电子伪造和osx符号应用程序导致“二进制文件签名不当”。
电子伪造和osx符号应用程序导致“二进制文件签名不当”。
提问于 2021-05-03 10:09:33
我使用以下“特性”开发了一个电子应用程序:
我没有问题,运行应用程序,并构建它,如果我不签署它,但使自动更新工作,我绝对需要签署它。(这对我的顾客更好)。
不幸的是,当我在Big Sur上签名并尝试运行它时,我得到了以下信息:
发现者:
您没有打开应用程序“XX”的权限 请与您的计算机或网络管理员联系以获得帮助。
来自航站楼:
The application cannot be opened for an unexpected reason,
error=Error Domain=NSOSStatusErrorDomain Code=-10826 "kLSNoLaunchPermissionErr: User doesn't have permission to launch the app (managed networks)"
UserInfo={_LSFunction=_LSLaunchWithRunningboard, _LSLine=2539, NSUnderlyingError=0x7f98fe4166d0 {Error Domain=RBSRequestErrorDomain Code=5 "Launch failed."
UserInfo={NSLocalizedFailureReason=Launch failed., NSUnderlyingError=0x7f98fe418060 {Error Domain=NSPOSIXErrorDomain Code=153 "Unknown error: 153"
UserInfo={NSLocalizedDescription=Launchd job spawn failed with error: 153}}}}}而且,在这两种情况下,我在Console/system.log中都有这样的消息:
May 3 11:00:32 XX com.apple.xpc.launchd[1] (application.ai.XX.note-taking.39302547.39303101[25454]): removing service since it exited with consistent failure - OS_REASON_CODESIGNING | When validating /Users/XX/Documents/XX/mr/XX-desktop/out/XX-darwin-x64/XX.app/Contents/MacOS/XX_Taking-Note:
Code has restricted entitlements, but the validation of its code signature failed.
Unsatisfied Entitlements:
May 3 11:00:32 XX com.apple.xpc.launchd[1] (application.ai.XX.note-taking.39302547.39303101[25454]): Binary is improperly signed.Catalina:
我的同事从Catalina启动它,并收到了这条错误消息。
System Integrity Protection: enabled
Crashed Thread: 0
Exception Type: EXC_CRASH (Code Signature Invalid)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY
Termination Reason: Namespace CODESIGNING, Code 0x1我的应用程序是如何签名的?
使用electron-osx-sign和electron-notarize与forge配置:
packagerConfig: {
appBundleId: 'ai.XX.note-taking',
executableName: BUILD_NAME, //XX
name: APP_NAME, //XX
icon: iconPath,
overwrite: true,
asar: true,
extendInfo: './info.extends.plist',
protocols: {
name: 'XX-note',
schemes: ['XX-note'],
},
osxSign: {
identity: OSX_CREDENTIALS.SIGN_ID, // Developer ID Application: TeamName (MYTEAMID)
'hardened-runtime': true,
entitlements: 'entitlements.plist',
'entitlements-inherit': 'entitlements.plist',
'entitlements-loginhelper': 'login.entitlements.plist',
'signature-flags': 'library',
// https://github.com/electron/electron-notarize/issues/54
'gatekeeper-assess': false,
verbose: true,
},
osxNotarize: {
// appBundleId: 'ai.XX.note-taking', // (TESTED WITH & WITHOUT)
appleId: OSX_CREDENTIALS.ID, // me@XX.ai"
appleIdPassword: OSX_CREDENTIALS.PASSWORD, // app password
// ascProvider: 'MYTEAMID', // (TESTED WITH & WITHOUT)
},协同设计--验证--详细的XX.app
out/XX-darwin-x64/XX.app: valid on disk
out/XX-darwin-x64/XX.app: satisfies its Designated Requirement我的.plist
login.entitlements.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
</dict>
</plist>info.extends.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleURLSchemes</key>
<array>
<string>XX-note</string>
</array>
</dict>
</array>
<key>NSDocumentsFolderUsageDescription</key>
<true />
<key>ElectronTeamID</key>
<string>MYTEAMID</string>
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<false/>
<key>NSAllowsLocalNetworking</key>
<true/>
</dict>
</dict>
</plist>entitlements.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
<true/>
<key>com.apple.security.cs.allow-dyld-environment-variables</key>
<true/>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.cs.disable-library-validation</key>
<true/>
</dict>
</plist>我真的希望你能帮我,我真的尽力给你尽可能多的帮助,而且已经有三天多了,我一直在到处寻找,却没有解决我的问题。
已试过
- developer.apple.com/forums/thread/666611?page=5
- github.com/ElmarJ/Waterlooplein3D/issues/86
- bestofreactjs.com/repo/infinitered-reactotron-react-development-tools
- stackoverflow.com/questions/64842819/cant-run-app-because-of-permission-in-big-sur
- github.com/upx/upx/issues/424
- Github.com/松鼠/松鼠/204/issues/204
- Github.com/Hardocs/桌面-app/issues/56
- .thread=‘thread 3’>讨论.apple.com/线程/526166
- ..。还有更多
回答 1
Stack Overflow用户
回答已采纳
发布于 2021-06-29 09:59:49
我使用本教程修复了这个问题:https://kilianvalkhof.com/2019/electron/notarizing-your-electron-application/
而这个问题https://github.com/electron-userland/electron-builder/issues/3940
我的最后配置是:
osxSign: {
identity: 'Developer ID Application: MyTeam (TEAMID)',
'hardened-runtime': true,
entitlements: 'mac/entitlements.plist',
'entitlements-inherit': 'mac/entitlements.plist',
'signature-flags': 'library',
// https://github.com/electron/electron-notarize/issues/54
'gatekeeper-assess': false,
verbose: true,
},
osxNotarize: {
appleId: 'myemail',
appleIdPassword: 'mypassword',
},mac/entitlements.plist是:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
<true/>
<key>com.apple.security.cs.disable-library-validation</key>
<true/>
</dict>
</plist>页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/67367102
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号