Here’s the output for my app and extension, I replaced our company’s identifier to XXXXXXXXXX as we can see the output entitlements do have the following keys
"com.apple.application-identifier”, "com.apple.developer.team-identifier”, "com.apple.security.app-sandbox”, “com.apple.security.network.client" The console still shows system complain about extension not sandboxed, what else can I check? BTW, the container app include an extra key “com.apple.developer.networking.vpn.api” should I remove it or add into extension also? —Kevin MacBook-Pro-2:Debug kevinyu$ codesign -d --entitlements :- ./Smart\ VPN.app Executable=/Users/kevinyu/Library/Developer/Xcode/DerivedData/Smart_VPN-ahmwawingpuachhkpmczcmidvxsy/Build/Products/Debug/Smart VPN.app/Contents/MacOS/Smart VPN <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd";> <plist version="1.0"> <dict> <key>com.apple.application-identifier</key> <string>XXXXXXXXXX.com.draytek.SmartVPN</string> <key>com.apple.developer.networking.HotspotHelper</key> <true/> <key>com.apple.developer.networking.networkextension</key> <array> <string>packet-tunnel-provider</string> </array> <key>com.apple.developer.networking.vpn.api</key> <array> <string>allow-vpn</string> </array> <key>com.apple.developer.team-identifier</key> <string>XXXXXXXXXX</string> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.application-groups</key> <array> <string>group.com.draytek.Smart-VPN</string> </array> <key>com.apple.security.network.client</key> <true/> <key>keychain-access-groups</key> <array> <string>XXXXXXXXXX.com.draytek.Smart-VPN.shared</string> </array> </dict> </plist> — extension MacBook-Pro-2:Debug kevinyu$ codesign -d --entitlements :- ./Smart\ VPN.app/Contents/PlugIns/drayTunnelX.appex Executable=/Users/kevinyu/Library/Developer/Xcode/DerivedData/Smart_VPN-ahmwawingpuachhkpmczcmidvxsy/Build/Products/Debug/Smart VPN.app/Contents/PlugIns/drayTunnelX.appex/Contents/MacOS/drayTunnelX <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd";> <plist version="1.0"> <dict> <key>com.apple.application-identifier</key> <string>XXXXXXXXXX.com.draytek.SmartVPN.drayTunnelX</string> <key>com.apple.developer.networking.HotspotHelper</key> <true/> <key>com.apple.developer.networking.networkextension</key> <array> <string>packet-tunnel-provider</string> </array> <key>com.apple.developer.team-identifier</key> <string>XXXXXXXXXX</string> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.application-groups</key> <array> <string>group.com.draytek.Smart-VPN</string> </array> <key>com.apple.security.network.client</key> <true/> <key>keychain-access-groups</key> <array> <string>XXXXXXXXXX.com.draytek.Smart-VPN.shared</string> </array> </dict> </plist> > macnetworkprog-requ...@lists.apple.com 於 2016年4月21日 上午3:00 寫道: > >> I still saw the error message on console say that my plug-ins must be >> sandboxed, is it normal? > > No. You should check the entitlements of both your plug-in and your host > app. Don’t check your .entitlements file, but the entitlements of the built > binaries. The following DevForums post explains how to do this. > > <https://forums.developer.apple.com/message/75928#75928> > > Keep in mind that Network Extensions providers are only supported for Mac App > Store apps, so your app’s entitlements should look Mac App Store-ish (for > example, the app and extension should have appropriate > "com.apple.application-identifier” and "com.apple.developer.team-identifier” > entitlements).
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
