签署Mac安装程式(pkgmaker) [英] Signing mac installer (pkgmaker)

问题描述

我的安装程序是使用PackageMaker创建的.之后，我使用以下命令对安装程序进行了代码签名.

My installer is created using PackageMaker. After that I codesigned the installer using the following command.

这似乎工作得很好，我可以看到它是使用以下命令签名的.

This seem to work pretty well and I could see that it is signed using the following command.

由于证书是通过钥匙串安装在我的系统上的，因此安装程序似乎在右上角显示了一个小锁.单击此按钮将打开证书.

Since the certificate is installed on my system in keychain, the installer seem to show a little lock on top right corner. Clicking this opens up the certificate.

如果将安装程序放置在未安装证书的系统中，将不再显示该锁.但是我仍然可以运行命令来检查证书.

If the installer is placed in a system without the certificate installed the lock is no longer seen. However I could still run the command to check for certificate.

1)在安装之前是否有图形化的方法来检查代码签名? (我不想运行命令行)

1) Is there a graphical way to check for code signing before installing? (I do not want to run command line)

2)我使用finder从mpkg文件中删除了一个文件夹，以查看安装程序是否会抱怨篡改.但这不会发生.如果安装程序被篡改，有什么方法可以停止安装?

2) I removed a folder from the mpkg file using finder to see if the installer will complain of tampering. But that does not happen. Is there a way the installer can stop install if it is tampered?

3)我还使用xcode的使用证书选项对包中的所有二进制文件(大多数是守护程序)进行了代码签名.同样，我能够看到二进制文件为已签名，但是我确实收到一条消息 内核[0]:代码签名:cs_invalid_page(0x1000):p = 224 [MyDaemon]正在清除CS_VALID.

3) I also code signed all the binaries in my package (mostly daemons) using xcode's option to use certificate. Again I am able to see the binary as signed, however I do get a message kernel[0]: CODE SIGNING: cs_invalid_page(0x1000): p=224[MyDaemon] clearing CS_VALID.

谷歌搜索，我发现 http://feedback.photoshop.com/photoshop_family/topics/photoshop_13_0_4_x64_how_can_i_get_rid_of_the_could_not_complete_your_request_because_of_a .但是我仍然不太清楚他们正在做什么.有人可以帮我吗?

Googling, I found http://feedback.photoshop.com/photoshop_family/topics/photoshop_13_0_4_x64_how_can_i_get_rid_of_the_could_not_complete_your_request_because_of_a . However I am still not very clear what they are getting at. Could someone help me?

推荐答案

您只能签名flat packages.您的软件包扩展名为.mpkg，我认为它是较早的捆绑包格式.如果要对扁平包装进行签名，请确保使用它们.

You can sign only flat packages. Your package has extension .mpkg which I believe is the older bundle format. Make sure you are using flat packages if you want to sign them.

这篇关于签署Mac安装程式(pkgmaker)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！