Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Mac OS app, sandbox with command line tool?

Tags:

I've made an app which includes a command-line tool. I have enabled the app's sandbox, and tested that it works. I've also code-signed both the app and the command line tool.

But when I upload the app to iTunes, I received a email telling me "App sandbox not enabled".

Apparently I need to set entitlement file of key com.apple.security.app-sandbox with true value, and list the executables: /Contents/MacOS/myApp and /contents/Frameworks/x86/myCommandLineTool.

I'm sure I've enabled sandbox in Xcode, so I thought the problem was with the command line tool.

How can I enable sandbox for command line tool? Or is there a specific folder I should put the tool? Any suggestions welcome - I have been troubled by it for several days.

like image 726
dinosaur Avatar asked Aug 06 '12 01:08

dinosaur

People also ask

Does Mac Have Sandbox app?

Overview. The App Sandbox is an access control technology that macOS provides and enforces at the kernel level. The sandbox's primary function is to contain damage to the system and the user's data if the user executes a compromised app.

What is macOS command line tools?

They allow programmers to compile programs and debug them, convert files, and perform a number of tasks for handling the resources required for making applications and other tools. Running the Terminal-based developer tool “make” on a system without the command line tools installed will prompt you to install them.

Where is command line developer tools Mac?

Go to Terminal in /Applications/Utilities/. In the same way when you are downloading new software and apps, a popup update window will appear asking you: “The xcode-select command requires the command line developer tools.

1 Answers

I had the same issue and after some search, trial & error, this is what worked for me:

  1. create an entitlement file - for me it was just com.apple.security.inherit set to YES. I created this file in xcode itself.

  2. Now sign this commandline tool using the command: 

    codesign --entitlements ./entitlements.plist -s "copy & paste your certificate from keychain" ./commandlinetool

  3. Just to be sure, check using this command:

    codesign --display --entitlements - ./commandlinetool

  4. This tool was already included in the project. So just compile, archive & submit

The status is now 'waiting for review'.

like image 114
jjude Avatar answered Sep 21 '22 08:09

jjude
Sign in to Comment

Related questions

Difference between modelAttribute and commandName [duplicate]
Using a prepared statement and variable bind Order By in Java with JDBC driver
How to make CSS file more important than another CSS file? [closed]
JSON.getString doesn't return null
JAX-WS error on WSDL file: "Error resolving component 's:schema'"
Compress existing PDF using C# programming using freeware libraries
explain() in Mongodb: differences between "nscanned" and "nscannedObjects"
SQLite on Azure website
Meta tags itemprop
How do I use visual studio 2012 dark theme with windows 8 high contrast theme?
Extract prediction band from lme fit
Calling scalar function from c# using Entity Framework 4.0 / .edmx

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!