SD Notary - problem with app included in script

I’m probably asking SD Notary to do something it was never intended to do, but maybe this experience can be useful.

I maintain a few AppleScript apps that launch the SheepShaver emulator (running OS 8.6 or OS 9) and run launch daemons that make it possible to print from SheepShaver, transfer files, etc. I’ve tried to build and notarize SheepShaver in Xcode, but (for reasons I don’t understand) it’s not possible to notarize it.

So, never expecting it to work, I tried using SD Notary 1.1.1 to notarize one of my AppleScript apps that contains a code-signed copy of SheepShaver. Amazingly enough, Apple accepted it, and SD Notary stapled it. However, the SheepShaver app inside the AppleScript app got damaged in the process, and produces a “SheepShaver quit unexpectedly” message. Whatever SD Notary is doing to the contents of the AppleScript app seems to have damaged the SheepShaver app.

I doubt anyone will want to bother about this, but if anyone’s interested, here’s the app that I tried to notarize:

Again, I know that this I was pushing SD Notary beyond anything it ought be used for, so I’m NOT asking for a fix.

Could you elaborate on that?

EDIT This problem has nothing to do with SD - it’s a problem with Notarization and I’ll try to figure it out elsewhere. Details below.

The code I’m trying to build is here:

When I use my Developer ID as the team ID and archive the app, the Archive Manager shows the button that says “Distribute Content,” not “Distribute App” and there’s no option to Notarize. Other people have had this problem their own code, and there are a few solutions posted at StackOverflow and elsewhere. None of the solutions worked for this code. One example:

This the same code that I normally build in Xcode and then codesign from the command line. What I can’t do is notarize it.

EDIT I was able to notarize the from the command line - but the notarized app crashed in the same way it did when I tried to notarize it with SD Notary. I can’t guess what’s wrong here, but will try to solve it. Meanwhile, apologies for wasting bandwidth on a non-SD question!

I’d be very surprised if that’s the case: the only thing it is doing is code-signing (in this case replacing the existing code-signing). You can see in the log where that was done.

My best guess is that SheepShaver requires abilities either you haven’t (or can’t) give to it using the hardened runtime. Unexpected quitting is precisely what happens when an app tries to do something it doesn’t have permission to do.

AFAIK, code-signing of itself cannot break code.


You’re right, of course. I’ve now found this: If I build SheepShaver with code signing turned on and with hardened runtime enabled, it crashes.

Also (and this is what caused the original problem), if I build without hardened runtime disabled, the app runs. But if I then (mistakenly) run codesign with the “runtime” parameter, the app then crashes when I run it, in exactly the same way.

Apologies again for wasting bandwidth, and thank you for sorting this one out.

And now the programmer has added an entitlement file to fix this problem.