SQLite3 and Mac OS X App sandbox problem

I have implemented a Mac OS X app using the SQLite3 tutorial as a starting point and a wrapper for all the sql functionality I need. I have run into a problem using my own created database files external to the App Sandbox. The problem is that sqlite3 needs to read and write to the db file itself, yet even with “User-Selected File” capability set to read/write, the db can create the file but is not allowed to then re-use the file with the opaque db pointer (even with folder permissions set to everyone). I tried to use the AppSandboxFileAccess solution on GitHub (after porting it to Swift) but this makes no difference. I also considered doing it with a document-based app but this would not work since there is no “data” to read/write - this is done directly by the sqlite3 framework and I have no control over it. Short of writing my own database, any thoughts on what I am doing wrong (or is this even possible)?

  1. What do your entitlements look like?
  2. What path are you using for the database file?
  3. If only your app accesses the file, did you try placing it in your application support / library path?

Consider checking this Design Guide out.

Thank you for responding.
Here are my capability and entitlements settings (pictures)
ECSettings

The path that works is within the App Sandbox:
/Users/ddarby/Library/Containers/com.cerescape.Accountable/Data/Documents/

But the path I want to use is any arbitrary path eg
/Users/ddarby/Documents

It works just fine within the App Sandbox, so I’m not looking for a solution (ie fixed path directories) but instead want the generic solution for a user selected file location.

You have User Selected File on Read/Write, however that means you have to literally as a user, use the File Open dialog to choose the file prior to getting permission to open it. Is this something that happens during your use cases?

I use the NSSavePanel to get a file URL from the user which could be outside the App Sandbox. However, even if I choose a location programmatically (with a known URL) outside the sandbox, the sqlite3 library fails to access the file. It accesses files within the App Sandbox just fine.

I have the exact same problem. I want to create an sqlite3 database in an arbitrary location. My program creates the database file fine but as soon as I try to do anything in the database e.g. create a table, it failed with error 14.

However, my log is showing the following message:

2020-02-16 19:17:16.075564+0000 NoughtsAndCrosses[59162:4000390] [logging-persist] cannot open file at line 43353 of [378230ae7f]
2020-02-16 19:17:16.075639+0000 NoughtsAndCrosses[59162:4000390] [logging-persist] os_unix.c:43353: (0) open(/Users/jeremyp/Documents/oxostats.sqlite3-journal) - Undefined error: 0

sqlite3 is trying to create a second file - for journalling the transaction I believe - and it is that creation the is failing - as you would expect. I think the solution is to persuade it to create its temporary files elsewhere somehow.

Thank you jeremyp for validating and extending this issue. I am surprised others have not found a similar problem. Did you work out how to use such persuasion?

I’ve been in the same boat, and as have others. You will typically find 2 solutions:

  1. Allow the user to select the folder (not file) for the application to gain access to it. This is how most text editors and file managers do it, they even go as far as asking you to select the entire hard drive (see BBEdit, etc).
  2. Use the ~/Library/ApplicationSupport folders.

Thanks. I will try those suggestions.

This topic was automatically closed after 166 days. New replies are no longer allowed.