This query on how to staple ticket with unix executable after notarization. I am new to MAC OSX environment. Following steps are used to notarize and staple unix executable :-
1) Created the directory codesign_utilities
2) Added all the codesigned unix executables into it and compressed it to zip file as :- zip -r codesign_utilities.zip codesign_utilities
3) Run command for notarization:- xcrun altool --notarize-app --primary-bundle-id "com.def.ghi" --username "developer ID" --password "related password" --file codesign_utilities.zip. I am able to notarize the zip file.
4) Later, I am trying to staple the ticket with one of the unix executable which was part of the zip file with command:- xcrun stapler staple "unix executable". But, it is throwing error as:- "Could not remove existing ticket from /Contents/CodeResources ... {Error Domain=NSPOSIXErrorDomain Code=20 "Not a directory"}} The staple and validate action failed! Error 73.
I believe the error is occurring because it is just unix executable and not a executable bundle in .app format.
Queries:-
- Can you help me what are the best ways to staple the ticket with unix executable?
- Is it mandatory to create executable bundle for notarization and stapling? If yes, please provide the steps?
Here is how I solved it by notarizing my executable:-
https://medium.com/@nimit95/fix-macos-catalina-caused-app-failures-1f9a05d2b0ec
Currently, only some file formats are supported for stapling.
Staple man says
You should also attach the ticket generated ticket to your software using the stapler tool, so that future distributions include the ticket. This ensures that Gatekeeper can find the ticket even when a network connection isn’t available. It is not mandatory as if the network connection is there gatekeeper will check online.