I've made an app which includes a command-line tool. I have enabled the app's sandbox, and tested that it works. I've also code-signed both the app and the command line tool.
But when I upload the app to iTunes, I received a email telling me "App sandbox not enabled".
Apparently I need to set entitlement file of key com.apple.security.app-sandbox
with true
value, and list the executables: /Contents/MacOS/myApp
and /contents/Frameworks/x86/myCommandLineTool
.
I'm sure I've enabled sandbox in Xcode, so I thought the problem was with the command line tool.
How can I enable sandbox for command line tool? Or is there a specific folder I should put the tool? Any suggestions welcome - I have been troubled by it for several days.
I had the same issue and after some search, trial & error, this is what worked for me:
create an entitlement file - for me it was just com.apple.security.inherit set to YES. I created this file in xcode itself.
Now sign this commandline tool using the command:
codesign --entitlements ./entitlements.plist -s "copy & paste your certificate from keychain" ./commandlinetool
Just to be sure, check using this command:
codesign --display --entitlements - ./commandlinetool
This tool was already included in the project. So just compile, archive & submit
The status is now 'waiting for review'.
来源:https://stackoverflow.com/questions/11821632/mac-os-app-sandbox-with-command-line-tool