Issue after reconnecting to MAC Sequoia #6402
Comments
|
this is linked to this also #6398 #6398 (comment) PS: i have already seen these issues myself in testing on a VM on my m1 mac mini, |
|
@si458 The thing is our customer bought new Mac and it came wit the update sadly. But we gonna wait for the bug fixes since its only one PC affected. |
|
@Aodake wow you are lucky indeed! if you run the binary from the command line with its just the minute you put it into the background with it even seems to be disconnecting and reconnecting also very often which seems weird too? im more likely to believe its an apple problem than an meshagent problem as i said before will update this post when i find the articles im talking about |
|
Apple's always breaking shit and making things worse with every release. 1 month only screen recording is a PITA. Give them feedback, I know I have |
|
Hopefully this gets fixed soon, everything works except the Desktop view. |
|
@DaanSelen sadly the agent doesnt work properly with Sequoia when running in background mode HOWEVER i have noticed that the app works all the time if you use the binary app in interactive mode! so without a developer who specialises in mac applications and knows C++ and can look through our code and work out whats wrong, it wont work correctly |
|
Everyone keep an eye on 15.1 that will coming out late this month, just maybe it will fix itself then. |
|
@johnnyq I'm waiting for the ipsw to drop, and then I can test in utm |
|
So downloaded the 15.1 RC2 ipsw from apple, set up vm, and nope, it still doesn't work :( If anything, it's worse! You get no prompts for screen recording or mouse control at all. It doesn't even add the application into the security options in settings so u cant just flick the toggle to say give it permission, u have to manually locate the file with finder then drag it into the list and click the toggle :( |
|
Thanks for testing that out @si458 and continuing the MeshCentral legacy for the community. Maybe i'm too hopeful, but still hoping maybe Apple will see this and relax their security a bit for third party opensource applications in time for 15.1 release. I have a few Apple clients, so if things don't pan out maybe I can put them on Rust desk (Haven't tried yet) for the time being until a fix arrives. |
|
Hi @si458 , recently I test at OS 15.1 Mac Mini have that issue too. I guess it caused meshagent security and permissions not have bundle identifier so caused bugs if running at background like access table at TCC problem… |
|
@gookkis i havent tried building a new agent yet tho, thats on my to-do list, |
Hi @si458 recenlty I try to use nohup for running meshagent for hide terminal, then it solved the problem. But at System and Privacy it's show Terminal apps request for permission ScreenCapture, Accesibility, and Full Disk Write. It's mean there problem at daemons of meshagent when put background with |
|
@gookkis good spot! i will try have alook next week, im abit swomped at the moment, thanks for the hint! |
I found some duplicate process of meshagent too, when there incoming remote access. Maybe it can help solve this issue... |
|
Here other clue again @si458 |
|
Same issue here on 15.1, the installation seems to work but when trying to access the remote desktop, the permission popup appears again (while it has already been granted previously).
|
|
@pierrecorsini, if u have given the permission previously, you might need to remove the app from the list, then let it add it back in and then enable it, |
|
Are this because the meshagent running as daemons? Can you @si458 try to create app running at boot but daemons have a bundle identifier? |
|
@gookkis i dont quite know what you mean by bundle identifier or even how to get that information? the other problem ive spotted is when you first run |
|
I mean meshagent have an identifier like com.meshagent and run at Applications folder, i mean meshagent have a .app standar macos Application not only as binary. because when i running it via terminal permission of screencaputer will recognized as Terminal.app and meshagent work (like it need run not as daemons) maybe this is a clue? |
|
@gookkis no the is no .app version, its a binary file only |
|
when meshagent is installed at then we run via terminal with command "sudo path/to/meshagent" and it terminal keep open i can remote it but at setting security and privacy will recognized as Terminal ask for permission. I set it and Terminal will restart and call command again, i can remote my device. |
I compared the trace of a system with Sonomna (which works fine) and Sequoia and this is the part that stood out to me on the sequoia system.
