创建Mac OSX安装程序,以便已安装的应用不会启动防火墙 [英] creating a Mac OSX installer so the installed app won't set off the firewall
问题描述
现在,我正在向组织中的人员分发.app文件.我通过以root用户身份进行身份验证将其拖到/Applications,但是每次用户启动该程序时,都会收到防火墙警告. (该应用会检查启动时的更新-对我们而言非常重要).由于用户不是管理员,因此他们无法通过身份验证来使邮件消失.安装了mpkg的应用程序还会以最终用户需要管理员允许更新检查的方式来触发防火墙吗?我可以包括安装后脚本来为我的应用配置防火墙吗? 我的最终目标是管理员进行身份验证以运行安装程序.安装后,管理员将注销,普通用户将登录并运行该应用程序,而根本没有任何防火墙警告.
Right now I'm distributing a .app file to people in my organization. I drag it to /Applications by authenticating as root, but every time the users launch the program they get a firewall warning. (The app checks for updates on launch--very important for us). Since the users aren't admins they can't authenticate to make the messages go away. Will a mpkg-installed application also provoke the firewall in such a way that end-users will need an admin to allow the update check? Is there a post-install script I can include to configure the the firewall for my app? The ultimate goal for me is that an admin authenticate to run the installer. After installation, the admin would log out, the normal users would log in and run the application without any firewall warnings at all.
我应该提到组织中的最低版本是10.5,但是如果该解决方案也适用于Tiger,那将是很好的.
I should mention the minimum version in the org is 10.5, but it would be nice if the solution worked on Tiger as well.
推荐答案
如果您对应用程序进行代码签名,即使它只是使用自签名证书,则仅要求用户一次批准启动应用程序.如果签名证书相同,则后续更新将不会触发对话框.
If you code sign the app, even if it's just using a self-signed certificate, then the user will only be asked once to approve the launch of the app. Subsequent updates, providing the signing certificate is the same, won't trigger the dialog.
More info is in the code signing docs and in this tech note.
这篇关于创建Mac OSX安装程序,以便已安装的应用不会启动防火墙的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
