macOS Gatekeeper blocks unsigned binaries - documentation and signing suggestions

[unclesp1d3r]

Issue Description

When running the Proxmox TUI binary on macOS, users encounter a SIGKILL (exit code 137) due to macOS Gatekeeper's restrictions on unsigned binaries. This is caused by the com.apple.quarantine attribute applied to binaries downloaded from the internet.

Problem Details

• Symptom: Binary is immediately killed with zsh: killed ./proxmox-tui-darwin-arm64
• Cause: macOS Gatekeeper blocking unsigned binaries with quarantine attributes
• Affected: All macOS users downloading pre-built binaries from GitHub Releases

Proposed Solutions

1. Proper Solution (Recommended)

Code Sign the Binaries: Use an Apple Developer account to sign the macOS binaries during the release process.

• Benefits: Eliminates security warnings, improves user trust, professional experience
• Requirements: Apple Developer Program membership ($99/year)
• Implementation: Add code signing to the GitHub Actions workflow

Optional Enhancement: Notarize the application with Apple for additional trust.

2. Documentation Solutions (Immediate)

Add troubleshooting instructions to the README or create a dedicated troubleshooting guide:

  ### macOS Gatekeeper Warning

  If you encounter a Gatekeeper warning when running the binary on macOS, you have several options:

  #### Option 1: Remove Quarantine Attribute
  xattr -d com.apple.quarantine ./proxmox-tui-darwin-arm64

  #### Option 2: Use Finder
  Right-click the binary in Finder → "Open" → Confirm "Open" in the dialog

  #### Option 3: Build from Source
  git clone --recurse-submodules https://github.com/devnullvoid/proxmox-tui.git
  cd proxmox-tui
  make install

3. Alternative Distribution Methods

• Homebrew: Create a Homebrew formula (eliminates quarantine issues)
• Go Install: Promote the go install method more prominently for macOS users

Implementation Suggestions

1. Short-term: Add troubleshooting section to README
2. Medium-term: Set up code signing in CI/CD pipeline
3. Long-term: Consider Homebrew distribution

Benefits

• Smoother experience for macOS users
• Reduced support burden
• Increased adoption by eliminating security barriers
• More professional distribution

This issue affects user experience significantly and would be valuable to address for the growing macOS user base.

[unclesp1d3r]

Sorry, the markdown format got messed up. Those stupid codefences trip me up every time.

[unclesp1d3r]

Just to clear things up, this is only about the binary releases you can download from the GitHub release section. If you compile it yourself, it works great!

[devnullvoid]

thanks for the report! Unfortunately my macbook died a while back, so I haven't had the opportunity to test on macOS. I'll definitely add the documentation updates. Appreciate the feedback!

[unclesp1d3r]

I'm always here to help and keep up the awesome work! I use a Mac as my main workstation at home, so I test every version you release on macOS since it's my go-to system.