diff options
| author | Micah Lee <micah@micahflee.com> | 2018-11-25 15:52:36 -0800 |
|---|---|---|
| committer | Micah Lee <micah@micahflee.com> | 2018-11-25 15:52:36 -0800 |
| commit | 0794d7fb9040e3ecf599202c27c191215a795f37 (patch) | |
| tree | d7a6736f34644421dd07305a95a2aba3dfce7c08 | |
| parent | dac480f212b00d31a1c3ff2ca367dd1e86c5d028 (diff) | |
| download | onionshare-0794d7fb9040e3ecf599202c27c191215a795f37.tar.gz onionshare-0794d7fb9040e3ecf599202c27c191215a795f37.zip | |
Split entitlements files into child and parent, and try using them both
| -rwxr-xr-x | install/build_osx.sh | 5 | ||||
| -rw-r--r-- | install/macos_sandbox/child.plist | 10 | ||||
| -rw-r--r-- | install/macos_sandbox/parent.plist (renamed from install/OnionShare.entitlements) | 4 |
3 files changed, 16 insertions, 3 deletions
diff --git a/install/build_osx.sh b/install/build_osx.sh index ad096139..010e3edb 100755 --- a/install/build_osx.sh +++ b/install/build_osx.sh @@ -23,9 +23,12 @@ if [ "$1" = "--release" ]; then PKG_PATH="$ROOT/dist/OnionShare.pkg" IDENTITY_NAME_APPLICATION="Developer ID Application: Micah Lee" IDENTITY_NAME_INSTALLER="Developer ID Installer: Micah Lee" + ENTITLEMENTS_CHILD_PATH="$ROOT/install/macos_sandbox/child.plist" + ENTITLEMENTS_PARENT_PATH="$ROOT/install/macos_sandbox/parent.plist" echo "Codesigning the app bundle" - codesign --deep -s "$IDENTITY_NAME_APPLICATION" "$APP_PATH" --entitlements "$ROOT/install/OnionShare.entitlements" + codesign --deep -s "$IDENTITY_NAME_APPLICATION" -f --entitlements "$ENTITLEMENTS_CHILD_PATH" "$APP_PATH" + codesign -s "$IDENTITY_NAME_APPLICATION" -f --entitlements "$ENTITLEMENTS_PARENT_PATH" "$APP_PATH" echo "Creating an installer" productbuild --sign "$IDENTITY_NAME_INSTALLER" --component "$APP_PATH" /Applications "$PKG_PATH" diff --git a/install/macos_sandbox/child.plist b/install/macos_sandbox/child.plist new file mode 100644 index 00000000..06d88f66 --- /dev/null +++ b/install/macos_sandbox/child.plist @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> +<plist version="1.0"> +<dict> + <key>com.apple.security.app-sandbox</key> + <true/> + <key>com.apple.security.inherit</key> + <true/> +</dict> +</plist> diff --git a/install/OnionShare.entitlements b/install/macos_sandbox/parent.plist index fa6a9141..ceecd30a 100644 --- a/install/OnionShare.entitlements +++ b/install/macos_sandbox/parent.plist @@ -4,10 +4,10 @@ <dict> <key>com.apple.security.app-sandbox</key> <true/> - <key>com.apple.security.files.user-selected.read-only</key> - <true/> <key>com.apple.security.network.client</key> <true/> + <key>com.apple.security.files.user-selected.read-only</key> + <true/> <key>com.apple.security.temporary-exception.files.home-relative-path.read-write</key> <array> <string>/OnionShare</string> |