Qt Application Errors After Code Signing
-
I have developed a Qt based program for Mac that has been accepted into the Mac App Store. When my programmer compiles the program everything works just fine. However, after we code sign the Application with my Mac Developer Certificate the new version has a significant bug. We can't figure out what is causing this issue and how to fix it. Has anyone else experienced this?
-
Hi,
Can you tell what specific error you are getting as well as which version of OS X/Xcode and Qt you are using ?
-
Hi SGaist,
Thank you for responding. My OS X version is 10.9.5. We are using Qt 5.3 I am using Xcode version 6.0.1 My programmer is using OS X 10.9.1 and I'm not sure which version of Xcode. I don't think we are using xcode to sign the App. We have been using terminal commands. My programmer just notified me today that he has narrowed down the actual command that is causing the issue.
It is: codesign -s "3rd Party Mac Developer Application: ID NAME" --entitlements Entitlements.plist --deep 'Visual Renamer.app'
He created a code signed bundle to submit to the App Store without using this command. The App passes Gatekeeper and is in fact signed, but it got rejected by the App Store.
The error that was occurring was this: My application is a renaming app. You can drag and drop folders of files to be renamed or you can drag in files directly. Both methods worked fine before code signing with the entitlements.plist but after signing only the dragging and dropping a folder method worked correctly. I was still able to drag individual files into the App, but when I click on the button to actually rename them, my program said these files couldn't be renamed. Yet files that were dragged in by folder were able to be renamed correctly.
I wonder if something is wrong with the entitlements.plist that I am using?
Any thoughts would be extremely helpful
Thanks!
-
I may be wrong but you might be hitting one of the App Store rules maybe 2.6 of the "review guidelines":https://developer.apple.com/app-store/review/guidelines/.
Didn't you get any information about the rejection reason ?
-
Issue 2.6 was not mentioned since the App update hasn't yet reached the review team. But the current version on the App Store actually has the same issue but was accepted by the App Store. I bought it and downloaded it just to check it's functionality and unfortunately this bug exists in that approved version.
So far my Entitlements.plist includes only two entries:
com.apple.security.app-sandbox | Boolean | Yes
com.apple.security.files.user-selected.read-write | Boolean | YesApple describes the "com.apple.security.files.user-selected.read-write" entitlement as: Read/write access to files the user has selected using an Open or Save dialog. I'm not sure if my "Add Files" button qualifies as an Open or Save Dialog? Maybe that's the issue?
-
Well I've made some progress in my research, but no progress fixing the issue. I started reading here: https://developer.apple.com/library/mac/documentation/security/conceptual/AppSandboxDesignGuide/AppSandboxQuickStart/AppSandboxQuickStart.html#//apple_ref/doc/uid/TP40011183-CH2-SW2
I ran the tests to see if I would get any error messages on Console and I got the following:
Sandbox: App Name(21378) deny file-read-xattr /Users/MyName/Documents/TEST FILES/AUDIO/NEW AUDIO 006.aiff
and
Sandbox: App Name(21378) deny file-write-create /Users/MyName/Documents/TEST FILES/AUDIO/NEW AUDIO 006.aiff
So it is in fact a Sandboxing issue. I tried adding all of the following entitlements, but still no luck fixing the issue:
com.apple.security.app-sandbox
com.apple.security.assets.movies.read-write
com.apple.security.assets.music.read-write
com.apple.security.assets.pictures.read-write
com.apple.security.device.firewire
com.apple.security.device.microphone
com.apple.security.device.serial
com.apple.security.device.usb
com.apple.security.files.bookmarks.app-scope
com.apple.security.files.bookmarks.document-scope
com.apple.security.files.downloads.read-write
com.apple.security.files.user-selected.read-write
com.apple.security.network.client
com.apple.security.network.server
com.apple.security.personal-information.addressbook
com.apple.security.personal-information.calendars
com.apple.security.personal-information.location
com.apple.security.temporary-exception.files.absolute-path.read-writeLet me know what you think. Thanks!
-
Are you sure you implemented correctly the user accessible part of the com.apple.security.files.user-selected.read-write entitlement ?
-
Thank you for your response! We are still struggling with this issue.
Can you explain what you mean a little more? My programmer and I included com.apple.security.files.user-selected.read-write in our entitlements.plist with a Boolean value of True. Is there anything else we need to include in the entitlements.plist in order to implement this particular entitlement properly?
It would be great if it's just a matter of modifying the entitlements.plist and not have to recode.