Make the directories in LyX application bundle read only.

Python produces files with cached on-the-fly compiled code on disk inside the bundle.
This should be avoided in case of a signed application bundle.
This commit is contained in:
Stephan Witt 2020-02-21 18:04:28 +01:00
parent a47412b9de
commit ca7defab45

View File

@ -638,7 +638,10 @@ LYX_BUNDLE_PATH="${LyxAppPrefix}/${BUNDLE_PATH}"
build_lyx() {
# Clear Output
if [ -n "${LyxAppZip}" -a -f "${LyxAppZip}" ]; then rm "${LyxAppZip}"; fi
if [ -d "${LyxAppPrefix}" ]; then rm -rf "${LyxAppPrefix}"; fi
if [ -d "${LyxAppPrefix}" ]; then
find "${LyxAppPrefix}" -type d -exec chmod u+w '{}' \;
rm -rf "${LyxAppPrefix}"
fi
case "${EnableCXX11}" in
"--enable-cxx11")
@ -1018,7 +1021,7 @@ make_dmg() {
VOLUME=$(mount |grep ${DEVICE} | cut -f 3 -d ' ')
# copy in the application bundle
ditto --hfsCompression "${LyxAppDir}.app" "${VOLUME}/${LyxName}.app"
ditto --hfsCompression "${LyxAppPrefix}" "${VOLUME}/${LyxName}.app"
# copy in background image
mkdir -p "${VOLUME}/Pictures"
@ -1072,5 +1075,6 @@ if [ ${LyxOnlyPackage:-"no"} = "no" ]; then
convert_universal
copy_dictionaries
test -n "${CODESIGN_IDENTITY}" && code_sign "${LYX_BUNDLE_PATH}"
find "${LyxAppPrefix}" -type d -exec chmod a-w '{}' \;
fi
build_package