PPPC Utility and Custom App created with Platypus

Chuey
Contributor III

There is a handy program called Platypus that takes scripts (bash, perl, etc) and converts it into a working .app

I have a bash script I wrote, imported into Platypus, and created an .app file.

I've downloaded the PPPC Utility and attempted to import the custom .app file into the PPPC Utility but it will not accept it. I'm not sure why? Does anyone have any insight? I would appreciate it very much.

Thank you in advance.

2 ACCEPTED SOLUTIONS

mainelysteve
Valued Contributor II

According to this the app must be signed. If you have a developer account you could always sign the binary using the certificate they give you. Unfortunately the developer for Platypus isn't too receptive to having it sign the binary for you, so therefore you're on your own.

View solution in original post

sshort
Valued Contributor

@Chuey yep! Anything with X app wants to control Y app will be an AppleEvent. The only time I've seen PostEvent used is for the Apple screen sharing profile.

If you happen to encounter any apps that need Accessibility, you'll need to include an AppleEvent for that app to control System Preferences. Otherwise you'll get an app that appears in the Privacy section of System Preferences, but with the box remaining unchecked. The AppleEvent allows the app requesting accessibility access to add itself.

View solution in original post

17 REPLIES 17

mainelysteve
Valued Contributor II

According to this the app must be signed. If you have a developer account you could always sign the binary using the certificate they give you. Unfortunately the developer for Platypus isn't too receptive to having it sign the binary for you, so therefore you're on your own.

sshort
Valued Contributor

@Chuey This is a good article about PPPC whitelisting for scripts.

Chuey
Contributor III

@mainelysteve Thank you for that it helped a lot.

@sshort This is a great article -- thank you very much. I think I'm going to get use my premium developer account to get the certificate and then attempt to manually sign my .app since the Platypus App itself does not support signing it.

Chuey
Contributor III

@sshort I've successfully signed my .app file following some apple instructions. I can now drag it into the PPPC Utility.

My app is just a script that uses Finder to mount fileShares and when a user logs in it asks to "Allow" my app to use finder. It then adds an exception under "Automation" which is under Sec & Privacy > Automation....When I'm in PPPC Util I don't see an "Automation" area...would I just say Apple Events > Finder > Allow?

sshort
Valued Contributor

@Chuey yep! Anything with X app wants to control Y app will be an AppleEvent. The only time I've seen PostEvent used is for the Apple screen sharing profile.

If you happen to encounter any apps that need Accessibility, you'll need to include an AppleEvent for that app to control System Preferences. Otherwise you'll get an app that appears in the Privacy section of System Preferences, but with the box remaining unchecked. The AppleEvent allows the app requesting accessibility access to add itself.

Chuey
Contributor III

@sshort Thanks a lot ! It worked -- pretty pumped up I appreciate the help everyone!

Chuey
Contributor III

@sshort So I've ran into a really weird issue. I had to modify my .app created with Platypus and then re-sign it.

I code sign the app but it will not launch ? I have 10.14.3 with a codesigned .app and un-codesigned .app on desktop.

Un-codesigned works and mounts my file shares.

Codesigned does not do anything.

Any thoughts on that?

sshort
Valued Contributor

@Chuey Does not launch = it acts like it's going to open (and appears briefly on the dock) but then quits right away without a crash report window?

Any Console logs? If the codesigned app is misbehaving on the Mac that you signed it on (and previously had the non-signed app open successfully), does that same codesigned version open on another test Mac or VM? Or does it have the same behavior on another Mac?

Chuey
Contributor III

@sshort OK I don't know whats going on now things seem to get worse haha.

Correct, it acts like it's going to open and then doesn't. Previously, I was suppressing that -- in Platypus you can check "run in background" ... I unchecked that, rebuilt the app, resigned, and tried.

I was getting "quit unexpectedly"

When i read through the report I am seeing this:

Exception Type: EXC_CRASH (Code Signature Invalid) Exception Codes: 0x0000000000000000, 0x0000000000000000 Exception Note: EXC_CORPSE_NOTIFY Termination Reason: Namespace CODESIGNING, Code 0x1

OK, so I checked and my certificate in KeyChain Access was revoked but in Apple Developer Web it said was OK? Not something I did so unsure how that happened.

No Problem -- so I go and I created a new cert. Not sure what I am doing wrong. Previously I had a "3rd party Mac developer application" certificate, this was revoked for some reason.

I log into Developer > click macOS > it says "What type of cert do you need?" > Development or Production > I select Developer ID under Production since it states "Sign versions of your Mac application, Mac kernel extension and Mac Installer Package for distribution outside of the Mac App Store." > since I am distributing via JAMF Pro figured this would be it maybe im wrong > Followed on screen instructions and now have it in my KeyChain.

Before I even sign it, I tried launching the .app without signing.....Now, it still doesn't launch. No "quit unexpectedly" but in console it says:

Cloud (LaunchServices) Subsystem: com.apple.launchservices Category: default Activity ID: 0 Thread ID: 0x47231 PID 4369 Unable to load Info.plist exceptions (eGPUOverrides)

So now it won't even load. I've done nothing different as far as building it via Platypus. Not sure what's going on.

scottb
Honored Contributor

@Chuey - have you tried this one?
Payload-Free-Package-Creator

I've used this to do similar things, and also Platypus, but not since 10.13+ so you might want to try that as opposed to Platy...

Chuey
Contributor III

@scottb Does Payload Free create a .app ?

scottb
Honored Contributor

@Chuey - packages is all I know of. An App, well, it's been a while since I did that with PP, and I ony made pkg's with PFPC, so I may have wasted yer time...

Chuey
Contributor III

@scottb No wasted time, what you linked is helpful for some other situations. I am trying to compile a script into an .app and I just like the ease of Platypus.

EUC600
New Contributor III

@Chuey Did you ever get this going? I happen to be trying to do the exact same thing. Have you found if it's at least possible to sign an app created by Platypus?

tjhall
Contributor III

I've signed apps made in Platupus using Terminal (using the method in this link); https://managingosx.wordpress.com/2017/11/17/customized-high-sierra-install-issues-and-workarounds/

Chuey
Contributor III

@DakotaS96 sorry for late reply i missed the notification. I ended up bypassing the App route because I was seeing some weird results. My App would work but when I'd sign the app it wouldn't launch. Made no sense. So I code signed the script, created a tar file of it, wrapped it in a pkg built with Packages, created a config profile to whitelist it using the Profile Creator App, uploaded that to JAMF, deployed and it worked.

jbutler47
Contributor II

Been following this and other forum posts for code signing Platypus applications to be seen by PPPC Utility

My experience recently was like this with Mojave 10.14.5, Xcode 10.2.1, Platypus 5.3:

  • Create script app in Platypus
    • move app to Utilities folder, chown for root:wheel
  • Acquire Mac Developer cert from Xcode
  • Install cert via Keychain Access and trust always
  • Make sure to have intermediate certs from apple, install via KeyChain Access, trust always
    • Developer Authentication Certification Authority
    • Developer ID Certification Authority
  • Determine your Mac Developer ID text
    • open the Mac Developer cert in KeyChain, copy the cert name text, that is the text you need
      • for example: "Mac Developer: <your developer account name> (your developer account number)" "Mac Developer: macOScreator@domain.com (PZCB54NDQQ)"
  • From terminal run this command as sudo:

sudo codesign -f -s "Mac Developer: macOScreator@domain.com (PZCB54NDQQ)" -v /path/to/applicationname.app

If codesign completes successfully, PPPC Utility will now recognize the application.