Library fails to load with hardened runtime

hi, When I try to run myApp, one of the dynamic libraries fails to load,and app exit, because it was blocked by code signing.myApp has been signed and notarized,and both valid. Here is the message I get:

apple@appledeiMac ~ % /Users/apple/Desktop/workspace/code/myApp.app/Contents/MacOS/mCloud ; exit;
dyld: Library not loaded: @executable_path/../Frameworks/libbase.1.dylib
  Referenced from: /Users/apple/Desktop/workspace/code/myApp.app/Contents/MacOS/mCloud
  Reason: no suitable image found.  Did find:
    /Users/apple/Desktop/workspace/code/myApp.app/Contents/MacOS/../Frameworks/libbase.1.dylib: code signing blocked mmap() of '/Users/apple/Desktop/workspace/code/myApp.app/Contents/MacOS/../Frameworks/libbase.1.dylib'
    /Users/apple/Desktop/workspace/code/myApp.app/Contents/MacOS/../Frameworks/libbase.1.dylib: stat() failed with errno=1
    /Users/apple/Desktop/workspace/code/myApp.app/Contents/MacOS/../Frameworks/libbase.1.dylib: code signing blocked mmap() of '/Users/apple/Desktop/workspace/code/myApp.app/Contents/MacOS/../Frameworks/libbase.1.dylib'
    /Users/apple/Desktop/workspace/code/myApp.app/Contents/MacOS/../Frameworks/libbase.1.dylib: stat() failed with errno=1
    file system relative paths not allowed in hardened programs

What is happening, and what should I do about it?

I was able to get the application notarized with the com.apple.security.cs.disable-library-validation entitlement.

I'm using Qt5.14.2 ,macOs 10.15.7,xcode 11.5.

Thanks,

Ulyssess

Up vote post of Ulyssess Down vote post of Ulyssess
215 views
Posted by
Ulyssess
Reply
Add a Comment

Replies

First of all, move your app to a directory not on the desktop and try again. It’s possible you’re being bitten by the desktop MAC, as discuss On File System Permissions.

Second, with library validation enabled your process can only load code signed by Apple or your team. Make sure that the library you’re trying to load is signed by the same team as your app.

% codesign -d -vvv mApp.app
…
TeamIdentifier=TTTTTTTTTT
…
% codesign -d -vvv myApp.app/Contents/Frameworks/libbase.1.dylib
…
TeamIdentifier=TTTTTTTTTT
…

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo

  • Thanks for the suggestion. Unfortunately, it's not that. My app not on desktop ,and the same team.

    Ulyssess
Add a Comment

Unfortunately, it's not that.

OK, that’s me out of simple ideas then. I recommend that you open a DTS tech support incident so that I can look at your setup in depth.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment