Page MenuHomeSchine - Phabricator

Launcher | Unable to run OSX launchers due to invalid/missing .app signatures, and/or default behavior which quarantines downloaded .jar files.
Confirmed task for development, Release BlockerPublic

Description

I'm sorry, I completely glossed-over this issue long ago - and until a recent conversation w/ @calani, I never revisited this topic.

It's a bit long-winded, as I'm trying to combine both a problem statement alongside a few suggested solutions.

Since OSX 10.10, all apps must be signed, or the standard/default "Gatekeeper" function within OSX denies launching the app:
https://support.apple.com/en-us/HT202491

Before OSX 10.10 Gatekeeper defaulted to "Anywhere", after 10.10 it now defaults to “Mac App Store and Identified Developers”. This results in the following message for the various launcher builds/installs.

Original launcher:


Beta Launcher (after answering "open" the app launches):

Test Launcher (from: Launcher/158/ ):

For Original and Test launchers, in order for users to run them, they would need to CTRL-click on the app, or change their system's default Gatekeeper configuration. An option that I doubt most general users would be willing/able to do, as Apple is making it increasingly difficult/intimidating to launch unsigned apps, for good reason (Windows is an excellent example of design decisions which support widespread garbage/malware).

OSX Code Signing reference: https://developer.apple.com/library/mac/technotes/tn2206/_index.html

Further, when an app is signed, any changes within the .app structure results in signature invalidation, and denial of app launching. In Apple's own words "...Bundles should be treated as read-only once they have been signed..."
source: https://developer.apple.com/library/mac/technotes/tn2206/_index.html#//apple_ref/doc/uid/DTS40007919-CH1-TNTAG206

The invalid signature issue could be easily overlooked in dev/beta/test releases, as that's a generally expected behavior for such versions. Although for public releases...that’s a problem, as the general trend is towards signed apps, and I just don't think most users will willingly "compromise" their system's security.

From Apple's FAQ, you can change data file locations without significantly changing existing code, by moving the files to where Apple designates as "correct locations", while leaving behind symlinks for your code to still locate the files. Although that suggestion comes with a caveat that in general, you should plan for future stricter runtime checks.

Where to put files maintained by the launcher? It appears that Apple generally recommends an app-specific folder within:

  • For support files that the app can easily recreate: ~/Library/Caches/...
  • For data files that are not easily replaced, such as blueprints, world databases, logfiles, etc: ~/Library/Application Support/...

Source: https://developer.apple.com/library/ios/documentation/FileManagement/Conceptual/FileSystemProgrammingGuide/FileSystemOverview/FileSystemOverview.html#//apple_ref/doc/uid/TP40010672-CH2-SW1

Additional Suggestion:
Currently, the launcher bundles a bunch of game files which are basically outdated and must be overwritten/updated before players can run the game anyways. You might consider just not including such files with the distributed launcher, as it would result in a much smaller initial download, and the launcher itself already seems to handle keeping those files installed/updated...so why duplicate the work?

Details

Task Type
Bug
Testing Results
Affected Gamemode(s)
Launcher
Reproducible
uncertain
Category
Launcher
Hardware/Software/System
OS-Specific
OSX Only
Hardware-Specific
No
Video Card Vendor
uncertain
Serverconfig (server.cfg)
<replace this line with the file content>
Clientconfig (settings.cfg)
<replace this line with the file content>

Event Timeline

SmilingDemon shifted this object from the S1 Public space to the S5 Launcher space.Aug 7 2016, 6:55 PM
SmilingDemon changed the visibility from "Custom Policy" to "Public (No Login Required)".
SmilingDemon changed the edit policy from "Task Author" to "Starmade (Project)".
SmilingDemon changed Affected Gamemode(s) from none/unspecified to Launcher.
SmilingDemon changed Category from none/unspecified to Launcher.
SmilingDemon changed OS-Specific from No to OSX Only.
SmilingDemon claimed this task.
SmilingDemon triaged this task as Normal priority.

Sounds more to me they want to further close their ecosystem.

and the Launcher isnt preloading any game assets until you actually download the game with it ??

no idea what to do with this ... so pointing Calani at it ^^

calani raised the priority of this task from Normal to Release Blocker.Aug 7 2016, 7:12 PM

The larger issue is that this also applies to the game itself.

As updating any code breaks codesigning, the launcher will be unable to modify the game in any way. This means that we must distribute both launcher and game as signed installers, either via the app store or via .dmg's, and rely on the user to install them. It also requires moving all user-data, logs, and all other data modified at runtime outside of the .app.

Distributing via the app store -- and especially via .dmg -- is detrimental to the user experience in two notable ways. Firstly, they must download a new image with every release, requiring manual user interaction each time. Secondly: there's no way to simply patch the game, meaning that each downloaded image is the full 0.5gb+ game. For a third detriment: lacking an autoupdate feature is quite unprofessional.

That said, I have seen companies' products with autoupdate features on OSX. Notable example: Chrome. I've already been in contact with Vendetta Online, as they've solved it, though unfortunately they weren't able to provide any additional insight.


If anyone has any information that could be useful in solving this, i would absolutely appreciate it.

Restricted Application added a subscriber: AndyP. · View Herald TranscriptAug 7 2016, 7:12 PM
calani added a comment.EditedAug 7 2016, 7:22 PM

Addendum:

"Currently, the launcher bundles a bunch of game files which are basically outdated and must be overwritten/updated before players can run the game anyways."

No. The launcher package only contains the launcher itself (Electron+launcher code) and the bundled java. The only game-related file is a .txt containing the game's steam app id... which isn't being used.

Unless you're referring to downloading the game via Steam? in which case, yes, the depot contains the most recent release build of the game. Changing this behavior would be silly, as you would be unable to play the game after "installing" it via Steam. (Steam would then also not delete the game files if you asked it to uninstall the game.)

In T1799#69918, @calani wrote:

Addendum:

"Currently, the launcher bundles a bunch of game files which are basically outdated and must be overwritten/updated before players can run the game anyways."

No. The launcher package only contains the launcher itself (Electron+launcher code) and the bundled java. The only game-related file is a .txt containing the game's steam app id... which isn't being used.
Unless you're referring to downloading the game via Steam? in which case, yes, the depot contains the most recent release build of the game. Changing this behavior would be silly, as you would be unable to play the game after "installing" it via Steam. (Steam would then also not delete the game files if you asked it to uninstall the game.)

Yikes - I was basing the assumption off a large initial download, and forgot about bundled java. Oy, sorry about that.

SmilingDemon changed the task status from Open to In Queue (Launcher).Aug 8 2016, 11:28 AM

I guess this belongs in queue ;)

Restricted Application edited projects, added Launcher Development; removed Issue Navigation. · View Herald TranscriptAug 8 2016, 11:28 AM

I am dropping launcher support for OSX until I can resolve this.
It is a severe issue, but as it is OSX-specific, it should not delay the release for the majority of our players.

(That said, please continue submitting OSX bug reports)

Fair enough. I assume that this ultimately means OSX users need to:

  • Backup valued game data prior to replacement of the .app
  • CTRL-click to start the app, and manually OK when prompted by OSX's annoying Gatekeeper routines.
AndyP changed the task status from In Queue (Launcher) to In Queue.Mar 10 2017, 5:04 PM