Logging in with my Apple ID anywhere in the system (feedback assistant, Xcode, iCloud, etc.) fails when running under virtualization. Is this a known 'issue'? (networking in general is working fine)

I m trying to identify if my launched process is running on a local mac machine(desktop/laptop) or a virtual macOS X instance like AWS EC2, Azure, MacStadium etc. I have followed this link which searched for its limited providers in the output, but I m not bound to any limited providers and looking for a general solution which is applicable to all the providers. Is there some hardware/network/virtualization-related information that can be used to identify if the process is launched on a virtual MacOS instance? OR is there some system Information that I can use to be sure that my process is running on a local machine?

Virtualization framework is a high-level API to create macOS and Linux virtual machines. Hypervisor is a low-level API to build virtualization solutions without the need for a kernel extension. If you’re interested in containers on the Mac, check out the Containerization package and its associated container tool. Virtualization: Forums subtopic: App & System Services > Core OS Forums tag: Virtualization Virtualization framework documentation Using iCloud with macOS virtual machines documentation article Use iCloud on a virtual machine support article Running macOS in a virtual machine on Apple silicon sample code Running Linux in a Virtual Machine sample code Running GUI Linux in a virtual machine on a Mac sample code Building macOS apps with Xcode 26 on macOS 26 VM forums thread — This thread describes how the development experience in VMs has improved recently, and one remaining issue that you might bump in to. Hypervisor: Forums subtopic: App & System Services > Core OS Forums tag: Hypervisor Hypervisor framework documentation Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"

Hello, I'm evaluating possibility to use virtualization to setup on-permise parallel testing system for a product I work on. My compatibility range is wide, i.e. it would cover macOS 12 - 26, so any testcase needs to be executed on at least 5 different OS versions (and introducing any parallization to the test execution would mean I deal with higher number of VMs). As far as I understand, there is a constraint in Apple Software License, that limits number of OS VM installations per one physical system to 2 (section 2.B.(iii)) in case of OS downloaded from the Internet or through App Store. Clearly these days a single high-end Mac hardware could sustain more than 2 VMs running in parallel. The license also mentions it is also possible to be in a volume or maintenance license program and then the terms of this program apply instead. So I wonder how do people normally deal with the above limitation? What is the path I need to follow if I want to be able to run more than "2 additional copies or instances of" macOS on my VMs?

Ever since virtualization changed when Apple transitioned to their own Apple silicon chips, I’m curious whether there is anyway to make virtual machines read the host battery? Asking this because VMs in general always assuming it’s on AC adapter makes battery drain a lot faster it seems like so I’m curious whether adding it or some workaround to add battery reporting w/ power efficiency is possible to match with VMs is possible on Apple Silicon so users on Apple silicon MacBooks don’t have to worry about huge battery power consumption drain with adding some sort of feature or pass through to make VMs read host battery. Hope this makes sense.

