Background App does not run with Hardened Runtime

Hello All,

Trying to build an app that is background only using the Application is Agent or Application is background only plist keys. This works as expected with routine code signing. App does not run when signed with hardened runtime. It does notarize fine.

Using Xojo 2019 r1.1, Mojave 10.14.5

Any help with what I am missing?

Can you list which plist keys and their corresponding values.

Figured it out.

So to have my app run as a background app, I had to set this key:


With normal code signing, it would work fine. With hardened run time, it would not start up. No crash or error reporting. It looks like it just got kill 9 signal and died.

Added entitlement and resigned it and it ran as expected. Passed notarization as well.

You should mark that as resolved here. Others (and I) will benefit from this info. :slight_smile:

i dug a little further. Turns out my root problem was I missed code signing the Xojo framework. I had gotten everything else. Once I fixed that, the added entitlement was no longer needed.

FWIW, that seems to be essentially what that entitlement does… let’s you use frameworks signed by other developers.

Xojo should add entitlement automatically.

I made a feedback case for this: <>

[quote=440760:@Christian Schmitz]Xojo should add entitlement automatically.

I made a feedback case for this: <>[/quote]
I disagree with this; because you’re asking for a unneeded special entitlement to circumnavigate the security. This situation is resolved if you code sign the bundle correctly (at least according to their outdated documents). In the case of the App Store; Apple doesn’t like to allow ‘special’ entitlements, if they suddenly decide that too many people are incorrectly using this, they might choose to block it, and in which case you suddenly can’t Notarize and release the apps on your own site.

Correctly following the code signing guidelines as the OP has pointed out resolves this issue.

Xcode 11 adds extra entitlements for debugging.
I may need to watch the video again, but it may be good for debugging to have it added automatically.

For distribution, I recommend to sign Xojo framework and plugins with same certificate as the app itself.