I have created a .Net MAUI application that I have written for Windows and MacCatalyst. In my entitlements.plist I have com.apple.security.app-sandbox = no.
<PropertyGroup Condition="'$(Configuration)|$(TargetFramework)|$(Platform)'=='Debug|net7.0-maccatalyst|AnyCPU'">
<MtouchLink>SdkOnly</MtouchLink>
<EnableCodeSigning>True</EnableCodeSigning>
<EnablePackageSigning>true</EnablePackageSigning>
<CreatePackage>true</CreatePackage>
<CodesignKey>Developer ID Application: xxxxxxxxxx</CodesignKey>
<CodesignProvision>xxxxxxxx</CodesignProvision>
<CodesignEntitlements>Platforms\MacCatalyst\Entitlements.plist</CodesignEntitlements>
<PackageSigningKey>Developer ID Installer: xxxxxxxxx</PackageSigningKey>
<UseHardenedRuntime>true</UseHardenedRuntime>
<RuntimeIdentifier>maccatalyst-arm64</RuntimeIdentifier>
<MtouchInterpreter>-all</MtouchInterpreter>
</PropertyGroup>
I have a 3rd party executable that I manually codesigned:
codesign --force --verify --verbose --sign xxxxxx 3rdpartyApp --timestamp --deep --options runtime
Then I build the application in Visual Studio Mac. Everything is codesigned, etc. After building I am able to successfully notarize the pkg and then staple the the notarization to it.
When I take that pkg and install it in a test environment, everything installs fine, no warning. I am able to start my application and do what I need to do But when it tries to run that 3rd party executable, it just fails. At first I checked exec permissions. I chmod it to +x. within the .app container and also all the way at the beginning, and rebuilt the application, resigned, re-notarized, etc. I am working to get some logging out to see why it failed, but having an issue with that at the moment.
In the meantime I have taken the non-notarized pkg, forced the install in the test environment and the 3rd party executable runs successfully.
So it seems the notarization process is causing this child process to fail?