diff options
author | Brecht Van Lommel <brechtvanlommel@gmail.com> | 2019-07-15 15:18:42 +0300 |
---|---|---|
committer | Brecht Van Lommel <brechtvanlommel@gmail.com> | 2019-07-15 15:20:27 +0300 |
commit | e66c3589a2a67d880f4d3dbfa7e3ba473c3751b8 (patch) | |
tree | 49911f8c6cfd58e258a7de98ecdaff64c908d5ad /release/darwin | |
parent | ef35dc68d665e652a1f44e8b0190f83beaeef9f2 (diff) |
Fix T66986: errors with add-ons using ctypes in macOS release
Add extra entitlements to allow the kind of unsigned executable memory access
that cytpes does.
Diffstat (limited to 'release/darwin')
-rwxr-xr-x | release/darwin/bundle.sh | 7 | ||||
-rw-r--r-- | release/darwin/entitlements.plist | 8 |
2 files changed, 12 insertions, 3 deletions
diff --git a/release/darwin/bundle.sh b/release/darwin/bundle.sh index 14c3ba81745..b0f489e6fc2 100755 --- a/release/darwin/bundle.sh +++ b/release/darwin/bundle.sh @@ -18,6 +18,7 @@ _tmp_dir="$(mktemp -d)" _tmp_dmg="/tmp/blender-tmp.dmg" _background_image="${_script_dir}/background.tif" _mount_dir="/Volumes/${_volume_name}" +_entitlements="${_script_dir}/entitlements.plist" # Handle arguments. while [[ $# -gt 0 ]]; do @@ -128,17 +129,17 @@ if [ ! -z "${C_CERT}" ]; then for f in $(find "${_mount_dir}/Blender.app/Contents/Resources" -name "python*"); do if [ -x ${f} ] && [ ! -d ${f} ]; then codesign --remove-signature "${f}" - codesign --timestamp --options runtime --sign "${C_CERT}" "${f}" + codesign --timestamp --options runtime --entitlements="${_entitlements}" --sign "${C_CERT}" "${f}" fi done echo ; echo -n "Codesigning .dylib and .so libraries" for f in $(find "${_mount_dir}/Blender.app" -name "*.dylib" -o -name "*.so"); do codesign --remove-signature "${f}" - codesign --timestamp --options runtime --sign "${C_CERT}" "${f}" + codesign --timestamp --options runtime --entitlements="${_entitlements}" --sign "${C_CERT}" "${f}" done echo ; echo -n "Codesigning Blender.app" codesign --remove-signature "${_mount_dir}/Blender.app" - codesign --timestamp --options runtime --sign "${C_CERT}" "${_mount_dir}/Blender.app" + codesign --timestamp --options runtime --entitlements="${_entitlements}" --sign "${C_CERT}" "${_mount_dir}/Blender.app" echo else echo "No codesigning cert given, skipping..." diff --git a/release/darwin/entitlements.plist b/release/darwin/entitlements.plist new file mode 100644 index 00000000000..a1c430a57ab --- /dev/null +++ b/release/darwin/entitlements.plist @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> +<plist version="1.0"> +<dict> + <key>com.apple.security.cs.allow-unsigned-executable-memory</key> + <true/> +</dict> +</plist> |