macOS · Operating Systems Deep Dive

Quick Facts

What macOS Is

Basic Concepts

Darwin: The open-source core — XNU kernel + BSD userland. macOS, iOS, iPadOS, tvOS, watchOS all share it.
XNU kernel: "X is Not Unix." Hybrid: Mach microkernel for IPC + BSD layer for syscalls + I/O Kit for drivers.
Cocoa / AppKit: The native app framework — Objective-C historically, Swift today. SwiftUI is the modern declarative layer.
Apple Silicon (M-series): ARM64 SoCs since 2020. Unified memory, huge perf-per-watt jump. Rosetta 2 emulates x86 transparently.
Tight hardware/software integration: Apple controls both. Predictable behavior, narrow hardware matrix.

Architecture

The Layers

Layer	What It Does
XNU kernel	Mach + BSD + I/O Kit. Process scheduling, memory, syscalls, drivers.
Darwin userland	BSD-style command line — `ls`, `ps`, `launchd`, dyld linker.
Core OS / Foundation	Objective-C runtime, Foundation framework (`NSString`, etc.), Grand Central Dispatch.
Cocoa / AppKit	Windowing, controls, drag-and-drop, the desktop app model.
SwiftUI / Catalyst	Modern declarative UI shared with iOS; lets iPad apps run on Mac.
Metal	Low-level GPU API (replaces OpenGL on Apple platforms).

Daily Use

Developer Toolchain

The Terminal

Default shell is zsh (bash before 2019). Most Linux commands work — same POSIX syscalls — but flags occasionally differ (BSD sed vs GNU sed). Many developers install coreutils via Homebrew to get the GNU versions.

Homebrew

brew install is the de-facto package manager for macOS. Not from Apple — community-maintained. Drops binaries into /opt/homebrew on Apple Silicon, /usr/local on Intel. brew cask handles GUI apps.

Xcode

Apple's IDE and toolchain. Required to build for the App Store. Bundles the Swift compiler, simulators for iPhone/iPad/Watch/TV, Instruments profiler, and the SDKs. Even non-Apple devs install xcode-select --install for the command-line compilers.

launchd

The macOS init + service manager (predates systemd). Plist-based job definitions in ~/Library/LaunchAgents for user services, /Library/LaunchDaemons for system. launchctl controls them.

Security

The Walled Garden

Gatekeeper & Notarization

Apps from outside the App Store must be code-signed by an Apple Developer ID and notarized by Apple. First launch shows a confirmation prompt. This is the price of being the OS people don't get malware on.

System Integrity Protection (SIP)

Even root can't modify /System, /usr, or kernel extensions while SIP is on. Requires Recovery Mode to disable. This is what prevents an installer from quietly replacing system binaries.

Sandboxing & Permissions

App Store apps run sandboxed. The TCC framework prompts for camera, microphone, contacts, full disk access. Annoying for power users; bulletproof for everyone else.

Why It Wins

Why Developers Choose macOS

Real Unix shell + native apps. The same machine builds Docker containers and runs Slack, Figma, Office — without WSL gymnastics.
Required for iOS/macOS dev. Xcode runs only here. App Store submission is Mac-only.
Apple Silicon performance and battery. Multi-day runtime on a laptop fundamentally changed expectations.
Hardware/software polish. Trackpad, fonts, color management, audio — the small things that compound across years of use.

Reality Check

Where macOS Struggles

Locked hardware. No upgrades after purchase, repair limits, premium price floor.
Kernel extensions are dying. Apple is replacing them with restricted system extensions — some legacy tooling (VPNs, AV) breaks.
Container story is awkward. Docker Desktop runs a Linux VM; you don't get bare-metal Linux containers.
Gaming. Improving with Apple Silicon GPTK and Metal, still far behind Windows.

Continue

More Operating Systems

← Linux ← Windows Unix & BSD → Android → iOS → ↑ Back to Foundations