Home Explore Help
Register Sign In
FangSoftSoft
/
UTM
mirror of https://github.com/utmapp/UTM
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

build: sign CLI tool

osy 2 years ago
parent
84745e6b8c
commit
9f2c709f5b
2 changed files with 11 additions and 0 deletions
Unified View Show Diff Stats
  1. 5 0
      scripts/build_utm.sh
  2. 6 0
      scripts/package_mac.sh

+ 5 - 0
scripts/build_utm.sh
View File 

@@ -110,21 +110,26 @@ if [ "$PLATFORM" == "macos" ]; then
 
     UTM_ENTITLEMENTS="/tmp/utm.$$.entitlements"
 
     UTM_ENTITLEMENTS="/tmp/utm.$$.entitlements"
 
     LAUNCHER_ENTITLEMENTS="/tmp/launcher.$$.entitlements"
 
     LAUNCHER_ENTITLEMENTS="/tmp/launcher.$$.entitlements"
 
     HELPER_ENTITLEMENTS="/tmp/helper.$$.entitlements"
 
     HELPER_ENTITLEMENTS="/tmp/helper.$$.entitlements"
 
+    CLI_ENTITLEMENTS="/tmp/cli.$$.entitlements"
 
     cp "$BASEDIR/../Platform/macOS/macOS.entitlements" "$UTM_ENTITLEMENTS"
 
     cp "$BASEDIR/../Platform/macOS/macOS.entitlements" "$UTM_ENTITLEMENTS"
 
     cp "$BASEDIR/../QEMULauncher/QEMULauncher.entitlements" "$LAUNCHER_ENTITLEMENTS"
 
     cp "$BASEDIR/../QEMULauncher/QEMULauncher.entitlements" "$LAUNCHER_ENTITLEMENTS"
 
     cp "$BASEDIR/../QEMUHelper/QEMUHelper.entitlements" "$HELPER_ENTITLEMENTS"
 
     cp "$BASEDIR/../QEMUHelper/QEMUHelper.entitlements" "$HELPER_ENTITLEMENTS"
 
+    cp "$BASEDIR/../utmctl/utmctl.entitlements" "$CLI_ENTITLEMENTS"
 
     if [ ! -z "$TEAM_IDENTIFIER" ]; then
 
     if [ ! -z "$TEAM_IDENTIFIER" ]; then
 
         TEAM_ID_PREFIX="${TEAM_IDENTIFIER}."
 
         TEAM_ID_PREFIX="${TEAM_IDENTIFIER}."
 
     fi
 
     fi
 
 
 
     /usr/libexec/PlistBuddy -c "Set :com.apple.security.application-groups:0 ${TEAM_ID_PREFIX}${PRODUCT_BUNDLE_PREFIX}.UTM" "$UTM_ENTITLEMENTS"
 
     /usr/libexec/PlistBuddy -c "Set :com.apple.security.application-groups:0 ${TEAM_ID_PREFIX}${PRODUCT_BUNDLE_PREFIX}.UTM" "$UTM_ENTITLEMENTS"
 
     /usr/libexec/PlistBuddy -c "Set :com.apple.security.application-groups:0 ${TEAM_ID_PREFIX}${PRODUCT_BUNDLE_PREFIX}.UTM" "$HELPER_ENTITLEMENTS"
 
     /usr/libexec/PlistBuddy -c "Set :com.apple.security.application-groups:0 ${TEAM_ID_PREFIX}${PRODUCT_BUNDLE_PREFIX}.UTM" "$HELPER_ENTITLEMENTS"
 
+    /usr/libexec/PlistBuddy -c "Set :com.apple.security.application-groups:0 ${TEAM_ID_PREFIX}${PRODUCT_BUNDLE_PREFIX}.UTM" "$CLI_ENTITLEMENTS"
 
     codesign --force --sign - --entitlements "$LAUNCHER_ENTITLEMENTS" --timestamp=none --options runtime "$BUILT_PATH/Contents/XPCServices/QEMUHelper.xpc/Contents/MacOS/QEMULauncher.app/Contents/MacOS/QEMULauncher"
 
     codesign --force --sign - --entitlements "$LAUNCHER_ENTITLEMENTS" --timestamp=none --options runtime "$BUILT_PATH/Contents/XPCServices/QEMUHelper.xpc/Contents/MacOS/QEMULauncher.app/Contents/MacOS/QEMULauncher"
 
     codesign --force --sign - --entitlements "$HELPER_ENTITLEMENTS" --timestamp=none --options runtime "$BUILT_PATH/Contents/XPCServices/QEMUHelper.xpc/Contents/MacOS/QEMUHelper"
 
     codesign --force --sign - --entitlements "$HELPER_ENTITLEMENTS" --timestamp=none --options runtime "$BUILT_PATH/Contents/XPCServices/QEMUHelper.xpc/Contents/MacOS/QEMUHelper"
 
+    codesign --force --sign - --entitlements "$CLI_ENTITLEMENTS" --timestamp=none --options runtime "$BUILT_PATH/Contents/MacOS/utmctl"
 
     codesign --force --sign - --entitlements "$UTM_ENTITLEMENTS" --timestamp=none --options runtime "$BUILT_PATH/Contents/MacOS/UTM"
 
     codesign --force --sign - --entitlements "$UTM_ENTITLEMENTS" --timestamp=none --options runtime "$BUILT_PATH/Contents/MacOS/UTM"
 
     rm "$UTM_ENTITLEMENTS"
 
     rm "$UTM_ENTITLEMENTS"
 
     rm "$LAUNCHER_ENTITLEMENTS"
 
     rm "$LAUNCHER_ENTITLEMENTS"
 
     rm "$HELPER_ENTITLEMENTS"
 
     rm "$HELPER_ENTITLEMENTS"
 
+    rm "$CLI_ENTITLEMENTS"
 
 else
 
 else
 
     # always build with iOS entitlements, package.sh can strip it later
 
     # always build with iOS entitlements, package.sh can strip it later
 
     codesign --force --sign - --entitlements "$BASEDIR/../Platform/iOS/iOS.entitlements" --timestamp=none "$BUILT_PATH"
 
     codesign --force --sign - --entitlements "$BASEDIR/../Platform/iOS/iOS.entitlements" --timestamp=none "$BUILT_PATH"

+ 6 - 0
scripts/package_mac.sh
View File 

@@ -32,6 +32,7 @@ SIGNED="/tmp/signed.$$"
 
 UTM_ENTITLEMENTS="/tmp/utm.$$.entitlements"
 
 UTM_ENTITLEMENTS="/tmp/utm.$$.entitlements"
 
 LAUNCHER_ENTITLEMENTS="/tmp/launcher.$$.entitlements"
 
 LAUNCHER_ENTITLEMENTS="/tmp/launcher.$$.entitlements"
 
 HELPER_ENTITLEMENTS="/tmp/helper.$$.entitlements"
 
 HELPER_ENTITLEMENTS="/tmp/helper.$$.entitlements"
 
+CLI_ENTITLEMENTS="/tmp/cli.$$.entitlements"
 
 INPUT_COPY="/tmp/UTM.$$.xcarchive"
 
 INPUT_COPY="/tmp/UTM.$$.xcarchive"
 
 PRODUCT_BUNDLE_PREFIX="com.utmapp"
 
 PRODUCT_BUNDLE_PREFIX="com.utmapp"
 
 
 
@@ -71,10 +72,12 @@ if [ "$MODE" == "unsigned" ]; then
 
 	cp "$BASEDIR/../Platform/macOS/macOS-unsigned.entitlements" "$UTM_ENTITLEMENTS"
 
 	cp "$BASEDIR/../Platform/macOS/macOS-unsigned.entitlements" "$UTM_ENTITLEMENTS"
 
 	cp "$BASEDIR/../QEMULauncher/QEMULauncher-unsigned.entitlements" "$LAUNCHER_ENTITLEMENTS"
 
 	cp "$BASEDIR/../QEMULauncher/QEMULauncher-unsigned.entitlements" "$LAUNCHER_ENTITLEMENTS"
 
 	cp "$BASEDIR/../QEMUHelper/QEMUHelper-unsigned.entitlements" "$HELPER_ENTITLEMENTS"
 
 	cp "$BASEDIR/../QEMUHelper/QEMUHelper-unsigned.entitlements" "$HELPER_ENTITLEMENTS"
 
+	cp "$BASEDIR/../utmctl/utmctl-unsigned.entitlements" "$CLI_ENTITLEMENTS"
 
 else
 
 else
 
 	cp "$BASEDIR/../Platform/macOS/macOS.entitlements" "$UTM_ENTITLEMENTS"
 
 	cp "$BASEDIR/../Platform/macOS/macOS.entitlements" "$UTM_ENTITLEMENTS"
 
 	cp "$BASEDIR/../QEMULauncher/QEMULauncher.entitlements" "$LAUNCHER_ENTITLEMENTS"
 
 	cp "$BASEDIR/../QEMULauncher/QEMULauncher.entitlements" "$LAUNCHER_ENTITLEMENTS"
 
 	cp "$BASEDIR/../QEMUHelper/QEMUHelper.entitlements" "$HELPER_ENTITLEMENTS"
 
 	cp "$BASEDIR/../QEMUHelper/QEMUHelper.entitlements" "$HELPER_ENTITLEMENTS"
 
+	cp "$BASEDIR/../utmctl/utmctl.entitlements" "$CLI_ENTITLEMENTS"
 
 
 
 	if [ ! -z "$TEAM_ID" ]; then
 
 	if [ ! -z "$TEAM_ID" ]; then
 
 		TEAM_ID_PREFIX="${TEAM_ID}."
 
 		TEAM_ID_PREFIX="${TEAM_ID}."
 
@@ -82,6 +85,7 @@ else
 
 
 
 	/usr/libexec/PlistBuddy -c "Set :com.apple.security.application-groups:0 ${TEAM_ID_PREFIX}${PRODUCT_BUNDLE_PREFIX}.UTM" "$UTM_ENTITLEMENTS"
 
 	/usr/libexec/PlistBuddy -c "Set :com.apple.security.application-groups:0 ${TEAM_ID_PREFIX}${PRODUCT_BUNDLE_PREFIX}.UTM" "$UTM_ENTITLEMENTS"
 
 	/usr/libexec/PlistBuddy -c "Set :com.apple.security.application-groups:0 ${TEAM_ID_PREFIX}${PRODUCT_BUNDLE_PREFIX}.UTM" "$HELPER_ENTITLEMENTS"
 
 	/usr/libexec/PlistBuddy -c "Set :com.apple.security.application-groups:0 ${TEAM_ID_PREFIX}${PRODUCT_BUNDLE_PREFIX}.UTM" "$HELPER_ENTITLEMENTS"
 
+	/usr/libexec/PlistBuddy -c "Set :com.apple.security.application-groups:0 ${TEAM_ID_PREFIX}${PRODUCT_BUNDLE_PREFIX}.UTM" "$CLI_ENTITLEMENTS"
 
 fi
 
 fi
 
 
 
 # ad-hoc sign with the right entitlements
 
 # ad-hoc sign with the right entitlements
 
@@ -90,6 +94,7 @@ cp -a "$INPUT" "$INPUT_COPY"
 
 find "$INPUT_COPY/Products/Applications/UTM.app" -type d -path '*/Frameworks/*.framework' -exec codesign --force --sign - --timestamp=none \{\} \;
 
 find "$INPUT_COPY/Products/Applications/UTM.app" -type d -path '*/Frameworks/*.framework' -exec codesign --force --sign - --timestamp=none \{\} \;
 
 codesign --force --sign - --entitlements "$LAUNCHER_ENTITLEMENTS" --timestamp=none --options runtime "$INPUT_COPY/Products/Applications/UTM.app/Contents/XPCServices/QEMUHelper.xpc/Contents/MacOS/QEMULauncher.app/Contents/MacOS/QEMULauncher"
 
 codesign --force --sign - --entitlements "$LAUNCHER_ENTITLEMENTS" --timestamp=none --options runtime "$INPUT_COPY/Products/Applications/UTM.app/Contents/XPCServices/QEMUHelper.xpc/Contents/MacOS/QEMULauncher.app/Contents/MacOS/QEMULauncher"
 
 codesign --force --sign - --entitlements "$HELPER_ENTITLEMENTS" --timestamp=none --options runtime "$INPUT_COPY/Products/Applications/UTM.app/Contents/XPCServices/QEMUHelper.xpc/Contents/MacOS/QEMUHelper"
 
 codesign --force --sign - --entitlements "$HELPER_ENTITLEMENTS" --timestamp=none --options runtime "$INPUT_COPY/Products/Applications/UTM.app/Contents/XPCServices/QEMUHelper.xpc/Contents/MacOS/QEMUHelper"
 
+codesign --force --sign - --entitlements "$CLI_ENTITLEMENTS" --timestamp=none --options runtime "$INPUT_COPY/Products/Applications/UTM.app/Contents/MacOS/utmctl"
 
 codesign --force --sign - --entitlements "$UTM_ENTITLEMENTS" --timestamp=none --options runtime "$INPUT_COPY/Products/Applications/UTM.app/Contents/MacOS/UTM"
 
 codesign --force --sign - --entitlements "$UTM_ENTITLEMENTS" --timestamp=none --options runtime "$INPUT_COPY/Products/Applications/UTM.app/Contents/MacOS/UTM"
 
 
 
 # re-sign with certificate and profile if requested
 
 # re-sign with certificate and profile if requested
 
@@ -103,6 +108,7 @@ rm "$OPTIONS"
 
 rm "$UTM_ENTITLEMENTS"
 
 rm "$UTM_ENTITLEMENTS"
 
 rm "$LAUNCHER_ENTITLEMENTS"
 
 rm "$LAUNCHER_ENTITLEMENTS"
 
 rm "$HELPER_ENTITLEMENTS"
 
 rm "$HELPER_ENTITLEMENTS"
 
+rm "$CLI_ENTITLEMENTS"
 
 rm -rf "$INPUT_COPY"
 
 rm -rf "$INPUT_COPY"
 
 
 
 if [ "$MODE" == "app-store" ]; then
 
 if [ "$MODE" == "app-store" ]; then