Sandboxed OSX App with COMMAND LINE helper gives 'unable to get root path'

Question

I am building a Mac App that is bundled with the command tool 'unrar' to unrar some files. The app is sandboxed.

In xcode I copy the unrar command tool into the app's Resourse folder (with a subpath named 'exec'):

Copy Files: Destination: Resources - Subpath: Exec

After the copy phase I do a Run Script to set the entitlements and Code Signing as follows:

Run Script: Shell: /bin/sh

LOCATION="${BUILT_PRODUCTS_DIR}"/"${CONTENTS_FOLDER_PATH}"
IDENTITY="3rd Party Mac Developer Application: CompanyName."
codesign -f -s "$IDENTITY" --entitlements"/<path>/unrar.entitlements" "$LOCATION"/Resources/exec/unrar

In the app itself I use a NSTask to execute the unrar command:

NSString *filePath = [[NSBundle mainBundle] pathForResource:@"unrar" ofType:@"" inDirectory:@"exec"];

NSTask *task = [[NSTask alloc] init];
[task setLaunchPath:filePath];
[task setArguments:[NSArray arrayWithObjects:@"e", rarfilepath,extractpath, nil]];
[_task launch];

The unrar.entitlements contains:

<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.inherit</key>
<true/>

When running the app, everything works fine and the files get extracted.

But ... then when I check the systemlog I see the following message:

secinitd[332]: unrar[94747]: unable to get root path for bundle of main executable: /Applications/App.app/Contents/Resources/exec/unrar

The message does disappear when I don't run the above Run Script, but then the entitlements are not set for the 'unrar' command tool and Sandboxing fails.

I pulling my hear out for three days now what this message means and how to solve it, but I am out of ideas.

Searching google or stackoverflow doesn't help either.

Can anyone help me to solve this, please.

Thank you, Andre.

(Sorry for all the text, but I am not allowed to post images yet.)

Answer 1

I've always placed my main and helper binary executables in Contents/MacOS but Contents/Helpers would do just as well.

These folders exclusively contain Mach-O executable binaries:

Folder Executable  
_______________________________________________________________________
Contents Top content directory of the bundle
Contents/MacOS Helper apps and tools
Contents/Frameworks Frameworks, dylibs
Contents/PlugIns Plug-ins, both loadable and Extensions
Contents/XPCServices XPC services
Contents/Helpers Helper apps and tools
Contents/Library/Automator Automator actions
Contents/Library/Spotlight Spotlight importers
Contents/Library/LoginItems Installable login items
Contents/Library/LaunchServices Privileged helpers installed by ServiceManagement

Other folders, such as Contents/Resources are for non-binary-exec files like scripts and data files.