santactl/log: enable/disable vnode logging options in the kernel to test performance impact

This is a generated xcconfig in the Rakefile which gets included by the project
to set the DEVELOPMENT_TEAM key to keep Xcode 8 happy. The development team is
figured based on the available “Mac Developer” certificate.

Also update the way SantaCache declares a ‘zero’ value, update the
OCMock pod and add a few missing includes.

.gitignore

@@ -6,3 +6,4 @@ Santa.xcodeproj/xcuserdata
 Santa.xcodeproj/project.xcworkspace
 Santa.xcworkspace/xcuserdata
 Santa.xcworkspace/xcshareddata
+Source/DevelopmentTeam.xcconfig

Podfile

@@ -18,7 +18,7 @@ target :santactl do
   pod 'MOLAuthenticatingURLSession'
   pod 'MOLCertificate'
   pod 'MOLCodesignChecker'
-  pod 'MOLFCMClient'
+  pod 'MOLFCMClient', '~> 1.3'
 end
 
 target :LogicTests do

Podfile.lock

@@ -2,31 +2,31 @@ PODS:
   - FMDB (2.6.2):
     - FMDB/standard (= 2.6.2)
   - FMDB/standard (2.6.2)
-  - MOLAuthenticatingURLSession (2.1):
+  - MOLAuthenticatingURLSession (2.2):
     - MOLCertificate (~> 1.5)
   - MOLCertificate (1.5)
   - MOLCodesignChecker (1.5):
     - MOLCertificate (~> 1.3)
-  - MOLFCMClient (1.1):
+  - MOLFCMClient (1.3):
     - MOLAuthenticatingURLSession (~> 2.1)
-  - OCMock (3.3.1)
+  - OCMock (3.4)
 
 DEPENDENCIES:
   - FMDB
   - MOLAuthenticatingURLSession
   - MOLCertificate
   - MOLCodesignChecker
-  - MOLFCMClient
+  - MOLFCMClient (~> 1.3)
   - OCMock
 
 SPEC CHECKSUMS:
   FMDB: 854a0341b4726e53276f2a8996f06f1b80f9259a
-  MOLAuthenticatingURLSession: 2f0fd35f641bc857ee1b026021dbd759955adaa3
+  MOLAuthenticatingURLSession: 5a5e31eb73248c3e92c79b9a285f031194e8404c
   MOLCertificate: c39cae866d24d36fbc78032affff83d401b5384a
   MOLCodesignChecker: fc9c64147811d7b0d0739127003e0630dff9213a
-  MOLFCMClient: f1684219facbffdb060ff4ab18b1825bcd4c75bc
-  OCMock: f3f61e6eaa16038c30caa5798c5e49d3307b6f22
+  MOLFCMClient: 13d8b42db9d750e772f09cc38fc453922fece09f
+  OCMock: 35ae71d6a8fcc1b59434d561d1520b9dd4f15765
 
-PODFILE CHECKSUM: b20628b5933f54525daf0dcc5534512b1cb134c8
+PODFILE CHECKSUM: 1728b86e95e7cdb481dd91ab9c38af38e060a023
 
-COCOAPODS: 1.0.1
+COCOAPODS: 1.2.1

Rakefile

@@ -1,3 +1,5 @@
+require 'openssl'
+
 WORKSPACE           = 'Santa.xcworkspace'
 DEFAULT_SCHEME      = 'All'
 OUTPUT_PATH         = 'Build'
@@ -5,6 +7,8 @@ BINARIES            = ['Santa.app', 'santa-driver.kext']
 DSYMS               = ['Santa.app.dSYM', 'santa-driver.kext.dSYM', 'santad.dSYM', 'santactl.dSYM']
 XCPRETTY_DEFAULTS   = '-sc'
 XCODEBUILD_DEFAULTS = "-workspace #{WORKSPACE} -derivedDataPath #{OUTPUT_PATH} -parallelizeTargets"
+DEVTEAM_FILE        = 'Source/DevelopmentTeam.xcconfig'
+DEVTEAM_CERT_CN     = 'Mac Developer'
 $DISABLE_XCPRETTY   = false
 
 task :default do
@@ -44,6 +48,13 @@ task :init do
     puts "xcpretty is not installed. Install with 'sudo gem install xcpretty'"
     $DISABLE_XCPRETTY = true
   end
+  cert_pem = `security find-certificate -p -c '#{DEVTEAM_CERT_CN}'`
+  cert = OpenSSL::X509::Certificate.new cert_pem
+  team_id = cert.subject.to_a.find {|f| f[0] == "OU"}[1]
+  File.open(DEVTEAM_FILE, 'w') { |f|
+    f.puts("// This file is auto-generated. Do not edit manually")
+    f.puts("DEVELOPMENT_TEAM = #{team_id}")
+  }
 end
 
 task :remove_existing do

Santa.xcodeproj/project.pbxproj

@@ -26,9 +26,7 @@
 /* End PBXAggregateTarget section */
 
 /* Begin PBXBuildFile section */
-		0D0016A3192BCD3C005E7FCD /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D9A7F3E1759330500035EB5 /* Foundation.framework */; };
 		0D0016A6192BCD3C005E7FCD /* main.mm in Sources */ = {isa = PBXBuildFile; fileRef = 0D0016A5192BCD3C005E7FCD /* main.mm */; };
-		0D0016AE192BCD8C005E7FCD /* IOKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D3AFBF718FB4C870087BCEE /* IOKit.framework */; };
 		0D0A1EC3191998C900B8450F /* SNTCommandSyncRuleDownload.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D0A1EC2191998C900B8450F /* SNTCommandSyncRuleDownload.m */; };
 		0D0A1EC6191AB9B000B8450F /* SNTCommandSyncPostflight.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D0A1EC5191AB9B000B8450F /* SNTCommandSyncPostflight.m */; };
 		0D10BE861A0AABD600C0C944 /* SNTDropRootPrivs.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D10BE851A0AABD600C0C944 /* SNTDropRootPrivs.m */; };
@@ -46,15 +44,12 @@
 		0D28D53819D9F5910015C5EB /* SNTConfigurator.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D42D2B719D2042900955F08 /* SNTConfigurator.m */; };
 		0D2CD4611A81C7B100C9C910 /* dn.plist in Resources */ = {isa = PBXBuildFile; fileRef = 0D2CD4601A81C7B100C9C910 /* dn.plist */; };
 		0D2E1E631CEFA6C30039B2C4 /* SantaCacheTest.mm in Sources */ = {isa = PBXBuildFile; fileRef = 0D2E1E621CEFA6C30039B2C4 /* SantaCacheTest.mm */; };
-		0D35BD9F18FD71CE00921A21 /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D9A7F3E1759330500035EB5 /* Foundation.framework */; };
 		0D35BDA218FD71CE00921A21 /* main.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D35BDA118FD71CE00921A21 /* main.m */; };
 		0D35BDAC18FD7CFD00921A21 /* SNTCommandController.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D35BDAB18FD7CFD00921A21 /* SNTCommandController.m */; };
 		0D35BDB518FD84F600921A21 /* SNTCommandSync.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D35BDB418FD84F600921A21 /* SNTCommandSync.m */; };
-		0D35BDBD18FDA23600921A21 /* IOKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D3AFBF718FB4C870087BCEE /* IOKit.framework */; };
 		0D35BDC418FDA5D100921A21 /* SNTXPCConnection.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D6FDC9518C93A020044685C /* SNTXPCConnection.m */; };
 		0D377C2A17A071B7008453DB /* SNTEventTable.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D377C2917A071B7008453DB /* SNTEventTable.m */; };
 		0D37C10F18F6029A0069BC61 /* SNTDatabaseTable.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D37C10E18F6029A0069BC61 /* SNTDatabaseTable.m */; };
-		0D385DB8180DE4A900418BC6 /* Cocoa.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D385DB7180DE4A900418BC6 /* Cocoa.framework */; };
 		0D385DC4180DE4A900418BC6 /* main.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D385DC3180DE4A900418BC6 /* main.m */; };
 		0D385DD0180DE4A900418BC6 /* Images.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 0D385DCF180DE4A900418BC6 /* Images.xcassets */; };
 		0D385DF0180DE51600418BC6 /* MessageWindow.xib in Resources */ = {isa = PBXBuildFile; fileRef = 0D385DE9180DE51600418BC6 /* MessageWindow.xib */; };
@@ -67,8 +62,6 @@
 		0D3AFBEE18FB4C6C0087BCEE /* SNTApplication.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DB8ACC0185662DC00FEF9C7 /* SNTApplication.m */; };
 		0D3AFBEF18FB4C6C0087BCEE /* SNTExecutionController.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DE6788C1784A8C2007A9E52 /* SNTExecutionController.m */; };
 		0D3AFBF018FB4C6C0087BCEE /* SNTDriverManager.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D7D01861774F93A005DBAB4 /* SNTDriverManager.m */; };
-		0D3AFBF618FB4C7E0087BCEE /* Cocoa.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D385DB7180DE4A900418BC6 /* Cocoa.framework */; };
-		0D3AFBF818FB4C870087BCEE /* IOKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D3AFBF718FB4C870087BCEE /* IOKit.framework */; };
 		0D416401191974F1006A356A /* SNTCommandSyncState.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D416400191974F1006A356A /* SNTCommandSyncState.m */; };
 		0D41640519197AD7006A356A /* SNTCommandSyncEventUpload.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D41640419197AD7006A356A /* SNTCommandSyncEventUpload.m */; };
 		0D41DAD41A7C28C800A890FE /* SNTEventTableTest.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D41DAD31A7C28C800A890FE /* SNTEventTableTest.m */; };
@@ -77,7 +70,6 @@
 		0D42D2B919D2042900955F08 /* SNTConfigurator.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D42D2B719D2042900955F08 /* SNTConfigurator.m */; };
 		0D4644C5182AF81700098690 /* SantaDecisionManager.cc in Sources */ = {isa = PBXBuildFile; fileRef = 0D4644C3182AF81700098690 /* SantaDecisionManager.cc */; };
 		0D4644C6182AF81700098690 /* SantaDecisionManager.h in Headers */ = {isa = PBXBuildFile; fileRef = 0D4644C4182AF81700098690 /* SantaDecisionManager.h */; };
-		0D4A5007176A4602004F63BF /* Security.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D4A5006176A4602004F63BF /* Security.framework */; };
 		0D536ED71B8E7A2E0039A26D /* bad_pagezero in Resources */ = {isa = PBXBuildFile; fileRef = 0D536ED51B8E7A2E0039A26D /* bad_pagezero */; };
 		0D536ED81B8E7A2E0039A26D /* missing_pagezero in Resources */ = {isa = PBXBuildFile; fileRef = 0D536ED61B8E7A2E0039A26D /* missing_pagezero */; };
 		0D536EDB1B94E9230039A26D /* SNTEventLog.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D536EDA1B94E9230039A26D /* SNTEventLog.m */; };
@@ -85,7 +77,6 @@
 		0D63DD5C1906FCB400D346C4 /* SNTDatabaseController.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D63DD5B1906FCB400D346C4 /* SNTDatabaseController.m */; };
 		0D63DD5E1906FCB400D346C4 /* SNTDatabaseController.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D63DD5B1906FCB400D346C4 /* SNTDatabaseController.m */; };
 		0D668E8118D1121700E29A8B /* SNTMessageWindow.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D668E8018D1121700E29A8B /* SNTMessageWindow.m */; };
-		0D6F12D819EC8822006B218E /* SecurityInterface.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0DCD5F771909C659006B445C /* SecurityInterface.framework */; };
 		0D6FDC9618C93A020044685C /* SNTXPCConnection.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D6FDC9518C93A020044685C /* SNTXPCConnection.m */; };
 		0D6FDC9718C93A020044685C /* SNTXPCConnection.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D6FDC9518C93A020044685C /* SNTXPCConnection.m */; };
 		0D7D01871774F93A005DBAB4 /* SNTDriverManager.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D7D01861774F93A005DBAB4 /* SNTDriverManager.m */; };
@@ -94,10 +85,8 @@
 		0D8868091AC48A1100B86659 /* SNTSystemInfo.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D42D2B419D1D98A00955F08 /* SNTSystemInfo.m */; };
 		0D88680A1AC48A1200B86659 /* SNTSystemInfo.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D42D2B419D1D98A00955F08 /* SNTSystemInfo.m */; };
 		0D88680C1AC48A1400B86659 /* SNTSystemInfo.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D42D2B419D1D98A00955F08 /* SNTSystemInfo.m */; };
-		0D88680D1AC48A5D00B86659 /* IOKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D3AFBF718FB4C870087BCEE /* IOKit.framework */; };
 		0D89310E1C931979002E8D74 /* SNTXPCControlInterface.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DCD605419115D17006B445C /* SNTXPCControlInterface.m */; };
 		0D89310F1C931986002E8D74 /* SNTRule.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DE50F671912716A007B2B0C /* SNTRule.m */; };
-		0D8C200C180F359A00CE2BF8 /* Security.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D8C200B180F359A00CE2BF8 /* Security.framework */; };
 		0D8E18CD19107B56000F89B8 /* SNTDaemonControlController.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D8E18CC19107B56000F89B8 /* SNTDaemonControlController.m */; };
 		0D9184B81CD2F32D0004E859 /* SNTCommandSyncStage.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D9184B71CD2F32D0004E859 /* SNTCommandSyncStage.m */; };
 		0D9184B91CD2F32D0004E859 /* SNTCommandSyncStage.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D9184B71CD2F32D0004E859 /* SNTCommandSyncStage.m */; };
@@ -105,7 +94,6 @@
 		0D9A7F341759144800035EB5 /* SantaDriver.h in Headers */ = {isa = PBXBuildFile; fileRef = 0D9A7F321759144800035EB5 /* SantaDriver.h */; };
 		0D9A7F371759148E00035EB5 /* SantaDriverClient.cc in Sources */ = {isa = PBXBuildFile; fileRef = 0D9A7F351759148E00035EB5 /* SantaDriverClient.cc */; };
 		0D9A7F381759148E00035EB5 /* SantaDriverClient.h in Headers */ = {isa = PBXBuildFile; fileRef = 0D9A7F361759148E00035EB5 /* SantaDriverClient.h */; };
-		0D9A7F3F1759330500035EB5 /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D9A7F3E1759330500035EB5 /* Foundation.framework */; };
 		0D9A7F421759330500035EB5 /* main.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D9A7F411759330500035EB5 /* main.m */; };
 		0DA73C9F1934F8100056D7C4 /* SNTLogging.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DA73C9E1934F8100056D7C4 /* SNTLogging.m */; };
 		0DA73CA11934F8100056D7C4 /* SNTLogging.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DA73C9E1934F8100056D7C4 /* SNTLogging.m */; };
@@ -138,12 +126,10 @@
 		0DCD605819115E57006B445C /* SNTXPCControlInterface.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DCD605419115D17006B445C /* SNTXPCControlInterface.m */; };
 		0DCD605919115E5A006B445C /* SNTXPCNotifierInterface.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DCD604E19115A06006B445C /* SNTXPCNotifierInterface.m */; };
 		0DCD605C19117A90006B445C /* SNTCommandSyncPreflight.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DCD605B19117A90006B445C /* SNTCommandSyncPreflight.m */; };
-		0DD0D487194F5187005F27EB /* IOKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D3AFBF718FB4C870087BCEE /* IOKit.framework */; };
 		0DD0D48F194F78F8005F27EB /* SNTFileInfoTest.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DD0D48E194F78F8005F27EB /* SNTFileInfoTest.m */; };
 		0DD0D491194F9947005F27EB /* SNTExecutionControllerTest.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DD0D490194F9947005F27EB /* SNTExecutionControllerTest.m */; };
 		0DD0D492194F9BEF005F27EB /* SNTLogging.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DA73C9E1934F8100056D7C4 /* SNTLogging.m */; };
 		0DE2CE561CA05561002B649A /* SNTAccessibleTextField.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DE2CE551CA05561002B649A /* SNTAccessibleTextField.m */; };
-		0DE4C8A118FEF28200466D04 /* Security.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D8C200B180F359A00CE2BF8 /* Security.framework */; };
 		0DE4C8A618FF3B1700466D04 /* SNTCommandFlushCache.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DE4C8A518FF3B1700466D04 /* SNTCommandFlushCache.m */; };
 		0DE50F681912716A007B2B0C /* SNTRule.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DE50F671912716A007B2B0C /* SNTRule.m */; };
 		0DE50F691912B0CD007B2B0C /* SNTRule.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DE50F671912716A007B2B0C /* SNTRule.m */; };
@@ -168,14 +154,11 @@
 		0DEFB7C81ACF0BFE00B92AAE /* SNTFileWatcherTest.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DEFB7C71ACF0BFE00B92AAE /* SNTFileWatcherTest.m */; };
 		0DF395641AB76A7900CBC520 /* NSData+Zlib.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DF395631AB76A7900CBC520 /* NSData+Zlib.m */; };
 		0DF395661AB76ABC00CBC520 /* libz.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = 0DF395651AB76ABC00CBC520 /* libz.dylib */; };
-		1C299D1C789489996FF9E081 /* libPods-Santa.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 87D1CEAEDF1FA6819A855559 /* libPods-Santa.a */; };
-		29C490B1720D4FD576F93519 /* libPods-LogicTests.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 17D03B346587131C45A8DA67 /* libPods-LogicTests.a */; };
-		2BA4AE89AA2447E29DA2E85C /* libPods-santactl.a in Frameworks */ = {isa = PBXBuildFile; fileRef = BE53E1EAE84D54E7FCB22FD5 /* libPods-santactl.a */; };
-		34D8F6C53153950A66DBEF69 /* libPods-santad.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 60A9B66BB0F7404D1F61D518 /* libPods-santad.a */; };
 		4092327A1A51B66400A04527 /* SNTCommandRule.m in Sources */ = {isa = PBXBuildFile; fileRef = 409232791A51B65D00A04527 /* SNTCommandRule.m */; };
-		580046F725A5D0874B970A17 /* libPods-Santa.a in Frameworks */ = {isa = PBXBuildFile; fileRef = B2B9044B79DD2E4DEC5D3B7A /* libPods-Santa.a */; };
-		79C1556E6EAC94038762EF36 /* libPods-santactl.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 556108C12FC29E329D82D4CB /* libPods-santactl.a */; };
-		A60673DE57680AC450A3B0B2 /* libPods-santad.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 9BE438428F17C09C6A9D0802 /* libPods-santad.a */; };
+		42805FED981952EC9F0E4272 /* libPods-santactl.a in Frameworks */ = {isa = PBXBuildFile; fileRef = DC914D8DD0F5C0E21DA45150 /* libPods-santactl.a */; };
+		7E396F5897B914399A568D27 /* libPods-Santa.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 8FE66FA803110026A2A57C59 /* libPods-Santa.a */; };
+		8E6BE2EABCDF090F0FCEA980 /* libPods-santad.a in Frameworks */ = {isa = PBXBuildFile; fileRef = E57A355BC439804E082B9C0A /* libPods-santad.a */; };
+		C4F8326EEB58061C1A579F0D /* libPods-LogicTests.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 3EAD1E725C5F299F58F754D7 /* libPods-LogicTests.a */; };
 		C714F8B11D8044D400700EDF /* SNTCommandFileInfo.m in Sources */ = {isa = PBXBuildFile; fileRef = 0DCD5FBE1909D64A006B445C /* SNTCommandFileInfo.m */; };
 		C714F8B21D8044FE00700EDF /* SNTCommandController.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D35BDAB18FD7CFD00921A21 /* SNTCommandController.m */; };
 		C72E8D941D7F399900C86DD3 /* SNTCommandFileInfoTest.m in Sources */ = {isa = PBXBuildFile; fileRef = C72E8D931D7F399900C86DD3 /* SNTCommandFileInfoTest.m */; };
@@ -185,10 +168,10 @@
 		C776A1071DEE160500A56616 /* SNTCommandSyncManager.m in Sources */ = {isa = PBXBuildFile; fileRef = C776A1061DEE160500A56616 /* SNTCommandSyncManager.m */; };
 		C795ED901D80A5BE007CFF42 /* SNTPolicyProcessor.m in Sources */ = {isa = PBXBuildFile; fileRef = C795ED8F1D80A5BE007CFF42 /* SNTPolicyProcessor.m */; };
 		C795ED911D80B66B007CFF42 /* SNTPolicyProcessor.m in Sources */ = {isa = PBXBuildFile; fileRef = C795ED8F1D80A5BE007CFF42 /* SNTPolicyProcessor.m */; };
+		C7E3A30E1ECF7D400073689C /* SNTCommandLog.m in Sources */ = {isa = PBXBuildFile; fileRef = C7E3A30D1ECF7D400073689C /* SNTCommandLog.m */; };
 		C7FB56F61DBFB480004E14EF /* SNTXPCSyncdInterface.m in Sources */ = {isa = PBXBuildFile; fileRef = C7FB56F51DBFB480004E14EF /* SNTXPCSyncdInterface.m */; };
 		C7FB56F71DBFB480004E14EF /* SNTXPCSyncdInterface.m in Sources */ = {isa = PBXBuildFile; fileRef = C7FB56F51DBFB480004E14EF /* SNTXPCSyncdInterface.m */; };
 		C7FB57001DBFC213004E14EF /* SNTSyncdQueue.m in Sources */ = {isa = PBXBuildFile; fileRef = C7FB56FF1DBFC213004E14EF /* SNTSyncdQueue.m */; };
-		EFD8E30D32F6128B9E833D64 /* libPods-LogicTests.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 873978BCE4B0DBD2A89C99D1 /* libPods-LogicTests.a */; };
 /* End PBXBuildFile section */
 