We are currently utilizing VZ with Lima (details: Lima VM and VZ) for our development environment. However, we're encountering a critical issue with the com.apple.Virtualization.VirtualMachine process leading to open file handle exhaustion. When mounting our programming languages dependency cache folder (Which can have a lot of files) into the VZ VM, we encounter an operating system error related to open file limits: /gomodcache/github.com/go-git/go-git/v5@v5.4.2/plumbing/object/patch.go:14:2: open /gomodcache/github.com/go-git/go-git/v5@v5.4.2/plumbing/format/diff/unified_encoder.go: too many open files in system Further investigation revealed an abnormally high number of open files associated with the com.apple.Virtualization.VirtualMachine process. A significant portion of these files are not actively used but remain open. Example Case: A file (/Users/rcurrah/test.txt) created on the Mac host and listed (ls) in the VM remains open even 20 minutes later, as evidenced by the following command output: ❯ lsof | grep 11208 | grep test.txt COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME com.apple 11208 rcurrah 4823r REG 1,13 0 46200882 /Users/rcurrah/test.txt Steps to Reproduce the Issue: To reproduce the file handle exhaustion follow the below steps. This process will create a large number of files on the Mac host, listing them on the VZ VM, and then verifying their open status using lsof. Setup the VZ Environment with Sharing: Create a VZ VM with your home directory shared to the VM. Create a Test Directory on the Mac Host: Create a new directory on your Mac host, e.g., mkdir ~/test-file-exhaustion. Generate a Large Number of Files: Navigate to the created directory: cd ~/test-file-exhaustion. Use a loop to create a large number of files, e.g., for i in {1..10000}; do touch "file_${i}.txt"; done. This will create 10,000 files named file_1.txt, file_2.txt, etc. List Files in the VM: Access the VZ VM shell. Navigate to the mounted directory and list the files using the ls command, e.g., ls /path/to/mounted/test-file-exhaustion. Check Open Files on Mac Host: Exit the VM and return to your Mac host terminal. Use the lsof command to check for open files related to the com.apple.Virtualization.VirtualMachine process: lsof | grep "$(pgrep com.apple.Virtualization.VirtualMachine)" | grep 'test-file-exhaustion' | wc -l. Document the Output: Record the output of the lsof command. Note the number of open files. Verify File Closure (or Lack Thereof): After a certain period, e.g., 20 minutes, repeat the lsof command to see if the files are still open, indicating that they haven’t been closed properly by the process. Given these observations, we have a couple of questions: Is this behavior of com.apple.Virtualization.VirtualMachine retaining open file handles a known issue or a bug? Should VZ be managing the closure of these file handles more efficiently, especially when they are no longer in use? This issue is impacting our development workflow significantly. Any guidance or insights on resolving this would be highly appreciated. Thank you for your attention to this matter. Best regards, Ryan

Hi, I have installed ubuntu in a virtual machine using attached iso and everything works fine. After installing ubuntu it boots from the hard disk always. If i ever wanted to force the vm to boot from ISO how can i do it? Thanks & Regards

Hi, I am displaying the running linux ubuntu VM in VzVirtualMachineView. I wouldl like to simulate right click by calling vZVirtualMachineView.rightMouseDown to trigger right click on the guest. I tried it and it does not work. For mac os guests it is working. For linux guests it is not working Any help would be appreciated to fix the issue.

I see that in the link https://developer.apple.com/documentation/virtualization/vzvirtualmachineconfiguration/graphicsdevices?changes=late_7_8 graphicsDevices accepts and array. So it is possible to have multiple displays for a virtual machine. But when i tried it with multiple displays it does not work. Why do we have it as an array if it does not support multiple displays.? or how to get it work with multiple displays.

Hello, According to the official documentation, the macOS Virtualization Framework currently supports only macOS and Linux guest operating systems. I would like to know if there is any way—officially or through a supported workaround—to run Windows 11 as a guest using this framework. Additionally, is there any indication or roadmap suggesting that support for Windows guests might be introduced in a future release, such as in macOS 16? Any insights or official clarification would be greatly appreciated. Thank you.

I'm trying to setup a macOS 26 build environment in a VM (using UTM and the virtualization framework Apple provides). I have Xcode 26 installed and have logged into my Apple ID and verified that the team and other configuration looks fine in Xcode settings. When trying to build the macOS app, I see errors saying the VM's device ID has not been registered. I have confirmed that the device ID is registered both in the Provisioning portal AND the downloaded .provisionprofiles (in Library > Developer > Xcode > UserData). This problem appears on multiple targets (e.g. the main app and extensions). If I try to manually provision the app, using the Provisioning portal, I can build the product, but it will not launch because of Gatekeeper issues. Finally, signing to run locally doesn't work either. As the app launches, frameworks refuse to load because Team IDs don't match. With ad hoc provisioning, there are no Team IDs. I've come to the conclusion that this just isn't possible. Which is a shame because I need to support products with a build environment on macOS 15 and cannot move over to macOS 26 yet. I suspect many developers outside of Apple are in a similar position.

Hi, Is there way to connect the host usb devices directly to guest vms using mac os Virtualization framework? Thanks

In the latest 26.5, when creating a VM we can no longer disable SIP. We have confirmed we're using the proper admin user (anka) and its proper password (same one we log into the GUI with). It just keeps asking for the password as if it's wrong. It's critical we can disable SIP for VMs like we have been in previous versions.

HI, I am using mac os virtuzlation framework for running virtual machines. At prenset i add the shared folders when creating the VzVirtualMachine. Is it possible to add shared folders to running VZVirtualMachine Thannks

Hi, is there any ETA on when we can see support for nested virtualization in MacOS VMs? Running Docker specifically would be nice.

I have the following code for port forwarding in mac os virtualization var ipAddr = in_addr() // 1. Convert String to in_addr inet_pton(AF_INET, guestIP, &ipAddr) let status = vmnet_network_configuration_add_port_forwarding_rule( config, UInt8(IPPROTO_TCP), // TCP protocol sa_family_t(AF_INET), // address family guestPort, // internal port (guest) externalPort, // external port (host) &ipAddr // internal address (guest IP) ) if status == .VMNET_SUCCESS { print("✅ Port Forwarding set: Mac:\(externalPort) -> VM(\(guestIP)):\(guestPort)") } else { print("❌ Port Forwarding failed for \(guestIP): \(status.rawValue)") } It is returning success but when i test it it does not work. Is there anything i am doing wrong? Please help me also in fixing this problem. Note: The app runs in sandbox i tried without sandboxing and it does not work either. Please refer to this link https://developer.apple.com/forums/thread/822025?login=true&page=1#884236022 how i am creating the VZVmnetNetworkDeviceAttachment

I am a professional user of the 2019 Mac Pro (7,1) with dual AMD Radeon Pro W6900X MPX modules (32GB VRAM each). This hardware is designed for high-performance compute, but it is currently crippled for modern local LLM/AI workloads under Linux due to Apple's EFI/PCIe routing restrictions. Core Issue: rocminfo reports "No HIP GPUs available" when attempting to use ROCm/amdgpu on Linux Apple's custom EFI firmware blocks full initialization of professional GPU compute assets The dual W6900X GPUs have 64GB combined VRAM and high-bandwidth Infinity Fabric Link, but cannot be fully utilized for local AI inference/training My Specific Request: Apple should provide an official, one-click deployable application that enables full utilization of dual W6900X GPUs for local large language model (LLM) inference and training under Linux. This application must: Fully initialize both W6900X GPUs via HIP/ROCm, establishing valid compute contexts Bypass artificial EFI/PCIe routing restrictions that block access to professional GPU resources Provide a stable, user-friendly one-click deployment experience (similar to NVIDIA's AI Enterprise or AMD's ROCm Hub) Why This Matters: The 2019 Mac Pro is Apple's flagship professional workstation, marketed for compute-intensive workloads. Its high-cost W6900X GPUs should not be locked down for modern AI/LLM use cases. An official one-click deployment solution would demonstrate Apple's commitment to professional AI and unlock significant value for professional users. I look forward to Apple's response and a clear roadmap for enabling this critical capability. #MacPro #Linux #ROCm #LocalLLM #W6900X #CoreML

Hi everyone, I am developing a macOS virtualization manager (VirtualProg) using the Virtualization.framework. The application is distributed via the Mac App Store, so it operates strictly within the App Store Sandbox. I am looking for a reliable, programmatic way to discover the IP address assigned to a guest (both macOS and Linux). Is there a recommended "Sandbox-safe" API or pattern within the Virtualization framework—or a lower-level networking entitlement—that allows a host application to retrieve the guest's assigned IP address? Ideally, I am looking for a solution that does not require the user to manually install a non-sandboxed helper tool. Thanks in advance for any insights or guidance!

I have this code in my Virutalization application let process = Process() process.executableURL = URL(fileURLWithPath: "/usr/sbin/diskutil") process.arguments = ["image", "create", "blank", "--fs", "none", "--format", "ASIF", "--size", "2GiB", url.path ] try process.run() process.waitUntilExit() if process.terminationStatus == 0 { print("✅ Disk image creation succeeded.") } else { print("❌ Disk image creation failed with exit code \(process.terminationStatus)") } } catch { print("Process failed to launch: \(error.localizedDescription)") return } this code was working fine until Tahoe 26.2. with the update of 26.3 the system freezes at process.waitUntilExit() The code never exits and i get beech balls. This is working fine with intel macs. i am getting the problem in apple silicon m4 mac mini. Any help would be appreciated.

