I have created an app in python on mac osx 10.9. Then converted it into a .pkg file.
But while installing, I am facing gatekeeper issue of myapp.pkg can't be opened because it is from unidentified developer.
So, what are the steps to code sign it to avoid installation issue.
MYAPP.pkg and when double clicked, this pkg file will install MYAPP folder in /Applications location.
This MYAPP folder in /Applications location contains a) myappmain.app b) logout.app
myappmain.app performs main function while logout.app is for logging off of user.
myappmain.app needs support of two more apps for functioning named monitor.app and dialogbox.app.
Both monitor.app and dialogbox.app, I placed it in /Applications/MYAPP/myappmain.app/Contents/Resources location i.e. within main myappmain.app
All apps are written in python language.
Not knowing the exact setup of your system and your app's structure, I can only offer general advice.
From what I gather, the basic procedure includes:
1) Set up a code signing identity (private key and digital certificate) either through the Apple Developer Portal or using Certificate Assistant under your Mac's Keychain Access. You can also use Keychain Access to import an existing certificate. You can also export certificates from Xcode.
2) Add an Info.plist file to your application bundle if it is a single-file tool.
3) Actually sign the code using the codesign command line tool from a terminal. You can then test the signatures you created with the spctl command line tool. I think you can also set up signing within the Xcode options.
I got this information from the following link. There are a lot more details here, and you may have to do extra steps depending on your system, but I hope this helps.
Apple Developer Code Signing Guide
Related
I am developing desktop database application. Using rdlc report and reportviewer. Everything was fine in developing process, reportviewer was showing all data smoothly. I deploy app with Inno Setup. But when I install the app, the reportviewer is not showing data. While data is correctly inserted in the tables.
For applications that work incorrectly or fail completely, when installed by Inno Setup to Program Files folder, the first thing to test, is to try to deploy the application manually to the same folder.
If the application fails even after a manual deployment, the most usual problem is that the application requires a user to have write permissions to application folder. As on modern versions of Windows a user typically does not have write permissions to the Program Files folder, the application does not work. So the problem usually has nothing to do with Inno Setup, but it's a problem of the application itself.
To solve the problem:
The best solution is to redesign the application so that it does not require write permissions to its folder. Windows applications should not require write permissions to their folder. That's against Windows guidelines. The application should write data to a user profile folder (C:\Users\username\AppData) or to a common data folder (C:\ProgramData).
A dirty workaround is have the installer grant a user(s) write permissions to the installation folder. Do that only, if you cannot get the application fixed (e.g. it's 3rd party application).
See Inno Setup - How to set permissions of installation folder.
Even more gross workaround is to configure the application to be executed with elevated (Administrator) privileges.
See Inno Setup desktop shortcut (link) which has "Run as administrator" advanced property set
or How to set 'Run as administrator' on a file using Inno Setup.
Another solution is enabling legacy compatibility mode that makes Windows redirect all application write attempts to a virtual store. See also Application installed with Inno Setup writes files to unknown location instead of its installation folder.
There are numerous other possible reasons, why the application might be failing when installed, including:
You omitted some dependency:
DLL library
.NET assembly
.NET Framework
Java Runtime Environment
other runtime
COM/ActiveX object, etc.
The application requires some configuration:
a file
a registry key [including COM/ActiveX object registration]
an environment variable, etc.
The application is not designed to be executed from a folder that has a space in its name (Program Files).
The application gets confused by Windows File virtualization (though it's unlikely). See Application installed with Inno Setup writes files to unknown location instead of its installation folder.
I am using netsight.windowsauthplugin version 2.3.1 in my Plone CMS installation on a linux server. The domain/realm is a windows domain.
My sysadmin gave me a .keytab file and set up the DNS A and PTR record, I have configured /etc/krb5.conf (the same way I have it for a spring java webapp on an another server), configured zope, but when I try to log in with Intrernet Explorer from my pc, I get an error:
GSSError: (('Unspecified GSS failure. Minor code may provide more
information', 851968), ('No key table entry found matching HTTP/#',
39756033))
What am I missing? My plone python interpreter cannot resolv a proper name? It cannot read the keytab or krb5.conf file?
There's a lot that can/could go wrong (or has to go right) before SSO works. To focus directly on your error report it seems that the PAS plugin in Plone cannot correctly get the GSSAPI service name.