 /* Begin PBXContainerItemProxy section */
@@ -265,6 +248,7 @@
 /* End PBXCopyFilesBuildPhase section */
 
 /* Begin PBXFileReference section */
+		07B44952FAAF4CA056FC4A62 /* Pods-santad.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-santad.debug.xcconfig"; path = "Pods/Target Support Files/Pods-santad/Pods-santad.debug.xcconfig"; sourceTree = "<group>"; };
 		0D0016A2192BCD3C005E7FCD /* KernelTests */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = KernelTests; sourceTree = BUILT_PRODUCTS_DIR; };
 		0D0016A5192BCD3C005E7FCD /* main.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = main.mm; sourceTree = "<group>"; };
 		0D0A1EC1191998C900B8450F /* SNTCommandSyncRuleDownload.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SNTCommandSyncRuleDownload.h; sourceTree = "<group>"; };
@@ -280,9 +264,9 @@
 		0D202D1D1CDD479400A88F16 /* libz.tbd */ = {isa = PBXFileReference; lastKnownFileType = "sourcecode.text-based-dylib-definition"; name = libz.tbd; path = usr/lib/libz.tbd; sourceTree = SDKROOT; };
 		0D202D1F1CE4E90E00A88F16 /* sync_preflight_basic.json */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.json; path = sync_preflight_basic.json; sourceTree = "<group>"; };
 		0D202D231CE5071600A88F16 /* SantaCache.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SantaCache.h; sourceTree = "<group>"; };
+		0D2429471E787655005C6FC9 /* DevelopmentTeam.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = DevelopmentTeam.xcconfig; sourceTree = "<group>"; };
 		0D260DAC18B68E12002A0B55 /* LogicTests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = LogicTests.xctest; sourceTree = BUILT_PRODUCTS_DIR; };
 		0D260DB118B68E12002A0B55 /* Tests-Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = "Tests-Info.plist"; sourceTree = "<group>"; };
-		0D260DB718B68E12002A0B55 /* Tests-Prefix.pch */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "Tests-Prefix.pch"; sourceTree = "<group>"; };
 		0D28E5E119269B3600280F87 /* SNTLogging.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = SNTLogging.h; sourceTree = "<group>"; };
 		0D28E5E31926AFE400280F87 /* SNTKernelCommon.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = SNTKernelCommon.h; sourceTree = "<group>"; };
 		0D28E5E41926B55600280F87 /* santactl-Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = "santactl-Info.plist"; sourceTree = "<group>"; };
@@ -290,7 +274,6 @@
 		0D2E1E621CEFA6C30039B2C4 /* SantaCacheTest.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = SantaCacheTest.mm; sourceTree = "<group>"; };
 		0D35BD9E18FD71CE00921A21 /* santactl */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = santactl; sourceTree = BUILT_PRODUCTS_DIR; };
 		0D35BDA118FD71CE00921A21 /* main.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = main.m; sourceTree = "<group>"; };
-		0D35BDA418FD71CE00921A21 /* santactl-Prefix.pch */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "santactl-Prefix.pch"; sourceTree = "<group>"; };
 		0D35BDAA18FD7CFD00921A21 /* SNTCommandController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SNTCommandController.h; sourceTree = "<group>"; };
 		0D35BDAB18FD7CFD00921A21 /* SNTCommandController.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTCommandController.m; sourceTree = "<group>"; };
 		0D35BDB418FD84F600921A21 /* SNTCommandSync.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTCommandSync.m; sourceTree = "<group>"; };
@@ -303,7 +286,6 @@
 		0D385DB7180DE4A900418BC6 /* Cocoa.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Cocoa.framework; path = System/Library/Frameworks/Cocoa.framework; sourceTree = SDKROOT; };
 		0D385DBF180DE4A900418BC6 /* SantaGUI-Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = "SantaGUI-Info.plist"; sourceTree = "<group>"; };
 		0D385DC3180DE4A900418BC6 /* main.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = main.m; sourceTree = "<group>"; };
-		0D385DC5180DE4A900418BC6 /* Santa-Prefix.pch */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "Santa-Prefix.pch"; sourceTree = "<group>"; };
 		0D385DCF180DE4A900418BC6 /* Images.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Images.xcassets; sourceTree = "<group>"; };
 		0D385DE9180DE51600418BC6 /* MessageWindow.xib */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.xib; path = MessageWindow.xib; sourceTree = "<group>"; };
 		0D385DEA180DE51600418BC6 /* SNTAppDelegate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SNTAppDelegate.h; sourceTree = "<group>"; };
@@ -357,7 +339,6 @@
 		0D9A7F3E1759330500035EB5 /* Foundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Foundation.framework; path = System/Library/Frameworks/Foundation.framework; sourceTree = SDKROOT; };
 		0D9A7F411759330500035EB5 /* main.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; lineEnding = 0; path = main.m; sourceTree = "<group>"; xcLanguageSpecificationIdentifier = xcode.lang.objc; };
 		0DA73C9E1934F8100056D7C4 /* SNTLogging.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTLogging.m; sourceTree = "<group>"; };
-		0DB2B92318085753001C01D9 /* santad-Prefix.pch */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "santad-Prefix.pch"; sourceTree = "<group>"; };
 		0DB390981AB1E11400614002 /* SNTCommandVersion.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTCommandVersion.m; sourceTree = "<group>"; };
 		0DB537861AFD36EB00487F92 /* SNTRuleTableTest.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTRuleTableTest.m; sourceTree = "<group>"; };
 		0DB77FD61CCE824A004DF060 /* SNTBlockMessage.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SNTBlockMessage.h; sourceTree = "<group>"; };
@@ -406,33 +387,29 @@
 		0DF395621AB76A7900CBC520 /* NSData+Zlib.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "NSData+Zlib.h"; sourceTree = "<group>"; };
 		0DF395631AB76A7900CBC520 /* NSData+Zlib.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = "NSData+Zlib.m"; sourceTree = "<group>"; };
 		0DF395651AB76ABC00CBC520 /* libz.dylib */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.dylib"; name = libz.dylib; path = usr/lib/libz.dylib; sourceTree = SDKROOT; };
-		17D03B346587131C45A8DA67 /* libPods-LogicTests.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libPods-LogicTests.a"; sourceTree = BUILT_PRODUCTS_DIR; };
-		2B9F8A80C0F8D34D98135F36 /* Pods-santactl.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-santactl.release.xcconfig"; path = "Pods/Target Support Files/Pods-santactl/Pods-santactl.release.xcconfig"; sourceTree = "<group>"; };
+		3EAD1E725C5F299F58F754D7 /* libPods-LogicTests.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libPods-LogicTests.a"; sourceTree = BUILT_PRODUCTS_DIR; };
 		409232791A51B65D00A04527 /* SNTCommandRule.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTCommandRule.m; sourceTree = "<group>"; };
-		4D9D2DDDCD92DBB948D38B11 /* Pods-Santa.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Santa.release.xcconfig"; path = "Pods/Target Support Files/Pods-Santa/Pods-Santa.release.xcconfig"; sourceTree = "<group>"; };
-		4E43227BA5B261FF33141AFC /* Pods-LogicTests.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-LogicTests.debug.xcconfig"; path = "Pods/Target Support Files/Pods-LogicTests/Pods-LogicTests.debug.xcconfig"; sourceTree = "<group>"; };
-		556108C12FC29E329D82D4CB /* libPods-santactl.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libPods-santactl.a"; sourceTree = BUILT_PRODUCTS_DIR; };
-		60A9B66BB0F7404D1F61D518 /* libPods-santad.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libPods-santad.a"; sourceTree = BUILT_PRODUCTS_DIR; };
-		691189054F4E484D030CF831 /* Pods-santactl.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-santactl.debug.xcconfig"; path = "Pods/Target Support Files/Pods-santactl/Pods-santactl.debug.xcconfig"; sourceTree = "<group>"; };
-		7C9CC3CDF2609E78E6A9C601 /* Pods-santad.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-santad.release.xcconfig"; path = "Pods/Target Support Files/Pods-santad/Pods-santad.release.xcconfig"; sourceTree = "<group>"; };
-		821428941753678DB772D761 /* Pods-LogicTests.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-LogicTests.release.xcconfig"; path = "Pods/Target Support Files/Pods-LogicTests/Pods-LogicTests.release.xcconfig"; sourceTree = "<group>"; };
-		873978BCE4B0DBD2A89C99D1 /* libPods-LogicTests.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libPods-LogicTests.a"; sourceTree = BUILT_PRODUCTS_DIR; };
-		87D1CEAEDF1FA6819A855559 /* libPods-Santa.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libPods-Santa.a"; sourceTree = BUILT_PRODUCTS_DIR; };
-		95B378553DCD86290341B8E4 /* Pods-santad.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-santad.debug.xcconfig"; path = "Pods/Target Support Files/Pods-santad/Pods-santad.debug.xcconfig"; sourceTree = "<group>"; };
-		9BE438428F17C09C6A9D0802 /* libPods-santad.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libPods-santad.a"; sourceTree = BUILT_PRODUCTS_DIR; };
-		B2B9044B79DD2E4DEC5D3B7A /* libPods-Santa.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libPods-Santa.a"; sourceTree = BUILT_PRODUCTS_DIR; };
-		BE53E1EAE84D54E7FCB22FD5 /* libPods-santactl.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libPods-santactl.a"; sourceTree = BUILT_PRODUCTS_DIR; };
+		5123AB484639A3640D62CB67 /* Pods-santactl.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-santactl.release.xcconfig"; path = "Pods/Target Support Files/Pods-santactl/Pods-santactl.release.xcconfig"; sourceTree = "<group>"; };
+		5B0D17672432F610DE7F14EA /* Pods-LogicTests.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-LogicTests.debug.xcconfig"; path = "Pods/Target Support Files/Pods-LogicTests/Pods-LogicTests.debug.xcconfig"; sourceTree = "<group>"; };
+		6519E416CC4D06EE85DDB34B /* Pods-Santa.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Santa.release.xcconfig"; path = "Pods/Target Support Files/Pods-Santa/Pods-Santa.release.xcconfig"; sourceTree = "<group>"; };
+		6A947802FC1698EC37A47F5C /* Pods-santactl.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-santactl.debug.xcconfig"; path = "Pods/Target Support Files/Pods-santactl/Pods-santactl.debug.xcconfig"; sourceTree = "<group>"; };
+		8FE66FA803110026A2A57C59 /* libPods-Santa.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libPods-Santa.a"; sourceTree = BUILT_PRODUCTS_DIR; };
+		A5C68436912C0F98A7DE3BFA /* Pods-LogicTests.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-LogicTests.release.xcconfig"; path = "Pods/Target Support Files/Pods-LogicTests/Pods-LogicTests.release.xcconfig"; sourceTree = "<group>"; };
 		C72E8D931D7F399900C86DD3 /* SNTCommandFileInfoTest.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTCommandFileInfoTest.m; sourceTree = "<group>"; };
 		C76614EB1D142D3C00D150C1 /* SNTCommandCheckCache.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTCommandCheckCache.m; sourceTree = "<group>"; };
 		C776A1051DEE160500A56616 /* SNTCommandSyncManager.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SNTCommandSyncManager.h; sourceTree = "<group>"; };
 		C776A1061DEE160500A56616 /* SNTCommandSyncManager.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTCommandSyncManager.m; sourceTree = "<group>"; };
 		C795ED8E1D80A5BE007CFF42 /* SNTPolicyProcessor.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SNTPolicyProcessor.h; sourceTree = "<group>"; };
 		C795ED8F1D80A5BE007CFF42 /* SNTPolicyProcessor.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTPolicyProcessor.m; sourceTree = "<group>"; };
+		C7E3A30D1ECF7D400073689C /* SNTCommandLog.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTCommandLog.m; sourceTree = "<group>"; };
 		C7FB56F41DBFB480004E14EF /* SNTXPCSyncdInterface.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SNTXPCSyncdInterface.h; sourceTree = "<group>"; };
 		C7FB56F51DBFB480004E14EF /* SNTXPCSyncdInterface.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTXPCSyncdInterface.m; sourceTree = "<group>"; };
 		C7FB56FE1DBFC213004E14EF /* SNTSyncdQueue.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SNTSyncdQueue.h; sourceTree = "<group>"; };
 		C7FB56FF1DBFC213004E14EF /* SNTSyncdQueue.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTSyncdQueue.m; sourceTree = "<group>"; };
-		D227889DF327E7D3532FE00B /* Pods-Santa.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Santa.debug.xcconfig"; path = "Pods/Target Support Files/Pods-Santa/Pods-Santa.debug.xcconfig"; sourceTree = "<group>"; };
+		DC914D8DD0F5C0E21DA45150 /* libPods-santactl.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libPods-santactl.a"; sourceTree = BUILT_PRODUCTS_DIR; };
+		E57A355BC439804E082B9C0A /* libPods-santad.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libPods-santad.a"; sourceTree = BUILT_PRODUCTS_DIR; };
+		F1E491F3C201A2362E04FF81 /* Pods-santad.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-santad.release.xcconfig"; path = "Pods/Target Support Files/Pods-santad/Pods-santad.release.xcconfig"; sourceTree = "<group>"; };
+		F25BED2D82EB26743AD59464 /* Pods-Santa.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Santa.debug.xcconfig"; path = "Pods/Target Support Files/Pods-Santa/Pods-Santa.debug.xcconfig"; sourceTree = "<group>"; };
 /* End PBXFileReference section */
 
 /* Begin PBXFrameworksBuildPhase section */
@@ -440,8 +417,6 @@
 			isa = PBXFrameworksBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
-				0D0016AE192BCD8C005E7FCD /* IOKit.framework in Frameworks */,
-				0D0016A3192BCD3C005E7FCD /* Foundation.framework in Frameworks */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -450,10 +425,7 @@
 			buildActionMask = 2147483647;
 			files = (
 				0D202D1E1CDD479400A88F16 /* libz.tbd in Frameworks */,
-				0D3AFBF618FB4C7E0087BCEE /* Cocoa.framework in Frameworks */,
-				0D3AFBF818FB4C870087BCEE /* IOKit.framework in Frameworks */,
-				29C490B1720D4FD576F93519 /* libPods-LogicTests.a in Frameworks */,
-				EFD8E30D32F6128B9E833D64 /* libPods-LogicTests.a in Frameworks */,
+				C4F8326EEB58061C1A579F0D /* libPods-LogicTests.a in Frameworks */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -462,11 +434,7 @@
 			buildActionMask = 2147483647;
 			files = (
 				0DF395661AB76ABC00CBC520 /* libz.dylib in Frameworks */,
-				0DE4C8A118FEF28200466D04 /* Security.framework in Frameworks */,
-				0D35BDBD18FDA23600921A21 /* IOKit.framework in Frameworks */,
-				0D35BD9F18FD71CE00921A21 /* Foundation.framework in Frameworks */,
-				2BA4AE89AA2447E29DA2E85C /* libPods-santactl.a in Frameworks */,
-				79C1556E6EAC94038762EF36 /* libPods-santactl.a in Frameworks */,
+				42805FED981952EC9F0E4272 /* libPods-santactl.a in Frameworks */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -474,12 +442,7 @@
 			isa = PBXFrameworksBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
-				0D88680D1AC48A5D00B86659 /* IOKit.framework in Frameworks */,
-				0D6F12D819EC8822006B218E /* SecurityInterface.framework in Frameworks */,
-				0D8C200C180F359A00CE2BF8 /* Security.framework in Frameworks */,
-				0D385DB8180DE4A900418BC6 /* Cocoa.framework in Frameworks */,
-				1C299D1C789489996FF9E081 /* libPods-Santa.a in Frameworks */,
-				580046F725A5D0874B970A17 /* libPods-Santa.a in Frameworks */,
+				7E396F5897B914399A568D27 /* libPods-Santa.a in Frameworks */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -487,11 +450,7 @@
 			isa = PBXFrameworksBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
-				0DD0D487194F5187005F27EB /* IOKit.framework in Frameworks */,
-				0D4A5007176A4602004F63BF /* Security.framework in Frameworks */,
-				0D9A7F3F1759330500035EB5 /* Foundation.framework in Frameworks */,
-				A60673DE57680AC450A3B0B2 /* libPods-santad.a in Frameworks */,
-				34D8F6C53153950A66DBEF69 /* libPods-santad.a in Frameworks */,
+				8E6BE2EABCDF090F0FCEA980 /* libPods-santad.a in Frameworks */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -544,7 +503,6 @@
 				0DEA5F771CF64C8B00704398 /* sync_ruledownload_batch1.json */,
 				0DEA5F781CF64C8B00704398 /* sync_ruledownload_batch2.json */,
 				0D260DB118B68E12002A0B55 /* Tests-Info.plist */,
-				0D260DB718B68E12002A0B55 /* Tests-Prefix.pch */,
 			);
 			path = Resources;
 			sourceTree = "<group>";
@@ -565,7 +523,6 @@
 			isa = PBXGroup;
 			children = (
 				0D28E5E41926B55600280F87 /* santactl-Info.plist */,
-				0D35BDA418FD71CE00921A21 /* santactl-Prefix.pch */,
 			);
 			path = Resources;
 			sourceTree = "<group>";
@@ -624,7 +581,6 @@
 			children = (
 				0D385DCF180DE4A900418BC6 /* Images.xcassets */,
 				0D385DBF180DE4A900418BC6 /* SantaGUI-Info.plist */,
-				0D385DC5180DE4A900418BC6 /* Santa-Prefix.pch */,
 				0D1B476F19A53419008CADD3 /* AboutWindow.xib */,
 				0D385DE9180DE51600418BC6 /* MessageWindow.xib */,
 			);
@@ -635,7 +591,6 @@
 			isa = PBXGroup;
 			children = (
 				0DB8ACE41858D73000FEF9C7 /* santad-Info.plist */,
-				0DB2B92318085753001C01D9 /* santad-Prefix.pch */,
 			);
 			path = Resources;
 			sourceTree = "<group>";
@@ -655,8 +610,8 @@
 				0DB77FDC1CD262F5004DF060 /* Source */,
 				0D789F9F1940F26D0036F7C4 /* Tests */,
 				0D91BCB5174E8A7E00131A7D /* Products */,
-				57575205DAC12A357F9EF899 /* Pods */,
-				9A8F78FCF1FF5934C80FB9B4 /* Frameworks */,
+				32B59E26727EF7DC0FC6A1C2 /* Pods */,
+				8ADEC8FA6FDD43E921A3E0D6 /* Frameworks */,
 			);
 			sourceTree = "<group>";
 		};
@@ -685,10 +640,6 @@
 				0D91BCB8174E8A7E00131A7D /* Kernel.framework */,
 				0D9A7F3E1759330500035EB5 /* Foundation.framework */,
 				0D385DB7180DE4A900418BC6 /* Cocoa.framework */,
-				17D03B346587131C45A8DA67 /* libPods-LogicTests.a */,
-				87D1CEAEDF1FA6819A855559 /* libPods-Santa.a */,
-				BE53E1EAE84D54E7FCB22FD5 /* libPods-santactl.a */,
-				9BE438428F17C09C6A9D0802 /* libPods-santad.a */,
 			);
 			name = Frameworks;
 			path = ../..;
@@ -802,6 +753,7 @@
 				C76614EB1D142D3C00D150C1 /* SNTCommandCheckCache.m */,
 				0DCD5FBE1909D64A006B445C /* SNTCommandFileInfo.m */,
 				0DE4C8A518FF3B1700466D04 /* SNTCommandFlushCache.m */,
+				C7E3A30D1ECF7D400073689C /* SNTCommandLog.m */,
 				409232791A51B65D00A04527 /* SNTCommandRule.m */,
 				0D827E6619DF3C74006EC811 /* SNTCommandStatus.m */,
 				0DB390981AB1E11400614002 /* SNTCommandVersion.m */,
@@ -818,32 +770,33 @@
 				0D9A7F401759330500035EB5 /* santad */,
 				0D35BDA018FD71CE00921A21 /* santactl */,
 				0D385DBD180DE4A900418BC6 /* SantaGUI */,
+				0D2429471E787655005C6FC9 /* DevelopmentTeam.xcconfig */,
 			);
 			path = Source;
 			sourceTree = "<group>";
 		};
-		57575205DAC12A357F9EF899 /* Pods */ = {
+		32B59E26727EF7DC0FC6A1C2 /* Pods */ = {
 			isa = PBXGroup;
 			children = (
-				4E43227BA5B261FF33141AFC /* Pods-LogicTests.debug.xcconfig */,
-				821428941753678DB772D761 /* Pods-LogicTests.release.xcconfig */,
-				D227889DF327E7D3532FE00B /* Pods-Santa.debug.xcconfig */,
-				4D9D2DDDCD92DBB948D38B11 /* Pods-Santa.release.xcconfig */,
-				691189054F4E484D030CF831 /* Pods-santactl.debug.xcconfig */,
-				2B9F8A80C0F8D34D98135F36 /* Pods-santactl.release.xcconfig */,
-				95B378553DCD86290341B8E4 /* Pods-santad.debug.xcconfig */,
-				7C9CC3CDF2609E78E6A9C601 /* Pods-santad.release.xcconfig */,
+				5B0D17672432F610DE7F14EA /* Pods-LogicTests.debug.xcconfig */,
+				A5C68436912C0F98A7DE3BFA /* Pods-LogicTests.release.xcconfig */,
+				F25BED2D82EB26743AD59464 /* Pods-Santa.debug.xcconfig */,
+				6519E416CC4D06EE85DDB34B /* Pods-Santa.release.xcconfig */,
+				6A947802FC1698EC37A47F5C /* Pods-santactl.debug.xcconfig */,
+				5123AB484639A3640D62CB67 /* Pods-santactl.release.xcconfig */,
+				07B44952FAAF4CA056FC4A62 /* Pods-santad.debug.xcconfig */,
+				F1E491F3C201A2362E04FF81 /* Pods-santad.release.xcconfig */,
 			);
 			name = Pods;
 			sourceTree = "<group>";
 		};
-		9A8F78FCF1FF5934C80FB9B4 /* Frameworks */ = {
+		8ADEC8FA6FDD43E921A3E0D6 /* Frameworks */ = {
 			isa = PBXGroup;
 			children = (
-				873978BCE4B0DBD2A89C99D1 /* libPods-LogicTests.a */,
-				B2B9044B79DD2E4DEC5D3B7A /* libPods-Santa.a */,
-				556108C12FC29E329D82D4CB /* libPods-santactl.a */,
-				60A9B66BB0F7404D1F61D518 /* libPods-santad.a */,
+				3EAD1E725C5F299F58F754D7 /* libPods-LogicTests.a */,
+				8FE66FA803110026A2A57C59 /* libPods-Santa.a */,
+				DC914D8DD0F5C0E21DA45150 /* libPods-santactl.a */,
+				E57A355BC439804E082B9C0A /* libPods-santad.a */,
 			);
 			name = Frameworks;
 			sourceTree = "<group>";
@@ -885,13 +838,13 @@
 			isa = PBXNativeTarget;
 			buildConfigurationList = 0D260DBC18B68E12002A0B55 /* Build configuration list for PBXNativeTarget "LogicTests" */;
 			buildPhases = (
-				376E230296F6EA7A4DA8BBF0 /* [CP] Check Pods Manifest.lock */,
+				C22A218D691E062A00781563 /* [CP] Check Pods Manifest.lock */,
 				0D673DAD18FC9017009C5B06 /* Delete existing coverage files */,
 				0D260DA818B68E12002A0B55 /* Sources */,
 				0D260DA918B68E12002A0B55 /* Frameworks */,
 				0D260DAA18B68E12002A0B55 /* Resources */,
-				1D12555F0F4EF323B11E40F9 /* [CP] Embed Pods Frameworks */,
-				0C5C7A6AB763BCE7F760FAFF /* [CP] Copy Pods Resources */,
+				9F946EAD2A73FDCBE3FA3454 /* [CP] Embed Pods Frameworks */,
+				43EC969A89E13A43B4161035 /* [CP] Copy Pods Resources */,
 			);
 			buildRules = (
 			);
@@ -906,11 +859,11 @@
 			isa = PBXNativeTarget;
 			buildConfigurationList = 0D35BDA918FD71CE00921A21 /* Build configuration list for PBXNativeTarget "santactl" */;
 			buildPhases = (
-				5F1504EA0D172767F2BCAAEB /* [CP] Check Pods Manifest.lock */,
+				8EF1E72D9F742F663ABE8DCD /* [CP] Check Pods Manifest.lock */,
 				0DD98E671A5DD02000A754C6 /* Update Version Info */,
 				0D35BD9A18FD71CE00921A21 /* Sources */,
 				0D35BD9B18FD71CE00921A21 /* Frameworks */,
-				E50DD7319E04737B040B69EC /* [CP] Copy Pods Resources */,
+				3AA84DD536CCE6A50E24E85E /* [CP] Copy Pods Resources */,
 			);
 			buildRules = (
 			);
@@ -925,13 +878,13 @@
 			isa = PBXNativeTarget;
 			buildConfigurationList = 0D385DE3180DE4A900418BC6 /* Build configuration list for PBXNativeTarget "Santa" */;
 			buildPhases = (
-				373591F801D7B22635DAD7A0 /* [CP] Check Pods Manifest.lock */,
+				D5EF20F46A8F8B36E63D1709 /* [CP] Check Pods Manifest.lock */,
 				0DD98E681A5DD03E00A754C6 /* Update Version Info */,
 				0D385DB2180DE4A900418BC6 /* Sources */,
 				0D385DB3180DE4A900418BC6 /* Frameworks */,
 				0D385DB4180DE4A900418BC6 /* Resources */,
-				31CD7EDCDEBD95322ED67F63 /* [CP] Embed Pods Frameworks */,
-				B3EB60284D47F89140F5A033 /* [CP] Copy Pods Resources */,
+				50E59E61A01D3126C43D49BB /* [CP] Embed Pods Frameworks */,
+				F1D2415B87633FA13FC7AA29 /* [CP] Copy Pods Resources */,
 			);
 			buildRules = (
 			);
@@ -968,11 +921,11 @@
 			isa = PBXNativeTarget;
 			buildConfigurationList = 0D9A7F471759330500035EB5 /* Build configuration list for PBXNativeTarget "santad" */;
 			buildPhases = (
-				A3D478EF1D48EA118AF176E9 /* [CP] Check Pods Manifest.lock */,
+				828CFA7B34B9061FAFA68503 /* [CP] Check Pods Manifest.lock */,
 				0DD98E661A5DCED300A754C6 /* Update Version Info */,
 				0D9A7F391759330400035EB5 /* Sources */,
 				0D9A7F3A1759330400035EB5 /* Frameworks */,
-				435B0E246EE25ACC763D684C /* [CP] Copy Pods Resources */,
+				999D3C0A9B06CC3DFFB45CEA /* [CP] Copy Pods Resources */,
 			);
 			buildRules = (
 			);
@@ -1050,21 +1003,6 @@
 /* End PBXResourcesBuildPhase section */
 
