iOS9运行有Root权限的App时Entitlements无效

我按照《Run an App as root on iOS》这篇攻略制作了有Root权限的App，使用ldid签名，在iOS7和iOS8中运行正常。
但是在iOS9中，Entitlements无效，系统日志如下：

Apr 12 14:19:38 iPhone Bash[727] : MS:Notice: Injecting: com.company.MyApp [Bash] (1241.11)
Apr 12 14:19:38 iPhone MyApp[727] : int main(int, char **)
Apr 12 14:19:38 iPhone MyApp[727] : setuid success
Apr 12 14:19:38 iPhone MyApp[727] : setgid success
Apr 12 14:19:38 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:19:38 iPhone backboardd[101] : SecTaskCopyDebugDescription: MyApp[727]
Apr 12 14:19:38 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:19:38 iPhone backboardd[101] : SecTaskCopyDebugDescription: MyApp[727]
Apr 12 14:19:38 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:19:38 iPhone backboardd[101] : SecTaskCopyDebugDescription: MyApp[727]
Apr 12 14:19:38 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:19:38 iPhone backboardd[101] : SecTaskCopyDebugDescription: MyApp[727]
Apr 12 14:19:38 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:19:38 iPhone backboardd[101] : SecTaskCopyDebugDescription: MyApp[727]
Apr 12 14:19:38 iPhone MyApp[727] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=727
Apr 12 14:19:38 iPhone MyApp[727] : SecTaskCopyDebugDescription: MyApp[727]
Apr 12 14:19:38 iPhone SpringBoard[97] : Failed to setpriority() on <FBApplicationProcess: 0x139ab1ad0; Bash; pid: 727>: Unknown error: -1 (-1)
Apr 12 14:19:38 iPhone UserEventAgent[123] : Tracking com.company.MyApp (via activity)
Apr 12 14:19:38 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:19:38 iPhone backboardd[101] : SecTaskCopyDebugDescription: MyApp[727]
Apr 12 14:19:38 iPhone MyApp[727] : IMEI = N/A

不知道是什么原因造成的Entitlements失效。我在Cydia中下载了几个deb，发现有些App有和我一样的问题，另一些则正常。

比如威锋源的三国杀App也有问题，系统日志如下：

Apr 12 14:48:21 iPhone SgsIphone[743] : MS:Notice: Injecting: com.gameabc.sgsiphone [SgsIphone] (1241.11)
Apr 12 14:48:21 iPhone SgsIphone[743] : MS:Error: process is not CS_VALID
Apr 12 14:48:22 iPhone SpringBoard[97] : CGContextSaveGState: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Apr 12 14:48:22 iPhone SpringBoard[97] : CGContextTranslateCTM: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Apr 12 14:48:22 iPhone SpringBoard[97] : CGContextRestoreGState: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskCopyDebugDescription: SgsIphone[743]
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskCopyDebugDescription: SgsIphone[743]
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskCopyDebugDescription: SgsIphone[743]
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskCopyDebugDescription: SgsIphone[743]
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskCopyDebugDescription: SgsIphone[743]
Apr 12 14:48:22 iPhone SgsIphone[743] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=743
Apr 12 14:48:22 iPhone SgsIphone[743] : SecTaskCopyDebugDescription: SgsIphone[743]
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskCopyDebugDescription: SgsIphone[743]
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskCopyDebugDescription: SgsIphone[743]
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskCopyDebugDescription: SgsIphone[743]
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskCopyDebugDescription: SgsIphone[743]
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskCopyDebugDescription: SgsIphone[743]
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=-1
Apr 12 14:48:22 iPhone backboardd[101] : SecTaskCopyDebugDescription: SgsIphone[743]
Apr 12 14:48:22 iPhone SgsIphone[743] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=743
Apr 12 14:48:22 iPhone SgsIphone[743] : SecTaskCopyDebugDescription: SgsIphone[743]
Apr 12 14:48:22 iPhone SgsIphone[743] : SecTaskLoadEntitlements failed error=22 cs_flags=6001004, task->pid_self=743
Apr 12 14:48:22 iPhone SgsIphone[743] : SecTaskCopyDebugDescription: SgsIphone[743]
Apr 12 14:48:26 iPhone SpringBoard[97] : HW kbd: Failed to set (null) as keyboard focus
Apr 12 14:48:26 iPhone mediaserverd[37] : ‘’ com.gameabc.sgsiphone(pid = 743) setting DiscoveryMode = DiscoveryMode_None, currentDiscoveryMode = DiscoveryMode_None
Apr 12 14:48:26 iPhone SpringBoard[97] : Application ‘UIKitApplication:com.gameabc.sgsiphone[0x3865]’ exited voluntarily.
Apr 12 14:48:26 iPhone UserEventAgent[123] : 43528126509: id=com.gameabc.sgsiphone pid=743, state=0

补充说明一下，经过试验，错误原因和是否有Root权限无关。应该是由dylib的调用引起的。

我的App一共调用了三个动态库：
libsqlite3.0.dylib，libpcap.1.0.0.dylib正常
libusb-1.0.0.dylib会引起Entitlements失效

我看了http://iphonedevwiki.net/

里面有这么一段

What has changed in iOS 9? (Classes, frameworks, etc.)

Entitlements

Every dylib meant for injection has to be signed to work on iOS, even if no entitlements are required. Please make sure that your toolchain of choice is producing signed dylibs, if it is a fat binary, make sure that all slices are signed.

Use ldid to sign:
ldid -S Tweak.dylib

Failure to do this will invalidate the process and make it lose all entitlements. The standard symptom is the following, but frankly, it is confusing why any binaries are in the wild that haven’t at least been passed through ldid, so please don’t rely on this symptom and just fix your build environment.

应该就是签名的问题了。iOS9中所有dylib都需要签名。我用ldid -S libusb-1.0.0.dylib手动签名以后，就没有出现上述问题。

进来学习，有些应用改了之后，不签名会闪退