Search code examples
macoselectroncode-signingpackaging

electron: codesigning cripples some features of my app on macOS

Goal

My Electron app is made up of a frontend process and a backend child process. On macOS, the backend requires some capabilities on macOS, such as accessing user Desktop and microphone. The backend is built through Xcode and codesigned using the same developer ID separately.

Upon first run, user will be asked to give permissions according to the capabilities. On subsequent launches, the app should run smoothly without user intervention. Before codesigning through Electron that works fine.

I'm ready to codesign the app through electron-osx-sign and expect that the app would behave normally.

Problem

When signing with Electron, I use the documented electron-forge option this way

      "osxSign": {
          "entitlements": "entitlements.plist",
          "entitlements-inherit": "entitlements.plist",
          "identity": "Mac Developer: ME (my id)"
        },
      "osxNotarize": "require:./notarize.js",

My entitlements does this

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>com.apple.security.cs.allow-jit</key>
    <true/>
    <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
    <true/>
    <key>com.apple.security.cs.debugger</key>
    <true/>
    <key>com.apple.security.cs.disable-library-validation</key>
    <true/>
    <key>com.apple.security.cs.disable-executable-page-protection</key>
    <true/>
    <key>com.apple.security.automation.apple-events</key>
    <true/>
  </dict>
</plist>

And the notarization script returns false, in this case.

After this, on first run, user is NO LONGER prompted for permission. Permission seems to have been granted silently.

I played around with other options such as

"gatekeeper-assess": false,
"hardened-runtime": true,
"signature-flags": "library"

Any of these will break the app, i.e., the capabilities will be lost and no error messages.

Question

Are the behaviours by design? How should I achieve the expected behaviours with and without codesigning?

Solution

  • Solved it myself.

    The problem is neither with the existing entitlement entries nor with the package.json options, but rather a missing entitlement entry:

        <key>com.apple.security.get-task-allow</key>
    <true/>

    The app got the permission prompts back after adding that.