 /* Begin PBXShellScriptBuildPhase section */
-		0C5C7A6AB763BCE7F760FAFF /* [CP] Copy Pods Resources */ = {
-			isa = PBXShellScriptBuildPhase;
-			buildActionMask = 2147483647;
-			files = (
-			);
-			inputPaths = (
-			);
-			name = "[CP] Copy Pods Resources";
-			outputPaths = (
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-			shellPath = /bin/sh;
-			shellScript = "\"${SRCROOT}/Pods/Target Support Files/Pods-LogicTests/Pods-LogicTests-resources.sh\"\n";
-			showEnvVarsInLog = 0;
-		};
 		0D45F4271A5DCB7A00BF4375 /* Update Version Info */ = {
 			isa = PBXShellScriptBuildPhase;
 			buildActionMask = 2147483647;
@@ -1158,22 +1096,37 @@
 			shellPath = /bin/sh;
 			shellScript = "GIT_TAG=$(git describe --abbrev=0 --tags)\nsed -i '' \"s/TO.BE.FILLED/${GIT_TAG}/\" ${DERIVED_FILE_DIR}/santa-driver_info.c";
 		};
-		1D12555F0F4EF323B11E40F9 /* [CP] Embed Pods Frameworks */ = {
+		3AA84DD536CCE6A50E24E85E /* [CP] Copy Pods Resources */ = {
 			isa = PBXShellScriptBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
 			);
 			inputPaths = (
 			);
-			name = "[CP] Embed Pods Frameworks";
+			name = "[CP] Copy Pods Resources";
 			outputPaths = (
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 			shellPath = /bin/sh;
-			shellScript = "\"${SRCROOT}/Pods/Target Support Files/Pods-LogicTests/Pods-LogicTests-frameworks.sh\"\n";
+			shellScript = "\"${SRCROOT}/Pods/Target Support Files/Pods-santactl/Pods-santactl-resources.sh\"\n";
 			showEnvVarsInLog = 0;
 		};
-		31CD7EDCDEBD95322ED67F63 /* [CP] Embed Pods Frameworks */ = {
+		43EC969A89E13A43B4161035 /* [CP] Copy Pods Resources */ = {
+			isa = PBXShellScriptBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+			);
+			inputPaths = (
+			);
+			name = "[CP] Copy Pods Resources";
+			outputPaths = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+			shellPath = /bin/sh;
+			shellScript = "\"${SRCROOT}/Pods/Target Support Files/Pods-LogicTests/Pods-LogicTests-resources.sh\"\n";
+			showEnvVarsInLog = 0;
+		};
+		50E59E61A01D3126C43D49BB /* [CP] Embed Pods Frameworks */ = {
 			isa = PBXShellScriptBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
@@ -1188,7 +1141,7 @@
 			shellScript = "\"${SRCROOT}/Pods/Target Support Files/Pods-Santa/Pods-Santa-frameworks.sh\"\n";
 			showEnvVarsInLog = 0;
 		};
-		373591F801D7B22635DAD7A0 /* [CP] Check Pods Manifest.lock */ = {
+		828CFA7B34B9061FAFA68503 /* [CP] Check Pods Manifest.lock */ = {
 			isa = PBXShellScriptBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
@@ -1200,10 +1153,10 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 			shellPath = /bin/sh;
-			shellScript = "diff \"${PODS_ROOT}/../Podfile.lock\" \"${PODS_ROOT}/Manifest.lock\" > /dev/null\nif [[ $? != 0 ]] ; then\n    cat << EOM\nerror: The sandbox is not in sync with the Podfile.lock. Run 'pod install' or update your CocoaPods installation.\nEOM\n    exit 1\nfi\n";
+			shellScript = "diff \"${PODS_PODFILE_DIR_PATH}/Podfile.lock\" \"${PODS_ROOT}/Manifest.lock\" > /dev/null\nif [ $? != 0 ] ; then\n    # print error to STDERR\n    echo \"error: The sandbox is not in sync with the Podfile.lock. Run 'pod install' or update your CocoaPods installation.\" >&2\n    exit 1\nfi\n";
 			showEnvVarsInLog = 0;
 		};
-		376E230296F6EA7A4DA8BBF0 /* [CP] Check Pods Manifest.lock */ = {
+		8EF1E72D9F742F663ABE8DCD /* [CP] Check Pods Manifest.lock */ = {
 			isa = PBXShellScriptBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
@@ -1215,10 +1168,10 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 			shellPath = /bin/sh;
-			shellScript = "diff \"${PODS_ROOT}/../Podfile.lock\" \"${PODS_ROOT}/Manifest.lock\" > /dev/null\nif [[ $? != 0 ]] ; then\n    cat << EOM\nerror: The sandbox is not in sync with the Podfile.lock. Run 'pod install' or update your CocoaPods installation.\nEOM\n    exit 1\nfi\n";
+			shellScript = "diff \"${PODS_PODFILE_DIR_PATH}/Podfile.lock\" \"${PODS_ROOT}/Manifest.lock\" > /dev/null\nif [ $? != 0 ] ; then\n    # print error to STDERR\n    echo \"error: The sandbox is not in sync with the Podfile.lock. Run 'pod install' or update your CocoaPods installation.\" >&2\n    exit 1\nfi\n";
 			showEnvVarsInLog = 0;
 		};
-		435B0E246EE25ACC763D684C /* [CP] Copy Pods Resources */ = {
+		999D3C0A9B06CC3DFFB45CEA /* [CP] Copy Pods Resources */ = {
 			isa = PBXShellScriptBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
@@ -1233,7 +1186,22 @@
 			shellScript = "\"${SRCROOT}/Pods/Target Support Files/Pods-santad/Pods-santad-resources.sh\"\n";
 			showEnvVarsInLog = 0;
 		};
-		5F1504EA0D172767F2BCAAEB /* [CP] Check Pods Manifest.lock */ = {
+		9F946EAD2A73FDCBE3FA3454 /* [CP] Embed Pods Frameworks */ = {
+			isa = PBXShellScriptBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+			);
+			inputPaths = (
+			);
+			name = "[CP] Embed Pods Frameworks";
+			outputPaths = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+			shellPath = /bin/sh;
+			shellScript = "\"${SRCROOT}/Pods/Target Support Files/Pods-LogicTests/Pods-LogicTests-frameworks.sh\"\n";
+			showEnvVarsInLog = 0;
+		};
+		C22A218D691E062A00781563 /* [CP] Check Pods Manifest.lock */ = {
 			isa = PBXShellScriptBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
@@ -1245,10 +1213,10 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 			shellPath = /bin/sh;
-			shellScript = "diff \"${PODS_ROOT}/../Podfile.lock\" \"${PODS_ROOT}/Manifest.lock\" > /dev/null\nif [[ $? != 0 ]] ; then\n    cat << EOM\nerror: The sandbox is not in sync with the Podfile.lock. Run 'pod install' or update your CocoaPods installation.\nEOM\n    exit 1\nfi\n";
+			shellScript = "diff \"${PODS_PODFILE_DIR_PATH}/Podfile.lock\" \"${PODS_ROOT}/Manifest.lock\" > /dev/null\nif [ $? != 0 ] ; then\n    # print error to STDERR\n    echo \"error: The sandbox is not in sync with the Podfile.lock. Run 'pod install' or update your CocoaPods installation.\" >&2\n    exit 1\nfi\n";
 			showEnvVarsInLog = 0;
 		};
-		A3D478EF1D48EA118AF176E9 /* [CP] Check Pods Manifest.lock */ = {
+		D5EF20F46A8F8B36E63D1709 /* [CP] Check Pods Manifest.lock */ = {
 			isa = PBXShellScriptBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
@@ -1260,10 +1228,10 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 			shellPath = /bin/sh;
-			shellScript = "diff \"${PODS_ROOT}/../Podfile.lock\" \"${PODS_ROOT}/Manifest.lock\" > /dev/null\nif [[ $? != 0 ]] ; then\n    cat << EOM\nerror: The sandbox is not in sync with the Podfile.lock. Run 'pod install' or update your CocoaPods installation.\nEOM\n    exit 1\nfi\n";
+			shellScript = "diff \"${PODS_PODFILE_DIR_PATH}/Podfile.lock\" \"${PODS_ROOT}/Manifest.lock\" > /dev/null\nif [ $? != 0 ] ; then\n    # print error to STDERR\n    echo \"error: The sandbox is not in sync with the Podfile.lock. Run 'pod install' or update your CocoaPods installation.\" >&2\n    exit 1\nfi\n";
 			showEnvVarsInLog = 0;
 		};
-		B3EB60284D47F89140F5A033 /* [CP] Copy Pods Resources */ = {
+		F1D2415B87633FA13FC7AA29 /* [CP] Copy Pods Resources */ = {
 			isa = PBXShellScriptBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
@@ -1278,21 +1246,6 @@
 			shellScript = "\"${SRCROOT}/Pods/Target Support Files/Pods-Santa/Pods-Santa-resources.sh\"\n";
 			showEnvVarsInLog = 0;
 		};
-		E50DD7319E04737B040B69EC /* [CP] Copy Pods Resources */ = {
-			isa = PBXShellScriptBuildPhase;
-			buildActionMask = 2147483647;
-			files = (
-			);
-			inputPaths = (
-			);
-			name = "[CP] Copy Pods Resources";
-			outputPaths = (
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-			shellPath = /bin/sh;
-			shellScript = "\"${SRCROOT}/Pods/Target Support Files/Pods-santactl/Pods-santactl-resources.sh\"\n";
-			showEnvVarsInLog = 0;
-		};
 /* End PBXShellScriptBuildPhase section */
 
