diff options
| author | Simon Žlender <pub.git@zlender.si> | 2023-07-08 11:44:20 +0200 |
|---|---|---|
| committer | Simon Žlender <pub.git@zlender.si> | 2023-08-01 21:27:09 +0200 |
| commit | 8e912feb2939866ef68d57fc00bab73b5f84f7c1 (patch) | |
| tree | 0d95692604e7f701ce4116f4be33678404774179 | |
| parent | 72d5519b603b9bd2ce0b0277523aa098cd0cdf56 (diff) | |
| download | nixpkgs-8e912feb2939866ef68d57fc00bab73b5f84f7c1.tar nixpkgs-8e912feb2939866ef68d57fc00bab73b5f84f7c1.tar.gz nixpkgs-8e912feb2939866ef68d57fc00bab73b5f84f7c1.tar.bz2 nixpkgs-8e912feb2939866ef68d57fc00bab73b5f84f7c1.tar.lz nixpkgs-8e912feb2939866ef68d57fc00bab73b5f84f7c1.tar.xz nixpkgs-8e912feb2939866ef68d57fc00bab73b5f84f7c1.tar.zst nixpkgs-8e912feb2939866ef68d57fc00bab73b5f84f7c1.zip | |
codesign_allocate: reference cctools
| -rw-r--r-- | pkgs/build-support/writers/scripts.nix | 7 | ||||
| -rw-r--r-- | pkgs/os-specific/darwin/signing-utils/post-link-sign-hook.nix | 13 | ||||
| -rw-r--r-- | pkgs/stdenv/darwin/default.nix | 4 | ||||
| -rw-r--r-- | pkgs/top-level/darwin-packages.nix | 14 |
4 files changed, 20 insertions, 18 deletions
diff --git a/pkgs/build-support/writers/scripts.nix b/pkgs/build-support/writers/scripts.nix index 7fc47fbcdf9..a5b24abf0f2 100644 --- a/pkgs/build-support/writers/scripts.nix +++ b/pkgs/build-support/writers/scripts.nix @@ -79,16 +79,11 @@ rec { let name = last (builtins.split "/" nameOrPath); in - pkgs.runCommand name ((if (types.str.check content) then { + pkgs.runCommand name (if (types.str.check content) then { inherit content; passAsFile = [ "content" ]; } else { contentPath = content; - }) // lib.optionalAttrs (stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isAarch64) { - # post-link-hook expects codesign_allocate to be in PATH - # https://github.com/NixOS/nixpkgs/issues/154203 - # https://github.com/NixOS/nixpkgs/issues/148189 - nativeBuildInputs = [ stdenv.cc.bintools ]; }) '' ${compileScript} ${lib.optionalString strip diff --git a/pkgs/os-specific/darwin/signing-utils/post-link-sign-hook.nix b/pkgs/os-specific/darwin/signing-utils/post-link-sign-hook.nix new file mode 100644 index 00000000000..13595e3771a --- /dev/null +++ b/pkgs/os-specific/darwin/signing-utils/post-link-sign-hook.nix @@ -0,0 +1,13 @@ +{ writeTextFile, cctools, sigtool }: + +writeTextFile { + name = "post-link-sign-hook"; + executable = true; + + text = '' + if [ "$linkerOutput" != "/dev/null" ]; then + CODESIGN_ALLOCATE=${cctools}/bin/${cctools.targetPrefix}codesign_allocate \ + ${sigtool}/bin/codesign -f -s - "$linkerOutput" + fi + ''; +} diff --git a/pkgs/stdenv/darwin/default.nix b/pkgs/stdenv/darwin/default.nix index 418cc915fdc..25a80fd11aa 100644 --- a/pkgs/stdenv/darwin/default.nix +++ b/pkgs/stdenv/darwin/default.nix @@ -464,6 +464,10 @@ in inherit (selfDarwin) sigtool; }; + postLinkSignHook = prevStage.darwin.postLinkSignHook.override { + inherit (selfDarwin) sigtool; + }; + binutils = superDarwin.binutils.override { inherit (self) coreutils; inherit (selfDarwin) postLinkSignHook signingUtils; diff --git a/pkgs/top-level/darwin-packages.nix b/pkgs/top-level/darwin-packages.nix index ef4240955b9..ee962d36671 100644 --- a/pkgs/top-level/darwin-packages.nix +++ b/pkgs/top-level/darwin-packages.nix @@ -133,20 +133,10 @@ impure-cmds // appleSourcePackages // chooseLibs // { sigtool = callPackage ../os-specific/darwin/sigtool { }; - postLinkSignHook = pkgs.writeTextFile { - name = "post-link-sign-hook"; - executable = true; - - text = '' - if [ "$linkerOutput" != "/dev/null" ]; then - CODESIGN_ALLOCATE=${targetPrefix}codesign_allocate \ - ${self.sigtool}/bin/codesign -f -s - "$linkerOutput" - fi - ''; - }; - signingUtils = callPackage ../os-specific/darwin/signing-utils { }; + postLinkSignHook = callPackage ../os-specific/darwin/signing-utils/post-link-sign-hook.nix { }; + autoSignDarwinBinariesHook = pkgs.makeSetupHook { name = "auto-sign-darwin-binaries-hook"; propagatedBuildInputs = [ self.signingUtils ]; |