In the latest master version on github (https://github.com/netsight/netsight.windowsauthplugin) there is a 'GSSAPI service' property you can add to the SPNEGO object stored in acl_users. Use this version and set the GSSAPI Service property to 'HTTP#www.mydomain.com'.
Note the '#' here, I think this is also wrong in the default value netsight.windowsauthplugin calculates where it adds a '/' as separator (suggesting it's an SPN, but it is the GSSAPI servide hint to the kerberos library.
If you run into other problems after this, please first try to enable kerberos library tracing by adding a KRB5_TRACE=/location/to/krbtrace-mysite.log environment variable before you start your Plone site (assuming you can run it from the terminal on some unixy environment). This KRB5_TRACE only works with newer kerberos releases but will provide you a lot more insight as to what is going wrong when you have to debug any further.
I am working on a web2py app which I would like to be able to use some of the user's local variables to customize things a bit, specifically I am trying to get the user's domain and username.. I know that this is possible running on an Apache using the module "mod_auth_sspi".
Is this possible on a Rocket WSGI 1.2.6 server? Or has anybody tried doing this on a web2py app before? Is there a python module that could do this?
I just ended up moving the web2py app over to an Apache server. If somebody doesn't know how to do this then you can find all of the documentation here:
http://web2py.com/book/default/chapter/13
After that I installed the mod_auth_sspi module in order to get instructions. The x86 version of the module can be downloaded from here:
http://goo.gl/syzjuk
It will require an x86 installation of Apache though. After it is downloaded:
Unzip the file
Drag mod_auth_sspi.so from the bin folder into wherever you modules folder
for your Apache installation is.
Add LoadModule sspi_auth_module modules/mod_auth_sspi.so to your httpd.conf file as
well as any sspi settings you need to whichever location you need to apply security to.
I did have some issues with authentication on some browsers, but I did find solutions which you can find here:
How can you store a log in using mod_auth_sspi on Apache?
I have a Linux web application which installs a webserver, a database, digital certificates etc using a set of .sh scripts.
In order to simplify user interaction during installation such as entering passwords, certificate details and such, I want to create a GUI installer. After much deliberation, following are some decisions and related questions
The target systems may or may not have a Desktop or a monitor installed. So providing a web interface to the install process may be the way to go. User would copy the application to the target machine, start the webservice which would then expose a web interface to continue the install. Would Python be a good choice for this?
Since this is an installer itself, the requirements to run it must be practically nil. This requires
Use python's built in SimpleHTTPServer. This will be used the one time during installation and then be killed. Any caveats to using the default python web server?
Compile app into standalone binary using one of the Freezing utilities. We don't want to depend on the user having python on their system and have been asked to account for admins who've removed python due to whatever reason. Is this precaution necessary?
Any comments on the general approach or alternative options will be greatly appreciated.
I'm writing a web application in Python, intended for use by teachers and pupils in a classroom. It'll run from a hosted website, but I also want people to be able to download a self-contained application they can install locally if they want more performance or they simply won't have an Internet connection available in the classroom.
The users aren't going to be able to manage instructions like "first install Python, then install dependencies, download the .tar.gz archive and type these commands into the command line...". I need to be able to create an all-in-one type installer that can potentially install Python, dependencies (Python-LDAP), some Python code, and register a Python-based web server as a Windows Service.
I've had a look through previous questions, but none quite seem relevant. I'm not concerned about the security of source code (my application will be open source, I'll sell content to go with it), I just need non-technical Windows users to be able to download and use my application with no fuss.
My current thoughts are to use NSIS to create an installer that includes Python and Python-LDAP as MSIs, then registers my own simple Python-based web server as a Windows service and puts a shortcut in the start menu / on the desktop linking to http://localhost. Is this doable with NSIS - can NSIS check for currently installed copies of Python, for instance? Is there a better way of doing this - is there a handy framework available that lets me shove my code in a folder and bundle it up to make an installer?
Using NSIS is great (i use it too) but i would suggest using a "packager" like pyinstaller (my personal fav, alternatives bb_freeze, py2exe) to create an exe before the using NSIS
The primary benefit you get by doing this is;
Your download is smaller as you're not bundling the whole Python Standard Lib and extra stuff your app wont need and you get an exe file to boot!
You can try the Bitnami Stack for Django that includes Apache, MySQL,Python, etc in an all-in-one installer. It is free/open source