I am developing a proof-of-concept tool for an internal research project.
We have specific needs which can only be met by running our application as a system app, like the Settings or Phone app.
Am I right in thinking that the only way to run an application under the system user (uid=1000) is by setting the following in the manifest:
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.frogdesign.desktop"
android:sharedUserId="android.uid.system" >
and signing my application with the platform certificate?
If so, for a given phone, e.g. Galaxy S, this would require us to sign using Samsung's certificate. Not going to happen, right.
So if we root the phone and stick something like cyanogenmod on it, would the required certificate be cyanogenmod's platform certificate?
Is this generally made available?
I am fairly confident that you would not be using the manufacturer's key. On my Galaxy S, the Gmail app is a system app, and you can update it from the Android Market (i.e. it's signed, if it is at all, by Google and not by Samsung).
If the phone is deodexed, you should be able to just move the app to /system/app/ (or /system/priv-app/ on newer OS versions). This requires a rooted phone, so that you can mount the system partition as writeable. This is in conjunction with your manifest settings, of course. I'm not sure if that's sufficient, since I haven't done this myself, but it's something to try.
Related
We have created an app project with Expo.io where we need to build the IPA as an ad-hoc build since its going to be resigned and added to both an enterprise self-owned store as well as the Apple App Store.
I do not have access to the Apple Developer account which has the certificates for signing it correctly, so I need to create an IPA file - from my own account - with an ad-hoc mobile provisioning
At the time of writing it is not possible to add an ad-hoc mobileprovision file for Expo to be used for building.
I need to figure out a workaround to make a build of our app as an ad-hoc IPA and sent it to the person who has access to the correct Apple Developer account.
I can see there is a detach possibility in Expo, but I'm unsure if this will make me able to make a correct ad-hoc build. My initial attempt could not be installed on my own phone, even though my UDID is within the ad-hoc mobile provisioning file.
My intention is to be able to test the IPA first through systems like Diawi.
I am developing an app (for like a year) and it works fine , when it comes to submitting to App Store -> all my problems started:
1)The app store would me to make my app to run in a sandbox(Why Apple ? Why !?).
It took like 2 days to understand why just toggling "ON" in capabilities doesn't make it...
etc ... in the end I somehow managed to convince my app to run in sandbox.
2)now the app passing the validation fine and can be submitted to the bloody App Store
However when I checked the app before the submitting I discovered that it simply don't want to work (running from Xcode or product).
It just crashes before it comes to `applicationDidFinishLaunchingWithOptions"
The crash itself is even more epic "thread1: EXC_BAD_INSTRUCTION (code=EXC_i386_INVOP, subdued = 0x0)"
and I see a lot of assembly lines -> from the comments inside the assembly I understood that the app tries to "Open" a sandbox , but then comes the bad instruction :( ud2
The stuck I see is:
_libseinit_initialize_once
0 _libsecinit_setup_secinitd_client
1 _libsecinit_initialize_once
2 _dispatch_client_callout
3 dispatch_once_f
4 libSystem_initializer
5 ImageLoaderMachO::doModInitFunctions(ImageLoader::LinkContext const&) ()
I think the rest are not relevant since they are all about some IMAGE loader :/
lately I ensured that removing the app sandbox key or setting it to NO Resolves my Issue but if I do so i getting back to issue number 1
so I kinda stuck with an egg and a turkey problem :(
maybe some 1 knows any interesting workaround or solution to submit the bloody app to the mighty app store ?
Sounds like what Apple document here:
OS X’s enforcement of container integrity impacts your development and
distribution cycle. This is because, in the course of creating and
distributing an app, the app is code signed using various signatures.
Here’s how the process works:
Before you create a project, you obtain three code signing
certificates from Apple: a development certificate, a distribution
certificate, and (optionally) a Developer ID certificate. (To learn
how to obtain these code signing certificates, read App Distribution
Guide.) When used in conjunction with the corresponding private keys
from your keychain, these certificates form three separate digital
identities. For development and testing, you sign your app with your
development identity. When you submit a version to the app store, you
use your distribution identity. If you are distributing a version
outside the app store, you use your Developer ID identity.
When the Mac App Store distributes your app, it is signed with an
Apple code signature. For testing and debugging, you may want to run
both versions of your app: the version you sign and the version Apple
signs. But OS X sees the Apple-signed version of your app as an
intruder and won’t allow it to launch: Its code signature does not
match the one expected by your app’s existing container.
If you try to run the Apple-signed version of your app, you get a
crash report containing a statement similar to this:
Exception Type: EXC_BAD_INSTRUCTION (SIGILL) The solution is to
adjust the access control list (ACL) on your app’s container to
recognize the Apple-signed version of your app. Specifically, you add
the designated code requirement of the Apple-signed version of your
app to the app container’s ACL.
I also had this problem, and although Droppy's answer was correct, it doesn't really resolve the problem (at least, not for me).
After messing around a bit, I found that the reason I had this problem is that, (although I had disabled keychain sharing in 'Capabilities' in Xcode's project editor) I still had a keychain value added. Removing this, or completely disabling all app capabilities (yes, including sandbox) will solve this problem.
Hopefully, this saves someone some time in the future.
How can I run my app on physical iOS device without apple developer programm? I read some tutorials but there are only for jailbroken devices.
It's not possible to run apps on an iDevice without an official Apple certificate, because you have to sign the app.
A solution is, to jailbreak your phone and sign it yourself (you already found the tutorials), so you just need AppSync to run them.
Somehow I got the certificate on my phone with my Apple Id, and I haven't actually paid for it yet, and I run it every day on my phone. I'm pretty sure you can get the certificate without having to pay for it, you just have limited options in app capabilities(No access to platforms like GameCenter without paying).
I was unable to find a way how to install certificates on my iPad to a keychain using iTunes (or other tool that runs on mac os x).
I need to be able to set the group (kSecAttrAccessGroup, eg. "XKFABCDEFGH.com.mycompany.myapp") to store the certificate under. Since there is a chain of certificates, I'll be installing all of them up to the root one. Also, the last (leaf) certificate will have private part (don't know if that makes any difference).
The alternative to this is to write a small app and compile the certificates as its resources. Then I can use SecItemAdd / SecItemUpdate to write those certificates. Downside to this is that I want to install different certificate on every device, so I'll have to compile the app several different times.
Note: The app is to be a B2B, eg. not an application for public iTunes market!
Edit: I want to use the certificates ASIHTTPRequest, I do not require that those certificates are recognized by the iOS itself (unless it will collide with the ASIHTTPRequest library).
I'm in the process of learning iOS development and app submission process. Before trying to archive my application I only tested and debug it on iOS 6 simulator and now I want to deploy this application on real device. And during this I encountered with some problems.So, what steps I must implement in order to successfully archive my application and get an .app and then an .ipa file of it. How to setup provisioning profiles and solve code signing error?
You need to go to the provisioning portal at http://developer.apple.com and generate provisioning profiles for your applications there.
If you have not paid your developer license fee you will not be able to install your apps on real devices.
You will need to get a Developer and or Distribution certificate including their respective Private keys. You will also need a Team Provisioning Profile, or a Provisioning Profile specifically made for the app. You can either make all these yourself through the provisioning portal at http://developer.apple.com Or if you are working for someone else who has a developer program license, they could possibly provide you with all these.
The provisioning profile describes all the steps you need to take to implement the certificates and provisioning profiles so you can build and deploy / distribute your app.