 /* Begin PBXSourcesBuildPhase section */
@@ -1388,6 +1341,7 @@
 				0D827E6719DF3C74006EC811 /* SNTCommandStatus.m in Sources */,
 				0D0A1EC6191AB9B000B8450F /* SNTCommandSyncPostflight.m in Sources */,
 				0D35BDAC18FD7CFD00921A21 /* SNTCommandController.m in Sources */,
+				C7E3A30E1ECF7D400073689C /* SNTCommandLog.m in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -1534,6 +1488,10 @@
 				GCC_WARN_UNUSED_FUNCTION = YES;
 				GCC_WARN_UNUSED_VARIABLE = YES;
 				INSTALL_PATH = "";
+				OTHER_CPLUSPLUSFLAGS = (
+					"$(OTHER_CFLAGS)",
+					"-fcxx-modules",
+				);
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				PROVISIONING_PROFILE = "";
 				WARNING_CFLAGS = "";
@@ -1564,6 +1522,10 @@
 				GCC_WARN_UNUSED_FUNCTION = YES;
 				GCC_WARN_UNUSED_VARIABLE = YES;
 				INSTALL_PATH = "";
+				OTHER_CPLUSPLUSFLAGS = (
+					"$(OTHER_CFLAGS)",
+					"-fcxx-modules",
+				);
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				PROVISIONING_PROFILE = "";
 				WARNING_CFLAGS = "";
@@ -1572,7 +1534,7 @@
 		};
 		0D260DBA18B68E12002A0B55 /* Debug */ = {
 			isa = XCBuildConfiguration;
-			baseConfigurationReference = 4E43227BA5B261FF33141AFC /* Pods-LogicTests.debug.xcconfig */;
+			baseConfigurationReference = 5B0D17672432F610DE7F14EA /* Pods-LogicTests.debug.xcconfig */;
 			buildSettings = {
 				ALWAYS_SEARCH_USER_PATHS = NO;
 				CLANG_ENABLE_OBJC_ARC = YES;
@@ -1595,7 +1557,6 @@
 				GCC_ENABLE_OBJC_EXCEPTIONS = YES;
 				GCC_GENERATE_TEST_COVERAGE_FILES = YES;
 				GCC_PRECOMPILE_PREFIX_HEADER = YES;
-				GCC_PREFIX_HEADER = "Tests/LogicTests/Resources/Tests-Prefix.pch";
 				GCC_PREPROCESSOR_DEFINITIONS = (
 					"DEBUG=1",
 					"$(inherited)",
@@ -1621,7 +1582,7 @@
 		};
 		0D260DBB18B68E12002A0B55 /* Release */ = {
 			isa = XCBuildConfiguration;
-			baseConfigurationReference = 821428941753678DB772D761 /* Pods-LogicTests.release.xcconfig */;
+			baseConfigurationReference = A5C68436912C0F98A7DE3BFA /* Pods-LogicTests.release.xcconfig */;
 			buildSettings = {
 				ALWAYS_SEARCH_USER_PATHS = NO;
 				CLANG_ENABLE_OBJC_ARC = YES;
@@ -1644,7 +1605,6 @@
 				GCC_ENABLE_OBJC_EXCEPTIONS = YES;
 				GCC_GENERATE_TEST_COVERAGE_FILES = YES;
 				GCC_PRECOMPILE_PREFIX_HEADER = YES;
-				GCC_PREFIX_HEADER = "Tests/LogicTests/Resources/Tests-Prefix.pch";
 				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
 				GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR;
 				GCC_WARN_UNDECLARED_SELECTOR = YES;
@@ -1665,10 +1625,9 @@
 		};
 		0D35BDA718FD71CE00921A21 /* Debug */ = {
 			isa = XCBuildConfiguration;
-			baseConfigurationReference = 691189054F4E484D030CF831 /* Pods-santactl.debug.xcconfig */;
+			baseConfigurationReference = 6A947802FC1698EC37A47F5C /* Pods-santactl.debug.xcconfig */;
 			buildSettings = {
 				ALWAYS_SEARCH_USER_PATHS = NO;
-				CLANG_ENABLE_MODULES = YES;
 				CLANG_ENABLE_OBJC_ARC = YES;
 				CLANG_STATIC_ANALYZER_MODE = deep;
 				CLANG_WARN_BOOL_CONVERSION = YES;
@@ -1684,7 +1643,6 @@
 				GCC_DYNAMIC_NO_PIC = NO;
 				GCC_ENABLE_OBJC_EXCEPTIONS = YES;
 				GCC_PRECOMPILE_PREFIX_HEADER = YES;
-				GCC_PREFIX_HEADER = "Source/santactl/Resources/santactl-Prefix.pch";
 				GCC_PREPROCESSOR_DEFINITIONS = (
 					"DEBUG=1",
 					"$(inherited)",
@@ -1705,10 +1663,9 @@
 		};
 		0D35BDA818FD71CE00921A21 /* Release */ = {
 			isa = XCBuildConfiguration;
-			baseConfigurationReference = 2B9F8A80C0F8D34D98135F36 /* Pods-santactl.release.xcconfig */;
+			baseConfigurationReference = 5123AB484639A3640D62CB67 /* Pods-santactl.release.xcconfig */;
 			buildSettings = {
 				ALWAYS_SEARCH_USER_PATHS = NO;
-				CLANG_ENABLE_MODULES = YES;
 				CLANG_ENABLE_OBJC_ARC = YES;
 				CLANG_STATIC_ANALYZER_MODE = deep;
 				CLANG_WARN_BOOL_CONVERSION = YES;
@@ -1724,7 +1681,6 @@
 				ENABLE_NS_ASSERTIONS = NO;
 				GCC_ENABLE_OBJC_EXCEPTIONS = YES;
 				GCC_PRECOMPILE_PREFIX_HEADER = YES;
-				GCC_PREFIX_HEADER = "Source/santactl/Resources/santactl-Prefix.pch";
 				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
 				GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR;
 				GCC_WARN_UNDECLARED_SELECTOR = YES;
@@ -1740,11 +1696,10 @@
 		};
 		0D385DE4180DE4A900418BC6 /* Debug */ = {
 			isa = XCBuildConfiguration;
-			baseConfigurationReference = D227889DF327E7D3532FE00B /* Pods-Santa.debug.xcconfig */;
+			baseConfigurationReference = F25BED2D82EB26743AD59464 /* Pods-Santa.debug.xcconfig */;
 			buildSettings = {
 				ALWAYS_SEARCH_USER_PATHS = NO;
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
-				CLANG_ENABLE_MODULES = NO;
 				CLANG_ENABLE_OBJC_ARC = YES;
 				CLANG_STATIC_ANALYZER_MODE = deep;
 				CLANG_WARN_BOOL_CONVERSION = YES;
@@ -1760,7 +1715,6 @@
 				GCC_DYNAMIC_NO_PIC = NO;
 				GCC_ENABLE_OBJC_EXCEPTIONS = YES;
 				GCC_PRECOMPILE_PREFIX_HEADER = YES;
-				GCC_PREFIX_HEADER = "Source/SantaGUI/Resources/Santa-Prefix.pch";
 				GCC_PREPROCESSOR_DEFINITIONS = (
 					"DEBUG=1",
 					"$(inherited)",
@@ -1781,11 +1735,10 @@
 		};
 		0D385DE5180DE4A900418BC6 /* Release */ = {
 			isa = XCBuildConfiguration;
-			baseConfigurationReference = 4D9D2DDDCD92DBB948D38B11 /* Pods-Santa.release.xcconfig */;
+			baseConfigurationReference = 6519E416CC4D06EE85DDB34B /* Pods-Santa.release.xcconfig */;
 			buildSettings = {
 				ALWAYS_SEARCH_USER_PATHS = NO;
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
-				CLANG_ENABLE_MODULES = NO;
 				CLANG_ENABLE_OBJC_ARC = YES;
 				CLANG_STATIC_ANALYZER_MODE = deep;
 				CLANG_WARN_BOOL_CONVERSION = YES;
@@ -1801,7 +1754,6 @@
 				ENABLE_NS_ASSERTIONS = NO;
 				GCC_ENABLE_OBJC_EXCEPTIONS = YES;
 				GCC_PRECOMPILE_PREFIX_HEADER = YES;
-				GCC_PREFIX_HEADER = "Source/SantaGUI/Resources/Santa-Prefix.pch";
 				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
 				GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR;
 				GCC_WARN_UNDECLARED_SELECTOR = YES;
@@ -1817,11 +1769,13 @@
 		};
 		0D91BCAC174E8A6500131A7D /* Debug */ = {
 			isa = XCBuildConfiguration;
+			baseConfigurationReference = 0D2429471E787655005C6FC9 /* DevelopmentTeam.xcconfig */;
 			buildSettings = {
 				CLANG_ANALYZER_SECURITY_FLOATLOOPCOUNTER = YES;
 				CLANG_ANALYZER_SECURITY_INSECUREAPI_RAND = YES;
 				CLANG_ANALYZER_SECURITY_INSECUREAPI_STRCPY = YES;
 				CLANG_CXX_LANGUAGE_STANDARD = "c++0x";
+				CLANG_ENABLE_MODULES = YES;
 				CLANG_WARN_CXX0X_EXTENSIONS = YES;
 				CODE_SIGN_IDENTITY = "Mac Developer";
 				ENABLE_TESTABILITY = YES;
@@ -1843,11 +1797,13 @@
 		};
 		0D91BCAD174E8A6500131A7D /* Release */ = {
 			isa = XCBuildConfiguration;
+			baseConfigurationReference = 0D2429471E787655005C6FC9 /* DevelopmentTeam.xcconfig */;
 			buildSettings = {
 				CLANG_ANALYZER_SECURITY_FLOATLOOPCOUNTER = YES;
 				CLANG_ANALYZER_SECURITY_INSECUREAPI_RAND = YES;
 				CLANG_ANALYZER_SECURITY_INSECUREAPI_STRCPY = YES;
 				CLANG_CXX_LANGUAGE_STANDARD = "c++0x";
+				CLANG_ENABLE_MODULES = YES;
 				CLANG_WARN_CXX0X_EXTENSIONS = YES;
 				CODE_SIGN_IDENTITY = "Mac Developer";
 				DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
@@ -1870,7 +1826,7 @@
 			isa = XCBuildConfiguration;
 			buildSettings = {
 				ALWAYS_SEARCH_USER_PATHS = NO;
-				CLANG_ENABLE_MODULES = YES;
+				CLANG_ENABLE_MODULES = NO;
 				CLANG_STATIC_ANALYZER_MODE = deep;
 				CLANG_WARN_CONSTANT_CONVERSION = YES;
 				CLANG_WARN_EMPTY_BODY = YES;
@@ -1908,7 +1864,7 @@
 			isa = XCBuildConfiguration;
 			buildSettings = {
 				ALWAYS_SEARCH_USER_PATHS = NO;
-				CLANG_ENABLE_MODULES = YES;
+				CLANG_ENABLE_MODULES = NO;
 				CLANG_STATIC_ANALYZER_MODE = deep;
 				CLANG_WARN_CONSTANT_CONVERSION = YES;
 				CLANG_WARN_EMPTY_BODY = YES;
@@ -1955,7 +1911,7 @@
 		};
 		0D9A7F481759330500035EB5 /* Debug */ = {
 			isa = XCBuildConfiguration;
-			baseConfigurationReference = 95B378553DCD86290341B8E4 /* Pods-santad.debug.xcconfig */;
+			baseConfigurationReference = 07B44952FAAF4CA056FC4A62 /* Pods-santad.debug.xcconfig */;
 			buildSettings = {
 				ALWAYS_SEARCH_USER_PATHS = NO;
 				CLANG_ENABLE_OBJC_ARC = YES;
@@ -1970,7 +1926,6 @@
 				GCC_DYNAMIC_NO_PIC = NO;
 				GCC_ENABLE_OBJC_EXCEPTIONS = YES;
 				GCC_PRECOMPILE_PREFIX_HEADER = YES;
-				GCC_PREFIX_HEADER = "Source/santad/Resources/santad-Prefix.pch";
 				GCC_PREPROCESSOR_DEFINITIONS = (
 					"DEBUG=1",
 					"$(inherited)",
@@ -1990,7 +1945,7 @@
 		};
 		0D9A7F491759330500035EB5 /* Release */ = {
 			isa = XCBuildConfiguration;
-			baseConfigurationReference = 7C9CC3CDF2609E78E6A9C601 /* Pods-santad.release.xcconfig */;
+			baseConfigurationReference = F1E491F3C201A2362E04FF81 /* Pods-santad.release.xcconfig */;
 			buildSettings = {
 				ALWAYS_SEARCH_USER_PATHS = NO;
 				CLANG_ENABLE_OBJC_ARC = YES;
@@ -2004,7 +1959,6 @@
 				CREATE_INFOPLIST_SECTION_IN_BINARY = YES;
 				GCC_ENABLE_OBJC_EXCEPTIONS = YES;
 				GCC_PRECOMPILE_PREFIX_HEADER = YES;
-				GCC_PREFIX_HEADER = "Source/santad/Resources/santad-Prefix.pch";
 				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
 				GCC_WARN_ABOUT_RETURN_TYPE = YES;
 				GCC_WARN_UNINITIALIZED_AUTOS = YES;

Source/SantaGUI/Resources/Santa-Prefix.pch

@@ -1,3 +0,0 @@
-#ifdef __OBJC__
-  #import <Cocoa/Cocoa.h>
-#endif

Source/SantaGUI/SNTAboutWindowController.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Cocoa;
+
 @interface SNTAboutWindowController : NSWindowController
 
 @property IBOutlet NSButton *moreInfoButton;

Source/SantaGUI/SNTAccessibleTextField.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Cocoa;
+
 /**
    An NSTextField subclass that provides an accessiblity label equal to:
    (self.toolTip + self.stringValue) where available. It also sets the

Source/SantaGUI/SNTAppDelegate.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Cocoa;
+
 ///
 /// Initiates and manages the connection to santad
 ///

Source/SantaGUI/SNTMessageWindow.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Cocoa;
+
 ///
 ///  An NSPanel that can become key/main and can fade in/out.
 ///

Source/SantaGUI/SNTMessageWindowController.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Cocoa;
+
 @class SNTStoredEvent;
 
 @protocol SNTMessageWindowControllerDelegate

Source/SantaGUI/SNTMessageWindowController.m

@@ -14,7 +14,7 @@
 
 #import "SNTMessageWindowController.h"
 
-#import <SecurityInterface/SFCertificatePanel.h>
+@import SecurityInterface.SFCertificatePanel;
 
 #import "MOLCertificate.h"
 #import "SNTBlockMessage.h"

Source/SantaGUI/SNTNotificationManager.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Cocoa;
+
 #import "SNTMessageWindowController.h"
 #import "SNTXPCNotifierInterface.h"
 

Source/SantaGUI/main.m

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Cocoa;
+
 #import "SNTAppDelegate.h"
 
 int main(int argc, const char *argv[]) {

Source/common/SNTBlockMessage.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 @class SNTStoredEvent;
 
 @interface SNTBlockMessage : NSObject

Source/common/SNTCommonEnums.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 ///
 ///  These enums are used in various places throughout the Santa client code.
 ///  The integer values are also stored in the database and so shouldn't be changed.

Source/common/SNTConfigurator.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommonEnums.h"
 
 ///
@@ -143,9 +145,14 @@ extern NSString *const kDefaultConfigFilePath;
 @property(readonly, nonatomic) NSString *machineOwner;
 
 ///
-///  The last date of successful sync.
+///  The last date of a successful full sync.
 ///
-@property(nonatomic) NSDate *syncLastSuccess;
+@property(nonatomic) NSDate *fullSyncLastSuccess;
+
+///
+///  The last date of a successful rule sync.
+///
+@property(nonatomic) NSDate *ruleSyncLastSuccess;
 
 ///
 ///  If YES a clean sync is required.
@@ -157,6 +164,24 @@ extern NSString *const kDefaultConfigFilePath;
 ///
 @property(readonly, nonatomic) NSString *machineID;
 
+///
+///  The number of seconds in-between full syncs while connected to FCM
+///
+///  @note The default value is 14400.
+///  @note The minimum value is 600.
+///
+@property(readonly, nonatomic) NSInteger FCMFullSyncInterval;
+
+///
+///  The maximum number of seconds to wait before a rule sync when
+///  receiving a global rule sync message. Each client will choose a random
+///  number of seconds between 0 and FCMGlobalRuleLeeway.
+///
+///  @note The default value is 600.
+///  @note The minimum value is 60.
+///
+@property(readonly, nonatomic) NSInteger FCMGlobalRuleLeeway;
+
 #pragma mark Server Auth Settings
 
 ///

Source/common/SNTConfigurator.m

@@ -52,7 +52,8 @@ static NSString *const kModeNotificationMonitor = @"ModeNotificationMonitor";
 static NSString *const kModeNotificationLockdown = @"ModeNotificationLockdown";
 
 static NSString *const kSyncBaseURLKey = @"SyncBaseURL";
-static NSString *const kSyncLastSuccess = @"SyncLastSuccess";
+static NSString *const kFullSyncLastSuccess = @"FullSyncLastSuccess";
+static NSString *const kRuleSyncLastSuccess = @"RuleSyncLastSuccess";
 static NSString *const kSyncCleanRequired = @"SyncCleanRequired";
 static NSString *const kClientAuthCertificateFileKey = @"ClientAuthCertificateFile";
 static NSString *const kClientAuthCertificatePasswordKey = @"ClientAuthCertificatePassword";
@@ -70,6 +71,9 @@ static NSString *const kMachineOwnerPlistKeyKey = @"MachineOwnerKey";
 static NSString *const kMachineIDPlistFileKey = @"MachineIDPlist";
 static NSString *const kMachineIDPlistKeyKey = @"MachineIDKey";
 
+static NSString *const kFCMFullSyncInterval = @"FCMFullSyncInterval";
+static NSString *const kFCMGlobalRuleLeeway = @"FCMGlobalRuleLeeway";
+
 - (instancetype)initWithFilePath:(NSString *)filePath {
   self = [super init];
   if (self) {
@@ -111,7 +115,7 @@ static NSString *const kMachineIDPlistKeyKey = @"MachineIDKey";
     return (SNTClientMode)cm;
   } else {
     LOGE(@"Client mode was set to bad value: %ld. Resetting to MONITOR.", cm);
-    self.configData[kClientModeKey] = @(SNTClientModeMonitor);
+    self.clientMode = SNTClientModeMonitor;
     return SNTClientModeMonitor;
   }
 }
@@ -259,12 +263,22 @@ static NSString *const kMachineIDPlistKeyKey = @"MachineIDKey";
   return self.configData[kServerAuthRootsFileKey];
 }
 
-- (NSDate *)syncLastSuccess {
-  return self.configData[kSyncLastSuccess];
+- (NSDate *)fullSyncLastSuccess {
+  return self.configData[kFullSyncLastSuccess];
 }
 
-- (void)setSyncLastSuccess:(NSDate *)syncLastSuccess {
-  self.configData[kSyncLastSuccess] = syncLastSuccess;
+- (void)setFullSyncLastSuccess:(NSDate *)fullSyncLastSuccess {
+  self.configData[kFullSyncLastSuccess] = fullSyncLastSuccess;
+  [self saveConfigToDisk];
+  self.ruleSyncLastSuccess = fullSyncLastSuccess;
+}
+
+- (NSDate *)ruleSyncLastSuccess {
+  return self.configData[kRuleSyncLastSuccess];
+}
+
+- (void)setRuleSyncLastSuccess:(NSDate *)ruleSyncLastSuccess {
+  self.configData[kRuleSyncLastSuccess] = ruleSyncLastSuccess;
   [self saveConfigToDisk];
 }
 
@@ -315,9 +329,26 @@ static NSString *const kMachineIDPlistKeyKey = @"MachineIDKey";
   return machineId;
 }
 
+- (NSInteger)FCMFullSyncInterval {
+  NSInteger interval = [self.configData[kFCMFullSyncInterval] integerValue];
+  return (interval < 600) ? 1440 : interval;
+}
+
+- (NSInteger)FCMGlobalRuleLeeway {
+  NSInteger leeway = [self.configData[kFCMGlobalRuleLeeway] integerValue];
+  return (leeway < 60) ? 600 : leeway;
+}
+
 - (void)reloadConfigData {
   NSFileManager *fm = [NSFileManager defaultManager];
-  if (![fm fileExistsAtPath:self.configFilePath]) return;
+  if (![fm fileExistsAtPath:self.configFilePath]) {
+    // As soon as saveConfigToDisk is called, reloadConfigData will be called again because
+    // of the SNTFileWatchers on the config path. No need to use dictionaryWithCapacity: here.
+    self.configData = [NSMutableDictionary dictionary];
+    self.configData[kClientModeKey] = @(SNTClientModeMonitor);
+    [self saveConfigToDisk];
+    return;
+  };
 
   NSError *error;
   NSData *readData = [NSData dataWithContentsOfFile:self.configFilePath

Source/common/SNTDropRootPrivs.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 ///
 ///  Simple function to check and drop root privileges.
 ///

Source/common/SNTFileInfo.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 ///
 ///  Represents a binary on disk, providing access to details about that binary
 ///  such as the SHA-1, SHA-256, Info.plist and the Mach-O data.

Source/common/SNTFileWatcher.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 ///
 ///  Simple file watching class using dispatch sources. Will automatically
 ///  reload the watch if the file is deleted and continue watching for

Source/common/SNTFileWatcher.m

@@ -18,7 +18,7 @@
 
 @interface SNTFileWatcher ()
 @property NSString *filePath;
-@property(strong) void (^handler)(unsigned long);
+@property(copy) void (^handler)(unsigned long);
 
 @property dispatch_source_t source;
 @end
@@ -52,7 +52,8 @@
 
   dispatch_async(queue, ^{
     int fd = -1;
-    while ((fd = open([self.filePath fileSystemRepresentation], O_EVTONLY | O_CLOEXEC)) < 0) {
+    const char *filePath = [self.filePath fileSystemRepresentation];
+    while ((fd = open(filePath, O_EVTONLY | O_CLOEXEC)) < 0) {
       usleep(200000);  // wait 200ms
     }
     self.source = dispatch_source_create(DISPATCH_SOURCE_TYPE_VNODE, fd, mask, queue);

Source/common/SNTKernelCommon.h

@@ -40,12 +40,24 @@ enum SantaDriverMethods {
   kSantaUserClientClearCache,
   kSantaUserClientCacheCount,
   kSantaUserClientCheckCache,
+  kSantaUserClientSetFileopLoggingFilter,
 
   // Any methods supported by the driver should be added above this line to
   // ensure this remains the count of methods.
   kSantaUserClientNMethods,
 };
 
+typedef enum {
+  kFilterLogNone = 0,
+  kFilterLogAll = ~0U,
+
+  kFileopLogWrite = 1,
+  kFileopLogRename = 1 << 2,
+  kFileopLogExchange = 1 << 3,
+  kFileopLogLink = 1 << 4,
+  kFileopLogDelete = 1 << 5,
+} fileop_log_filter_t;
+
 typedef enum {
   QUEUETYPE_DECISION,
   QUEUETYPE_LOG

Source/common/SNTLogging.h

@@ -34,6 +34,8 @@
 
 #else  // KERNEL
 
+@import Foundation;
+
 typedef enum : NSUInteger {
   LOG_LEVEL_ERROR,
   LOG_LEVEL_WARN,

Source/common/SNTRule.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommonEnums.h"
 
 ///

Source/common/SNTStoredEvent.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommonEnums.h"
 
 ///

Source/common/SNTSystemInfo.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 ///
 ///  Simple class for fetching system information
 ///

Source/common/SNTXPCConnection.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 /**
   A wrapper around NSXPCListener and NSXPCConnection to provide client multiplexing, signature
   validation of connecting clients and forced connection establishment.

Source/common/SNTXPCConnection.m

@@ -113,8 +113,10 @@
     // send a message to the listener to finish establishing the connection
     dispatch_semaphore_t sema = dispatch_semaphore_create(0);
     self.currentConnection.remoteObjectInterface = self.validationInterface;
-    self.currentConnection.interruptionHandler = self.invalidationHandler;
-    self.currentConnection.invalidationHandler = self.invalidationHandler;
+    self.currentConnection.interruptionHandler = self.currentConnection.invalidationHandler = ^{
+      STRONGIFY(self);
+      if (self.invalidationHandler) self.invalidationHandler();
+    };
     [self.currentConnection resume];
     [[self.currentConnection remoteObjectProxy] connectWithReply:^{
       STRONGIFY(self);

Source/common/SNTXPCControlInterface.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import <MOLCertificate/MOLCertificate.h>
 
 #import "SNTCachedDecision.h"
@@ -33,6 +35,7 @@
 - (void)cacheCount:(void (^)(int64_t))reply;
 - (void)flushCache:(void (^)(BOOL))reply;
 - (void)checkCacheForVnodeID:(uint64_t)vnodeID withReply:(void (^)(santa_action_t))reply;
+- (void)setFileopLoggingFilter:(fileop_log_filter_t)filter withReply:(void (^)())reply;
 
 ///
 ///  Database ops
@@ -73,6 +76,7 @@
 - (void)xsrfToken:(void (^)(NSString *))reply;
 - (void)setXsrfToken:(NSString *)token reply:(void (^)())reply;
 - (void)setSyncLastSuccess:(NSDate *)date reply:(void (^)())reply;
+- (void)setRuleSyncLastSuccess:(NSDate *)date reply:(void (^)())reply;
 - (void)setSyncCleanRequired:(BOOL)cleanReqd reply:(void (^)())reply;
 - (void)setWhitelistPathRegex:(NSString *)pattern reply:(void (^)())reply;
 - (void)setBlacklistPathRegex:(NSString *)pattern reply:(void (^)())reply;

Source/common/SNTXPCNotifierInterface.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommonEnums.h"
 
 @class SNTStoredEvent;

Source/common/SNTXPCSyncdInterface.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommonEnums.h"
 
 @class SNTStoredEvent;

Source/santa-driver/SantaCache.h

@@ -247,7 +247,7 @@ template<class T> class SantaCache {
   /**
     Holder for a 'zero' entry for the current type
   */
-  T zero_ = {};
+  const T zero_ = T(0);
 
   /**
     Special bucket used when automatically clearing due to size

Source/santa-driver/SantaDecisionManager.cc

@@ -374,6 +374,12 @@ bool SantaDecisionManager::PostToLogQueue(santa_message_t *message) {
   return kr;
 }
 
+void SantaDecisionManager::SetFileopLoggingFilter(uint32_t filter) {
+  // All 32 bits should be set at once. Threads reading this value only do so once per run, so no
+  // extra serialization techniques are required.
+  fileop_log_filter_ = filter;
+}
+
 #pragma mark Invocation Tracking & PID comparison
 
 void SantaDecisionManager::IncrementListenerInvocations() {
@@ -466,26 +472,38 @@ void SantaDecisionManager::FileOpCallback(
 
     switch (action) {
       case KAUTH_FILEOP_CLOSE:
-        message->action = ACTION_NOTIFY_WRITE;
+        if (fileop_log_filter_ & kFileopLogWrite) {
+          message->action = ACTION_NOTIFY_WRITE;
+        }
         break;
       case KAUTH_FILEOP_RENAME:
-        message->action = ACTION_NOTIFY_RENAME;
+        if (fileop_log_filter_ & kFileopLogRename) {
+          message->action = ACTION_NOTIFY_RENAME;
+        }
         break;
       case KAUTH_FILEOP_LINK:
-        message->action = ACTION_NOTIFY_LINK;
+        if (fileop_log_filter_ & kFileopLogLink) {
+          message->action = ACTION_NOTIFY_LINK;
+        }
         break;
       case KAUTH_FILEOP_EXCHANGE:
-        message->action = ACTION_NOTIFY_EXCHANGE;
+        if (fileop_log_filter_ & kFileopLogExchange) {
+          message->action = ACTION_NOTIFY_EXCHANGE;
+        }
         break;
       case KAUTH_FILEOP_DELETE:
-        message->action = ACTION_NOTIFY_DELETE;
+        if (fileop_log_filter_ & kFileopLogDelete) {
+          message->action = ACTION_NOTIFY_DELETE;
+        }
         break;
       default:
         delete message;
         return;
     }
 
-    PostToLogQueue(message);
+    if (message->action != ACTION_UNSET) {
+      PostToLogQueue(message);
+    }
     delete message;
   }
 }

Source/santa-driver/SantaDecisionManager.h

@@ -101,6 +101,9 @@ class SantaDecisionManager : public OSObject {
   /// Clears the cache.
   void ClearCache();
 
+  /// Sets the logging filter bitmask.
+  void SetFileopLoggingFilter(uint32_t filter);
+
   /// Increments the count of active callbacks pending.
   void IncrementListenerInvocations();
 
@@ -267,6 +270,8 @@ class SantaDecisionManager : public OSObject {
   kauth_listener_t fileop_listener_;
 
   struct timespec ts_;
+
+  uint32_t fileop_log_filter_ = kFilterLogAll;
 };
 
 /**

Source/santa-driver/SantaDriverClient.cc

@@ -180,6 +180,18 @@ IOReturn SantaDriverClient::check_cache(
   return kIOReturnSuccess;
 }
 
+IOReturn SantaDriverClient::set_fileop_logging_filter(
+    OSObject *target, void *reference, IOExternalMethodArguments *arguments) {
+  SantaDriverClient *me = OSDynamicCast(SantaDriverClient, target);
+  if (!me) return kIOReturnBadArgument;
+
+  uint32_t input = (uint32_t)*arguments->scalarInput;
+  me->decisionManager->SetFileopLoggingFilter(input);
+
+  return kIOReturnSuccess;
+}
+
+
 #pragma mark Method Resolution
 
 IOReturn SantaDriverClient::externalMethod(
@@ -197,7 +209,8 @@ IOReturn SantaDriverClient::externalMethod(
     { &SantaDriverClient::deny_binary, 1, 0, 0, 0 },
     { &SantaDriverClient::clear_cache, 0, 0, 0, 0 },
     { &SantaDriverClient::cache_count, 0, 0, 1, 0 },
-    { &SantaDriverClient::check_cache, 1, 0, 1, 0 }
+    { &SantaDriverClient::check_cache, 1, 0, 1, 0 },
+    { &SantaDriverClient::set_fileop_logging_filter, 1, 0, 0, 0 }
   };
 
   if (selector > static_cast<UInt32>(kSantaUserClientNMethods)) {

Source/santa-driver/SantaDriverClient.h

@@ -100,6 +100,10 @@ class com_google_SantaDriverClient : public IOUserClient {
   static IOReturn check_cache(
       OSObject *target, void *reference, IOExternalMethodArguments *arguments);
 
+  ///  The daemon calls this to enable or disable portions of the fileop logging.
+  static IOReturn set_fileop_logging_filter(
+      OSObject *target, void *reference, IOExternalMethodArguments *arguments);
+
  private:
   com_google_SantaDriver *myProvider;
   SantaDecisionManager *decisionManager;

Source/santactl/Commands/SNTCommandCheckCache.m

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommandController.h"
 
 #import "SNTLogging.h"

Source/santactl/Commands/SNTCommandFileInfo.m

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommandController.h"
 
 #import <MOLCertificate/MOLCertificate.h>

Source/santactl/Commands/SNTCommandFlushCache.m

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommandController.h"
 
 #import "SNTLogging.h"

Source/santactl/Commands/SNTCommandLog.m

@@ -0,0 +1,115 @@
+/// Copyright 2017 Google Inc. All rights reserved.
+///
+/// Licensed under the Apache License, Version 2.0 (the "License");
+/// you may not use this file except in compliance with the License.
+/// You may obtain a copy of the License at
+///
+///    http://www.apache.org/licenses/LICENSE-2.0
+///
+///    Unless required by applicable law or agreed to in writing, software
+///    distributed under the License is distributed on an "AS IS" BASIS,
+///    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+///    See the License for the specific language governing permissions and
+///    limitations under the License.
+
+#import "SNTCommandController.h"
+
+#import "SNTKernelCommon.h"
+#import "SNTXPCConnection.h"
+#import "SNTXPCControlInterface.h"
+
+@interface SNTCommandLog : NSObject<SNTCommand>
+@end
+
+@implementation SNTCommandLog
+
+REGISTER_COMMAND_NAME(@"log")
+
++ (BOOL)requiresRoot {
+  return YES;
+}
+
++ (BOOL)requiresDaemonConn {
+  return YES;
+}
+
++ (NSString *)shortHelpText {
+  return @"Sets log types";
+}
+
++ (NSString *)longHelpText {
+  return (@"Usage: santactl log [options]\n"
+          @"  One of:\n"
+          @"    --enable:  [all, write, rename, exchange, link, delete]\n"
+          @"    --disable: [all, write, rename, exchange, link, delete]\n");
+}
+
++ (void)printErrorUsageAndExit:(NSString *)error {
+  printf("%s\n\n", [error UTF8String]);
+  printf("%s\n", [[self longHelpText] UTF8String]);
+  exit(1);
+}
+
++ (void)runWithArguments:(NSArray *)arguments daemonConnection:(SNTXPCConnection *)daemonConn {
+  NSArray *flags;
+  BOOL enable = NO;
+
+  // Parse arguments
+  for (NSUInteger i = 0; i < arguments.count; ++i) {
+    NSString *arg = arguments[i];
+
+    if ([arg caseInsensitiveCompare:@"--enable"] == NSOrderedSame) {
+      if (++i > arguments.count - 1) {
+        [self printErrorUsageAndExit:@"--enable requires an argument"];
+      }
+      enable = YES;
+      flags = [arguments subarrayWithRange:NSMakeRange(i, arguments.count - 1)];
+      break;
+    } else if ([arg caseInsensitiveCompare:@"--disable"] == NSOrderedSame) {
+      if (++i > arguments.count - 1) {
+        [self printErrorUsageAndExit:@"--disable requires an argument"];
+      }
+      flags = [arguments subarrayWithRange:NSMakeRange(i, arguments.count - 1)];
+      break;
+    } else {
+      [self printErrorUsageAndExit:[@"Unknown argument: " stringByAppendingString:arg]];
+    }
+  }
+
+  NSDictionary *flagMap = @{
+    @"all" : @(kFilterLogAll),
+    @"write" : @(kFileopLogWrite),
+    @"rename" : @(kFileopLogRename),
+    @"exchange" : @(kFileopLogExchange),
+    @"link" : @(kFileopLogLink),
+    @"delete" : @(kFileopLogDelete)
+  };
+
+  fileop_log_filter_t filter = enable ? kFilterLogNone : kFilterLogAll;
+  for (NSString *f in flags) {
+    if (![flagMap.allKeys containsObject:f]) {
+      [self printErrorUsageAndExit:[NSString stringWithFormat:@"Invalid flag: %@", f]];
+    }
+    if ([f isEqualToString:@"all"] && flags.count > 1) {
+      [self printErrorUsageAndExit:@"Use all by itself"];
+    }
+    if (enable) {
+      filter |= [flagMap[f] unsignedIntValue];
+    } else {
+      filter ^= [flagMap[f] unsignedIntValue];
+    }
+  }
+
+  [[daemonConn remoteObjectProxy] setFileopLoggingFilter:filter withReply:^{
+    printf("Success, set filter to: 0x%08x Enabled log types: ", filter);
+    for (NSString *f in flagMap.allKeys) {
+      if (filter & [flagMap[f] unsignedIntValue] && ![f isEqualToString:@"all"]) {
+        printf("%s ", f.UTF8String);
+      }
+    }
+    printf("\n");
+    exit(0);
+  }];
+}
+
+@end

Source/santactl/Commands/SNTCommandRule.m

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommandController.h"
 
 #include "SNTLogging.h"

Source/santactl/Commands/SNTCommandStatus.m

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommandController.h"
 
 #import "SNTConfigurator.h"
@@ -102,15 +104,21 @@ REGISTER_COMMAND_NAME(@"status")
   NSString *syncURLStr = [[[SNTConfigurator configurator] syncBaseURL] absoluteString];
   NSDateFormatter *dateFormatter = [[NSDateFormatter alloc] init];
   dateFormatter.dateFormat = @"yyyy/MM/dd HH:mm:ss Z";
-  NSDate *lastSyncSuccess = [[SNTConfigurator configurator] syncLastSuccess];
+  NSDate *lastSyncSuccess = [[SNTConfigurator configurator] fullSyncLastSuccess];
   NSString *lastSyncSuccessStr = [dateFormatter stringFromDate:lastSyncSuccess] ?: @"Never";
+  NSDate *lastRuleSyncSuccess = [[SNTConfigurator configurator] ruleSyncLastSuccess];
+  NSString *lastRuleSyncSuccessStr =
+      [dateFormatter stringFromDate:lastRuleSyncSuccess] ?: lastSyncSuccessStr;
   BOOL syncCleanReqd = [[SNTConfigurator configurator] syncCleanRequired];
-  __block BOOL pushNotifications;
-  dispatch_group_enter(group);
-  [[daemonConn remoteObjectProxy] pushNotifications:^(BOOL response) {
-    pushNotifications = response;
-    dispatch_group_leave(group);
-  }];
+
+  __block BOOL pushNotifications = NO;
+  if ([[SNTConfigurator configurator] syncBaseURL]) {
+    dispatch_group_enter(group);
+    [[daemonConn remoteObjectProxy] pushNotifications:^(BOOL response) {
+      pushNotifications = response;
+      dispatch_group_leave(group);
+    }];
+  }
 
