search

sparkle-project / Sparkle

A software update framework for macOS
https://sparkle-project.org
Other
7.37k stars 1.05k forks source link

Update Error! On CheckForUpdates if App Sandbox=YES #2417

Closed 101airborne closed 1 year ago

101airborne commented 1 year ago

Description of the problem

CheckForUpdate fails with "Update Error! An error occurred while launching the installer. Please try again later.

Update Error! Screen Shot

If App Sandbox = NO entitlement then error does not occur and update of app is installed and re-launched.

Do you use Sandboxing in your app?

YES

Version of Sparkle.framework in the latest version of your app

2.4.2

Version of Sparkle.framework in the old version of app that your users have (or N/A)

N/A

Sparkle's output from Console.app

Ventura sandboxing=yes

2023-08-09 11:49:16.492812-0500 TestSparkle4[3651:41111] [Sparkle] Failed to make auth right set
2023-08-09 11:49:16.497242-0500 TestSparkle4[3651:41111] [Sparkle] Failed copying system domain rights: -60005
2023-08-09 11:49:16.497359-0500 TestSparkle4[3651:41111] [Sparkle] Failed to submit installer job
2023-08-09 11:49:16.497393-0500 TestSparkle4[3651:41111] [Sparkle] If your application is sandboxed please follow steps at: https://sparkle-project.org/documentation/sandboxing/
2023-08-09 11:49:16.499011-0500 TestSparkle4[3651:41111] [Sparkle] Error: Failed to gain authorization required to update target
2023-08-09 11:49:16.531696-0500 TestSparkle4[3651:41111] [default] CGSWindowShmemCreateWithPort failed on port 0
2023-08-09 11:49:16.540097-0500 TestSparkle4[3651:41111] [default] CGSWindowShmemCreateWithPort failed on port 0
2023-08-09 11:49:20.981567-0500 TestSparkle4[3651:41111] [Sparkle] Error: An error occurred while launching the installer. Please try again later. (null) (URL (null))

Monterey sandboxing=yes

023-08-07 16:04:34.111593-0500 TestSparkle4[53450:2130035] Metal API Validation Enabled
2023-08-07 16:05:51.035949-0500 TestSparkle4[53450:2130035] [Sparkle] Failed to make auth right set
2023-08-07 16:05:51.040958-0500 TestSparkle4[53450:2130035] [Sparkle] Failed copying system domain rights: -60005
2023-08-07 16:05:51.041106-0500 TestSparkle4[53450:2130035] [Sparkle] Failed to submit installer job
2023-08-07 16:05:51.041121-0500 TestSparkle4[53450:2130035] [Sparkle] If your application is sandboxed please follow steps at: https://sparkle-project.org/documentation/sandboxing/
2023-08-07 16:05:51.042089-0500 TestSparkle4[53450:2130035] [Sparkle] Error: Failed to gain authorization required to update target

Steps to reproduce the behavior

I created a minimum macOS Sparkle test app named TestSparkle4 with Xcode template: storyboard and Objective-C. App builds, runs, and performs check-for-updates correctly when done so with Xcode 14.3.1 on macOS 13.5 (Ventura) and Xcode 14.2 on macOS 12.6.6 (Monterey,) as long as the entitlement App Sandbox=NO.

My app is signed and correctly notarized, using hardened runtime, etc. I export by building an Archive, then automatically signing it with my Developer ID identity, using a cloud managed certificate. I have added the Sparkle.framework with SPM, Embed & Sign.

I believe I have followed the guidelines at: https://sparkle-project.org/documentation/sandboxing/ and https://sparkle-project.org/documentation/customization/#sandboxing-settings

Entitlements and Info.plist: entitlements Screen Shot

info plist Screen Shot

The app cast file "appcast_topz3.xml":

<?xml version="1.0" encoding="utf-8"?>
<rss version="2.0" xmlns:sparkle="http://www.andymatuschak.org/xml-namespaces/sparkle"  xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>TopXNotes Changelog</title>
    <link>https://www.t……s3/appcast_topz3.xml</link>
    <description>Most recent changes with links to updates.</description>
    <language>en</language>
      <item>
        <title>Version 1.0.0(2)</title>
        <link>https://www.t…com</link>
        <sparkle:version>1.0.0(2)</sparkle:version>
        <description>
          <![CDATA[
            <ul>
              <li>Lorem ipsum dolor sit amet, consectetur adipiscing elit.</li>
              <li>Suspendisse sed felis ac ante ultrices rhoncus. Etiam quis elit vel nibh placerat facilisis in id leo.</li>
              <li>Vestibulum nec tortor odio, nec malesuada libero. Cras vel convallis nunc.</li>
              <li>Suspendisse tristique massa eget velit consequat tincidunt. Praesent sodales hendrerit pretium.</li>
            </ul>
          ]]>
        </description>
        <pubDate>Mon, 7 Aug 2023 16:99:00 +0000</pubDate>
        <enclosure url="http://www.t………/TestSparkle4.zip" type="application/octet-stream" sparkle:edSignature="O7//Uvz+ix4Xs56QUVghJZSxcDr4DOXeB5T7ocE………SH54vylY8YzEZYQDMXOYEnkeboY1Bw==" length="956769" />
      </item>
  </channel>
</rss>

I've reviewed Issues #2172, #1544, #1182, #1125 for clues, but nothing I have tried yields success.

I do not have any scripts or special code signing.

The Target build Setting / Other Code Signing Flags is blank.

Since this is just a simple test app I have no problem sending the project folder, if needed.

[The more information provided and pasted verbatim, the easier it will be to diagnose an issue. If you can provide the affected application/binary and XML feed to reproduce an issue, share them]