Post not yet marked as solved
I'm working on an app that uses CommonCrypto. The app works perfectly well in my own computer, but when using the very same exe build in another computer it "quit unexpectedly". Suspecting that the issue could be on the said module, I commented out the few lines that requires the module and problem solved!.
Now, as I need to use the module at the very beginning of the app, to perform certain security operations, I'm wondering what could I do to assure the module is included in the build, so the app may work in any other computer as well. This sounds weird, because I would had assumed either that the module was to be included in the build or if not, an error claiming the lack of it should have been produced.
(within Xcode) what setting should I change when build the app for use in other computers, so to assure the operations that requires this module can be completed?
Although this may not be relevant, I'm using swift 5, Xcode 15 (latest versions) and Sonoma 14.2.1
Post not yet marked as solved
I have a Swift-SwiftUI app for MacOS that runs perfectly well (meaning no errors whatsoever) on an Intel MacBook Pro (16 GB ram) but crashed immediately when trying to run on an ARM MacBook Air (8 GB ram). The error in the app is SIGTRAP (Name space Signal, Code 5 Trace/BPT trap 5 (Terminating process exc handler 1496.
Although the exe was build on the intel Mac, but for both platforms (Intel & ARM) seeking to troubleshoot this issue, I tried to clone the app to further debug it using Xcode within the ARM platform, just to get into a bigger issue:
As soon as the app is cloned and read, Xcode crashes with error SIGABRT (Name space Signal, Code 6 Trace/BPT trap 6 (Terminating process exc handler 1006). That happens just by attempt to load the source code of the app within Xcode, which surprises me a lot.
Xcode Version on the ARM 15.0.1 (15A507)
Xcode Version on the Intel 15.2 (15C500b)
OS on the ARM Sonoma 14.2
OS on the Intel Sonoma 14.2.1
As this App is intended to run MacOS 12 and above, I discarded the tiny difference between OS. As to Xcode, it confuses me, as in my view, it shouldn't crash at least before the time of building the exe file...
Any help to troubleshoot this will be very much appreciated!
Attached:
Xcode "quit unexpectedly" crash log
Xcode_Cred_Log.txt
Post not yet marked as solved
hdiutiul bug?
When making a DMG image for the whole content of user1 profile (meaning using srcFolder = /Users/user1) using hdiutil, the program fails indicating:
/Users/user1/Library/VoiceTrigger: Operation not permitted hdiutil: create failed - Operation not permitted
The complete command used was: "sudo hdiutil create -srcfolder /Users/user1 -skipunreadable -format UDZO /Volumes/testdmg/test.dmg"
And, of course, the user had local admin rights. I was using Sonoma 14.2.1 and a MacBook Pro (Intel T2)
What I would have expected, asuming that /VoiceTrigger cannot be copied for whatever reason, would be to skip that file or folder and continue the process. Then, at the end, produce a log listing the files/folders not included and the reason for their exclusion. The fact that hdiutil just ended inmediately, looks to me as a bug. Or what else could explain the problem described?
Post not yet marked as solved
Hi, I'm working in a MacOS Swift app that uses hdiutil and asr. Although I can send the sudo credentials and it can be read perfectly in the terminal, sometimes it appears that they are not enough to allow the program to run, throwing the following error:
(asr) Failed to create source stream for replication
Volume replication failed - Operation not permited
This seems to be a permisions issue, because the very same code run perfectly when it is started from the terminal (szh).
What would be the most practical way to overcome this issue?
Any help will be highly appreciated.
Post not yet marked as solved
MyPythonExe is a compiled file coming from a python script compiled with using pyinstaller. After compiled, it was signed using codesign:
codesign -s "Developer ID TTT", -o runtime -f --timestamp MyPythonExe
Once signed, the exe was placed in a Zip container (exeZip), and then successfully notarized using the following:
xcrun notarytool submit exeZip --keychain-profile "MyNotarProf" --wait
It was accepted.
Now, when try to run it, the following error was thrown (oddly, the compiled unsigned Exe runs in the same computer without any issues):
/Users/admin/Downloads/MyPythonExe ; exit;
admin@admins-MacBook-Air ~ % /Users/admin/Downloads/MyPythonExe ; exit;
[1767] Error loading Python lib '/var/folders/80/35xy0t2n3t96b5nl5ldl24_r0000gn/T/_MEIEhOx1q/Python': dlopen: dlopen(/var/folders/80/35xy0t2n3t96b5nl5ldl24_r0000gn/T/_MEIEhOx1q/Python, 0x000A): tried: '/var/folders/80/35xy0t2n3t96b5nl5ldl24_r0000gn/T/_MEIEhOx1q/Python' (code signature in <88BFFD37-99D8-36AB-9B95-9F54B30BD667> '/private/var/folders/80/35xy0t2n3t96b5nl5ldl24_r0000gn/T/_MEIEhOx1q/Python' not valid for use in process: mapped file has no Team ID and is not a platform binary (signed with custom identity or adhoc?)), '/System/Volumes/Preboot/Cryptexes/OS/var/folders/80/35xy0t2n3t96b5nl5ldl24_r0000gn/T/_MEIEhOx1q/Python' (no such file), .... (+ a couple of similar errors)
No, the said exe file (MyPythonExe) was signed and successfully notarized. Oddly, the very same file, but unsigned runs perfectly well (after being authorized so it can surpass Gatekeeper, of course). What could be going on here? Any hint on how to overcome this issue?
I'm trying to staple a validation ticket to an exe file that is already notarized. The process ended with the following error:
Downloaded ticket has been stored at file:///var/folders/bj/ry08v0694972s03cswkq5md80000gq/T/7f1a34f0-8628-4157-92b0-b59cebe70951.ticket.
Could not remove existing ticket from file:///Users/efi-admin/Downloads/ActualSignedFile/Contents/CodeResources because an error occurred. Error Domain=NSCocoaErrorDomain Code=512 "“CodeResources” couldn’t be removed." UserInfo={NSUserStringVariant=(
Remove
), NSFilePath=/Users/efi-admin/Downloads/ActualSignedFile/Contents/CodeResources, NSUnderlyingError=0x600000151e90 {Error Domain=NSPOSIXErrorDomain Code=20 "Not a directory"}}
The staple and validate action failed! Error 73.
The above was captured using the verbose option of the cmd...
Among the response, I can see the ticket:
fields = {
signedTicket = {
type = BYTES;
value = "czhjaAEAAADxBQAALQAAADCCBe0wggL/MIICpKADAgECAghWLFU2G59vVTAKBggqhkjOPQQDAjByMSYwJAYDVQQDDB1BcHBsZSBTeXN0ZW0gSW50ZWdyYXRpb24gQ0EgNDEmMCQGA1UE.... (partial)
I need help to properly understand what is this cmd doing as the issue might be permissions one.
The path mentioned above under /ActualSignedFile:
/ActualSignedFile/Contents/CodeResources
Does not exist. Is that the cmd wants to create it?
Is there any way to manually attach the ticket to the file, given the fact that is printed in verbose mode?
Thanks!
Any help will he highly appreciated!
Post not yet marked as solved
Hello,
I have a valid developer ID downloaded from Apple. I signed the code (compiled exe file for intel Macs) and put it into a ZIP, which I also signed.
While signing I use timestamp and hardener option:
codesign -s "$LbaDevID" -o runtime -f --timestamp $conFile3
codesign -s "$LbaDevID" -o runtime -f --timestamp $conZip3
where variable $LbaDevID represent my Dev code id (VALID, downloaded from Apple after request cert; and $conFile3 the path to the exe file and $conZip3 the path to the ZIP (just $conFile3 zipped)
I attempt to notarize using the following command:
xcrun notarytool submit $compZip3 --keychain-profile "TestAppNotarz" --wait
the reply Log downloaded says:
Invalid dev ID (which is valid)
no timestamp... I corrected this error after the 1st attempt but the reply says exactly the same, even when I can see "TIMESTAMP" in the signature.
The third and last error refers to the runtime, which is present but not being seen.
Any help on how to troubleshoot this issue will be highly appreciated!
Please point me to the relevant documentation to solve this issue...
Post not yet marked as solved
Hi,
I'm trying to sign and app which is a python compiled exe for Mac OS (one file only).
The app runs perfectly on my own mac (or some else's, but only after being admin authorized)
after running
codesign --sign "$devID" $file2sign
I got the following error:
Warning: unable to build chain to self-signed root for signer "Apple Development:..."
errSecInternalComponent
As per screenshot, I have both a current Dev cert and the intermediate certs installed.
Any help will be highly appreciated!
Post not yet marked as solved
Hi,
I'm trying to sign an App (original python compiled for MAC) and the codesign process is failing with error:
The command from terminal that produced the error was:
codesign --sign "$devID" $file2sign
Warning: unable to build chain to self-signed root for signer "Apple Development: ..."
errSecInternalComponent
I have both a dev certificate (current, just downloaded a couple of days ago) and the intermediate certificates.
When I run the command
security find-identity -v -p codesigning
I can perfectly see my dev cert, but only listed as "valid identities" nothing is listed as "matching identities"
Any help will be highly appreciated!
Lautarob1.