Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Sorry Dave, I'm afraid I can't do that—macOS 14.4 deems us unfit to kickstart
33 points by luckman212 on Feb 24, 2024 | hide | past | favorite | 13 comments
Anyone who's been working with macOS (OS X) for a while is probably familiar with the Terminal command to control launchd Agents and Daemons (launchctl).

I was saddened after installing macOS Sonoma 14.4 that it's apparently been decided that users are unqualified to control these daemons.

A simple example: to fix all sorts of random audio issues, it used to be possible to restart coreaudiod with:

    sudo launchctl kickstart -kp system/com.apple.audio.coreaudiod
But that command now returns:

    Could not kickstart service "com.apple.audio.coreaudiod": 1: Operation not permitted
I've reported this to Apple via FB13601345. So far I've not received any response.

[0] https://gist.github.com/felipecsl/5177790

[1] https://apple.stackexchange.com/questions/187983/sudo-killall-coreaudiod-made-it-so-i-dont-have-any-sound-at-all



Apple is becoming more Walled Garden with every release, after using Macs exclusively for 15 years I have started thinking of moving to Linux. I am on Ventura, XtraFinder [0] stops working after a few days and edit/run cycle for shell scripts keeps getting slower and slower with every execution.

[0]: https://www.trankynam.com/xtrafinder/


Try disabling SIP. If you’re unable to do that, then you can conclude that you no longer own your machine. Otherwise, it’s merely Apple making macOS effectively less secure by making it unusable with SIP activated.


Disabling SIP also disables your ability to run iOS apps on Apple Silicon :-( It might be for copy protection reasons. iOS apps are partially encrypted and without SIP you could probably access the decrypted version.


Disable DIP, disable whatever launch agents you want off, enable SIP

It doesn’t have to stay off afaik


It's not a great solution as you need to do a full reboot every time to switch SIP status.


Can also muck with Apple Pay.


You don't have to keep running the same OS on the hardware you've purchased, so SIP isn't a great test. Windows also has protected system files but can still install Linux instead.


Yeah this kind of thing got me to leave the Mac platform. I don't mind security but I want to retain the final control and an all-or-nothing setting like SIP doesn't suffice.

I'm glad I'm off Mac but I will avoid any immutable OS now, seeing what that leads to.


How can one see the contents of FB13601345? Is it only visible to Apple employees?


It's only visible to Apple employees, and even among that group, not sure who can actually view them. You can still reference the FB# in your own submission via Feedback Assistant.


killall still works for me(?). It relaunches itself immediately. Why would I want to use this "new" more convoluted way?


Because it's the correct and documented method of restarting a daemon?

Indiscriminately kill -9'ing processes is generally ill-advised, and the fact that this particular service restarts itself is only because it happens to have its KeepAlive key configured. Another service might not, and would not react well to being killed.


Force killing system processes is quite obviously bad for your system, although the Core Audio Daemon is a special case. However, I would never force kill almost any other system daemon, unless you want to risk data loss/corruption and potential damage to your Mac.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: