search

electron / electron

:electron: Build cross-platform desktop apps with JavaScript, HTML, and CSS
https://electronjs.org
MIT License
113.73k stars 15.31k forks source link

[Bug]: Electron tries to bind a socket outside the app's container on macOS #35540

Open develorer opened 2 years ago

develorer commented 2 years ago

Preflight Checklist

Electron Version

19.0.6

What operating system are you using?

macOS

Operating System Version

macOS

What arch are you using?

arm64 (including Apple Silicon)

Last Known Working Electron version

No response

Expected Behavior

I expected the socket to be binded to a file descriptor inside the app's container. I also expected the app to launch correctly.

Actual Behavior

1) Take the pre-built binary mas-arm64. Notice this is the mas build, so should play nicely with sandbox entitlement.

2) Add app code to Electron.app/Contents/Resources/app

3) code sign with sandbox entitlements as appropriate (add ElectronTeamID, sign helpers, etc)

4) Launch the app on macOS, notice that a call to app.requestSingleInstanceLock fails with the error code :

process_singleton_posix.cc(1184)] Failed to bind() /var/folders/s2/j0z79krx43qgmt8l71r95_zc0000gn/T/com.electron.logseq/S/SingletonSocket: Operation not permitted (1)

This means requestSingleInstanceLock is trying to bind a socket outside the app's container. I would not expect that from the mas build.

Testcase Gist URL

No response

Additional Information

If I do all the same thing, but remove the com.apple.security.app-sandbox entitlement, then it all works correctly.

mifi commented 1 year ago

Did you find any solution for this? I'm having the same error after upgrading my app https://github.com/mifi/lossless-cut to electron 21.

I also noticed that the app exits with error code 0 (success)

dist/mas-dev-arm64/LosslessCut.app/Contents/MacOS/LosslessCut
[7775:1123/160433.012460:ERROR:process_singleton_posix.cc(1171)] Failed to bind() /var/folders/bw/28xbd8s12fb_sg_c809s0lf80000gn/T/no.mifi.losslesscut-mac/S/SingletonSocket: Operation not permitted (1)

echo $?
0
wrangler8A commented 1 year ago

ср, 23 нояб. 2022 г., 10:05 Mikael Finstad @.***>:

Did you find any solution for this? I'm having the same error after upgrading my app https://github.com/mifi/lossless-cut to electron 21

— Reply to this email directly, view it on GitHub https://github.com/electron/electron/issues/35540#issuecomment-1324677907, or unsubscribe https://github.com/notifications/unsubscribe-auth/A4K7EO7OUNJ2YCSJZSNNWA3WJXF47ANCNFSM6AAAAAAQCJ2YJM . You are receiving this because you are subscribed to this thread.Message ID: @.***>

mifi commented 1 year ago

Ok I found out why it exits with error code 0, because my code calls if (!app.requestSingleInstanceLock()) app.quit() (duhh)

So my workaround to this problem is to wrap the function and don't call it for mas builds:

function safeRequestSingleInstanceLock() {
  if (process.mas) return true; // todo remove when fixed https://github.com/electron/electron/issues/35540
  return app.requestSingleInstanceLock();
}
wrangler8A commented 1 year ago

Ok, I'll check it out.

ср, 23 нояб. 2022 г., 10:12 Mikael Finstad @.***>:

Ok I found out why it exits with error code 0, because my code calls if (!app.requestSingleInstanceLock()) app.quit() (duhh)

So my workaround to this problem is to wrap the function and don't call it for mas builds:

function safeRequestSingleInstanceLock() { if (process.mas) return true; // todo remove when fixed https://github.com/electron/electron/issues/35540 return app.requestSingleInstanceLock();}

— Reply to this email directly, view it on GitHub https://github.com/electron/electron/issues/35540#issuecomment-1324687665, or unsubscribe https://github.com/notifications/unsubscribe-auth/A4K7EO3DSSE4IOE4NS6PDOTWJXGYBANCNFSM6AAAAAAQCJ2YJM . You are receiving this because you commented.Message ID: @.***>

github-actions[bot] commented 1 year ago

This issue has been automatically marked as stale. If this issue is still affecting you, please leave any comment (for example, "bump"), and we'll keep it open. If you have any new additional information—in particular, if this is still reproducible in the latest version of Electron or in the beta—please include it with your comment!

mifi commented 1 year ago

Bump. Maybe requestSingleInstanceLock should be changed to just return if mas is true

github-actions[bot] commented 1 year ago

This issue has been automatically marked as stale. If this issue is still affecting you, please leave any comment (for example, "bump"), and we'll keep it open. If you have any new additional information—in particular, if this is still reproducible in the latest version of Electron or in the beta—please include it with your comment!

mifi commented 1 year ago

bump

github-actions[bot] commented 1 year ago

This issue has been automatically marked as stale. If this issue is still affecting you, please leave any comment (for example, "bump"), and we'll keep it open. If you have any new additional information—in particular, if this is still reproducible in the latest version of Electron or in the beta—please include it with your comment!

mifi commented 1 year ago

bump

electron-issue-triage[bot] commented 9 months ago

This issue has been automatically marked as stale. If this issue is still affecting you, please leave any comment (for example, "bump"), and we'll keep it open. If you have any new additional information—in particular, if this is still reproducible in the latest version of Electron or in the beta—please include it with your comment!

mifi commented 9 months ago

Bump: Still no evidence of a mas-specific check here: https://github.com/electron/electron/blob/79e714a82506f133516749ff0447717e92104bc1/shell/browser/api/electron_api_app.cc#L1075

471595249 commented 8 months ago

Same here; build mas-dev and mas. mas pkg upload testfight successful, but app crashed when startup mas-dev launch carsh. have any soluion

electron-issue-triage[bot] commented 5 months ago

This issue has been automatically marked as stale. If this issue is still affecting you, please leave any comment (for example, "bump"), and we'll keep it open. If you have any new additional information—in particular, if this is still reproducible in the latest version of Electron or in the beta—please include it with your comment!

mifi commented 5 months ago

bump

zoltan-szalontai commented 4 months ago

I also ran into this issue with Electron 30 mas build.

  const gotTheLock = app.requestSingleInstanceLock()
  if (!gotTheLock) {
    logMessage('Another instance of the app is already running, exiting...', 'info')
    app.quit()
  }

On Sonoma, this works, but on older MacOS versions it always returns falsy even though there is no other instance. I guess I just disable this logic for MacOS.

Simon-Laux commented 3 months ago
electron-issue-triage[bot] commented 4 days ago

This issue has been automatically marked as stale. If this issue is still affecting you, please leave any comment (for example, "bump"), and we'll keep it open. If you have any new additional information—in particular, if this is still reproducible in the latest version of Electron or in the beta—please include it with your comment!