Error when running a binary from containing app

Question

Created Mar ’21

Replies 8

Boosts 0

Views 1.1k

Participants 2

I am running a Safari Web extension and looking to launch a shell script from the containing app.

Error in process Error Domain=NSCocoaErrorDomain Code=4 "The file “test.command” doesn’t exist."

I get the above error when I try to access the binary.
I use NSOpenPanel to allow the user to give permission to access the file system.

The program works perfectly without the sandbox and so that ensures there is no file path error.
I have the following entitlements:

com.apple.security.scripting-targets
com.apple.security.files.user-selected.executable
com.apple.security.files.user-selected.read-write

let task = Process()
    task.launchPath = "/Users/test/test.command"

let openPanel = NSOpenPanel()
  openPanel.prompt = "Choose"
  openPanel.canChooseFiles = false
  openPanel.canChooseDirectories = true

    do{
      try task.run()
    }catch{
      os_log(.error,"Error in process")
      print(" \(error)")
    }

What could be the issue ?

Boost

Answer 1

DTS Engineer OP

Apple

Mar ’21

Sandboxed apps cannot run arbitrary shell scripts. If you want to support script attachment, you should look at NSUserScriptTask.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 2

sabz19 OP

Mar ’21

@eskimo it should be able to run a nodejs executable file though right if not a shell script?

0

Answer 3

sabz19 OP

Mar ’21

Can the script be run from within a container? if so what would be the restrictions on this script if it wants to talk to an external application which is not sandboxed through some IPC mechanism ?
Would this work if I created an XPC service to launch the script as a child process ?

0

Answer 4

DTS Engineer OP

Apple

Mar ’21

Can the script be run from within a container?

A script that you construct on the fly? Or a script embedded in your app’s bundle? The latter is definitely possible. The former is a bit trickier.

if so what would be the restrictions on this script if it wants to
talk to an external application which is not sandboxed through some
IPC mechanism ?

A child process inherits the sandbox from its parent, and thus is subject to the same rules concerning IPC and so on.

Would this work if I created an XPC service to launch the script as a
child process ?

An XPC Service has its own sandbox that’s distinct from the main app’s. Any child process it creates inherits that sandbox.

Can you give me some more background on your high-level goal here? I’m happy to respond here, but if you want to have a private discussion you can open a DTS tech support incident and we can pick things up in that context.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 5

sabz19 OP

Mar ’21

A script that you construct on the fly? Or a script embedded in your app’s bundle? The latter is definitely possible. The former is a bit trickier.

Calling a compiled binary embedded in the app (sandboxed) as well as one residing externally in another directory

My high level goal is to spawn and manage child processes of a binary from an XPC service. The binary would communicate with another app through IPC and send the messages over to the XPC service.
These child processes would be long running.
I wanted to know the possibility of launching binaries that are external to the sandbox and how would the IPC be different from launching a binary that is embedded within the sandbox?

0

Answer 6

sabz19 OP

Mar ’21

A child process inherits the sandbox from its parent, and thus is subject to the same rules concerning IPC and so on.

Could you elaborate a bit more here ?
Are the rules for IPC different for an XPC service as compared to an app extension or app ?

0

Answer 7

DTS Engineer OP

Apple

Apr ’21

Are the rules for IPC different for an XPC service as compared to an
app extension or app ?

Not fundamentally. Each of those items (app, appex, XPC Service) have their own independent sandbox, and they are all subject to the restrictions of that sandbox.

My high level goal is to spawn and manage child processes of a binary
from an XPC service.

Your mixing up terms here. A “child process” is necessarily a child of another process; a “child process of binary” simply doesn’t make sense.

Can you step back and explain more about your high-level goal here? Based on your earlier posts it seems that you have a Safari web extension. That can’t ship independently, which means that you must necessarily have a container app. Beyond that it’s not clear how XPC Services and bundled executables come into the picture.

Oh, and this is targeting the Mac App Store, right?

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 8

sabz19 OP

Apr ’21

Can you step back and explain more about your high-level goal here? Based on your earlier posts it seems that you have a Safari web extension. That can’t ship independently, which means that you must necessarily have a container app. Beyond that it’s not clear how XPC Services and bundled executables come into the picture.

Yes I am going to be running a Safari Web Extension and it is targeting the mac store. My assumption was, in order to run a binary outside of the app sandbox, I would need to either use a container app or an XPC service and not an app extension because of the privilege restriction. This binary would use named pipes to communicate with another process that is not sandboxed. I understand that the binary is going to inherit the sandbox of the parent app but is this feasible given a user allows filesystem permissions to the named pipe location?

0