Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Figure out use in macOS 10.12 under sandboxed mode (for app store) #36

Closed
kirankunigiri opened this issue Mar 7, 2017 · 10 comments
Closed

Figure out use in macOS 10.12 under sandboxed mode (for app store) #36

kirankunigiri opened this issue Mar 7, 2017 · 10 comments
Labels
enhancement

Comments

@kirankunigiri
Copy link

When I try to submit a Mac app that uses peertalk, it sends me an error and says that I have to enable the sandbox. However, I get the Operation Not Permitted error because peertalk is no longer able to write to the device.

I tried making an exception according to another user on this stack overflow post, but it does not work.

How can I either disable sandbox and still use peertalk, or enable an exception in sandbox for peertalk? Thanks!
@rsms
Copy link
Owner

rsms commented Mar 7, 2017

I have no idea how to solve this. In theory, you'd have to specify access to the "UNIX socket" /var/run/usbmuxd in your app's entitlements (and of course allow "client" networking.) I see that the person authoring the Stack Overflow post also didn't succeed in doing this.

No idea why Apple keeps ruining macOS by closing everything down :(

@rsms rsms changed the title Mac sandbox app - Operation Not Permitted Figure out use in macOS 10.12 under sandboxed mode (for app store) Mar 7, 2017
@miteshkhatri
Copy link

Hi @rsms ,
I am also facing the same problem. After enabling Sandbox in the app when submitting to app store, the application is not getting the list of USB devices connected. So please let me know if you have any solution regarding this.
@kirankunigiri You found any solution or option of this? Please let me know its urgent.

Thanks
Mit

@0x6A75616E
Copy link

This might be helpful https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_security_device_usb

@Lessica
Copy link

Lessica commented Mar 9, 2020
edited
Loading

This works for me.

<key>com.apple.security.temporary-exception.sbpl</key>
<array>
    <string>(allow network-outbound (literal "/private/var/run/usbmuxd"))</string>
</array>

@cbjeukendrup
Copy link

cbjeukendrup commented Sep 16, 2020
edited
Loading

This works for me.

<key>com.apple.security.temporary-exception.sbpl</key>
<array>
    <string>(allow network-outbound (literal "/private/var/run/usbmuxd"))</string>
</array>

So it does for me! Does anybody have experiences with this in the Mac AppStore?

@rsms
Copy link
Owner

rsms commented Oct 3, 2020

Thanks @Lessica
Added to https://github.com/rsms/peertalk/blob/master/README.md#macos-sandboxed-mode

@jonathandann
Copy link
Collaborator

This works under sandbox. Unclear if Apple will allow submission to the App Store with the exception in the entitlements.

@antigp
Copy link

antigp commented Feb 15, 2022

Has anybody passed App Store review?

@ArcRain
Copy link

ArcRain commented Sep 27, 2022

Has anybody passed App Store review?

Apple rejected our app. Has anyone passed?

`
Guideline 2.4.5(i) - Performance

We've determined that one or more temporary entitlement exceptions requested for this app are not appropriate and will not be granted:

com.apple.security.temporary-exception.sbpl
(allow network-outbound (literal "/private/var/run/usbmuxd"))
`

@luckystardev
Copy link

How to solve this app store rejection?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
10 participants
@rsms @jonathandann @antigp @miteshkhatri @ArcRain @Lessica @kirankunigiri @luckystardev @cbjeukendrup @0x6A75616E