rayhunter icon indicating copy to clipboard operation
rayhunter copied to clipboard
verified publisher icon EFForg

[Bug]: 0.3 macos installers need xattr quarantine reset

Open pejacoby opened this issue 8 months ago • 3 comments

Rayhunter Version

v0.3

Capture Date

2025-05-16

Capture Location

MN

Device and Model

Orbic RC400L

What happened?

With the new 0.3 installers for macOS, the executables again suffer from the quarantine attribute issue that the previous install.sh worked around by issuing an 'xattr -d com.apple.quarantine installer' command. The user must now manually remove the quarantine attribute before the Mac installer will run.

Expected behavior

Ideally the installer would just run - non-technical users won't know how to remove the quarantine flag. This could be addressed with a documentation update for Mac users to provide the command to fix the issue, or a small wrapper script.

Relevant log output

pejacoby avatar May 17 '25 14:05 pejacoby

xattr values seen on the Intel installer, for example. I had cleared the arm installer flag to do my update.

% xattr -l installer-macos-/ installer-macos-intel/installer: com.apple.quarantine: 0083;6827de2d;Safari;D99B928A-97B5-4EE6-A9FA-17684A3CCDFE

pejacoby avatar May 17 '25 14:05 pejacoby

A user on mattermost said that the quarantine bit can be removed by browsing to the installer in Finder, and opening it via Open With -> Terminal. This apparently shows a different dialog that allows one to continue with execution. Can you test if this works for you? I also have a Mac but seem to have configured something a long time ago that disables quarantine globally.

There was also some talk about building a graphical installer on top of the Rust installer. If that work succeeds and the claim above is also correct, then this issue might become obsolete since ppl will just be able to launch the binary normally from Finder without any Terminal involved.

untitaker avatar May 17 '25 15:05 untitaker

we used to clear this in the install script, we could at least add that old command to the documentation

cooperq avatar May 19 '25 17:05 cooperq

Should we close this because we've added the command to the documentation, or should we wrap the macos installer in a script that removes the bit? e.g., install-macos.sh contains:

xattr -d com.apple.quarantine install
./install

oopsbagel avatar May 31 '25 20:05 oopsbagel

closing this but not opposed to a shell script that runs this, it's probably more user friendly.

cooperq avatar Jun 02 '25 16:06 cooperq