search

jjolano / shadow

A jailbreak detection bypass for modern iOS jailbreaks.
https://ios.jjolano.me
BSD 3-Clause "New" or "Revised" License
792 stars 131 forks source link

[Bug] `shdw` binary not signed correctly #125

Closed ghost closed 1 year ago

ghost commented 1 year ago

In the README, you tell people this:

You may see shdw: Killed: 9 in your package manager. It is safe to ignore this error message.

Sorry, but this is a lazy and irresponsible thing to say. You probably just need to resign the binary with the latest Procursus ldid (2.1.5-procursus3 or newer). Errors in maintainer scripts will also often break apt/dpkg and prevent people from installing/updating/removing packages.

jjolano commented 1 year ago

That message has been there for a while. So me not being totally up to date with "new practices" from a new jailbreak at the time is just being lazy and irresponsible. Got it. I assumed this thing was normally handled by the jailbreak itself, as evident by the lack of errors on other jailbreaks.

To explain the message: I only put that message there because otherwise issues would be bombarded. As well as being under the assumption that it is a jailbreak-specific issue assuming my own devtools/Theos are up to date.

There also is a "workaround" for this, called Auto Sign. Why has this become developers' responsibility?

I haven't experienced any packaging issues on my own palera1n device because all I needed to do was OR the script line with true.

ghost commented 1 year ago

This is not specific to palera1n, it will happen on every iOS 15+ jailbreak unless something like AutoSign is used. AutoSign is not meant to be a permanent solution, it's slow and breaks if you update Sileo.

It's not the jailbreak's job to support every ancient thing forever. It's also the developer's job to update packages for rootless, because while hacky workarounds using symlinks and binary patching exists, it's simply not good enough to make everything work. Which you didn't seem to have an issue with, so I don't see why you have an issue with updating ldid.

Yes, adding || true will avoid breaking apt/dpkg, I didn't check if you did that. But obviously that's still just a hack, it will not execute whatever you intended to execute so it may cause problems.

It should be as simple as updating the ldid binary in the theos toolchain folder and recompiling. Or if you have a precompiled binary instead of letting theos compile it, then just ldid -s it manually with the new version.

itsnebulalol commented 1 year ago

AutoSign creator here, yes, you should still be signing your stuff. AutoSign is a very hacky way to temporarily fix the unsigned stuff problem. Not everyone knows to install AutoSign either.

If you just simply add Procursus ldid to your path, theos will automatically use that, so there should be no issue.

jjolano commented 1 year ago

Alright, thanks. I'll update ldid and push out a new build.

Just for the record I do not have issues updating dev tools, I do run a Theos update occasionally so I suppose it is also dependent on that being updated.

jjolano commented 1 year ago

This should be fixed now.