App does not start if sandboxing is switched on

Targets macOS
1

In 2025R1 using the Appstore-Connection I followed all the stuff Xavier provided thankfully. Xavier, thanks for that :grinning_face: - great job!

My App is still not in the Appstore because it seemed too complicated for me yet. I gave it another try now - and ran into problems again. Switching sandboxing off I can create my app as before. If I switch it on, I get this:

Compile Error
Compile Error1072×302 32.4 KB

I would not even know where to look for details about this error. Here are my settings:

Sandbox settings
Sandbox settings834×1068 74.7 KB

and my “myEntitlements” file used in “User Entitlements”:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>com.apple.security.app-sandbox</key>
	<true/>
	<key>com.apple.security.files.user-selected.read-write</key>
	<true/>
	<key>com.apple.application-identifier</key>
	<string>66XXXX2332.com.phaenomind.phaenomind</string>
	<key>com.apple.developer.team-identifier</key>
	<string>66XXXX2332</string>
</dict>
</plist>

Btw. I would like to get access to ~/Library/Application Support/PhaenoMind and ~/Library/Logs/PhaenoMind and to the users Documents directory. I am not sure if I am on the right way here. Is this possible in the sandbox mode?

Thanks a lot for any comments in advance!

2

Hi @Michael_Dettmer

Trying to access a file found in the “global” ~/Library folder is a violation for Sandboxed apps (these only can access the /Library - /Documents and other folders found on their own container).

For example, this is how the Container looks like for a Sandboxed app:

Container
Container2052×1790 466 KB

This is how the path looks like when accessing the Application Data folder for a Sandboxed app:

SandboxAppData
SandboxAppData2792×1728 277 KB

While this is how that same path looks like for a non-sandboxed app:

AppData
AppData2792×1728 266 KB

As for the Compilation error, have you tried not using an “User Entitlements” file and just providing the embedded.provisionprofile?

Maybe you can find helpful the documentation found at: Publishing macOS and iOS Apps to the App Store from Xojo — Xojo documentation

2 Likes
3

Hmmm
 as for the Compilation error
 what macOS version are you using? is it < macOS 14.0? If yes, there is an issue on Xojo 2025r1 that was fixed for 2025r1.1; so you can try using the current public beta for 2025r1.1 if you have access to it.

4

Hi Javier,

I fixed my sandbox directories now. My XOJO is still 2025R1 and my Mac runs with Sequoia 15.4.1
If I switch sandboxing ON and use the default entitlement.plist it is using the Container Directory now. Not yet ready 


Anyhow it would be nice to look behind the scenes if an error like that shows up.

Thanks for your help, very nice!

5

Now I have prepared everything accordingly. Sandboxing is ON, hardening is ON and notarization is ON. Now this shows up:

CleanShot 2025-04-22 at 18.17.19@2x
CleanShot 2025-04-22 at 18.17.19@2x582×618 73.3 KB

I have never been so far, but what now? B.t.w. How do I distinguish between TestDrive and the submission for review?

Thanks again!

6

Wait!! For submitting to the Mac App Store only Sandboxing needs to be On! :slightly_smiling_face:

7

The IDE should allow users to do that then

8

I can use any combination of Sandboxing, Hardening or Notarization - the error stays the same (number) - even if Sandboxing is selected alone.

Here comes the log 


2025-04-23 09:18:36 - Starting the process.

2025-04-23 09:18:36 - Retrieving App Store Connect credentials.

2025-04-23 09:18:36 - Creating .pkg file from App bundle.

2025-04-23 09:18:36 - Signing the .pkg file.

2025-04-23 09:18:44 - Retrieving AppID from App Store Connect.

2025-04-23 09:19:01 - Sending .pkg file to App Store Connect.

2025-04-23 09:19:19 - Error uploading to App Store Connect

2025-04-23 09:19:19.914 ERROR: [altool.6000028B81C0] Error uploading '/Users/md/Prog/Phaenomind/Code/Builds - PM1/macOS Universal/PhaenoMind.pkg'.

Google does not find the error. I have no clue what to do now :zany_face:

9

Have you tried uploading using Transporter to see what it has to say on the subject?

10

Do you know the difference between those? You don’t need notarisation if you upload to the AppStore.

Does a simple hello world work or a Xojo example? Have you tried reducing your app class by class to see what causes the problem? It’s my least favourite debugging technique but sometimes there is no alternative.

11

Super idea Jeff, thank you. I tried that. First it said:

CleanShot 2025-04-23 at 13.41.26@2x
CleanShot 2025-04-23 at 13.41.26@2x1184×342 33.4 KB

So I killed all the stuff in the develeoper account and started all over again. Certificate, Profiles and App. The app itself "Run"s and "Build"s .. but when I use “Publish” it stops with this strange message in the IDE error field:

CleanShot 2025-04-23 at 14.24.13@2x
CleanShot 2025-04-23 at 14.24.13@2x2232×248 29.9 KB

Strange: After using right mouse and “copy” in the error area XOJO terminated - repeatable:

CleanShot 2025-04-23 at 14.24.33@2x
CleanShot 2025-04-23 at 14.24.33@2x588×656 83.8 KB

And then of course:

CleanShot 2025-04-23 at 14.22.24@2x
CleanShot 2025-04-23 at 14.22.24@2x554×652 74.5 KB

The certificate I used looks like this and it is unique identifyable in my Keyring:

3rd Party Mac Developer Application: Dettmer Informatik GmbH & Co. KG (66XXXX2332)

So I think something real weird is going on - and I created an issue from the (reproducable) crash. This should not be an error - and it should not crash the IDE.

Again, thanks to all for your continued support - we will see how this will work out. A lot of time I spent into that now, hope it will help others.

12

Thank you Beatrix, there is no example for that in the XOJO repository - or I can’t find one.

13

I tried a “Helllo World”. I deleted all my stuff from the develeoper account and made all of them new. Started all over several times. Did not work. Opened an issue about the crash. Tried with the 2025R5.1 - the crash is gone. But it does not work and shows up with that error message above, though it is simple “Hello World” app.

Finally no way to find out what’s going on. I give up now.

14

Which message - there are quite a few to choose from?

Does Transporter still complain? If it does, Xojo won’t be able to help.

Have you tried using the Profile Triage app from Greg O’Lone?

Or Ohanaware’s App Wrapper, which also has codesign/certificate diagnostics?

Many times over the years I’ve cursed profiles and certificates from Apple.
But even after ‘made all of them new’, you might not have done that part correctly.
Get a second opinion..

15

Hi @Michael_Dettmer

Did you watch this recorded webinar? https://www.youtube.com/watch?v=osh0goclJHc&t=2278s

There Geoff shows how to publish a simple “Hello World” project.

I’m really interested about what could be going on in your side for not being able to do it.

I’ll send a private message to you.