xTuple.com xTupleU Blog & News Customer Support

Problem with plv8 on macOS Catalina

How do I ...?
#1

I just updated our xTuple/PostgreSQL server to macOS 10.15.2 (aka Catalina), upgraded MacPorts, reinstalled PostgreSQL and plv8 per instructions. When I run anything in xTuple that requires plv8, I now get the following error:

ERROR: could not load library “/opt/local/lib/postgresql96/plv8.so”: dlopen(/opt/local/lib/postgresql96/plv8.so, 10): no suitable image found. Did find:
/opt/local/lib/postgresql96/plv8.so: code signature in (/opt/local/lib/postgresql96/plv8.so) not valid for use in process using Library Validation: library load disallowed by system policy

Has anyone else run into this issue? Looking for ideas…

#2

Found a solution, posting it because anybody who updates to Catalina will probably need it.

Based on the solution at https://github.com/Jackett/Jackett/issues/5589

On my system:

# cd /opt/local/bin/postgresql96
# xattr -p com.apple.quarantine plv8.so
0083;5bc65145;Safari;C16AB864-F5EB-40F8-97FF-30E58E960010
# xattr -w com.apple.quarantine "00c1;5bc65145;Safari;C16AB864-F5EB-40F8-97FF-30E58E960010" plv8.so
# xattr -p com.apple.quarantine plv8.so
00c1;5bc65145;Safari;C16AB864-F5EB-40F8-97FF-30E58E960010

Explanation:

Part of Apple’s system security now requires all executables to be signed with a valid developer certificate, and unsigned executables are quarantined (i.e., not permitted to run). Thankfully, Apple provided a CLI way to whitelist executables. The “xattr -p” command returns the current quarantine attributes of the listed executable. You’ll need to run this on your system and copy the returned string, because it will probably not match the one shown here. The “xattr -w” command writes a new quarantine attribute for the listed executable. Note the change in the first four characters of the attribute string: changing whatever’s there to “00c1” whitelists the executable so that the system will allow it to run. Run the “xattr -p” command again, to be sure your change made it into the system.

#3

Thanks for posting this. This is what is great about forums. Saved me some time.

Scott

#4

The current download (files inside dated July 5th 2020) have been code signed by us and should load in Catalina without issues. If you are using an old download please fetch them again and you shouldn’t have to exclude the plv8 library anymore.

1 Like
#5

This was while restoring a 4.12.2 backup. It was the the plv8.so file that was already on my Mac. I will update my plv8.

Good to know you’re signing them now. I don’t run much on my local db any longer, this was just a quick spin up.