Hi,something went wrong with the code signing of my app, but I have not idea how to analyze this problem. I get the following error when launching my app:dyld: Library not loaded: @rpath/QtSvg.framework/Versions/5/QtSvg
Referenced from: /Users/joachim/Programming/myapp-build-release/install/MyApp.app/Contents/MacOS/MyApp
Reason: no suitable image found. Did find:
/Users/joachim/Programming/myapp-build-release/install/MyApp.app/Contents/MacOS/../Frameworks/QtSvg.framework/Versions/5/QtSvg: code signing blocked mmap() of '/Users/joachim/Programming/myapp-build-release/install/MyApp.app/Contents/MacOS/../Frameworks/QtSvg.framework/Versions/5/QtSvg'
/Users/joachim/Programming/myapp-build-release/install/MyApp.app/Contents/MacOS/../Frameworks/QtSvg.framework/Versions/5/QtSvg: stat() failed with errno=1All Frameworks and dylibs have been signed withcodesign --verbose --sign "$DEVID" -i $ID --timestamp $FRAMEWORK/Versions/Current/The app bundle has been signed withcodesign --verbose --sign "$DEVID" --timestamp --options "runtime" --entitlements Entitlements.plist MyApp.appwith entitlement com.apple.security.cs.allow-jit enabled."codesign --verify" reports "valid on disk" and "satisfies its Designated Requirement" for all libs and the executable and bundle. All libs have unique identifiers (-i), got a secure timestamp, and I'm not using "--deep" signing. Referencing the lib with "@executable_path/../Frameworks" instead of "@rpath" doesn't make any difference.The error disappears if I add the com.apple.security.cs.disable-library-validation entitlement or omit the hardened "runtime" option.How can I check what exactly is blocking the library? Has "disable-library-validation" any drawbacks? Will I still be able to notarize the app?
jogri
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
Last seen
User for
Post
Replies
Boosts
Views
Activity
Hi,how can I check if a code signature contains a signed timestamp?$ codesign -s "Developer ID..." --options runtime -f --timestamp MyApp.app
MyApp.app: replacing existing signature
$ codesign --display -v MyApp.app 2>&1 | grep 2020
Timestamp=30. Apr 2020 at 14:25:45Is this a secure timestamp? Or just a timestamp without signature?In my understanding --timestamp=none should disable secure timestamping:$ codesign -s "Developer ID..." --options runtime -f --timestamp=none MyApp.app
MyApp.app: replacing existing signature
$ codesign --display -v MyApp.app 2>&1 | grep 2020
Signed Time=30. Apr 2020 at 14:24:24Why do I get a a "Signed Time" here??