This is not really specific for JUCE applications, but I thought one of you probably has experienced this on macOS before:
Normally I distribute my macOS applications using the great “Packages” installer creation program from Stéphane Sudre.
But now, I wanted to simply distribute a simple console application executable + 2 .dylibs.
I signed the 3 binaries after building with: codesign --sign "Developer ID Application: MyCompany" -f -v ./MyConsoleApp codesign --sign "Developer ID Application: MyCompany" -f -v ./lib1.dylib codesign --sign "Developer ID Application: MyCompany" -f -v ./lib2.dylib
And I then created a .dmg file (from the folder the 3 files were in) using Disk Utility.
I then copied that .dmg file to my Windows 10 machine and then back to my Mac, and I double-clicked the .dmg to mount the disk image.
If I then double-click the console app, I get an error message dialog saying: "MyConsoleApp" is damaged and can't be opened. You should eject the disk image.
Same thing (but now you should move it to the bin) when I first copy the 3 files from the mounted disk image to a local folder on my desktop.
When I open a terminal and run: ./MyConsoleApp
I get this: -bash: ./MyConsoleApp: Operation not permitted
(both when doing it in the mounted disk or in the local folder I copied the files to)
I thought maybe something broke the signing, but when I do this: codesign --verify -v MyConsoleApp
I get something that looks OK (for the executable and the 2 dylibs): MyConsoleApp: valid on disk MyConsoleApp: satisfies its Designated Requirement
I tried to redo it a few times thinking my copy may indeed have broken (although not plausible over a LAN…) but no…
So, what am I missing here?
Is this again something related to signing / notarization (didn’t do that) / hardened run-time…?
Any useful commands to troubleshoot this?
Thanks for any help!
drwxr-xr-x 6 ktanghe staff 192 Feb 20 17:11 .
drwx------@ 50 ktanghe staff 1600 Feb 20 17:50 ..
-rwxr-xr-x@ 1 ktanghe staff 222640 Feb 20 16:57 MyConsoleApp
-rwxr-xr-x@ 1 ktanghe staff 211472 Feb 20 16:57 lib1.dylib
-rwxr-xr-x@ 1 ktanghe staff 1412864 Feb 20 16:57 lib2.dylib
-rw-r--r--@ 1 ktanghe staff 891211 Feb 20 17:11 test.dmg
(files copied out of the mounted test.dmg file into this folder)
I did several more tests, and what I found was this:
If I copy the .dmg file to my Windows 10 machine and back to my Mac via the clipboard using the Microsoft Remote Desktop app, I get the issue mentioned above.
If I copy the .dmg file to my Windows 10 machine and back to my Mac via the Finder (using a shared folder on my Windows 10 machine, so using SMB), then it works fine.
I also tried other things:
copying back and forth to my NAS (which supports AFP)
copying to a Dropbox folder + then moving that file to another Dropbox folder on my Windows machine + then copying it back on my Mac
copying to a Google Drive folder + then moving that file to another Google Drive folder on my Windows machine + then copying it back on my Mac
and all of these worked fine.
When I uploaded the .dmg to my website and downloaded it again on my Mac + then copied the files from the mounted disk to some folder on my desktop, I got this:
Just double-clicking the console app shows: "MyConsoleApp" can't be opened because the identity of the developer cannot be confirmed. Your security preferences allow installation of only apps from the App Store and identified developers.
Opening it via right-click + Open shows: "MyConsoleApp" can't be opened because the identity of the developer cannot be confirmed. Opening "MyConsoleApp" will always allow it to run on this Mac.
it does try to run then, however, I also had to open the 2 dylibs once in the same way before I could finally run the application normally…
So, conclusion:
it looks like copy/paste via the clipboard and Remote Desktop breaks things
there is still something annoying going on when downloading the .dmg from a website (I guess should probably not only sign, but also notarize the files…)
