Search results for

codesign

3,115 results found

Post

Replies

Boosts

Views

Activity

Reply to Command CodeSign failed with a nonzero exit code
Like many Xcode defects, this has been around for a while. If you are reading this now, consider yourself lucky you have not hit this before. See Stack Overflow for more bread crumbs, unfortunately no root cause hence no reliable workaround yet. https://stackoverflow.com/questions/52421999/xcode-10-command-codesign-failed-with-a-nonzero-exit-code
Topic: Developer Tools & Services SubTopic: Xcode Tags:
Aug ’24
App crashes in AppStore-Mode
Hi again, experts I have a problem :D My app craseh on startup, when creating it in AppStore Mode and I have absolutely no idea, why. The only difference betweed my Developer-ID-Mode and AppStore-Mode is, tha differnet certificates are used and a tool runs, that does something with the info.plist. (and the stapler tool, that runs in devID-Mode, is of course not used in appstore-mode) Here is, what I do, when creating the binary: /usr/bin/plutil -convert binary1 /Users/me/somewhere/myapp.app/Contents/Info.plist (the above line is not used in Dev-ID-Mode) /usr/bin/codesign --entitlements /Users/me/somewhere/myapp.entitlements --deep -s DeveloperAppCert -f /Users/me/somewhere/hansimaticoffice.app /usr/bin/productbuild --component /Users/me/somewhere/hansimaticoffice.app /Applications --sign MacDeveloperInstallerCert /Users/me/somewhere/hansimaticoffice.pkg Any hint?
Topic: Code Signing SubTopic: General
5
0
728
Aug ’24
Transporter Error on submitting electron app pkg
Hi, I'm trying to upload my electron app to the App Store. The app uploads fine to App Store Connect but runs into the following problem while processing: Unable to Sign. This package doesn't meet the current code signing requirements. For more information, see the Code Signing and Application Sandboxing Guide at http://developer.apple.com/library/mac/#documentation/Security/Conceptual/CodeSigningGuide/AboutCS/AboutCS.html and Technical Note 2206 at https://developer.apple.com/library/mac/technotes/tn2206/_index.html Specifically, codesign generated the following errors: [ com.electron.easy-csl-electron.pkg/Payload/easy-csl-electron.app: resource fork, Finder information, or similar detritus not allowed] (90303) Getting to this point was already a real challenge. I'm trying to use electron forge and submit my package to the App Store for which to my knowledge doesn't exist any guide at all. So I'm kinda stuck here: I don't know what resource fork, Finder information, or similar detritus is and where
Topic: Code Signing SubTopic: General
2
0
573
Aug ’24
OSStatus error:[-34018]
Every topic I can find online about this entitlement error suggests I don't have the correct entitlements on. I do in fact have the correct entitlements enabled, but xcode doesn't seem to recognize them. dev@dev-MacBook-Pro Debug-appletvos % codesign -d --entitlements - ProductName.app Executable=/Users/dev/Library/Developer/Xcode/DerivedData/ProductName-cmaicvialhhqtnbvmwehlympuxua/Build/Products/Debug-appletvos/ProductName.app/ProductName [Dict] [Key] application-identifier [Value] [String] .Company.ProductName [Key] com.apple.developer.associated-domains [Value] [Array] [String] webcredentials: [Key] com.apple.developer.team-identifier [Value] [String] [Key] com.apple.developer.user-management [Value] [Array] [String] get-current-user [Key] com.apple.developer.weatherkit [Value] [Bool] true [Key] com.apple.security.application-groups [Value] [Array] [String] group.Company.ProductName [Key] get-task-allow [Value] [Bool] true [Key] keychain-access-groups [Value] [Array] [String] .com.Company.Produc
Topic: Developer Tools & Services SubTopic: Xcode Tags:
2
0
838
Aug ’24
Command [something] failed with a nonzero exit code
In most cases Xcode does a good job of surfacing build problems. If, for example, your Swift code has an error, Xcode’s Issues navigator shows you exactly what went wrong. However, that’s not universally true. In some cases the Issues navigator will show you a message like Command [something] failed with a nonzero exit code, where [something] is a build step like CodeSign or CompileC. To investigate these problems, look at the build report. The easiest option is to click on the issue in the Issues navigator. In most cases that will: Switch to the Reports navigator (View > Navigators > Reports). Select the correct build report on the left. Select the correct build step in the report editor. Expand its transcript (Editor > Expand Selected Transcripts). Note If that doesn’t work automatically, perform each of these steps by hand. That transcript includes both the details of the build step and all the information about the failure. For example, when I set my Other Code Signing Flags build settin
Topic: Developer Tools & Services SubTopic: General Tags:
0
0
889
Aug ’24
Reply to Postinstall fails to run binary in ./scripts
I am signing the the token installer codesign --entitlements entitlements.plist --timestamp --options=runtime --sign $DEVELOPER_ID --force ./scripts/token_installer codesign --entitlements entitlements.plist --timestamp --options=runtime --sign $DEVELOPER_ID --force ./scripts/postinstall and notarising the app pkg file xcrun notarytool submit ./out/MyApp.pkg --apple-id account@account.com --team-id XXXXX --password XXXX --wait and stapling the pkg. xcrun stapler staple out/MyApp.pkg I tried moving the token_installer to Helpers but it did not help (same error). Embedding the worker in its own .app worked using another provisioning profile. But I just need to run the token installer once so it seem like an overkill to create a specific app for just one install script. This happens when the postinstall script runs on a user machine. Everything works if I make the user download the companies provision profile onto their system. Translated Report (Full Report Below) Incident Identifier: 76F6E5D1
Topic: Code Signing SubTopic: General
Aug ’24
Struggling to Notarize a JUCE Plugin Installer
Hi there, I've been working on a JUCE audio plugin project and have created an installer for the demo to release to the public outside of the App Store. I have built the various forms of the plugin in Xcode (standalone, AU, vst3) and have the automatic signing set up with a Developer ID Application certificate. I have been using WhiteBox Packages to create the installer to install the AU component and the vst3 on a user's computer. I can successfully sign the installer with a Developer ID Installer certificate but when I submit it for notarization, the status returns as invalid. When looking at the Notarytool log, it says that the binary is not signed with a valid Developer ID certificate for all versions of the plugin (for AU & vst3, and both architectures, arm64 & x86_64, as well). I can use codesign and pkgutil to confirm that the files and installer are both signed including the contents within both the AU and vst3 bundles, but the notarization still fails. I have tried to notarize just a
Topic: Code Signing SubTopic: Notarization
2
0
609
Aug ’24
MacOS Application update fails: Ditto Operation not permitted
Hello all, I am building a macOS application that I codesign and notarize for distribution. I am able to download my zip, unzip and run my application successfully, but when I attempt to update to a new version I hit an error with ditto that operation not permitted when attempting to replace my .app with the new version. For example, here is a sample output of the failure: Update failed: binary update failed during ditto: ditto: /Applications//tooler.app/Contents/_CodeSignature/CodeResources: Operation not permitted ditto: /Applications//tooler.app/Contents/MacOS/tooler: Operation not permitted ditto: /Applications//tooler.app/Contents/Resources/icons.icns: Operation not permitted ditto: /Applications//tooler.app/Contents/Info.plist: Operation not permitted My application code updates the user to a new version by executing a curl command to download the versions zip and then uses ditto to unzip. I am able to successfully download the zip with the curl command and remove the file with the rm command,
Topic: Privacy & Security SubTopic: General Tags:
3
0
739
Aug ’24
Reply to Ventura Hack for FireWire Core Audio Support on Supported MacBook Pro and others...
Hello Tyronet and thank you for compiling a definitive, clear guide, foolproof even for a noob like me. I had arrived at a similar process after consulting every single thread online about the topic, collecting all the links, all the texts, and feeding everything to ChatGPT. Despite this, ChatGPT, which is unfortunately lazy and stupid, responded with the following when I asked it to compare the two guides: Comparison and Conclusions Accuracy and Details: The guide by tyronet is more detailed regarding the configuration of Startup Security Utility and the management of kernel extensions, which is a critical step for allowing unsigned extensions. My guide lacks specific details about the configuration of Permissive Security. Flexibility and Methodology: The tyronet guide focuses exclusively on a specific workflow (installation via package and then fixing permissions), while my guide offers alternatives such as using extraction tools like Suspicious Package. Reboot and Authorization Details: The tyronet guide m
Topic: Media Technologies SubTopic: General Tags:
Aug ’24
Postinstall fails to run binary in ./scripts
