I started from Marc Zeedar’s “Update Yourself” article and built a solution which works and OSX, Windows and Linux.
But after downloading such update, the user still has to go through a whole lot of clicking, plus password entering, in order to install the update.
So I wrote a app which is asking for the password only on the first run and then is storing it in keychain (OSX) - and from then on it does silent updating in the background (if the user allows).
But then restart of the app did fail once in while. On some machines the user ended up with a restart of the old app and got caught in a update loop.
So I’m trying the MBS updater kit and look: restart issue is gone… but unfortunately it does not work with sandboxed apps.
So I end up with a sandboxed version for MAS (where Apple takes care of updating) and non-sandboxed version with Sparkle Updater, distributed from my own website.
I do not really want to go into any religious discussion about sandboxing here.
But I want to give some background info: I wrote a little database application where the data stored is all about money. Sandbox comes in handy as an additional security feature - and in fact the software works fine in the sandbox.
I just wanted to make the update procedure a little bit more fool-proof with fewer clicking there.
But security is more important than fool-proof updating. So I guess I will have to go back to my previous updating solution.
Sorry to hear.
It maybe that the little helper app in the sparkle framework is not signed/sandboxed, so your app may not even be allowed to launch it. Or it can’t exchange the files.
Does console log show something?
[quote=74118:@Christian Schmitz]…
Does console log show something?[/quote]
Yes, I did post some of it above (test(1869) deny forbidden-exec-sugid).
But now I’m no longer in front of my Mac, but using an iPad, so I have no access to those logs right now .
Btw: your post did not answer my issue, it is just close to impossible for me to quote someone on this forum, when is use the iPad. The icons only become visible when I tab in the upper right corner of a post - and many times I hit on ‘answer’ that way.
Hi Oliver,
This is not allowed by the Sandbox. Check the forums “Updating” a Sandboxed application has been discussed many times and there doesn’t seem to be a concrete example of how to do it. Except to get the user to download it again…
One idea I’ve had, but never tried was to get the app to download an installer for itself, launch the installer and then quit itself . It should do some checking on this installer to make sure that it comes from you (i.e. code signed by you).
[quote=74143:@Sam Rowlands]
One idea I’ve had, but never tried was to get the app to download an installer for itself, launch the installer and then quit itself . It should do some checking on this installer to make sure that it comes from you (i.e. code signed by you).[/quote]
Well, this is what I am originally doing, from a sandboxed app: I download the installer (.pkg) which is produced by AppWrapper and (after User-OK) launch this installer. This works, except that I can’t launch it for silent update. The user has to interact several times and click repeatedly on an OK button, plus he has to enter the password, again…
Then I tried to download a dmg as an alternative. But then I got user phone calls who simply did not know how to handle a dmg.
As I wrote before : I would like to have the advanced security of sandbox plus a fool-proof update solution. There must be a way, because Apple is doing it for MAS apps.
@ Sam: btw, I’m using AppWrapper 2.5.0 (202), and I no longer can find the option to overwrite signatures of frameworks in the bundle… is this now automatically done, or not at all? Re-sign already signed parts in it?
we would all love that. but I think they get around that issue by letting a 3rd party app (the App Store app) download/install the new versions. Notice you have to shutdown any app being updated before they even download it? Sparkle is awesome but with the new sandboxing/gatekeeper security it is just not functional anymore. Wish Apple would work with the Sparkle community to fix the issue.
One reason to sandbox your app would be to have a single version that you sell both in the MAS and through another route. But is that worth it? I have an app with 2 versions (MAS, non-MAS) and I can’t see any reason to sandbox the non MAS version. What’s your thinking?
Convenience (in some aspects) for the developer and the user. The application data will all be stored in the same place, you won’t have sandbox violations on one and not the other, which makes it harder to track down file issues.
Non sandboxed applications cannot create Security Scoped Bookmarks, so if you do need to use them in a Sandboxed application at some point you’re out of luck.
[quote=74695:@Sam Rowlands]Convenience (in some aspects) for the developer and the user. The application data will all be stored in the same place, you won’t have sandbox violations on one and not the other, which makes it harder to track down file issues.
Non sandboxed applications cannot create Security Scoped Bookmarks, so if you do need to use them in a Sandboxed application at some point you’re out of luck.[/quote]
Exactly! Plus there is a lower chance that some other app is manipulating your data, without user interaction.
The Sparkle/Sandbox issue has been discussed extensively with Andy Matuschak on GitHub and it seems there is a solution for sandboxed apps (outside of MAS):
Sam Deane has a Sparkle fork from Andy Matuschak, which implements this workaround, here:
