macos-sandbox-coverage
macos-sandbox-coverage copied to clipboard
0xbf00
Trying to get the coverage of one app in my mac but failed
Hi Jakob, @0xbf00
Thanks for the great tools you write. I have the following issues, maybe you can give me a quick help:
2021-11-30 22:34:10,137 - sblogs.gather - INFO - Sandbox initialisation for executable /Applications/dAPP.app/Contents/MacOS/dAPP succeeded but no appropriate container metadata was created.
I try to look into the maap/misc/app_utils.py, the problem here is that:
# Also verify that the metadata file is present, else the container is invalid and of
# no use to other code
container_metadata = os.path.join(container_path, "Container.plist")
if not os.path.exists(container_metadata):
return None
I am not sure about what is the container here? How can fix this? Thanks for the help.
Which version of macOS do you use? In newer versions (I just confirmed with macOS 12.0.1) the container meta data resides in .com.apple.containermanagerd.metadata.plist rather than Container.plist. Maybe you can change the file name accordingly and see whether it works. I would be interested in the outcome.
Anyway, we probably should look for the presence of both files.
Thanks Max! Yes I am using macOS 12.0.1
May I ask where is com.apple.containermanagerd.metadata.plist?
I can only find com.apple.containermanagerd.plist
The file .com.apple.containermanagerd.metadata.plist is at the same location as the Container.plist file. Note that the file is hidden – as indicated by the leading .. The full path is ~/Library/Containers/<bundleID>/.com.apple.containermanagerd.metadata.plist.
I just confirmed that the location change of the container meta data is in effect in macOS 11.6.1 already (and presumably in earlier versions as well).
Note also that the project does not yet support Montery. It does not even support Big Sur completely. Hence, you probably will run into further issues later on. Let us know.
Hi Max, Thanks for the comment! I finally find the .com.apple.containermanagerd.metadata.plist.
Now the next problem is that, when it tries to use simbple to verify the metadata in sblogs/gather.py. IIt will have an error code: '1'.
I just extract all the args here: ./simbple --scheme /Users/nodem/Library/Containers/<bundleID>/.com.apple.containermanagerd.metadata.plist --verify
The problem may relate to the platforms supported in simbple. It only supports the following:
const struct platform_info supported_platforms[] = {
{PLATFORM_SIERRA, "10.12", "sierra"},
{PLATFORM_HIGH_SIERRA, "10.13", "high_sierra"},
{PLATFORM_MOJAVE, "10.14", "mojave"},
{PLATFORM_CATALINA, "10.15", "catalina"}};
Any comment? Thanks!
Correct, as Max already mentioned previously, Big Sur and Monterey are currently not supported. See also the open ticket here. There are unfortunately currently no plans for when such support will be added.
Thanks Max and Jakob! I spent little time trying to see I can add support to Big Sur and Monterey. And make a PR after that.
One question I have: I look through this file: high_sierra/operations.c. I am not sure how should I write the filters.c and operations.c for Big Sur and Monterey? Could you give me some pointers/reference about how should I write that?
Great question! These files are currently automatically generated with scripts in this folder. You'd need IDA Pro to run these and unfortunately I'm not certain that the free version is enough. However, the scripts should give you an idea how the files are generated in any case.