Sandboxed app using external shell tool runs on dev machine, but not on others

Following the description from https://developer.apple.com/documentation/xcode/embedding-a-helper-tool-in-a-sandboxed-app* I successfully managed to run my app sandboxed on my development system. Nevertheless the copied application refuses to call the external tool unless it is compiled with NO for the App Sandbox entitlement.

My app can be downloaded from: https://github.com/mac-curver/Postscript-Playground The last commit is using the App Sandbox entitlement but the commit before is not using it like compiled and zipped app in the Application folder on Github. The attached picture shows, running the sandboxed app on my development machine. Why the sandboxed does not run on other MACs? How could I test this?

*P.S. I could not exactly execute all tasks as written in *, for example I require OS 13.0 and I am using a non commercial dev account (not paying for it).

Up vote post of Netzteilkaputtmacher Down vote post of Netzteilkaputtmacher
337 views
Posted by
Netzteilkaputtmacher
Reply
Add a Comment

Replies

Nevertheless the copied application refuses to call the external tool

Can you clarify what you mean by “refuses to call”? Does Process throw an error? Or does the child process crash?

If it’s the latter, does that generate a crash report? If so, please post it here (see Posting a Crash Report).

ps Resolving App Sandbox Inheritance Problems covers the most common causes of code signing crashes in this context.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

The app is not crashing at all, but the call to the shell tool is not beeing executed. There is no error message for the user and even so that I test

let task = Process()
let errorPipe = Pipe()
...
task.standardError = errorPipe
let errorData = errorPipe.fileHandleForReading.readDataToEndOfFile()
...

the error pipe is empty. See https://github.com/mac-curver/Postscript-Playground (I had to apply some changes as XCode comand line tools don't offer ps2pdf anymore and macposrts Ghostscript is installed under a different path on Sonoma!).

Here are the 2 console logs, that I managed to retrieve by installing Sonoma on an external drive and starting from there. As I mentioned before under my Ventura development environment the Sandboxed app works and the log is similar to the non sandboxed version below.

Here it is ok! And here the sandboxed version that fails:

The crucial point seams to be the console message launch path not accessible.

Posted by
Netzteilkaputtmacher
Up vote reply of Netzteilkaputtmacher Down vote reply of Netzteilkaputtmacher
Add a Comment