Package "codesign" on Darwin #37838

matthewbauer · 2018-03-26T03:32:01Z

Issue description

It looks like Apple publishes sources for its codesign utility:

https://opensource.apple.com/source/Security/Security-57031.40.6/codesign_wrapper/Makefile.auto.html

This is a good first step toward fixing #18420 and #17406. Once "codesign" is available in the environment we can start doing something like this for gdb:

gdb_signed = buildEnv {
  name = "gdb-signed";
  paths = [ gdb ];
  postBuild = ''
    ${darwin.codesign}/bin/codesign -s ${cert} $out/bin/gdb
  '';
}

Where "cert" can be provided as a config option to Nixpkgs (and eventually we can configure it on the Hydra build machines).

The text was updated successfully, but these errors were encountered:

LnL7 · 2018-03-29T22:32:46Z

I made a wip commit for codesigning based on the security wrapper module from nixos. But it does this on every rebuild and signing depends on an interactive password prompt.

LnL7/nix-darwin@a008b2e

matthewbauer added this to the 18.09 milestone Mar 26, 2018

matthewbauer added the 6.topic: darwin Running or building packages on Darwin label Mar 26, 2018

matthewbauer mentioned this issue Apr 8, 2018

[wip] codesigning on Darwin #38624

Closed

matthewbauer closed this as completed in 77ac9c5 Apr 12, 2018

thefloweringash mentioned this issue Mar 8, 2021

Native support for Apple Silicon #105026

Merged

21 tasks

JohnRTitor added this to Darwin Jun 22, 2024

JohnRTitor moved this to Big Sur in Darwin Jun 22, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Package "codesign" on Darwin #37838

Package "codesign" on Darwin #37838

matthewbauer commented Mar 26, 2018

LnL7 commented Mar 29, 2018

Package "codesign" on Darwin #37838

Package "codesign" on Darwin #37838

Comments

matthewbauer commented Mar 26, 2018

Issue description

LnL7 commented Mar 29, 2018