Hi, I have two issues going on: Creation of macOS VMs requires autologin is enabled: Mon Apr 13 11:27:18 20 anka.log (ankahv) 511: pid 511: installing /Users/veertu/Library/Application Support/Veertu/Anka/img_lib/UniversalMac_15.6.1_24G90_Restore.ipsw... Mon Apr 13 11:27:20 40 anka.log (install) 511: (null): installation failed: Error Domain=VZErrorDomain Code=10007 "The virtual machine failed to start." UserInfo={NSLocalizedFailure=An error occurred during installation., NSLocalizedFailureReason=The virtual machine failed to start., NSUnderlyingError=0xca2c0ced0 {Error Domain=VZErrorDomain Code=-9 "The virtual machine encountered a security error." UserInfo={NSLocalizedFailure=Unable to access security information., NSLocalizedFailureReason=The virtual machine encountered a security error., NSUnderlyingError=0xca3029320 {Error Domain=NSPOSIXErrorDomain Code=22 "Invalid argument" UserInfo={NSLocalizedFailureReason=Failed to get current host key., NSUnderlyingError=0xca30292f0 {Error Domain=NSPOSIXErrorDomain Code=22 "Invalid argument" UserInfo=0xca2a88040 (not displayed)}}}}}} Mon Apr 13 11:27:20 40 anka.log (install) 511: (null): virtual machine stopped with error: Error Domain=VZErrorDomain Code=4 "Transition from state “error” to state “stopping” is invalid." UserInfo={NSLocalizedFailure=Invalid virtual machine state transition., NSLocalizedFailureReason=Transition from state “error” to state “stopping” is invalid.} Mon Apr 13 11:27:20 40 anka.log (install) 511: failed to install macOS: Error Domain=VZErrorDomain Code=10007 "The virtual machine failed to start." UserInfo={NSLocalizedFailure=An error occurred during installation., NSLocalizedFailureReason=The virtual machine failed to start., NSUnderlyingError=0xca2c0ced0 {Error Domain=VZErrorDomain Code=-9 "The virtual machine encountered a security error." UserInfo={NSLocalizedFailure=Unable to access security information., NSLocalizedFailureReason=The virtual machine encountered a security error., NSUnderlyingError=0xca3029320 {Error Domain=NSPOSIXErrorDomain Code=22 "Invalid argument" UserInfo={NSLocalizedFailureReason=Failed to get current host key., NSUnderlyingError=0xca30292f0 {Error Domain=NSPOSIXErrorDomain Code=22 "Invalid argument" UserInfo=0xca2a88040 (not displayed)}}}}}} Running a macOS 26.x VM fails for similar reasons, yet running a 15.x VM works fine: Mon Apr 13 11:20:10 20 0f5d4fe7-edac-4f6d-aebb-f185702f2c25.log (ankahv) 474: pid 474: session started on host 26.4.1 Mon Apr 13 11:20:10 40 0f5d4fe7-edac-4f6d-aebb-f185702f2c25.log (ankahv) 474: 0f5d4fe7-edac-4f6d-aebb-f185702f2c25: failed to start: Error Domain=VZErrorDomain Code=-9 "The virtual machine encountered a security error." UserInfo={NSLocalizedFailure=Unable to access security information., NSLocalizedFailureReason=The virtual machine encountered a security error., NSUnderlyingError=0x76f049e00 {Error Domain=NSPOSIXErrorDomain Code=22 "Invalid argument" UserInfo={NSLocalizedFailureReason=Failed to get current host key., NSUnderlyingError=0x76f049e60 {Error Domain=NSPOSIXErrorDomain Code=22 "Invalid argument" UserInfo={NSLocalizedFailureReason=Failed to create new HostKey., NSUnderlyingError=0x76f049dd0 {Error Domain=NSPOSIXErrorDomain Code=22 "Invalid argument" UserInfo=0x76ec49d60 (not displayed)}}}}}} Mon Apr 13 11:20:10 40 0f5d4fe7-edac-4f6d-aebb-f185702f2c25.log (ankanet) 474: failed to receive packets: Connection reset by peer This is super painful for us to manage since some of our users can't have autologin enabled (like major banks under strict MDM requirements). Or, AWS EC2 Macs which have no VNC enabled at all by default. What's the trick here to make sure we can consistently use virtualization without autologin?