Interestingly enough, if I connect to the Desktop (same as I'm working on) it works the first time (as mentioned by you @si458) but after that it stays black, however the mouse seems to be captured as it jumps to the edge of the screen as soon as I enter the remote desktop area. At first sight this corresponds to the trace above which also shows errors related to To me it doesn't look like it's a permission issue with |
|
@jakobzudrell, thanks for ur findings. |
|
Yeah, seems like a lot comes together 😅 I can confirm the behavior with the Terminal in security panel, however only when I actually run the agent interactively from the Terminal - this does not surprise me, I think this is just how Apple handles permissions. Experienced the same when setting up restic backup on my PC. When run from Terminal, you need to allow Full Disk access to the Terminal. As opposed to running as a daemon, you can allow full disk access directly to the executable. In my case above, the Agent was run via LaunchDaemon so the permissions were set for But yeah, I'll keep looking and checking in here when I find something - however a lot of concepts are new to me here (e.g. when i read Quick question aside: Which VM app are you guys using on MacOS? I have set up a Sequoia VM using UTM so I don't have to always test on my own system but some operations (seems mostly stuff to login/user profiles, e.g. login, sudo, ...) take ages to load (on M3 Air) |
|
@jakobzudrell I use UTM as well on my M1 mac mini (it's only a base model 8GB/256GB) |
|
checking back in here... sadly no groundbreaking news :/ So far I tried to get an understanding on (1) how the agent interacts with the system upon startup, new connection, etc. and (2) where the respective functions reside in code. Furthermore, I've observed behavior that I am confident to say is reproducible, at least on my personal device and test VM (which finally works ;));
My current struggles however are not about the agent not working properly, but having a hard time debugging the "user" process of the agent during runtime, which in my opinion is the point of interest for now. I managed to hook into the processes stdout using It would be nice to just tell the user process to log to a file it has permissions to and then add some verbose logging to get familiar with what is going on during that user session. But at this point I am a little limited by my lack of experience with C projects of that size. I will of course try to find a solution to this, but if anyone around here has some more experience with stuff like that, let me know :) |
|
@jakobzudrell if u can get the agent to connect to meshcentral, the is a debug option which should output logs to the meshcentral console window (you must keep it open in another window and watch it) I can't fully remember what the command was but u can check all the console values by running |
|
Having same issues. Will try my hand at debugging to console as mentioned by @si458. |
|
@sln-guy thank u! @jakobzudrell discovered that it's getting an error in relation to the screen capture! |
|
hey, sorry for the infrequent responses from my side - having some upcoming exams in the pipe so I have little spare time left. Sadly, I haven't been successful with the log output to the debug console... Also, when looking at the code of the "user context" agent, it doesn't seem to do a lot of logging, however there seems to be a function Also one thing we may consider thinking about: |
|
ok, I managed to get |
|
@jakobzudrell i can't see any new commits or branches in ur fork? Would be interesting to see what the kvmlog shows! |
Yeah, would've made sense to push the changes... 😀 So the main file that I worked on was the |
|
Also keep in mind to check permissions on the |
I just performed another check on this; |
|
Ok I think I can confidently say, that the point of failure is the following line in CGImageRef image = CGDisplayCreateImage(screen_num);Again, granting the permissions initially works, after that, the above function always returns NULL. This results in the |
|
@jakobzudrell oh dear that function is deprecated! and removed in 15! |
Yup, I think the new way to go is the ScreenCaptureKit... If there is someone to take over this task, then I think it would definitely be the best to directly start working on that, hopefully resolving all the issues with I started playing around with the ScreenCaptureKit but for some reason I wasn't even able to compile after including the ScreenCaptureKit.h framework 😀 I'll keep working on that and checking in here, but I'm definitely not the one for a quick fix - too little experience :) |
|
@jakobzudrell you need to include the framework within the makefile script |
|
I did, but something down the road seems to go wrong: |
|
@jakobzudrell yep we need to switch now to using ScreenCaptureKit 👎 |
|
I decided to upgrade my headless server before reading any of this. Glad it looks like we're on the right path. Hopefully a fix soon. Guess I will stick with VNC for now. |
After installing the newest agent via binary (since the mpkg version didn’t work), we connected to the computer and granted all the necessary permissions. However, after reconnecting to the Intel Mac running macOS 15.0, we encountered a black screen, with only limited cursor movement in the top left corner.
The issue temporarily resolved when we turned off the screen recording permission and then allowed it again while attempting to connect. However, the problem reappears once we disconnect and try to reconnect.
The text was updated successfully, but these errors were encountered: