Ffmpeg gets aborted in an Electron sandboxed application

て烟熏妆下的殇ゞ 提交于 2020-07-06 20:30:08

问题


I have an Electron app, published on the Mac AppStore, and sandboxed.

I'm trying to add a new feature that will encode/decode videos on the fly so I can stream more video formats in an Electron context.

I'm using fluent-ffmpeg and a static exec of ffmpeg.

Everything works awesomely, I've uploaded the sandboxed app to Apple, and got rejected because ffmpeg is using by default a secure transport protocol which is using non-public API, this is what they've sent me with the rejection:

Your app uses or references the following non-public API(s):

'/System/Library/Frameworks/Security.framework/Versions/A/Security'

: SecIdentityCreate

Alright, after much investigation, it appears that I have to compile ffmpeg myself with a --disable-securetransport flag. Easy enough, I do it using the same config as the static build I've downloaded simply adding the new flag.

I manage to install every dependencies needed, except libxavs, no big deal I guess and simply remove its flag from the configure command:

./configure \
--cc=/usr/bin/clang \
--prefix=/opt/ffmpeg \
--extra-version=tessus \
--enable-avisynth \
--enable-fontconfig \
--enable-gpl \
--enable-libass \
--enable-libbluray \
--enable-libfreetype \
--enable-libgsm \
--enable-libmodplug \
--enable-libmp3lame \
--enable-libopencore-amrnb \
--enable-libopencore-amrwb \
--enable-libopus \
--enable-libsnappy \
--enable-libsoxr \
--enable-libspeex \
--enable-libtheora \
--enable-libvidstab \
--enable-libvo-amrwbenc \
--enable-libvorbis \
--enable-libvpx \
--enable-libwavpack \
--enable-libx264 \
--enable-libx265 \
--enable-libxvid \
--enable-libzmq \
--enable-libzvbi \
--enable-version3 \
--pkg-config-flags=--static \
--disable-securetransport \
--disable-ffplay

With the new ffmpeg exec, everything still works as expected. But once I'm packaging, signing and sandboxing the app, ffmpeg stops working as soon as I try to launch it throwing this error:

An error occurred ffmpeg was killed with signal SIGABRT Error: ffmpeg was killed with signal SIGABRT
    at ChildProcess.eval (webpack:///../node_modules/fluent-ffmpeg/lib/processor.js?:180:22)
    at emitTwo (events.js:125:13)
    at ChildProcess.emit (events.js:213:7)
    at Process.ChildProcess._handle.onexit (internal/child_process.js:200:12)

I've tried to remove the --disable-securetransport flag, see if it could have messed with something, same result.

I've tried to compile on a Linux machine, just to see if it could help, same thing.

As soon as I'm using my custom compiled exec it doesn't work in the sandbox, but when using the static one, everything is ok (after I xattr it, because it's quarantined and blocked in sandbox).

The only thing I've noticed that seems odd is that my custom compilation is only 20mo or so, when the static install I've downloaded is 43mo.

I'm really stuck with this.


回答1:


So I finally was able to compile my static ffmpeg executable.

I've found my solution thanks to this answer.

Apparently, OSX has dynamic libraries located in /usr/local/bin which take precedence over everything else. So even if you try to compile your ffmpeg to be static, it won't work with these libraries on the way.

Once I've removed all those /usr/local/bin/*.dylib my build became fully static and worked perfectly in the sandbox.



来源:https://stackoverflow.com/questions/47629110/ffmpeg-gets-aborted-in-an-electron-sandboxed-application

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!