Hi there,
I'd like to ship an optional command line tool along with my sandboxed Mac app which I distribute through the Mac App Store and on my Website.
The user can chose to install the command line tool from within the host app to
/usr/local/bin/CommandLineTool
I do this by creating a symlink at that location that links to the command line tool in my app's bundle:
FileManager.default.createSymbolicLink(at: self.commandLineToolInstallationURL,
withDestinationURL:self.commandLineToolURL)
For this to work in a sandboxed app I have to use NSWorkspaceAuthorization and request an authorization of the type NSWorkspaceAuthorizationTypeCreateSymbolicLink.
Here is my final code:
NSWorkspace.shared.requestAuthorization(to: .createSymbolicLink) { authorization, authorizationError in
if let error = authorizationError {
DispatchQueue.main.async {
self.presentError(error)
}
}
else {
guard authorization != nil else {
NSLog("WARNING: #4ibfzwD8Ds")
return
}
do {
try FileManager(authorization: authorization!).createSymbolicLink(at: self.commandLineToolInstallationURL,
withDestinationURL: self.commandLineToolURL)
}
catch {
NSLog("WARNING: #argfgg - \(error)")
DispatchQueue.main.async {
self.presentError(error)
}
}
}
}
I also had to request a Privileged File Operations entitlement here, which I did. I was then able to generate new Provisioning Profiles using that entitlement with my Developer certificate and the Distribution Certificate for the Mac App Store. But when I try to generate a new Provisioning Profile for my developer ID signed version of the app, the Additional Entitlements section, which lets you add the Privileged File Operations entitlemen, does not show up. Thus I cannot create a profile that works and the app I a distributing outside of the Mac App Store will crash upon launch.
Looking at the NSWorkspace.Authorization documentation, it seems that the Privileged File Operations entitlement is only available for apps on the Mac App Store and would therefore not be available for Developer ID signed apps distributed outside the Mac App Store.
What is the right way to install my command line tool (or a symbolic link) to /usr/local/bin from my sandboxed app that is signed with my Developer ID certificate?
It has to be possible since apps like BBEdit do it as well. Looking at BBEdit it seems they use FileManager.default.createSymbolicLink but how if NSWorkspace.Authorization does not work outside of the Mac App Store... ?
Thanks for your help!!