"Damaged" .app - debugging a trusted execution issue

Hi,

I've ran into an issue which only seems to affect one of my macs.

It's currently running 14.2.1 but I first saw this issue in 13.6.

If I download the macOS Sonoma 14.2.1 installer (via App store) onto this particular machine, it will never execute the installer. It always reports that the installer is "damaged". Of course I did reasearch this online and you get the usual unhelpful posts which just say "re download it" and of course, I wouldn't be posting here had I not tried that.

This happens with any macOS installer I download using the softwareupdate --fetch-full-installer utility as well. The thing is, if I copy this .app to another (identical as far as I can tell) Mac - it will work. So far this also seems limited to macOS installers - other third party apps are fine. I'm convinced this is related to trusted execution and something has gone wrong in the environment. I've been looking at my router logs to see if any connections may have been blocked (I'm using OPNsense) and also looking to see what connections are being made via Little Snitch and so far it looks fine. Again, other machines on the network can run these just fine.

I've read through eskimo's excellent guide here: https://forums.developer.apple.com/forums/thread/706442 but I was wondering if anyone can give me some pointers to narrow this down further.

As it stands, I can't trust this machine for app development if I can't even get the official Apple installers to run sucessfully.

Up vote post of eponymous_one Down vote post of eponymous_one
457 views
Posted by
eponymous_one
Reply
Add a Comment

Replies

My acid test for this sort of thing is described in Testing a Notarised Product. If your product works there and fails on some small subset of machines, that’s an issue with those machines. That’s especially true here, given that you’re also seeing this:

This happens with any macOS installer I download using the softwareupdate --fetch-full-installer utility as well.

If you want to fix this specific machine, the best option is to re-install macOS itself.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Thanks for getting back to me! Yes I'm inclined to agree - as much as I hate to have to do it I suspect I'll end up having to re-install.

What's frustrating with this is the fact that I've not really changed much on this machine and without me knowing what went wrong I can't be certain this won't happen again in the future :)

Plus when I set this up a while back I made a fair few customizations and I'm not sure if a TimeMachine restore will get it back to the way it was. Probably will just have to take the hit.

The developer in me wants to keep digging through logs to see if I can debug further so I might do a bit more following your guide you linked.

Cheers.

Posted by
eponymous_one
Up vote reply of eponymous_one Down vote reply of eponymous_one
Add a Comment

I debugged this further and it turned out to be a permissions issue. The installer is looking for a "trust cache" which it can't access and you get a "permission denied" error when you run it as a standard user.

If you run the installer using sudo in an admin account it works fine!

I've never encountered this before and given very little actually changes on this machine, I've no idea what could have caused this.

Posted by
eponymous_one
Up vote reply of eponymous_one Down vote reply of eponymous_one
Add a Comment