Describe the bug
On OrbStack 2.2.1, microphone capture inside a Linux machine produces digital silence. The host side genuinely opens the Mac's microphone, but macOS TCC denies the request and refuses to even show a permission prompt, because the responsible binary (dev.kdrag0n.MacVirt) is missing the com.apple.security.device.audio-input entitlement required under the hardened runtime. As a result OrbStack never appears in System Settings → Privacy & Security → Microphone.
Environment
- OrbStack: 2.2.1
- macOS: Tahoe 26.1
- Mac: Apple Silicon
Notes
- NSMicrophoneUsageDescription is present in Info.plist ("A macOS program started by an OrbStack machine wants to use the microphone"), but the usage-description string alone is insufficient
under the hardened runtime — the com.apple.security.device.audio-input entitlement must also be in the code signature.
- The same denial occurs regardless of tccutil reset Microphone, full quit/relaunch, or reboot, confirming it's signing/entitlement-level rather than a user TCC-state issue.
Suggested fix
Add com.apple.security.device.audio-input to the entitlements of the OrbStack app and the OrbStack Helper (vmgr) binary, and re-sign, so macOS will prompt for and honor microphone access.
linked to: #2477
To Reproduce
- In an OrbStack Linux machine, record from the default ALSA device:
arecord -D default -f S16_LE -r 16000 -c 1 -d 5 /tmp/mic.wav
- Inspect the captured samples (peak/RMS).
Expected
A microphone permission prompt for OrbStack on first capture; once granted, real audio is captured.
Actual
- No prompt ever appears; OrbStack is not listed in the Microphone privacy pane.
- Captured audio is pure silence (peak = 0, RMS = 0) every time.
- The guest-side capture pipeline is correct: arecord opens the VirtIO sound card, streams the right frame count, and writes a valid WAV — the samples are just all zero.
Root cause (from logs)
log stream on the host during a capture shows OrbStack Helper successfully opening the real mic, then TCC denying it:
OrbStack Helper: (CoreAudio) IsDeviceUsable: Device ID: 93 (Input:Yes | Output:No): true
coreaudiod: (CoreAudio) ... BuiltInMicrophoneDevice: starting
coreaudiod: (MacAudio) BuiltInMicrophoneDSPDevice: startStream: running state: 1
tccd: [com.apple.TCC:access] Prompting policy for hardened runtime; service: kTCCServiceMicrophone
requires entitlement com.apple.security.device.audio-input but it is missing for
responsible={identifier=dev.kdrag0n.MacVirt, pid=…,
binary_path=/Applications/OrbStack.app/Contents/MacOS/OrbStack},
accessing={identifier=dev.kdrag0n.MacVirt.vmgr,
binary_path=/Applications/OrbStack.app/Contents/Frameworks/OrbStack Helper.app/Contents/MacOS/OrbStack Helper}
tccd: [com.apple.TCC:access] Policy disallows prompt for Sub:{dev.kdrag0n.MacVirt} …;
access to kTCCServiceMicrophone denied
tccd: AUTHREQ_RESULT: authValue=0, authReason=5
Because the entitlement is absent, TCC returns auth_value=0 and promptPolicy disallows prompting, so the user can never grant access (the Microphone pane has no manual "+", so it can't be
added by hand either).
Expected behavior
No response
Diagnostic report (REQUIRED)
No response
Screenshots and additional context (optional)
No response
Describe the bug
On OrbStack 2.2.1, microphone capture inside a Linux machine produces digital silence. The host side genuinely opens the Mac's microphone, but macOS TCC denies the request and refuses to even show a permission prompt, because the responsible binary (dev.kdrag0n.MacVirt) is missing the com.apple.security.device.audio-input entitlement required under the hardened runtime. As a result OrbStack never appears in System Settings → Privacy & Security → Microphone.
Environment
Notes
under the hardened runtime — the com.apple.security.device.audio-input entitlement must also be in the code signature.
Suggested fix
Add com.apple.security.device.audio-input to the entitlements of the OrbStack app and the OrbStack Helper (vmgr) binary, and re-sign, so macOS will prompt for and honor microphone access.
linked to: #2477
To Reproduce
arecord -D default -f S16_LE -r 16000 -c 1 -d 5 /tmp/mic.wav
Expected
A microphone permission prompt for OrbStack on first capture; once granted, real audio is captured.
Actual
Root cause (from logs)
log stream on the host during a capture shows OrbStack Helper successfully opening the real mic, then TCC denying it:
OrbStack Helper: (CoreAudio) IsDeviceUsable: Device ID: 93 (Input:Yes | Output:No): true
coreaudiod: (CoreAudio) ... BuiltInMicrophoneDevice: starting
coreaudiod: (MacAudio) BuiltInMicrophoneDSPDevice: startStream: running state: 1
tccd: [com.apple.TCC:access] Prompting policy for hardened runtime; service: kTCCServiceMicrophone
requires entitlement com.apple.security.device.audio-input but it is missing for
responsible={identifier=dev.kdrag0n.MacVirt, pid=…,
binary_path=/Applications/OrbStack.app/Contents/MacOS/OrbStack},
accessing={identifier=dev.kdrag0n.MacVirt.vmgr,
binary_path=/Applications/OrbStack.app/Contents/Frameworks/OrbStack Helper.app/Contents/MacOS/OrbStack Helper}
tccd: [com.apple.TCC:access] Policy disallows prompt for Sub:{dev.kdrag0n.MacVirt} …;
access to kTCCServiceMicrophone denied
tccd: AUTHREQ_RESULT: authValue=0, authReason=5
Because the entitlement is absent, TCC returns auth_value=0 and promptPolicy disallows prompting, so the user can never grant access (the Microphone pane has no manual "+", so it can't be
added by hand either).
Expected behavior
No response
Diagnostic report (REQUIRED)
No response
Screenshots and additional context (optional)
No response