-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
App routinely logs user out on macOS after Slack 4.22 #30
Comments
FWIW, my intuition here is that there's very little we can do, since we don't really want to tamper with Apple's code signing process. |
@thisiscam do you think it's possible to do something akin to what users need to do for |
Also @thisiscam actually the issue occurs in Slack <4.22 as well :( |
I should be able to fix this one. |
I will in investigate |
@motiwari Could you try the branch https://github.com/thisiscam/math-with-slack/tree/fix_logout_for_old_version? I don't have access to an older Slack client (the |
Oh wow. I think I got this to work. Basically I had to remove the existing code sign, and sign it myself with the same entitlements. |
Running the scripts here: https://github.com/thisiscam/math-with-slack/tree/master/macos-codesign solve this problem. These are modified based on the above linked gdb information:
|
Now, one question is if we should include these scripts as part of the main |
Nice @thisiscam !! I'm glad this is working again!! My opinion is that they should be run as part of
|
On my end the scripts works, but it logs me out every time I quick Slack. So the script is working, to some extent. For some background, Slack might do this log-off thing because:
Now clearly by replacing the code sign, the user opt-in to not use such security feature. My hypothesis is that not everyone will like that. One thing we can do is to keep an optional opt-in command line flag that performs the code signing if enabled. |
#32 implements optional code signing on MacOS. I will keep it open for now, and users are encouraged to try it. It would be nice if people can some feedback. |
Thanks @thisiscam ! Yes, you are correct that I informally equated "being signed out every time you quit Slack" with "nothing working at all" -- since I have dozens of Slack instances and re-signing into them every time is infeasible #32 works great -- thanks for the fix! This is critical Slack addition that we can't live without! |
I merged #32 into master. Closing this for now! |
It seems not everything is working yet:
Am I doing something wrong? The version of Slack I am using is: |
@Szepi could you put your output in a
with triple backtick to preserve newlines? Interestingly, my version of Slack 4.22.0 refuses to update to 4.23.0 once Maybe 4.23.0 broke something. Could you try with Slack 4.22.0? |
@Szepi I think I know what your error is about. The issue is that Apple is using a new plist format (for the code signing) since Monterey. I will work on this some time soon. |
Unfortunately, this is a side-effect due to custom code-signing. It's not safe for Slack to do hot-patch updates once we've modified its binary. Manually updating (by downloading from Slack website) should work. |
Triple backtip: Done. |
I downloaded it and tested it. Two things:
Also, if I do not apply the patch, slack starts without asking for the keychain "login" password and everything works as normal. |
Yes. This is indeed the behavior since the beginning. I will accept PRs to the doc/FAQ if anyone is willing to contribute. Another option is to try to detect if the Slack App had been opened at least once, if not, warn the user or open it directly.
This should be the keyword when you do FWIW, I will not encourage people to use the |
I guess this is superior though probably more work:)
Unfortunately, not.
The problem is that the password is not the same so I am locked off from using the option |
I might try to see if I can implement that some time today since that actually seems pretty useful.
Oops, very true, my bad.
Thanks for noticing this! My google search suggest just resetting the keychain password to sync with the user password if one forgets it... I cannot advise people on these security related decisions, so please use any of those methods with care! |
Is there a set of steps one can follow to not be signed out but also use this plugin? I'm a little lost in the discussion here. |
@ilan-gold If you use the latest master branch, there should be a |
I have tried that but unfortunately it fails every time. I have tried a clean install of slack. |
Codesigning never succeeds for me either on Monterey. |
@ilan-gold @dpo What is your error message when it "fails"? Or does it just fail silently (formula does not render)? |
I'm closing this for now since there is no further information. People should try the lastest master branch since there was a fix of a bug for Apple M1 chips, which was likely the issue for at least some people |
This is a separate issue created from information in #27.
Currently, the script is fixed to handle Slack's new mechanism of verifying the app's integrity.
However, it appears that during login Slack attempts to read from Apple's keychain for user authentication information. Because the fix requires modifications to the code, Apple gives an error:
And Slack will log the user off due to the failed attempt to fetch auth info.
The text was updated successfully, but these errors were encountered: