This is not really specific for JUCE applications, but I thought one of you probably has experienced this on macOS before:
Normally I distribute my macOS applications using the great “Packages” installer creation program from Stéphane Sudre.
But now, I wanted to simply distribute a simple console application executable + 2 .dylibs.
I signed the 3 binaries after building with:
codesign --sign "Developer ID Application: MyCompany" -f -v ./MyConsoleApp
codesign --sign "Developer ID Application: MyCompany" -f -v ./lib1.dylib
codesign --sign "Developer ID Application: MyCompany" -f -v ./lib2.dylib
And I then created a .dmg file (from the folder the 3 files were in) using Disk Utility.
I then copied that .dmg file to my Windows 10 machine and then back to my Mac, and I double-clicked the .dmg to mount the disk image.
If I then double-click the console app, I get an error message dialog saying:
"MyConsoleApp" is damaged and can't be opened. You should eject the disk image.
Same thing (but now
you should move it to the bin) when I first copy the 3 files from the mounted disk image to a local folder on my desktop.
When I open a terminal and run:
I get this:
-bash: ./MyConsoleApp: Operation not permitted
(both when doing it in the mounted disk or in the local folder I copied the files to)
I thought maybe something broke the signing, but when I do this:
codesign --verify -v MyConsoleApp
I get something that looks OK (for the executable and the 2 dylibs):
MyConsoleApp: valid on disk
MyConsoleApp: satisfies its Designated Requirement
I tried to redo it a few times thinking my copy may indeed have broken (although not plausible over a LAN…) but no…
So, what am I missing here?
Is this again something related to signing / notarization (didn’t do that) / hardened run-time…?
Any useful commands to troubleshoot this?
Thanks for any help!
Edit: Oh yes, this is on macOS Catalina (10.15.7)