Hi, We use Firebird embedded in our application on MacOS. Now we're trying to run our application sandboxed and running into some trouble, with locking mostly. Does anyone have this working and could offer some suggestions? We're using the classic server 2.5, extracted from the released 2.5.2 framework and embedded in our application using a process pretty similar to what's described at http://paulbeachsblog.blogspot.fr/2012/09/firebird-embedded-on-macosx.html http://paulbeachsblog.blogspot.fr/2012/09/firebird-embedded-on-macosx.html . This works for our non-sandboxed app deployments. When we run sandboxed, connecting to the database fails with an error -902 and the text "lock manager error". FIREBIRD_TMP and FIREBIRD_LOCK environment variables are pointed to our sandboxed temporary location in /var/folders and I do see fb_init, fb_lock_* and fb_sem files created in there, as well as the log. The log shows: plmac-lion Thu Dec 5 17:11:53 2013 ib_util init failed, UDFs can't be used - looks like firebird misconfigured ib_util_init not found in /Library/Frameworks/Firebird.framework/Versions/A/Libraries/libib_util.dylib /var/folders/km/q0hkq8z53wg9jj529c2wf93c0000gt/T/com.risingsoftware.auralia4.appstore/lib/libib_util.dylib library has not been found /var/folders/km/q0hkq8z53wg9jj529c2wf93c0000gt/T/com.risingsoftware.auralia4.appstore/lib/libib_util.dylib library has not been found libib_util.dylib library has not been found plmac-lion Thu Dec 5 17:11:54 2013 event_init() operating system directive semctl failed Operation not permitted plmac-lion Thu Dec 5 17:11:54 2013 Database: /Users/hamish/Library/Containers/com.risingsoftware.auralia4.appstore/Data/Library/Application Support/Rising Software/data4/rising4.fdb lock manager error (I can fix the libib_util.dylib error but it doesn't affect the locking.) I presume it's the semctl failure that's the root problem here. I tried to trace this with the Apple Instruments tool but couldn't see semctl calls in that tool. The Apple sandboxing guidelines say that System V semaphores are specifically disallowed. Is this the type that Firebird uses? https://developer.apple.com/library/mac/documentation/security/conceptual/AppSandboxDesignGuide/AppSandboxInDepth/AppSandboxInDepth.html#//apple_ref/doc/uid/TP40011183-CH3-SW24 https://developer.apple.com/library/mac/documentation/security/conceptual/AppSandboxDesignGuide/AppSandboxInDepth/AppSandboxInDepth.html#//apple_ref/doc/uid/TP40011183-CH3-SW24 POSIX semaphores and other IPC are allowed if you have an application group directory, which I listed in my sandbox entitlements file, created and tried to use as FIREBIRD_TMP/FIREBIRD_LOCK, and even as the location for the db, but none of that changed the behaviour for me. thanks, Hamish
