I am simply trying to repackage some drag and drop apps as flat packages using Composer. We do this so we can use them in our provisioning workflows via Jamf Pro. Note: I have tried composer 10.44 to 10.48 and get the same results.
Using FileZilla as an example:
That is pretty much it. No postinstall, but I am signing with my developer installer ID.
I have tried to notarize and staple the .pkg's, but Apple does not like something in the .app file so I get "Invalid Package".
I have tried all kinds of things to try and clear any security flag, but nothing seems to work. The only thing that does work is control clicking and selecting Open, then open anyway. That does not work when attempting to deploy to thousands of computers. Our help desk will get overwhelmed with calls.
I have tried all of the following to fix the issue via script (kitchen sink from various how to's I found):
# disable gatekeeper
sudo spctl --master-disable
# The applications final destination, should always be used.
problemApp='/Applications/Filezilla.app'
# chown app to root
sudo chown -R root:wheel $problemApp
# chmod permissions to correct
sudo chmod -R 755 $problemApp
sudo chmod +x $problemApp
# remove quarantine attribute
sudo xattr -r -d com.apple.quarantine $problemApp
sudo xattr -c $problemApp
sudo xattr -cr $problemApp
# touch the file
sudo touch -m $problemApp
# open the file
sudo open $problemApp
# enable gatekeeper
sudo spctl --master-enable
I have about a dozen drag and drop apps that I can no longer install via a pkg for redistribution on 13.4.1 because they all trigger a security flag and ask to be moved to the trash. My biggest headache is Mathematica, which requires I insert a license file within the drag and drop .app for lab distribution.
Any advice?
We got some apps behaving the same way (e.g. Metashape Pro, MAXQDA, OpenShot, VueScan Pro).
1) Install the original disk image (.dmg file) to /private/tmp:
2) Then copy the app to /Applications with a postinstall script:
#!/bin/zsh
# Set Variables (manually) - please note: the (original) DMG file must be installed in /private/tmp
appName="PRODUCT.app"
dmgName="PRODUCT.dmg"
volName="PRODUCT"
### Do not edit below ###
# Unmount volume with the same name
echo "\nUnmounting volume '$volName', if available..."
sudo hdiutil detach "/Volumes/$volName"
echo "Done."
# Open disk image & mount volume
echo "\nOpening '$dmgName' & (invisibly) mounting '$volName'..."
sudo hdiutil attach "/private/tmp/$dmgName" -nobrowse -noverify
echo "Done."
# Copy app from volume to applications directory
echo "\nCopying '$appName' from '$volName' to '/Applications'..."
sudo cp -Rp "/Volumes/$volName/$appName" "/Applications/$appName"
echo "Done."
# Apply correct owner & group to app file
echo "\nApplying correct owner & group to '$appName'..."
sudo chown -R root:admin "/Applications/$appName"
echo "Done."
# Remove quarantine flags from app file
echo "\nRemoving quarantine flag from '$appName'..."
sudo xattr -r -d com.apple.quarantine "/Applications/$appName"
echo "Done."
# Unmount volume
echo "\nUnmounting volume '$volName'..."
sudo hdiutil detach "/Volumes/$volName"
echo "Done."
# Remove disk image
echo "\nRemoving '$dmgName'..."
sudo rm -f "/private/tmp/$dmgName"
echo "Done."
echo "\nInstallation of '$appName' completed [Exit Status = 0].\n"
exit 0
The Mathematica 13.x (network) license can be installed in /Library/Mathematica/Licensing/mathpass
I packaged Mathematica just as usual:
But I always open apps first (to confirm gatekeeper messages) before dragging them to Composer.app.
Such a pain. We have a couple of apps that I have used Composer for years on, even at a different employer. Now, does not work. Latest Composer 11.01 and running Ventura 13.6
Get the error when testing the package
