mac: use dedicated entitlements for binaries and scripts
fixes the codesigning issue with the unknown blobs in the entitlements (missing "/" to complete blob)
This commit is contained in:
parent
f46b617397
commit
63e6683384
|
@ -0,0 +1,10 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
||||||
|
<plist version="1.0">
|
||||||
|
<dict>
|
||||||
|
<key>com.apple.security.app-sandbox</key>
|
||||||
|
<false/>
|
||||||
|
<key>com.apple.security.automation.apple-events</key>
|
||||||
|
<true/>
|
||||||
|
</dict>
|
||||||
|
</plist>
|
|
@ -5,8 +5,6 @@
|
||||||
<key>com.apple.security.app-sandbox</key>
|
<key>com.apple.security.app-sandbox</key>
|
||||||
<false/>
|
<false/>
|
||||||
<key>com.apple.security.cs.disable-library-validation</key>
|
<key>com.apple.security.cs.disable-library-validation</key>
|
||||||
<true>
|
|
||||||
<key>com.apple.security.automation.apple-events</key>
|
|
||||||
<true/>
|
<true/>
|
||||||
</dict>
|
</dict>
|
||||||
</plist>
|
</plist>
|
|
@ -99,7 +99,7 @@ fi
|
||||||
mkdir -p "$BUILDPATH/target/Applications/Utilities"
|
mkdir -p "$BUILDPATH/target/Applications/Utilities"
|
||||||
osacompile -o "$BUILDPATH/target/Applications/Utilities/OpenSC Notify.app" "MacOSX/OpenSC_Notify.applescript"
|
osacompile -o "$BUILDPATH/target/Applications/Utilities/OpenSC Notify.app" "MacOSX/OpenSC_Notify.applescript"
|
||||||
if test -n "${CODE_SIGN_IDENTITY}"; then
|
if test -n "${CODE_SIGN_IDENTITY}"; then
|
||||||
codesign --force --sign "${CODE_SIGN_IDENTITY}" --entitlements MacOSX/OpenSC_Uninstaller.entitlements --deep --timestamp --options runtime "$BUILDPATH/target/Applications/Utilities/OpenSC Notify.app"
|
codesign --force --sign "${CODE_SIGN_IDENTITY}" --entitlements MacOSX/OpenSC_applescripts.entitlements --deep --timestamp --options runtime "$BUILDPATH/target/Applications/Utilities/OpenSC Notify.app"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
@ -185,7 +185,7 @@ if test -n "${CODE_SIGN_IDENTITY}"; then
|
||||||
do
|
do
|
||||||
# find executable files and run codesign on them
|
# find executable files and run codesign on them
|
||||||
find ${d} -type f -perm +111 -print -exec \
|
find ${d} -type f -perm +111 -print -exec \
|
||||||
codesign --force --sign "${CODE_SIGN_IDENTITY}" --entitlements MacOSX/OpenSC_Uninstaller.entitlements --deep --timestamp --options runtime {} \;
|
codesign --force --sign "${CODE_SIGN_IDENTITY}" --entitlements MacOSX/OpenSC_binaries.entitlements --deep --timestamp --options runtime {} \;
|
||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -208,7 +208,7 @@ fi
|
||||||
# Build "Uninstaller"
|
# Build "Uninstaller"
|
||||||
osacompile -o "${imagedir}/OpenSC Uninstaller.app" "MacOSX/OpenSC_Uninstaller.applescript"
|
osacompile -o "${imagedir}/OpenSC Uninstaller.app" "MacOSX/OpenSC_Uninstaller.applescript"
|
||||||
if test -n "${CODE_SIGN_IDENTITY}"; then
|
if test -n "${CODE_SIGN_IDENTITY}"; then
|
||||||
codesign --force --sign "${CODE_SIGN_IDENTITY}" --entitlements MacOSX/OpenSC_Uninstaller.entitlements --deep --timestamp --options runtime "${imagedir}/OpenSC Uninstaller.app"
|
codesign --force --sign "${CODE_SIGN_IDENTITY}" --entitlements MacOSX/OpenSC_applescripts.entitlements --deep --timestamp --options runtime "${imagedir}/OpenSC Uninstaller.app"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Create .dmg
|
# Create .dmg
|
||||||
|
|
Loading…
Reference in New Issue