We're trying to create 26.4 beta and RC VMs on 15.x and 26.3 host OS' without success. We see Tue Mar 17 17:27:36 40 anka.log (install) 45803: failed to install macOS: Error Domain=VZErrorDomain Code=10006 "Installation requires a software update." UserInfo={NSLocalizedFailure=A software update is required to complete the installation., NSLocalizedFailureReason=Installation requires a software update.} Yet, if we create it the same way on 26.4 beta host OS, it works. We've tried the usual tricks of installing latest Xcode and preparing it (accepting license, etc). But, they don't work on 26.3 and 15.x. What's the trick to get the creation of 26.4 to work on <= 26.3 host OS?

I see this in Tahoe Beta release notes macOS now supports the Apple Sparse Image Format (ASIF). These space-efficient images can be created with the diskutil image command-line tool or the Disk Utility application and are suitable for various uses, including as a backing store for virtual machines storage via the Virtualization framework. See VZDiskImageStorageDeviceAttachment. (152040832) I'm developing a macOS app using the Virtualization framework and need to create disk images in the ASIF (Apple Sparse Image Format) to make use of the new feature in Tahoe Is there an official way to create/resize ASIF images programmatically using Swift? I couldn’t find any public API that supports this directly. Any guidance or recommendations would be appreciated. Thanks!

Hello, We're developing endpoint security software using the Endpoint Security framework, and we've encountered challenges with the behavior change in macOS 15 regarding provisioning UDIDs in cloned VMs. The Change Prior to macOS 15, cloning a VM preserved its UDID (format: 0000FE00-9C4ED9F68BBDC72D). Starting with macOS 15, cloned VMs receive a new UDID generated from the host's Secure Enclave (format: b043d27202c7ac37ca3c6b82673302225485cae9), making each clone effectively a new device. Our Workflow We maintain a clean base VM image and clone it for each test run. We add the base VM's UDID to our provisioning profile once, then create clones which (previously) retained that same UDID, allowing us to start new testing cycles without re-registering devices. This is essential because our product involves low-level system integration through the Endpoint Security framework, and if something goes wrong during development, it has the potential to affect system stability. To prevent any cascading issues between test runs or different product versions, we need each test to start from a known clean state rather than reusing the same VM. The Challenge With each VM clone generating a new UDID, we're hitting Apple's device registration limits quickly. This particularly impacts: New team members who spin up VMs for the first time and can't run signed builds Our CI/CD pipeline where multiple test environments need provisioning profiles Developers testing different branches who need separate clean environments Current Workaround We've found that VMs created on macOS 14 and upgraded to macOS 15+ retain their original UDID format. However, we're concerned this workaround may stop working in future macOS versions, which would leave us without a viable path forward. If the workaround stops working, our fallback would be signing each CI build with a Developer ID signature to allow running on any device. However, we'd prefer to avoid this as it would significantly increase load on Apple's signing infrastructure for what are essentially internal test builds. We completely understand the security reasoning behind tying UDIDs to the host's Secure Enclave for Apple Account support. However, for development workflows that don't require Apple Account features in VMs but do require clean, isolated test environments, the previous behavior was quite valuable. Question Is there a recommended approach for teams in our situation? We're happy to explore alternative workflows if there's a pattern we're missing, or we'd be glad to provide more context if this is a use case Apple is considering for future updates. Thanks for any guidance you can provide! Feedback case: FB21389730