentation { CKShareTransferRepresentation { collectionToExport in let persistentContainer = collectionToExport.persistentContainer let ckContainer = CloudKitProvider.container var collectionShare: CKShare? if let shareSet = try? persistentContainer.fetchShares( matching: [collectionToExport.objectID]), let (_, share) = shareSet.first { collectionShare = share } /** Return the existing share if the collection already has a share. */ if let share = collectionShare { return .existing(share, container: ckContainer) } /** Otherwise, create a new share for the collection and return it. Use uriRepresentation of the object in the Sendable closure. */ let collectionURI = collectionToExport.objectID .uriRepresentation() return .prepareShare(container: ckContainer) { let collection = await persistentContainer.viewContext .perform { let coordinator = persistentContainer.viewContext .persistentStoreCoordinator guard let objectID = coordinator?.managedObjectID( forURIRepresentation: collectionURI ) else { fatalError( "Failed to return the managed objectID for: \(collectionURI)." ) } return persistentContainer.viewContext.object( with: objectID ) } let (_, share, _) = try await persistentContainer.share( [collection], to: nil ) return share } } } } And I'm able to compile and run the app with this change: let transferable = CDCollectionTransferable( objectID: collection.objectID, persistentContainer: PersistenceController.shared .persistentContainer ) ToolbarItem { ShareLink( item: transferable, preview: SharePreview("Share \(collection.name)!") ) { MenuButtonLabel( title: "New Share", systemImage: "square.and.arrow.up" ) } } The app crashes when launched with libdispatch.dylib`_dispatch_assert_queue_fail: 0x1052c6ea4 <+0>: sub sp, sp, #0x50 0x1052c6ea8 <+4>: stp x20, x19, [sp, #0x30] 0x1052c6eac <+8>: stp x29, x30, [sp, #0x40] 0x1052c6eb0 <+12>: add x29, sp, #0x40 0x1052c6eb4 <+16>: adrp x8, 63 0x1052c6eb8 <+20>: add x8, x8, #0xa0c ; "not " 0x1052c6ebc <+24>: adrp x9, 62 0x1052c6ec0 <+28>: add x9, x9, #0x1e5 ; "" 0x1052c6ec4 <+32>: stur xzr, [x29, #-0x18] 0x1052c6ec8 <+36>: cmp w1, #0x0 0x1052c6ecc <+40>: csel x8, x9, x8, ne 0x1052c6ed0 <+44>: ldr x10, [x0, #0x48] 0x1052c6ed4 <+48>: cmp x10, #0x0 0x1052c6ed8 <+52>: csel x9, x9, x10, eq 0x1052c6edc <+56>: stp x9, x0, [sp, #0x10] 0x1052c6ee0 <+60>: adrp x9, 63 0x1052c6ee4 <+64>: add x9, x9, #0x9db ; "BUG IN CLIENT OF LIBDISPATCH: Assertion failed: " 0x1052c6ee8 <+68>: stp x9, x8, [sp] 0x1052c6eec <+72>: adrp x1, 63 0x1052c6ef0 <+76>: add x1, x1, #0x9a6 ; "%sBlock was %sexpected to execute on queue [%s (%p)]" 0x1052c6ef4 <+80>: sub x0, x29, #0x18 0x1052c6ef8 <+84>: bl 0x105301b18 ; symbol stub for: asprintf 0x1052c6efc <+88>: ldur x19, [x29, #-0x18] 0x1052c6f00 <+92>: str x19, [sp] 0x1052c6f04 <+96>: adrp x0, 63 0x1052c6f08 <+100>: add x0, x0, #0xa11 ; "%s" 0x1052c6f0c <+104>: bl 0x1052f9ef8 ; _dispatch_log 0x1052c6f10 <+108>: adrp x8, 95 0x1052c6f14 <+112>: str x19, [x8, #0x1f0] -> 0x1052c6f18 <+116>: brk #0x1 The app still crashes when I comment this code, and all Core Data related warnings. I'm quite stuck now as I want to use Swift 6. Has anyone figured CloudKit, CoreData and Swift 6 for sharing between users?

I am running postfix on macOS Sequoia, and need it to log any kind of error to fix them. I found that in this version of macOS, syslogd is configured with the file /etc/asl/com.apple.mail, which contains: # mail facility has its own log file ? [= Facility mail] claim only > /var/log/mail.log mode=0644 format=bsd rotate=seq compress file_max=5M all_max=50M * file /var/log/mail.log which is its install configuration and seems correct. Postfix is started ( by launchd ) and running ( ps ax | grep master ), but on sending errors occur, and nothing is logged. How to make postfix to log in /var/log/mail.log which is the normal way on millions of postfix servers around the world?