electron app crashes after signing. Works fine without signing.

[ravi-dnk]

I want to make my electron application live to mac app store. So i found article and i followed this steps: 1) I used electron packager to pack the application with this command: "electron-packager . --appname=cruster --app-bundle-id=xxx.xxx.xxx --version=1.7.10 --overwrite --platform=mas --arch=x64 --icon=./app.icns --prune --out=mas-build --ignore --app-version=1.0.0"

Note: After 1st step, cruster.app is generated and when i run this .app file it opens successfully and run fine.

2)And then i am using electron-osx-sign to sign my application with given command: electron-osx-sign cruster.app --type=distribution --identity="3rd Party Mac Developer Application: XXXXX (XXXX)" --entitlements='parent.plist' --entitlements-inherit='child.plist' --provisioning-profile="distribution.provisionprofile"

Note: After 2nd step, when i open my cruster.app is crashes with error :

Exception Type: EXC_CRASH (Code Signature Invalid) Exception Codes: 0x0000000000000000, 0x0000000000000000 Exception Note: EXC_CORPSE_NOTIFY

3) if I use system's codesign command: codesign --deep --verbose --force --sign "3rd Party Mac Developer Application: XXXX (XXXX)" cruster.app

then it signs successfully and also opens and runs.

But after that i use below command to generate .pkg and load it to the application loader: electron-osx-flat HK.app --identity="XXXX (XXXX)" then it generates .pkg but then application loader throws error that sandbox is not enabled.

I am trying this for two days and i'm out of solution, please can anyone help?

[sethlu]

@ravi-dnk Thanks for filing the issue! Sorry I didn't get to see this until today.

The app is not expected to run after codesigning since there is no provisioned device, and it is intended only for submission to iTunes Connect.

If your app runs correctly with:

electron-osx-sign cruster.app --type=development --identity="Mac Developer" --entitlements='parent.plist' --entitlements-inherit='child.plist' --provisioning-profile="development.provisionprofile"

Then submitting the app produced with:

electron-osx-sign cruster.app --type=distribution --identity="3rd Party Mac Developer Application" --entitlements='parent.plist' --entitlements-inherit='child.plist' --provisioning-profile="distribution.provisionprofile"

... should be fine even though it doesn't launch locally.

Afterwards submitting your signed app for distribution (pkg) with:

electron-osx-flat HK.app --identity="XXXX (XXXX)"

should just work.

Let me know if this works!

[ravi-dnk]

hi @sethlu Thanks for replying. after executing first command that is : electron-osx-sign cruster.app --type=development --identity="Mac Developer" --entitlements='parent.plist' --entitlements-inherit='child.plist' --provisioning-profile="development.provisionprofile"

It shows in terminal that Application Signed : cruster.app

But when i run app after that command then dock icon is generated, menu is generated in menu bar and then suddenly app is closed without any error or any log.

i am using identity as Mac Developer : name (xxxxx) and development provision profile which i installed in my local system.

What i'm missing?

[sethlu]

@ravi-dnk Would you mind posting the debug log (with sensitive info redacted) from electron-osx-sign with export DEBUG=electron-osx-sign* (with the asterisk) so I can help debug? Another good place to check the cause of the crash is from the Console app. See if any error is emitted there right after your app launches. Also if you don't mind sharing the contents from your entitlements files, I can help validate some settings.

[ravi-dnk]

@sethlu , there is not any error generated when i run application without signing.Also there is one message in console printed, i don't know if that's an error or warning but i don't think that's causing the issue because even though with that warning or error i can run my application file. Here is that mesage :

Electron Helper[7791:580091] Couldn't set selectedTextBackgroundColor from default ()

And here is debug log i am attaching:

electron-osx-sign electron-osx-sign@0.4.8 +0ms electron-osx-sign:warn No platform passed in arguments, checking Electron platform... +6ms electron-osx-sign identity passed in arguments. +3ms electron-osx-sign Executing... security find-identity -v +1ms electron-osx-sign Identity:

Name: Mac Developer: name name (PD***) Hash: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx +6s electron-osx-sign Found 1 identity. +1ms electron-osx-sign Pre-sign operation enabled for provisioning profile:

• Disable by setting pre-embed-previsioning-profile to false. +0ms electron-osx-sign Pre-sign operation enabled for entitlements automation with versions >= 1.1.1:
• Disable by setting pre-auto-entitlements to false. +0ms electron-osx-sign provisioning-profile passed in arguments. +2ms electron-osx-sign Executing... security cms -D -i development.provisionprofile +0ms electron-osx-sign Provisioning profile: Name: Development crustercoMacApp Platforms: [ 'darwin', 'mas' ] Type: development Path: development.provisionprofile Message: { AppIDName: 'crusterMacApp', ApplicationIdentifierPrefix: [ '4W****' ], CreationDate: 2018-02-28T07:30:03.000Z, Platform: [ 'OSX' ], DeveloperCertificates: [ <Buffer 30 82 05 94 85 a0 03 02 08 4c 3c c5 b7 30 0d 09 2a 86 48 ... > ], Entitlements: { 'keychain-access-groups': [ '4W****.*' ], 'com.apple.application-identifier': '4W****.com.xxxxx.crustercoMacApp', 'com.apple.developer.team-identifier': '4W****' }, ExpirationDate: 2019-02-28T07:30:03.000Z, Name: 'Development crustercoMacApp', ProvisionedDevices: [ 'xxxxxx-xxxx-xxxx-xxxx-xxxxxxxx' ], TeamIdentifier: [ '4W****' ], TeamName: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', TimeToLive: 365, UUID: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', Version: 1 } +90ms electron-osx-sign Looking for existing provisioning profile... +3ms electron-osx-sign Found embedded provisioning profile:
• Please manually remove the existing file if not wanted.
• Current file at: cruster.app/Contents/embedded.provisionprofile +0ms electron-osx-sign Automating entitlement app group... Info.plist: cruster.app/Contents/Info.plist Entitlements: parent.plist +1ms electron-osx-sign ElectronTeamID found in Info.plist: 4W**** +6ms electron-osx-sign com.apple.application-identifier not found in entitlements file, new inserted: 4W****.com.xxxxx.crustercoMacApp +1ms electron-osx-sign com.apple.developer.team-identifier not found in entitlements file, new inserted: 4W**** +0ms electron-osx-sign com.apple.security.application-groups found in entitlements file: 4W****.com.xxxxx.crustercoMacApp +0ms electron-osx-sign Entitlements file updated: Entitlements: /var/folders/7v/cw4tvvj13fj_r65nvlcrb1n40000gn/T/tmp-entitlements-1f01-0.plist +6ms electron-osx-sign Signing application... Application: cruster.app Platform: mas Entitlements: /var/folders/7v/cw4tvvj13fj_r65nvlcrb1n40000gn/T/tmp-entitlements-1f01-0.plist Child entitlements: child.plist Additional binaries: [] Identity: { name: 'Mac Developer: name name (PDxxxxxxxx)', hash: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' } +1ms electron-osx-sign Walking... cruster.app/Contents +0ms electron-osx-sign Removing... cruster.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Electron Framework.cstemp +46ms electron-osx-sign Signing... cruster.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Electron Framework +397ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Electron Framework +0ms electron-osx-sign Signing... cruster.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libffmpeg.dylib +3s electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libffmpeg.dylib +0ms electron-osx-sign Signing... cruster.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libnode.dylib +586ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libnode.dylib +0ms electron-osx-sign Signing... cruster.app/Contents/Frameworks/Electron Framework.framework +1s electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Frameworks/Electron Framework.framework +1ms electron-osx-sign Signing... cruster.app/Contents/Frameworks/cruster Helper EH.app/Contents/MacOS/cruster Helper EH +3s electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Frameworks/cruster Helper EH.app/Contents/MacOS/cruster Helper EH +0ms electron-osx-sign Signing... cruster.app/Contents/Frameworks/cruster Helper EH.app +592ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Frameworks/cruster Helper EH.app +0ms electron-osx-sign Signing... cruster.app/Contents/Frameworks/cruster Helper NP.app/Contents/MacOS/cruster Helper NP +550ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Frameworks/cruster Helper NP.app/Contents/MacOS/cruster Helper NP +0ms electron-osx-sign Signing... cruster.app/Contents/Frameworks/cruster Helper NP.app +609ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Frameworks/cruster Helper NP.app +0ms electron-osx-sign Signing... cruster.app/Contents/Frameworks/cruster Helper.app/Contents/MacOS/cruster Helper +547ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Frameworks/cruster Helper.app/Contents/MacOS/cruster Helper +0ms electron-osx-sign Signing... cruster.app/Contents/Frameworks/cruster Helper.app +511ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Frameworks/cruster Helper.app +0ms electron-osx-sign Signing... cruster.app/Contents/MacOS/cruster +571ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/MacOS/cruster +0ms electron-osx-sign Signing... cruster.app/Contents/Resources/app/node_modules/ds-store/assets/DSStore-clean +9s electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Resources/app/node_modules/ds-store/assets/DSStore-clean +0ms electron-osx-sign Signing... cruster.app/Contents/Resources/app/node_modules/fs-xattr/build/Release/xattr.node +559ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Resources/app/node_modules/fs-xattr/build/Release/xattr.node +0ms electron-osx-sign Signing... cruster.app/Contents/Resources/app/node_modules/macos-alias/build/Release/volume.node +575ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Resources/app/node_modules/macos-alias/build/Release/volume.node +0ms electron-osx-sign Signing... cruster.app/Contents/Resources/app/node_modules/sqlite3/bin/darwin-x64-54/sqlite3.node +514ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Resources/app/node_modules/sqlite3/bin/darwin-x64-54/sqlite3.node +0ms electron-osx-sign Signing... cruster.app/Contents/Resources/app/node_modules/sqlite3/build/Release/node_sqlite3.node +581ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Resources/app/node_modules/sqlite3/build/Release/node_sqlite3.node +0ms electron-osx-sign Signing... cruster.app/Contents/Resources/app/node_modules/sqlite3/lib/binding/electron-v1.7-darwin-x64/node_sqlite3.node +587ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Resources/app/node_modules/sqlite3/lib/binding/electron-v1.7-darwin-x64/node_sqlite3.node +0ms electron-osx-sign Signing... cruster.app/Contents/Resources/app/node_modules/sqlite3/lib/binding/node-v57-darwin-x64/node_sqlite3.node +542ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements child.plist cruster.app/Contents/Resources/app/node_modules/sqlite3/lib/binding/node-v57-darwin-x64/node_sqlite3.node +1ms electron-osx-sign Signing... cruster.app +607ms electron-osx-sign Executing... codesign --sign xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --force --entitlements /var/folders/7v/cw4tvvj13fj_r65nvlcrb1n40000gn/T/tmp-entitlements-1f01-0.plist cruster.app +0ms electron-osx-sign Verifying... +9s electron-osx-sign Verifying application bundle with codesign... +1ms electron-osx-sign Executing... codesign --verify --deep --strict --verbose=2 cruster.app +0ms electron-osx-sign Verified. +8s electron-osx-sign Displaying entitlements... +0ms electron-osx-sign Executing... codesign --display --entitlements :- cruster.app +0ms electron-osx-sign Entitlements: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> com.apple.security.app-sandbox com.apple.security.application-groups 4W********.com.xxxxx.crustercoMacApp com.apple.application-identifier 4W********.com.xxxxx.crustercoMacApp com.apple.developer.team-identifier 4W******** +163ms electron-osx-sign Application signed. +0ms electron-osx-sign Application signed: cruster.app +0ms Application signed: cruster.app

child.plist file :

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>com.apple.security.app-sandbox</key>
    <true/>
    <key>com.apple.security.inherit</key>
    <true/>
  </dict>
</plist>

parent.plist file

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>com.apple.security.app-sandbox</key>
    <true/>
    <key>com.apple.security.application-groups</key>
    <string>4Wxxxxxxxx.com.xxxxx.crustercoMacApp</string>
  </dict>
</plist>

[sethlu]

@ravi-dnk I can't seem to match any common issues with your case. If you run cruster.app/Contents/MacOS/cruster directly from a Terminal session, do you see any error logs from Electron when it crashes?

[ravi-dnk]

hi @sethlu, I don't see any error logs while running that app though i am attaching logs.

/Users/dnk/Desktop/old/electron/myapp-source/mas-build/cruster-mas-x64/cruster.app/Contents/MacOS/cruster ; exit; Ms-iMac:~ dnk$ /Users/dnk/Desktop/old/electron/myapp-source/mas-build/cruster-mas-x64/cruster.app/Contents/MacOS/cruster ; exit; /Users/dnk/Library/Containers/com.**. crustercoMacApp/Data/Library/Application Support/cruster/localResources time-to-require: 1250.199ms logout Saving session... ...copying shared history... ...saving history...truncating history files... ...completed.

[Process completed]

[sethlu]

@ravi-dnk Thanks for sending in those information!

Right now I don't have a clear clue about that could be wrong with the setup. 😕

Perhaps try the following to see if it allows the app to run? (The --no-pre-auto-entitlements option passed to electron-osx-sign tells it not to add/update Electron team id, app group entitlements, etc. to the input files.)

electron-osx-sign cruster.app --type=development --identity="Mac Developer" --entitlements='parent.plist' --entitlements-inherit='child.plist' --provisioning-profile="development.provisionprofile" --no-pre-auto-entitlements

If not, and you don't mind taking this extra step, can you test whether a packaged & signed app bundle of the plain electron-quick-start runs properly on your end? => If it does, we can move on to finding other details with your app that's causing this behavior at launch.

[sethlu]

@ravisojitra After making a copy of electron-quick-start, run npm install and do the same packaging procedure as you did with your current app (it could use the same app identifier for now since it'll not be uploaded anywhere, but for testing purpose only).

After obtaining an app bundle, you can run:

electron-osx-sign <some-app-name>.app --type=development --identity="Mac Developer" --entitlements='parent.plist' --entitlements-inherit='child.plist' --provisioning-profile="development.provisionprofile"

[ravi-dnk]

Hi @sethlu , I tried about solution of packaging electron-quick-start and signing it with the identities i used to sign my previous cruster app. And it works perfectly application is also opened without any crash.

I don't see any reason why cruster.app is not launched with the same identities.

Any solution for that?

[sethlu]

@ravi-dnk does you app try to access any local files or anything not stated in the entitlements since it's in a sandboxed environment? I'm not sure what's causing the issue, assuming that the code signature is done correctly.

[sethlu]

@ravi-dnk I guess you may try to run the app without creating any BrowserWindow? Like commenting out creating new windows--If it doesn't crash then it's probably something in the rendering process that's causing the issue.

Also which Electron version are you using?

[ravi-dnk]

hi @sethlu , electron version i am using is 1.7.8.

I am using many libraries in main.js which is accessing local files created by those libraries. such as i am using electron-config which creates config.json and reads and writes data from that file. Also at the time of starting application, i am accessing soap services and using internet with soap module. I am also using sqlite3 database which is being read first when application is launched.

i am attaching all the libraries those are initialized at the time of starting application.

const { isArray,isObject,isString } = require('util');
const electron = require('electron');
const PDFWindow = require('electron-pdf-window');
const os = require("os");
const {
  ipcMain,
  globalShortcut,
  Menu,
  Tray,
  shell,
  session
} = require('electron');
var autoUpdater = electron.autoUpdater;

const soap = require('soap');
var {download}= require('electron-dl');;
const fs = require('fs');
var http = require('http');
var exec = require('child_process').exec;
var spawn = require('child_process').spawn;
var url = require('url');
var rimraf =require('rimraf');
const path = require('path')
const firstRun = require('first-run');
const ElectronOnline = require('electron-online')
const connection = new ElectronOnline();
const app = electron.app;
var logger = require("logger-electron");
var eNotify; 
const dataBase = require('./app/dbOperations/db');

const BrowserWindow = electron.BrowserWindow;

const dbPath = app.getPath('userData');
const localResourcesPath = path.join(dbPath,'localResources');
console.log(localResourcesPath);
const Config = require('electron-config');
const config = new Config();

var ifaces = require('os').networkInterfaces();
var address='';
for (var dev in ifaces) {
    ifaces[dev].filter((details) => details.family === 'IPv4' && details.internal === false ? address = details.address: undefined);
}

[sethlu]

@ravi-dnk I'm still trying to reproduce the issue. One question I have from your configuration is that when you do const dataBase = require('./app/dbOperations/db'); are you trying to modify some file that will be packaged in the app bundle in runtime?

[sethlu]

Closing issue due to inactivity

[ahmadwaliesipick]

i am still facing issue: [0116/155618.554779:ERROR:mach_extensions.cc(68)] bootstrap_check_in org.chromium.crashpad.child_port_handshake.62359.1040971.GMBPFWBXIBVQMGQM: Permission denied (1100) [62357:0116/155622.151664:FATAL:gpu_data_manager_impl_private.cc(894)] The display compositor is frequently crashing. Goodbye.

currently i am using "electron": "1.8.8", "electron-builder": "21.2.0",

[ahmadwaliesipick]

@sethlu can we reopen this issue i am still facing problem.

[sethlu]

@ahmadwaliesipick Have you experimented with more recent versions of Electron? I'm not sure if the issue is already resolved in a previous update.

[ahmadwaliesipick]

@sethlu i have restrictions i cannot upgrade electron version can you please share the electron version number which the above issue has been resolved?

[sethlu]

Sorry about the lateness, I guess the original issue was on Electron v1.7.10?

Since the issue was closed due to inactivity, I'll recommend making a new ticket because the problem you're facing may be different from what's vaguely described in the original post?

[philippnoah]

Has there been a fix since then?

[sethlu]

It looks like that @ravi-dnk managed to get the electron-quick-start boilerplate to code sign & run in https://github.com/electron/electron-osx-sign/issues/162#issuecomment-371793197 but we didn't get to a concrete solution to the original issue.

@philippnoah I'll suggest opening a new issue if you are dealing with something similar to what was discussed here :)

[philippnoah]

@sethlu Thanks! I already did actually and was able to figure out the solution. Even more helper binaries that somehow got left out during the signing process. I’ll post the solution to it soon.

[sethlu]

Speaking of binary files, the latest electron-osx-sign@0.4.16 should be much better at figuring out almost all of them by itself.