https://bugs.documentfoundation.org/show_bug.cgi?id=126409
--- Comment #50 from Christian Lohmaier <[email protected]> ---
(In reply to eisa01 from comment #49)
> Created attachment 161186 [details]
> Failed code sign due to Python framework
Creation of compiled py files (pyc) is also something that only happens after
LO was launched. So similar to the languagepack installation it is a
post-gatekeeper modification of the .app bundle. Not nice, for sure, but
unrelated to gatekeeper/notarization when doing the first-launch verification
by macOS
a .app copied from the dmg to your local disk before launching it should
verify:
cloph@Catalina-Mac-mini Desktop % spctl -vvv --assess --type exec
LibreOffice.app/
LibreOffice.app/: accepted
source=Notarized Developer ID
origin=Developer ID Application: The Document Foundation (7P5S3ZLCN7)
cloph@Catalina-Mac-mini Desktop % codesign --verify --deep --verbose
LibreOffice.app/
LibreOffice.app/: valid on disk
LibreOffice.app/: satisfies its Designated Requirement
cloph@Catalina-Mac-mini Desktop %
(and launching it for the first time should show the dialog with the
"..downloaded from... checked by apple for malware and none was found" dialog.)
After having launched LO (or more specifically: doing something that triggers
initialization of python, i.e. opening/creating a writer document → some
writing aids use python → python creates it pyc files) I can confirm the python
files messing up the integrity on disk, but as said: that is after LO was
already green-lit by gatekeeper.
######### stapling ###########
as for stapling: In LO's case: the thing you download is stapled, not just the
contents, so the dmg has the notarization-staple-info for the app assigned to
it.
###
> Opening the app for the first time does not show a "verify" progress bar as
> LO does,
likely because the Firefox app is too small/the scanning is fast enough to not
make it trigger a dialog for that. If you mean verify progress when opening the
dmg: that happens for firefox as well/any dmg, but that is just checksum based
verification of the dmg for download errors.
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
Libreoffice-bugs mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs
