summaryrefslogtreecommitdiff
path: root/solenv/gbuild
diff options
context:
space:
mode:
Diffstat (limited to 'solenv/gbuild')
-rw-r--r--solenv/gbuild/platform/macosx.mk12
1 files changed, 3 insertions, 9 deletions
diff --git a/solenv/gbuild/platform/macosx.mk b/solenv/gbuild/platform/macosx.mk
index 2aaf1508c145..c06f40d66fc4 100644
--- a/solenv/gbuild/platform/macosx.mk
+++ b/solenv/gbuild/platform/macosx.mk
@@ -90,11 +90,9 @@ $(if $(filter Executable,$(1)),\
$$(call gb_Library_get_layer,$(2)))
endef
-# We sign executables right after linking below. But not dylibs,
-# because many of them are built by ad-hoc or 3rd-party mechanisms. So
-# as we would need to sign those separately anyway, we do it for the
-# gbuild-built ones, too, after an app bundle has been constructed, in
-# the solenv/bin/macosx-codesign-app-bundle script.
+# We cannot sign executables early since Mojave/Catalina would treat them as
+# restricted binary and ignore any DYLD_LIBRARY_PATH setting - So all
+# signing is handled by the solenv/bin/macosx-codesign-app-bundle script.
# And the soffice executable needs to be signed last in
# macosx-codesign-app-bundle, as codesign would fail complaining that other
# parts of the app have not yet been signed:
@@ -129,10 +127,6 @@ $(call gb_Helper_abbreviate_dirs,\
$(PERL) $(SRCDIR)/solenv/bin/macosx-change-install-names.pl app $(LAYER) $(1) &&) \
$(if $(filter Library Bundle CppunitTest,$(TARGETTYPE)),\
$(PERL) $(SRCDIR)/solenv/bin/macosx-change-install-names.pl shl $(LAYER) $(1) &&) \
- $(if $(MACOSX_CODESIGNING_IDENTITY), \
- $(if $(filter Executable,$(TARGETTYPE)), \
- $(if $(filter-out $(call gb_Executable_get_target,soffice_bin),$(1)), \
- codesign --identifier=$(MACOSX_BUNDLE_IDENTIFIER).$(notdir $(1)) --sign $(MACOSX_CODESIGNING_IDENTITY) --options=runtime --force $(1) &&))) \
$(if $(filter Library,$(TARGETTYPE)),\
otool -l $(1) | grep -A 5 LC_ID_DYLIB \
> $(WORKDIR)/LinkTarget/$(2).exports.tmp && \