Re: Adding the com.apple.security.network.client entitlement
Re: Adding the com.apple.security.network.client entitlement
- Subject: Re: Adding the com.apple.security.network.client entitlement
- From: Carl Hoefs <email@hidden>
- Date: Sat, 29 Sep 2018 20:05:04 -0700
One note: This isn't a sandboxed app, just a LaunchAgent daemon process,
running at user login. It will never see the App Store.
Short of playing alchemist with com.apple.security.* entitlements, I've run out
of things to try...
-Carl
> On Sep 29, 2018, at 7:13 PM, Carl Hoefs <email@hidden>
> wrote:
>
> Thanks, Daniel. I was able to get Xcode to add the
> 'com.apple.security.network.client' entitlement to the tool, but it still
> does not run, with the same Code=4099 error. I verified that the binary
> contains the entitlement:
>
> <key>com.apple.security.get-task-allow</key>
> <true/>
> <key>com.apple.security.network.client</key>
> <true/>
>
> Perhaps it is in need of a different entitlement? Or it's complaining about
> something else?
> -Carl
>
>
>> On Sep 29, 2018, at 6:19 PM, Daniel Jalkut <email@hidden
>> <mailto:email@hidden>> wrote:
>>
>> Hi Carl - the entitlements plist is not bundled with a built product, but
>> only used to inform codesign which entitlements to embed in the resulting
>> binary. In the case of a command line tool you can still specify an
>> entitlements plist, using the CODE_SIGN_ENTITLEMENTS build setting on the
>> target. It might be easiest to create a dummy application target in a new
>> project and set the entitlements you want, then just copy the entitlements
>> plist out to your command line tool project. Then set the build setting to
>> point at the file, and the desired entitlements should be set when the tool
>> is codesigned.
>>
>> Daniel
>>
>>> On Sep 29, 2018, at 8:20 PM, Carl Hoefs <email@hidden>
>>> wrote:
>>>
>>> macOS Mojave, Xcode 10.0
>>>
>>> I have a macOS "command line tool" in ObjC that was working fine through
>>> macOS High Sierra. It asserts an ad-hoc network using CWInterface
>>> -startIBSSModeWithSSID:security:channel:password:error:
>>>
>>> Now, on Mojave, it generates an error:
>>>
>>> Error Domain=NSCocoaErrorDomain Code=4099 "The connection to service named
>>> com.apple.airportd was invalidated." UserInfo={NSDebugDescription=The
>>> connection to service named com.apple.airportd was invalidated.}
>>>
>>> My hunch is that the com.apple.security.network.client entitlement is now
>>> required.
>>>
>>> Running a "codesign -d --entitlements :-" on the binary shows only 1
>>> entitlement:
>>>
>>> <key>com.apple.security.network.get-task-allow</key>
>>> <true/>
>>>
>>> Since a command line tool has no associated Entitlements.plist file, how do
>>> I add the com.apple.security.network.client entitlement to the binary?
>>>
>>> -Carl
>>>
>>> _______________________________________________
>>> Do not post admin requests to the list. They will be ignored.
>>> Macnetworkprog mailing list (email@hidden
>>> <mailto:email@hidden>)
>>> Help/Unsubscribe/Update your Subscription:
>>>
>>>
>>> This email sent to email@hidden <mailto:email@hidden>
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Macnetworkprog mailing list (email@hidden
>> <mailto:email@hidden>)
>> Help/Unsubscribe/Update your Subscription:
>>
>>
>> This email sent to email@hidden
>> <mailto:email@hidden>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Macnetworkprog mailing list (email@hidden
> <mailto:email@hidden>)
> Help/Unsubscribe/Update your Subscription:
>
>
> This email sent to email@hidden
> <mailto:email@hidden>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden