Apple ARM binary codesign issue
Michael Dickens
michaelld at macports.org
Fri Sep 25 14:30:10 UTC 2020
Let's try this again from my MP email so that it gets to lists ... sorry for duplicate emails!
I've finally gotten to the point of working out a hack solution.
One can -not- modify '/usr/bin' without a lot of effort. But, one can modify '/Applications/Xcode[-beta].app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin' ... and yes I know this is outside the scope of what MP does or is (likely) willing to do. As noted: This is a hack to prove that it works.
In '/Applications/Xcode[-beta].app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin' I move the target executables from 'foo' to 'foo_orig', then create a script 'foo' that first calls 'foo_orig ${@}' then 'codesign' to update the signature on the binary. The executables in '/usr/bin' just call those in '/Applications/Xcode-beta.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin', so my script is treated as a system provided executable for 'foo'. Initial testing looks positive, regardless of how hacky this is.
Question: which executables am I targeting here? I think 'strip', 'lipo', and 'install_name_tool' are the obvious ones. is that all? Any others that need this wrapping? - MLD
More information about the macports-dev
mailing list