From aa8fd00dd3c378bbaefb89e335817a972cb97438 Mon Sep 17 00:00:00 2001 From: Maxime Gervais Date: Sun, 9 Jun 2024 19:02:45 +0200 Subject: [PATCH] Add macOS permissions for USB-Serial and DeckLink devices Signed-off-by: Maxime Gervais --- Project/Mac/Helpers.entitlements | 8 ++++++++ Project/Mac/mkdmg.sh | 3 ++- Source/GUI/dvrescue/dvrescue/CapturePage.qml | 2 +- Source/GUI/dvrescue/dvrescue/dvrescue.entitlements | 12 ++++++++++++ 4 files changed, 23 insertions(+), 2 deletions(-) create mode 100644 Project/Mac/Helpers.entitlements diff --git a/Project/Mac/Helpers.entitlements b/Project/Mac/Helpers.entitlements new file mode 100644 index 00000000..123d12a5 --- /dev/null +++ b/Project/Mac/Helpers.entitlements @@ -0,0 +1,8 @@ + + + + + com.apple.security.cs.disable-library-validation + + + diff --git a/Project/Mac/mkdmg.sh b/Project/Mac/mkdmg.sh index f5ce122d..d6f5ee10 100755 --- a/Project/Mac/mkdmg.sh +++ b/Project/Mac/mkdmg.sh @@ -85,13 +85,14 @@ if [ "$KIND" = "GUI" ]; then exit 1 fi cp -R "../../Source/GUI/dvrescue/build/dvrescue/${APPNAME}.app" "${FILES}" + rm -fr "${FILES}/${APPNAME}.app/Contents/Frameworks/pkgconfig" # first pass, sign everything codesign --identifier "net.MediaArea.${APPNAME_lower}.mac-${KIND_lower}" --verbose --force --deep --options=runtime --preserve-metadata=entitlements,identifier --sign="Developer ID Application: ${SIGNATURE}" "${FILES}/${APPNAME}.app" codesign --identifier "net.MediaArea.${APPNAME_lower}.mac-${KIND_lower}.libs" --verbose --force --options=runtime --sign="Developer ID Application: ${SIGNATURE}" "${FILES}/${APPNAME}.app/Contents/Libraries/"* # add entitlements codesign --identifier "net.MediaArea.${APPNAME_lower}.mac-${KIND_lower}" --verbose --force --options=runtime --sign="Developer ID Application: ${SIGNATURE}" --entitlements "../../Source/GUI/dvrescue/dvrescue/dvrescue.entitlements" "${FILES}/${APPNAME}.app/Contents/MacOS/dvrescue" - codesign --identifier "net.MediaArea.${APPNAME_lower}.mac-${KIND_lower}.helpers" --verbose --force --options=runtime --sign="Developer ID Application: ${SIGNATURE}" "${FILES}/${APPNAME}.app/Contents/Helpers/"* + codesign --identifier "net.MediaArea.${APPNAME_lower}.mac-${KIND_lower}.helpers" --verbose --force --options=runtime --sign="Developer ID Application: ${SIGNATURE}" --entitlements "Helpers.entitlements" "${FILES}/${APPNAME}.app/Contents/Helpers/"* # second pass, resign codesign --identifier "net.MediaArea.${APPNAME_lower}.mac-${KIND_lower}" --verbose --force --deep --options=runtime --preserve-metadata=entitlements,identifier --sign="Developer ID Application: ${SIGNATURE}" "${FILES}/${APPNAME}.app" fi diff --git a/Source/GUI/dvrescue/dvrescue/CapturePage.qml b/Source/GUI/dvrescue/dvrescue/CapturePage.qml index ae1f90df..e70cc2b9 100644 --- a/Source/GUI/dvrescue/dvrescue/CapturePage.qml +++ b/Source/GUI/dvrescue/dvrescue/CapturePage.qml @@ -382,7 +382,7 @@ Rectangle { decklinkConfigButton.visible: isDecklink decklinkConfigButton.onClicked: { - var combinedControls = [{name : 'No control', id: ''}].concat(JSON.parse(controls)) + var combinedControls = [{name : 'No control', id: ''},{name : 'Native', id: 'native'}].concat(JSON.parse(controls)) console.debug(JSON.stringify(combinedControls)) decklinkConfigPopup.controlsModel = combinedControls; diff --git a/Source/GUI/dvrescue/dvrescue/dvrescue.entitlements b/Source/GUI/dvrescue/dvrescue/dvrescue.entitlements index a583411b..2575d10e 100644 --- a/Source/GUI/dvrescue/dvrescue/dvrescue.entitlements +++ b/Source/GUI/dvrescue/dvrescue/dvrescue.entitlements @@ -12,5 +12,17 @@ com.apple.security.assets.movies.read-write + com.apple.security.cs.disable-library-validation + + com.apple.security.device.usb + + com.apple.security.temporary-exception.mach-lookup.global-name + com.blackmagic-design.desktopvideo.DeckLinkHardwareXPCService + com.apple.security.temporary-exception.shared-preference.read-only + com.blackmagic-design.desktopvideo.prefspanel + com.apple.security.temporary-exception.files.absolute-path.read-write + + /dev/tty.RS422 Deck Control +