0

I'm working on an internal company desktop app that gets distributed via an internal intranet site. The app is written in C# using Xamarin.Mac and Visual Studio for Mac and works fine locally until I compress the *.app file and upload it to the intranet site to be downloaded by end users.

When a user (including myself), downloads and launches the application it completely locks up trying to perform any actions where it interacts with the users local filesystem (No errors or warnings are displayed/no crashes are seen, it just stops executing any more code. The UI continues to update but nothing else happens).

The weird part is that if you right-click the '*.app' file, select "Show Package Contents" then browse into 'Content' > 'MacOS' and double-click the copy of app contained in there, everything works fine and without any problems.

I'm not an expert on OSX so I'm really struggling to understand what could be causing this behaviour and also what the difference is between launching a Xamarin.Forms app via the '*.app' file and the executable located inside this at 'ProgramName.app/Content/MacOS/ProgramName'.

I've checked/confirmed the app isn't being sandboxed and it's being signed/notarized using the correct distribution certificates/provisioning profiles as far as I can tell, so as far as I'm aware there shouldn't be any security restrictions preventing the required filesystem access. Unless there's something I'm missing.

Is there any way I can get more insight into what is causing this behaviour, such as any debugging tools I can use to understand/view any potential problems with the app itself/the way it's being built?

Thanks!

Ash_H
  • 11
  • 2
  • have you added any logging to track what is happening when it hangs? – Jason Aug 11 '20 at 18:31
  • Console is your friend here. Start the console app before launching the app and check for any relevant messages there – svn Aug 12 '20 at 08:33
  • Hey, thanks for the responses! I've added logging but I simply cannot get this to work properly. Initially the app would create a log file at startup but when ran on an end-user machine it would crash on launch as it failed to create/write to the file. The app now redirects errors too 'Console.Error' but I can't work out where this goes on OSX. I've checked in Console and don't see anything obvious in here, I don't also see any log output from the app. Interestingly when I tried to debug it via Instruments it was able to launch the app perfectly fine and everything worked correctly. – Ash_H Aug 12 '20 at 10:41
  • As far as I can tell, the 'hang' happens when it executes this line: `string[] directories = Directory.GetDirectories(MainClass.AppFolder);`. This call never returns and the app just sits there. `MainClass.AppFolder` is a public static pointing to the directory where the "ProgramName.app" file currently resides. – Ash_H Aug 12 '20 at 10:43
  • Just an extra note about not being able to create the log file etc, I've checked the directory permissions etc to rule that out. As noted before, everything works fine locally until I upload it to a web server and re-download from there. My guess is that some sort of security restriction is being placed on the downloaded files, but I just cannot work out what or how to clear this if it is in fact the cause. – Ash_H Aug 12 '20 at 11:27

1 Answers1

1

Managed to finally get to the bottom of this one: The issue was because of a security system Apple have in-place known as 'App Translocation'.

There's a description of this here for anyone who isn't familiar: https://lapcatsoftware.com/articles/app-translocation.html - The tl;dr is that downloaded applications are marked as 'Quarantined' and when ran they're copied to a virtual read-only file system and executed from there. This prevents the application from having any access to the local filesystem (Regardless of if the application is signed/notarized or downloaded from a 'trusted' source etc).

There are two ways to 'unquarantine' an application:

  1. Manually move the application to a different location via Finder (e.g. Drag/drop it into '/Applications' or '~/Documents' (Note: Moving the folder the app is located in/was extracted too isn't enough - You have to physically move the *.app file itself). Apple treats this action as the user considering the application as safe and removes the quarantine flag during the move operation (This has to be done via Finder, it cannot be done via command line operations such as mv).

  2. Run the following command from Terminal to remove the quarantine flag:

xattr -dr com.apple.quarantine '/path/to/downloaded/program.app'

You can detect if you're application is being affected by App Translocation in a number of ways, for instance:

  1. Using 'Console' you can see the path of your executable is something like '/private/var/.../AppTranslocation/....' (This is something I spotted in the Console when previously debugging, but I didn't know enough about OSX to understand exactly what I was seeing and initial attempts to understand this didn't yield any useful information at first)

  2. Run the command xattr /path/to/downloaded/program.app. If the following is seen in then output:

com.apple.quarantine

Then it means the application will be affected by App Translocation.

Ash_H
  • 11
  • 2