   // Wait a maximum of 5s for stats collected from daemon to arrive.
   if (dispatch_group_wait(group, dispatch_time(DISPATCH_TIME_NOW, NSEC_PER_SEC * 5))) {
@@ -138,8 +146,9 @@ REGISTER_COMMAND_NAME(@"status")
       @"sync" : @{
         @"server" : syncURLStr ?: @"null",
         @"clean_required" : @(syncCleanReqd),
-        @"last_successful" : lastSyncSuccessStr ?: @"null",
-        @"push_notifications" : pushNotifications ? @"true" : @"false"
+        @"last_successful_full" : lastSyncSuccessStr ?: @"null",
+        @"last_successful_rule" : lastRuleSyncSuccessStr ?: @"null",
+        @"push_notifications" : pushNotifications ? @"Connected" : @"Disconnected"
       },
     };
     NSData *statsData = [NSJSONSerialization dataWithJSONObject:stats
@@ -149,23 +158,25 @@ REGISTER_COMMAND_NAME(@"status")
     printf("%s\n", [statsStr UTF8String]);
   } else {
     printf(">>> Daemon Info\n");
-    printf("  %-22s | %s\n", "Mode", [clientMode UTF8String]);
-    printf("  %-22s | %s\n", "File Logging", (fileLogging ? "Yes" : "No"));
-    printf("  %-22s | %lld  (Peak: %.2f%%)\n", "Watchdog CPU Events", cpuEvents, cpuPeak);
-    printf("  %-22s | %lld  (Peak: %.2fMB)\n", "Watchdog RAM Events", ramEvents, ramPeak);
+    printf("  %-25s | %s\n", "Mode", [clientMode UTF8String]);
+    printf("  %-25s | %s\n", "File Logging", (fileLogging ? "Yes" : "No"));
+    printf("  %-25s | %lld  (Peak: %.2f%%)\n", "Watchdog CPU Events", cpuEvents, cpuPeak);
+    printf("  %-25s | %lld  (Peak: %.2fMB)\n", "Watchdog RAM Events", ramEvents, ramPeak);
     printf(">>> Kernel Info\n");
-    printf("  %-22s | %lld\n", "Kernel cache count", cacheCount);
+    printf("  %-25s | %lld\n", "Kernel cache count", cacheCount);
     printf(">>> Database Info\n");
-    printf("  %-22s | %lld\n", "Binary Rules", binaryRuleCount);
-    printf("  %-22s | %lld\n", "Certificate Rules", certRuleCount);
-    printf("  %-22s | %lld\n", "Events Pending Upload", eventCount);
+    printf("  %-25s | %lld\n", "Binary Rules", binaryRuleCount);
+    printf("  %-25s | %lld\n", "Certificate Rules", certRuleCount);
+    printf("  %-25s | %lld\n", "Events Pending Upload", eventCount);
 
     if (syncURLStr) {
       printf(">>> Sync Info\n");
-      printf("  %-22s | %s\n", "Sync Server", [syncURLStr UTF8String]);
-      printf("  %-22s | %s\n", "Clean Sync Required", (syncCleanReqd ? "Yes" : "No"));
-      printf("  %-22s | %s\n", "Last Successful Sync", [lastSyncSuccessStr UTF8String]);
-      printf("  %-22s | %s\n", "Push Notifications", (pushNotifications ? "Yes" : "No"));
+      printf("  %-25s | %s\n", "Sync Server", [syncURLStr UTF8String]);
+      printf("  %-25s | %s\n", "Clean Sync Required", (syncCleanReqd ? "Yes" : "No"));
+      printf("  %-25s | %s\n", "Last Successful Full Sync", [lastSyncSuccessStr UTF8String]);
+      printf("  %-25s | %s\n", "Last Successful Rule Sync", [lastRuleSyncSuccessStr UTF8String]);
+      printf("  %-25s | %s\n", "Push Notifications",
+             (pushNotifications ? "Connected" : "Disconnected"));
     }
   }
 

Source/santactl/Commands/SNTCommandVersion.m

@@ -12,9 +12,11 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommandController.h"
 
-#include <IOKit/kext/KextManager.h>
+@import IOKit.kext;
 
 #import "SNTCommonEnums.h"
 #import "SNTFileInfo.h"

Source/santactl/Commands/sync/NSData+Zlib.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 /// Category on NSData providing the option of getting zlib or gzip compressed data.
 @interface NSData (Zlib)
 

Source/santactl/Commands/sync/SNTCommandSync.m

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommandController.h"
 
 #import "SNTCommandSyncManager.h"

Source/santactl/Commands/sync/SNTCommandSyncConstants.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 extern NSString *const kXSRFToken;
 
 extern NSString *const kSerialNumber;

Source/santactl/Commands/sync/SNTCommandSyncEventUpload.h

@@ -12,12 +12,12 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommandSyncStage.h"
 
 @interface SNTCommandSyncEventUpload : SNTCommandSyncStage
 
 - (BOOL)uploadEvents:(NSArray *)events;
 
-- (BOOL)syncBundleEvents;
-
 @end

Source/santactl/Commands/sync/SNTCommandSyncEventUpload.m

@@ -44,28 +44,6 @@
   return (dispatch_semaphore_wait(sema, DISPATCH_TIME_FOREVER) == 0);
 }
 
-- (BOOL)syncBundleEvents {
-  NSMutableArray *newEvents = [NSMutableArray array];
-  for (NSString *bundlePath in [NSSet setWithArray:self.syncState.bundleBinaryRequests]) {
-    __block NSArray *relatedBinaries;
-    __block BOOL shouldCancel = NO;
-    dispatch_semaphore_t sema = dispatch_semaphore_create(0);
-    dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_BACKGROUND, 0), ^{
-      relatedBinaries = [self findRelatedBinaries:bundlePath shouldCancel:&shouldCancel];
-      dispatch_semaphore_signal(sema);
-    });
-
-    // Give the search up to 5m to run
-    if (dispatch_semaphore_wait(sema, dispatch_time(DISPATCH_TIME_NOW, NSEC_PER_SEC * 300))) {
-      LOGD(@"Timed out while searching for related binaries at path %@", bundlePath);
-      shouldCancel = YES;
-    } else {
-      [newEvents addObjectsFromArray:relatedBinaries];
-    }
-  }
-  return [self uploadEvents:newEvents];
-}
-
 - (BOOL)uploadEvents:(NSArray *)events {
   NSMutableArray *uploadEvents = [[NSMutableArray alloc] init];
 
@@ -79,9 +57,6 @@
   NSDictionary *r = [self performRequest:[self requestWithDictionary:@{ kEvents: uploadEvents }]];
   if (!r) return NO;
 
-  // Keep track of bundle search requests
-  self.syncState.bundleBinaryRequests = r[kEventUploadBundleBinaries];
-
   LOGI(@"Uploaded %lu events", uploadEvents.count);
 
   // Remove event IDs. For Bundle Events the ID is 0 so nothing happens.
@@ -161,73 +136,4 @@
 #undef ADDKEY
 }
 
-/**
-  Find binaries within a bundle given the bundle's path. Will run until completion, however long
-  that might be. Search is done within the bundle concurrently, using up to 25 threads at once.
-
-  @param path, the path to begin searching underneath
-  @param shouldCancel, if YES, the search is cancelled part way through.
-  @return array of SNTStoredEvent's
-*/
-- (NSArray *)findRelatedBinaries:(NSString *)path shouldCancel:(BOOL *)shouldCancel {
-  // For storing the generated events, with a simple lock for writing.
-  NSMutableArray *relatedEvents = [NSMutableArray array];
-  NSLock *relatedEventsLock = [[NSLock alloc] init];
-
-  // Limit the number of threads that can process files at once to keep CPU usage down.
-  dispatch_semaphore_t sema = dispatch_semaphore_create(25);
-
-  // Group the processing into a single group so we can wait on the whole group at the end.
-  dispatch_group_t group = dispatch_group_create();
-
-  NSDirectoryEnumerator *dirEnum = [[NSFileManager defaultManager] enumeratorAtPath:path];
-  while (1) {
-    @autoreleasepool {
-      if (*shouldCancel) break;
-      NSString *file = [dirEnum nextObject];
-      if (!file) break;
-      if ([dirEnum fileAttributes][NSFileType] != NSFileTypeRegular) continue;
-
-      // Wait for a processing thread to become available
-      dispatch_semaphore_wait(sema, DISPATCH_TIME_FOREVER);
-
-      dispatch_group_async(group,
-                           dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_BACKGROUND, 0),
-                           ^{
-        @autoreleasepool {
-          NSString *newFile = [path stringByAppendingPathComponent:file];
-          SNTFileInfo *fi = [[SNTFileInfo alloc] initWithPath:newFile];
-          if (!fi.isExecutable) {
-            dispatch_semaphore_signal(sema);
-            return;
-          }
-
-          SNTStoredEvent *se = [[SNTStoredEvent alloc] init];
-          se.filePath = fi.path;
-          se.fileSHA256 = fi.SHA256;
-          se.decision = SNTEventStateBundleBinary;
-          se.fileBundleID = fi.bundleIdentifier;
-          se.fileBundleName = fi.bundleName;
-          se.fileBundlePath = fi.bundlePath;
-          se.fileBundleVersion = fi.bundleVersion;
-          se.fileBundleVersionString = fi.bundleShortVersionString;
-
-          MOLCodesignChecker *cs = [[MOLCodesignChecker alloc] initWithBinaryPath:se.filePath];
-          se.signingChain = cs.certificates;
-
-          [relatedEventsLock lock];
-          [relatedEvents addObject:se];
-          [relatedEventsLock unlock];
-
-          dispatch_semaphore_signal(sema);
-        }
-      });
-    }
-  }
-
-  dispatch_group_wait(group, DISPATCH_TIME_FOREVER);
-
-  return relatedEvents;
-}
-
 @end

Source/santactl/Commands/sync/SNTCommandSyncLogUpload.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommandSyncStage.h"
 
 @interface SNTCommandSyncLogUpload : SNTCommandSyncStage

Source/santactl/Commands/sync/SNTCommandSyncManager.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTXPCSyncdInterface.h"
 
 @class SNTXPCConnection;

Source/santactl/Commands/sync/SNTCommandSyncManager.m

@@ -14,6 +14,8 @@
 
 #import "SNTCommandSyncManager.h"
 
+@import SystemConfiguration;
+
 #import <MOLAuthenticatingURLSession.h>
 #import <MOLFCMClient/MOLFCMClient.h>
 
@@ -31,12 +33,12 @@
 #import "SNTXPCControlInterface.h"
 #import "SNTXPCSyncdInterface.h"
 
-// Syncing time constants
+// Syncing time constant
 const uint64_t kFullSyncInterval = 600;
-const uint64_t kFullSyncFCMInterval = 14400;
-const uint64_t kGlobalRuleSyncLeeway = 600;
 
-@interface SNTCommandSyncManager ()
+@interface SNTCommandSyncManager () {
+  SCNetworkReachabilityRef _reachability;
+}
 @property(nonatomic) dispatch_source_t fullSyncTimer;
 @property(nonatomic) dispatch_source_t ruleSyncTimer;
 @property(nonatomic) NSCache *dispatchLock;
@@ -44,8 +46,23 @@ const uint64_t kGlobalRuleSyncLeeway = 600;
 @property MOLFCMClient *FCMClient;
 @property(nonatomic) SNTXPCConnection *daemonConn;
 @property BOOL targetedRuleSync;
+@property(nonatomic) BOOL reachable;
 @end
 
+// Called when the network state changes
+static void reachabilityHandler(
+    SCNetworkReachabilityRef target, SCNetworkReachabilityFlags flags, void *info) {
+  // Ensure state changes are processed in order.
+  dispatch_async(dispatch_get_main_queue(), ^{
+    SNTCommandSyncManager *commandSyncManager = (__bridge SNTCommandSyncManager *)info;
+    // Only call the setter when there is a change. This will filter out the redundant calls to this
+    // callback whenever the network interface states change.
+    if (commandSyncManager.reachable != (flags & kSCNetworkReachabilityFlagsReachable)) {
+      commandSyncManager.reachable = (flags & kSCNetworkReachabilityFlagsReachable);
+    }
+  });
+}
+
 @implementation SNTCommandSyncManager
 
 #pragma mark init
@@ -56,7 +73,8 @@ const uint64_t kGlobalRuleSyncLeeway = 600;
     _daemonConn = daemonConn;
     _daemon = daemon;
     _fullSyncTimer = [self createSyncTimerWithBlock:^{
-      [self rescheduleTimerQueue:self.fullSyncTimer secondsFromNow:kFullSyncFCMInterval];
+      [self rescheduleTimerQueue:self.fullSyncTimer
+                  secondsFromNow:[SNTConfigurator configurator].FCMFullSyncInterval];
       if (![[SNTConfigurator configurator] syncBaseURL]) return;
       [self lockAction:kFullSync];
       [self preflight];
@@ -145,24 +163,16 @@ const uint64_t kGlobalRuleSyncLeeway = 600;
 }
 
 - (void)processFCMMessage:(NSDictionary *)FCMmessage withMachineID:(NSString *)machineID {
-  NSData *entryData;
+  NSData *messageData = [self extractMessageDataFrom:FCMmessage];
 
-  // Sort through the entries in the FCM message.
-  for (NSDictionary *entry in FCMmessage[@"data"]) {
-    if ([entry[@"key"] isEqualToString:@"blob"]) {
-      entryData = [entry[@"value"] dataUsingEncoding:NSUTF8StringEncoding];
-      break;
-    }
-  }
-
-  if (!entryData) {
+  if (!messageData) {
     LOGD(@"Push notification message is not in the expected format...dropping message");
     return;
   }
 
   NSError *error;
-  NSDictionary *actionMessage = [NSJSONSerialization JSONObjectWithData:entryData
-                                                                options:NSJSONReadingAllowFragments
+  NSDictionary *actionMessage = [NSJSONSerialization JSONObjectWithData:messageData
+                                                                options:0
                                                                   error:&error];
   if (!actionMessage) {
     LOGD(@"Unable to parse push notification message value: %@", error);
@@ -193,7 +203,8 @@ const uint64_t kGlobalRuleSyncLeeway = 600;
       self.targetedRuleSync = YES;
       [self ruleSync];
     } else {
-      uint32_t delaySeconds = arc4random_uniform(kGlobalRuleSyncLeeway);
+      uint32_t delaySeconds =
+          arc4random_uniform((u_int32_t)[SNTConfigurator configurator].FCMGlobalRuleLeeway);
       LOGD(@"Staggering rule download, %u second delay for this machine", delaySeconds);
       [self ruleSyncSecondsFromNow:delaySeconds];
     }
@@ -206,6 +217,12 @@ const uint64_t kGlobalRuleSyncLeeway = 600;
   }
 }
 
+- (NSData *)extractMessageDataFrom:(NSDictionary *)FCMmessage {
+  if (![FCMmessage[@"data"] isKindOfClass:[NSDictionary class]]) return nil;
+  if (![FCMmessage[@"data"][@"blob"] isKindOfClass:[NSString class]]) return nil;
+  return [FCMmessage[@"data"][@"blob"] dataUsingEncoding:NSUTF8StringEncoding];
+}
+
 #pragma mark sync timer control
 
 - (void)fullSync {
@@ -246,6 +263,9 @@ const uint64_t kGlobalRuleSyncLeeway = 600;
   if ([p sync]) {
     LOGD(@"Preflight complete");
 
+    // Clean up reachability if it was started for a non-network error
+    [self stopReachability];
+
     // Start listening for push notifications with a full sync every kFullSyncFCMInterval or
     // revert to full syncing every kFullSyncInterval.
     if (syncState.daemon && syncState.FCMToken) {
@@ -263,8 +283,13 @@ const uint64_t kGlobalRuleSyncLeeway = 600;
       return [self eventUploadWithSyncState:syncState];
     }
   } else {
-    LOGE(@"Preflight failed, aborting run");
-    if (!syncState.daemon) exit(1);
+    if (!syncState.daemon) {
+      LOGE(@"Preflight failed, aborting run");
+      exit(1);
+    }
+    LOGE(@"Preflight failed, will try again once %@ is reachable",
+         [[SNTConfigurator configurator] syncBaseURL].absoluteString);
+    [self startReachability];
   }
 }
 
@@ -293,9 +318,6 @@ const uint64_t kGlobalRuleSyncLeeway = 600;
   SNTCommandSyncRuleDownload *p = [[SNTCommandSyncRuleDownload alloc] initWithState:syncState];
   if ([p sync]) {
     LOGD(@"Rule download complete");
-    if (syncState.bundleBinaryRequests.count) {
-      return [self eventUploadBundleBinariesWithSyncState:syncState];
-    }
     return [self postflightWithSyncState:syncState];
   } else {
     LOGE(@"Rule download failed, aborting run");
@@ -303,16 +325,6 @@ const uint64_t kGlobalRuleSyncLeeway = 600;
   }
 }
 
-- (void)eventUploadBundleBinariesWithSyncState:(SNTCommandSyncState *)syncState {
-  SNTCommandSyncEventUpload *p = [[SNTCommandSyncEventUpload alloc] initWithState:syncState];
-  if ([p syncBundleEvents]) {
-    LOGD(@"Event upload for bundle binaries complete");
-  } else {
-    LOGW(@"Event upload for bundle binary search failed");
-  }
-  return [self postflightWithSyncState:syncState];
-}
-
 - (void)postflightWithSyncState:(SNTCommandSyncState *)syncState {
   SNTCommandSyncPostflight *p = [[SNTCommandSyncPostflight alloc] initWithState:syncState];
   if ([p sync]) {
@@ -413,4 +425,39 @@ const uint64_t kGlobalRuleSyncLeeway = 600;
   return ([self.dispatchLock objectForKey:action] == nil);
 }
 
+#pragma mark reachability methods
+
+- (void)setReachable:(BOOL)reachable {
+  _reachable = reachable;
+  if (reachable) {
+    [self stopReachability];
+    [self fullSync];
+  }
+}
+
+// Start listening for network state changes on a background thread
+- (void)startReachability {
+  if (_reachability) return;
+  const char *nodename = [[SNTConfigurator configurator] syncBaseURL].host.UTF8String;
+  _reachability = SCNetworkReachabilityCreateWithName(kCFAllocatorDefault, nodename);
+  SCNetworkReachabilityContext context = {
+    .info = (__bridge void *)self
+  };
+  if (SCNetworkReachabilitySetCallback(_reachability, reachabilityHandler, &context)) {
+    SCNetworkReachabilitySetDispatchQueue(
+        _reachability, dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_BACKGROUND, 0));
+  } else {
+    [self stopReachability];
+  }
+}
+
+// Stop listening for network state changes
+- (void)stopReachability {
+  if (_reachability) {
+    SCNetworkReachabilitySetDispatchQueue(_reachability, NULL);
+    if (_reachability) CFRelease(_reachability);
+    _reachability = NULL;
+  }
+}
+
 @end

Source/santactl/Commands/sync/SNTCommandSyncPostflight.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommandSyncStage.h"
 
 @interface SNTCommandSyncPostflight : SNTCommandSyncStage

Source/santactl/Commands/sync/SNTCommandSyncPreflight.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommandSyncStage.h"
 
 @interface SNTCommandSyncPreflight : SNTCommandSyncStage

Source/santactl/Commands/sync/SNTCommandSyncRuleDownload.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommandSyncStage.h"
 
 @interface SNTCommandSyncRuleDownload : SNTCommandSyncStage

Source/santactl/Commands/sync/SNTCommandSyncRuleDownload.m

@@ -67,18 +67,24 @@
     return NO;
   }
 
+  sema = dispatch_semaphore_create(0);
+  [[self.daemonConn remoteObjectProxy] setRuleSyncLastSuccess:[NSDate date] reply:^{
+    dispatch_semaphore_signal(sema);
+  }];
+  dispatch_semaphore_wait(sema, dispatch_time(DISPATCH_TIME_NOW, 5 * NSEC_PER_SEC));
+
   LOGI(@"Added %lu rules", self.syncState.downloadedRules.count);
 
   if (self.syncState.targetedRuleSync) {
-    NSString *fileName;
     for (SNTRule *r in self.syncState.downloadedRules) {
-      fileName = [[self.syncState.ruleSyncCache objectForKey:r.shasum] copy];
+      NSString *fileName = [[self.syncState.ruleSyncCache objectForKey:r.shasum] copy];
       [self.syncState.ruleSyncCache removeObjectForKey:r.shasum];
-      if (fileName) break;
+      if (fileName) {
+        NSString *message = [NSString stringWithFormat:@"%@ can now be run", fileName];
+        [[self.daemonConn remoteObjectProxy]
+            postRuleSyncNotificationWithCustomMessage:message reply:^{}];
+      }
     }
-    NSString *message = fileName ? [NSString stringWithFormat:@"%@ can now be run", fileName] : nil;
-    [[self.daemonConn remoteObjectProxy]
-        postRuleSyncNotificationWithCustomMessage:message reply:^{}];
   }
 
   return YES;

Source/santactl/Commands/sync/SNTCommandSyncStage.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 @class SNTCommandSyncState;
 @class SNTXPCConnection;
 

Source/santactl/Commands/sync/SNTCommandSyncState.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommonEnums.h"
 
 @class SNTXPCConnection;

Source/santactl/Resources/santactl-Prefix.pch

@@ -1,3 +0,0 @@
-#ifdef __OBJC__
-  #import <Foundation/Foundation.h>
-#endif

Source/santactl/SNTCommandController.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 @class SNTXPCConnection;
 
 ///

Source/santactl/main.m

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommandController.h"
 
 ///

Source/santad/DataLayer/SNTDatabaseTable.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 // This is imported in the header rather than implementation to save
 // classes that use this one from also having to import FMDB stuff.
 #import <FMDB/FMDB.h>

Source/santad/DataLayer/SNTEventTable.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTDatabaseTable.h"
 
 @class SNTNotificationMessage;

Source/santad/DataLayer/SNTRuleTable.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommonEnums.h"
 #import "SNTDatabaseTable.h"
 

Source/santad/Resources/santad-Prefix.pch

@@ -1,3 +0,0 @@
-#ifdef __OBJC__
-#import <Foundation/Foundation.h>
-#endif

Source/santad/SNTApplication.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 ///
 ///  The main controller class for santad
 ///

Source/santad/SNTApplication.m

@@ -14,7 +14,8 @@
 
 #import "SNTApplication.h"
 
-#import <DiskArbitration/DiskArbitration.h>
+@import DiskArbitration;
+
 #include <sys/stat.h>
 #include <sys/types.h>
 

Source/santad/SNTCachedDecision.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommonEnums.h"
 
 ///

Source/santad/SNTDaemonControlController.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTXPCControlInterface.h"
 
 @class SNTDriverManager;

Source/santad/SNTDaemonControlController.m

@@ -66,6 +66,11 @@ double watchdogRAMPeak = 0;
   reply([self.driverManager checkCache:vnodeID]);
 }
 
+- (void)setFileopLoggingFilter:(fileop_log_filter_t)filter withReply:(void (^)())reply {
+  [self.driverManager setFileopLoggingFilter:filter];
+  reply();
+}
+
 #pragma mark Database ops
 
 - (void)databaseRuleCounts:(void (^)(int64_t binary, int64_t certificate))reply {
@@ -143,7 +148,12 @@ double watchdogRAMPeak = 0;
 }
 
 - (void)setSyncLastSuccess:(NSDate *)date reply:(void (^)())reply {
-  [[SNTConfigurator configurator] setSyncLastSuccess:date];
+  [[SNTConfigurator configurator] setFullSyncLastSuccess:date];
+  reply();
+}
+
+- (void)setRuleSyncLastSuccess:(NSDate *)date reply:(void (^)())reply {
+  [[SNTConfigurator configurator] setRuleSyncLastSuccess:date];
   reply();
 }
 
@@ -157,6 +167,8 @@ double watchdogRAMPeak = 0;
                                                                       options:0
                                                                         error:NULL];
   [[SNTConfigurator configurator] setWhitelistPathRegex:re];
+  LOGI(@"Received new whitelist regex, flushing cache");
+  [self.driverManager flushCache];
   reply();
 }
 
@@ -165,6 +177,8 @@ double watchdogRAMPeak = 0;
                                                                       options:0
                                                                         error:NULL];
   [[SNTConfigurator configurator] setBlacklistPathRegex:re];
+  LOGI(@"Received new blacklist regex, flushing cache");
+  [self.driverManager flushCache];  
   reply();
 }
 
@@ -184,10 +198,13 @@ double watchdogRAMPeak = 0;
 #pragma mark syncd Ops
 
 - (void)setSyncdListener:(NSXPCListenerEndpoint *)listener {
+  // Only allow one active syncd connection
+  if (self.syncdQueue.syncdConnection) return;
   SNTXPCConnection *c = [[SNTXPCConnection alloc] initClientWithListener:listener];
   c.remoteInterface = [SNTXPCSyncdInterface syncdInterface];
   c.invalidationHandler = ^{
     [self.syncdQueue stopSyncingEvents];
+    self.syncdQueue.syncdConnection = nil;
     self.syncdQueue.invalidationHandler();
   };
   c.acceptedHandler = ^{

Source/santad/SNTDatabaseController.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 // This is imported in the header rather than implementation to saves
 // classes that use this one from also having to import FMDB stuff.
 #import <FMDB/FMDB.h>

Source/santad/SNTDriverManager.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #include "SNTKernelCommon.h"
 
 @class SNTNotificationMessage;
@@ -58,6 +60,11 @@
 ///
 ///  Check the kernel cache for a VnodeID
 ///
--(santa_action_t)checkCache:(uint64_t)vnodeID;
+- (santa_action_t)checkCache:(uint64_t)vnodeID;
+
+///
+///  Sets the type of logs to filter before the driver sends them to the daemon.
+///
+- (void)setFileopLoggingFilter:(fileop_log_filter_t)filter;
 
 @end

Source/santad/SNTDriverManager.m

@@ -14,8 +14,9 @@
 
 #import "SNTDriverManager.h"
 
-#import <IOKit/IODataQueueClient.h>
-#import <IOKit/Kext/KextManager.h>
+@import IOKit.kext;
+
+#include <mach/mach_port.h>
 
 #import "SNTLogging.h"
 
@@ -197,4 +198,9 @@ static const int MAX_DELAY = 15;
   return (santa_action_t)vnode_action;
 }
 
+- (void)setFileopLoggingFilter:(fileop_log_filter_t)filter {
+  uint64_t f = (uint64_t)filter;
+  IOConnectCallScalarMethod(_connection, kSantaUserClientSetFileopLoggingFilter, &f, 1, 0, 0);
+}
+
 @end

Source/santad/SNTEventLog.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTKernelCommon.h"
 
 @class SNTCachedDecision;

Source/santad/SNTExecutionController.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommonEnums.h"
 #include "SNTKernelCommon.h"
 

Source/santad/SNTNotificationQueue.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 @class SNTStoredEvent;
 @class SNTXPCConnection;
 

Source/santad/SNTPolicyProcessor.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #import "SNTCommonEnums.h"
 #import "SNTKernelCommon.h"
 

Source/santad/SNTSyncdQueue.h

@@ -12,6 +12,8 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 @class SNTStoredEvent;
 @class SNTXPCConnection;
 

Source/santad/main.m

@@ -12,8 +12,11 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+
 #include "SNTLogging.h"
 
+#include <mach/task.h>
 #include <pthread/pthread.h>
 #include <sys/resource.h>
 

Tests/KernelTests/main.mm

@@ -12,9 +12,10 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import Foundation;
+@import IOKit;
+
 #import <CommonCrypto/CommonDigest.h>
-#import <Foundation/Foundation.h>
-#import <IOKit/IODataQueueClient.h>
 
 #include <cmath>
 #include <ctime>

Tests/LogicTests/Resources/Tests-Prefix.pch

@@ -1,3 +0,0 @@
-#ifdef __OBJC__
-  #import <Cocoa/Cocoa.h>
-#endif

Tests/LogicTests/SNTCommandFileInfoTest.m

@@ -12,7 +12,7 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
-#import <XCTest/XCTest.h>
+@import XCTest;
 
 #import <OCMock/OCMock.h>
 

Tests/LogicTests/SNTCommandSyncTest.m

@@ -12,7 +12,7 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
-#import <XCTest/XCTest.h>
+@import XCTest;
 
 #import <OCMock/OCMock.h>
 
@@ -344,28 +344,6 @@
   XCTAssertEqual(requestCount, 2);
 }
 
-- (void)testEventUploadBundleSearch {
-  SNTCommandSyncEventUpload *sut = [[SNTCommandSyncEventUpload alloc] initWithState:self.syncState];
-  self.syncState.eventBatchSize = 128;
-  self.syncState.bundleBinaryRequests = @[ @"/Applications/Safari.app"];
-  sut = OCMPartialMock(sut);
-
-  [self stubRequestBody:nil response:nil error:nil validateBlock:^BOOL(NSURLRequest *req) {
-    NSDictionary *requestDict = [self dictFromRequest:req];
-    NSArray *events = requestDict[kEvents];
-
-    XCTAssertGreaterThanOrEqual(events.count, 3);
-
-    for (NSDictionary *event in events) {
-      XCTAssertEqualObjects(event[kDecision], kDecisionBundleBinary);
-    }
-
-    return YES;
-  }];
-
-  [sut syncBundleEvents];
-}
-
 #pragma mark - SNTCommandSyncRuleDownload Tests
 
 - (void)testRuleDownload {

Tests/LogicTests/SNTEventTableTest.m

@@ -12,7 +12,7 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
-#import <XCTest/XCTest.h>
+@import XCTest;
 
 #import "MOLCodesignChecker.h"
 #import "SNTEventTable.h"

Tests/LogicTests/SNTExecutionControllerTest.m

@@ -12,8 +12,9 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import XCTest;
+
 #import <OCMock/OCMock.h>
-#import <XCTest/XCTest.h>
 
 #import "SNTExecutionController.h"
 

Tests/LogicTests/SNTFileInfoTest.m

@@ -12,7 +12,7 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
-#import <XCTest/XCTest.h>
+@import XCTest;
 
 #import "SNTFileInfo.h"
 

Tests/LogicTests/SNTFileWatcherTest.m

@@ -12,7 +12,7 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
-#import <XCTest/XCTest.h>
+@import XCTest;
 
 #import "SNTFileWatcher.h"
 

Tests/LogicTests/SNTRuleTableTest.m

@@ -12,7 +12,7 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
-#import <XCTest/XCTest.h>
+@import XCTest;
 
 #import "SNTRule.h"
 #import "SNTRuleTable.h"

Tests/LogicTests/SNTXPCConnectionTest.m

@@ -12,8 +12,9 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.
 
+@import XCTest;
+
 #import <OCMock/OCMock.h>
-#import <XCTest/XCTest.h>
 
 #import "MOLCodesignChecker.h"
 #import "SNTXPCConnection.h"