Post

Replies

Boosts

Views

Activity

Installer Application Not Proceeding After Codesigning with Hardened Runtime Enabled
I'm encountering a peculiar issue with my macOS installer application when hardened runtime is enabled (--options runtime) during code signing, and I'm hoping to get some guidance on how to resolve it. Issue Description: My installer application is designed to prompt users for system credentials upon launch. After entering the correct credentials and clicking "OK", users should see the next screen to proceed with the installation process. However, with hardened runtime enabled, the application stops responding after the credential entry step. The next screen, where users should proceed with installation, does not appear. If I codesign without using hardened runtime, my installer works fine. However it fails during notarization. What I've Tried: I have reviewed Apple's documentation on hardened runtime and notarization to ensure I'm following best practices. I've checked the Console logs for any relevant error messages or warnings, but haven't found any conclusive information. Additional Information: The application is an installer built using bitrock installbuilder. It relies on prompting users for system credentials using standard macOS authentication mechanisms. Initially the installer is in tar.gz format which I extract to get .app file. This file is codesigned. Next I create a .DMG of the codesigned .app file and codesign the DMG before sending it for notarization. Request for Assistance: I'm seeking guidance on how to address this issue with my installer application not proceeding after credential entry when hardened runtime is enabled. Are there any specific configurations, entitlements, or best practices that I might be missing? Or are there alternative approaches I should consider to ensure compatibility while still meeting Apple's security requirements for notarization? Any insights or advice from your experiences would be greatly appreciated. Thank you in advance for your help!
2
0
629
Apr ’24
Accessing the macOS Dynamic Linker (dyld)
The documentation about the Disable Library Validation Entitlement mentioned that the macOS dynamic linker (dyld) provides a detailed error message when the system prevents code from loading due to library validation. You can find more information here: https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_security_cs_disable-library-validation I need assistance in locating the dynamic linker (dyld) on macOS Ventura 13.0. What are the various methods available to locate it? How can I access or open it for reading? Additionally, do I need any external tools to facilitate this process? My ultimate goal is to examine the detailed error message to identify any issues I am encountering with my application. Additionally, I have found one at /usr/lib/dyld, but it's not human-readable, nor does it have timestamps for whatever is logged. Based on my findings, I should be able to locate dyld at System/Library, but I can't find it there either.
2
0
425
Apr ’24