lldb ...

[Rainer Müller]

On 2016-09-09 10:17, René J.V. Bertin wrote:
> On Thursday September 08 2016 16:03:21 Jeremy Huddleston Sequoia wrote:
> 
>> That's not really necessary.  All that is relevant is that the macports user has read access to the file.
> 
> The fact that codesign only accepts keychain file arguments that are also in the user's keychain search list may have something to do with that.

At least on OS X 10.10 Yosemite, I can use any path to a keychain with
`codesign --keychain`. This keychain does not have to be listed in
`security list-keychains`.

>>> Technically it doesn't really matter if it's implemented in "base" or in a PortGroup, right?
>>
>> In order for *every* port to benefit, it needs to be in base.
> 
> I don't see this argument. Are you considering codesigning each and every binary automatically, without any need for requesting that from the Portfile? What's the point in that?
> OTOH, if portfile devs have to indicate which binary is to be signed they can just as well add a PortGroup to be able to access that functionality. 

I also have the impression we are talking about different things here. I
only want to add code-signing to the binaries that require it to work,
such as gdb and lldb.

I see no reason to and no benefits in adding a (ad-hoc) signature to
every binary MacPorts creates.

Rainer