Hi, When postinstall tries to run another binary inside the ./scripts folder I package with pkgbuild, it gets killed by taskgated when the postinstall script tries to run it. └── Contents ├── Helpers ├── Info.plist ├── MacOS │ ├── UI │ └──Worker ├── PkgInfo ├── Resources │ ├── com.ui.plist │ ├── com.worker.plist │ └── icon.icns ├── _CodeSignature │ └── CodeResources └── embedded.provisionprofile scripts: ├── token_installer ├── postinstall ├── token_installer ├── postinstall How I am signing: codesign --entitlements entitlements.plist --timestamp --options=runtime --sign $DEVELOPER_ID --force out/myapp.app/Contents/MacOS/UI codesign --entitlements entitlements.plist --timestamp --options=runtime --sign $DEVELOPER_ID --force out/myapp.app/Contents/MacOS/Worker codesign --entitlements entitlements.plist --timestamp --options=runtime --sign $DEVELOPER_ID --force ./scripts/token_installer codesign --entitlements entitlements.plist --timestamp --options=runtime --sign $DEVELOPER
Topic: Code Signing SubTopic: General
7
0
770
Aug ’24
Reply to Audio Entitlements stopped working seemingly since macOS 14.5
In future, I’d help you if you a code block for listings like this. That makes them much easier to read. See Quinn’s Top Ten DevForums Tips for info on how to set that up. Anyway, here’s your results reformatted: % codesign -d --entitlements - -vvv /Applications/AudioMap.app Executable=/Applications/AudioMap.app/Contents/MacOS/AudioMap Identifier=com.AudioMap.AudioMap Format=app bundle with Mach-O thin (arm64) CodeDirectory v=20500 size=383713 flags=0x10000(runtime) hashes=11980+7 location=embedded Hash type=sha256 size=32 CandidateCDHash sha256=56d4f956b957404261625ddf1a11633475eb70e4 CandidateCDHashFull sha256=56d4f956b957404261625ddf1a11633475eb70e4ee3454082640f96438da77c9 Hash choices=sha256 CMSDigest=56d4f956b957404261625ddf1a11633475eb70e4ee3454082640f96438da77c9 CMSDigestType=2 CDHash=56d4f956b957404261625ddf1a11633475eb70e4 Signature size=9048 Authority=Developer ID Application: Steven Gadeley (83MK4AAT9M) Authority=Developer ID Certification Authority Authority=Apple Root CA Timestamp=31 Jul
Topic: Code Signing SubTopic: Entitlements
Aug ’24
CLI Workflow: IPA Installation
I have a Mac Catalyst app bundle built from Rust. I am able to execute this bundle from my M2 Mac-Mini. I am wondering how might I go about creating a proper IPA archive in order to install to my iOS/iPadOS devices. I am using the following code to generate and sign the app bundle: cd ${APPDIR}/ /usr/bin/codesign -s Apple Development: -fv ./counter.app cd ./counter.app zip -r ../counter.ipa * I then use cfgutil to try to install to my iPhone that is plugged into my Mac-Mini: cfgutil -v install-app ./counter.ipa I receive the following error when trying to install: Waiting for the device [1/4] [*******************************************] 100% cfgutil: error: Information about an app could not be read. (Domain: ConfigurationUtilityKit.error Code: 404) install-app failed on <>'s iPhone (ECID: <>). --- Summary --- Operation install-app failed on 1 devices. The contents of the app bundle before signing: counter.app/ - Geneva.ttf - counter - Info.plist Contents of Info.plist: CFBundleIden
Topic: Developer Tools & Services SubTopic: General Tags:
1
0
723
Aug ’24
Reply to Audio Entitlements stopped working seemingly since macOS 14.5
sgadeley@Falcon AudioMap % codesign -d --entitlements - -vvv /Applications/AudioMap.app Executable=/Applications/AudioMap.app/Contents/MacOS/AudioMap Identifier=com.AudioMap.AudioMap Format=app bundle with Mach-O thin (arm64) CodeDirectory v=20500 size=383713 flags=0x10000(runtime) hashes=11980+7 location=embedded Hash type=sha256 size=32 CandidateCDHash sha256=56d4f956b957404261625ddf1a11633475eb70e4 CandidateCDHashFull sha256=56d4f956b957404261625ddf1a11633475eb70e4ee3454082640f96438da77c9 Hash choices=sha256 CMSDigest=56d4f956b957404261625ddf1a11633475eb70e4ee3454082640f96438da77c9 CMSDigestType=2 CDHash=56d4f956b957404261625ddf1a11633475eb70e4 Signature size=9048 Authority=Developer ID Application: Steven Gadeley (83MK4AAT9M) Authority=Developer ID Certification Authority Authority=Apple Root CA Timestamp=31 Jul 2024 at 5:41:00 PM Info.plist entries=12 TeamIdentifier=83MK4AAT9M Runtime Version=14.5.0 Sealed Resources version=2 rules=13 files=3 Internal requirements count=1 size=184 [Dict] [Key] c
Topic: Code Signing SubTopic: Entitlements
Aug ’24
Reply to Audio Entitlements stopped working seemingly since macOS 14.5
[quote='760986021, scradeley, /thread/760986, /profile/scradeley'] one is more for Sandboxed app and the other is for hardened runtime. Is that correct? [/quote] We have two documentation pages that list the entitlements for each of these technologies: Hardened Runtime App Sandbox All of these entitlements an unrestricted, so they don’t need to be authorised by a profile. You just have to sign your app to claim them. My advice is that you first check what the app is claiming, then work backwards to see where things are going wrong. To do that, run: % codesign -d --entitlements - -vvv /path/to/your/built.app What do you see? Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com
Topic: Code Signing SubTopic: Entitlements
Aug ’24