Module: OS::Mac::Keg Private
- Extended by:
- T::Helpers
- Includes:
- SystemCommand::Mixin
- Included in:
- Keg
- Defined in:
- extend/os/mac/keg.rb,
extend/os/mac/keg_relocate.rb
This module is part of a private API. This module may only be used in the Homebrew/brew repository. Third parties should avoid using this module if possible, as it may be removed or changed without warning.
Defined Under Namespace
Modules: ClassMethods
Constant Summary collapse
- VARIABLE_REFERENCE_RX =
This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.
T.let(/^@(loader_|executable_|r)path/, Regexp)
- FRAMEWORK_RX =
This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.
Matches framework references like
XXX.framework/Versions/YYY/XXX
andXXX.framework/XXX
, both with or without a slash-delimited prefix. %r{(?:^|/)(([^/]+)\.framework/(?:Versions/[^/]+/)?\2)$}
Instance Method Summary collapse
- #binary_executable_or_library_files ⇒ Object
- #codesign_patched_binary(file) ⇒ Object
-
#consistent_reproducible_symlink_permissions! ⇒ Object
private
Needed to make symlink permissions consistent on macOS and Linux for reproducible bottles.
- #dylib_id_for(file) ⇒ String private
- #each_linkage_for(file, linkage_type, resolve_variable_references: false, &block) ⇒ void private
- #egrep_args ⇒ Array<(String, String)> private
- #find_dylib(bad_name) ⇒ Pathname? private
- #find_dylib_suffix_from(bad_name) ⇒ String private
- #fix_dynamic_linkage ⇒ void private
-
#fixed_name(file, bad_name) ⇒ String
private
If file is a dylib or bundle itself, look for the dylib named by bad_name relative to the lib directory, so that we can skip the more expensive recursive search if possible.
- #loader_name_for(file, target) ⇒ String private
- #mach_o_files ⇒ Array<Pathname> private
- #prepare_codesign_writable_files(file) ⇒ Object
- #prepare_debug_symbols ⇒ Object
- #prepare_relocation_to_locations ⇒ ::Keg::Relocation private
- #recursive_fgrep_args ⇒ String private
- #relocate_dynamic_linkage(relocation, skip_protodesc_cold: false) ⇒ void private
- #relocated_name_for(old_name, relocation) ⇒ String? private
Methods included from SystemCommand::Mixin
#system_command, #system_command!
Instance Method Details
#binary_executable_or_library_files ⇒ Object
38 |
# File 'extend/os/mac/keg.rb', line 38 def binary_executable_or_library_files = mach_o_files |
#codesign_patched_binary(file) ⇒ Object
40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 |
# File 'extend/os/mac/keg.rb', line 40 def codesign_patched_binary(file) return if MacOS.version < :big_sur unless ::Hardware::CPU.arm? result = system_command("codesign", args: ["--verify", file], print_stderr: false) return unless result.stderr.match?(/invalid signature/i) end odebug "Codesigning #{file}" prepare_codesign_writable_files(file) do # Use quiet_system to squash notifications about resigning binaries # which already have valid signatures. return if quiet_system("codesign", "--sign", "-", "--force", "--preserve-metadata=entitlements,requirements,flags,runtime", file) # If the codesigning fails, it may be a bug in Apple's codesign utility # A known workaround is to copy the file to another inode, then move it back # erasing the previous file. Then sign again. # # TODO: remove this once the bug in Apple's codesign utility is fixed Dir::Tmpname.create("workaround") do |tmppath| FileUtils.cp file, tmppath FileUtils.mv tmppath, file, force: true end # Try signing again odebug "Codesigning (2nd try) #{file}" result = system_command("codesign", args: [ "--sign", "-", "--force", "--preserve-metadata=entitlements,requirements,flags,runtime", file ], print_stderr: false) return if result.success? # If it fails again, error out onoe <<~EOS Failed applying an ad-hoc signature to #{file}: #{result.stderr} EOS end end |
#consistent_reproducible_symlink_permissions! ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
Needed to make symlink permissions consistent on macOS and Linux for reproducible bottles.
121 122 123 124 125 |
# File 'extend/os/mac/keg.rb', line 121 def path.find do |file| File.lchmod 0777, file if file.symlink? end end |
#dylib_id_for(file) ⇒ String
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
150 151 152 153 154 155 156 157 158 159 |
# File 'extend/os/mac/keg_relocate.rb', line 150 def dylib_id_for(file) # Swift dylib IDs should be /usr/lib/swift return file.dylib_id if file.dylib_id.start_with?("/usr/lib/swift/libswift") # The new dylib ID should have the same basename as the old dylib ID, not # the basename of the file itself. basename = File.basename(file.dylib_id) relative_dirname = file.dirname.relative_path_from(path) (opt_record/relative_dirname/basename).to_s end |
#each_linkage_for(file, linkage_type, resolve_variable_references: false, &block) ⇒ void
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
This method returns an undefined value.
143 144 145 146 147 |
# File 'extend/os/mac/keg_relocate.rb', line 143 def each_linkage_for(file, linkage_type, resolve_variable_references: false, &block) file.public_send(linkage_type, resolve_variable_references:) .grep_v(VARIABLE_REFERENCE_RX) .each(&block) end |
#egrep_args ⇒ Array<(String, String)>
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
247 248 249 250 251 |
# File 'extend/os/mac/keg_relocate.rb', line 247 def egrep_args grep_bin = "egrep" grep_args = "--files-with-matches" [grep_bin, grep_args] end |
#find_dylib(bad_name) ⇒ Pathname?
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
187 188 189 190 191 192 |
# File 'extend/os/mac/keg_relocate.rb', line 187 def find_dylib(bad_name) return unless lib.directory? suffix = "/#{find_dylib_suffix_from(bad_name)}" lib.find { |pn| break pn if pn.to_s.end_with?(suffix) } end |
#find_dylib_suffix_from(bad_name) ⇒ String
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
178 179 180 181 182 183 184 |
# File 'extend/os/mac/keg_relocate.rb', line 178 def find_dylib_suffix_from(bad_name) if (framework = bad_name.match(FRAMEWORK_RX)) T.must(framework[1]) else File.basename(bad_name) end end |
#fix_dynamic_linkage ⇒ void
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
This method returns an undefined value.
56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 |
# File 'extend/os/mac/keg_relocate.rb', line 56 def fix_dynamic_linkage mach_o_files.each do |file| file.ensure_writable do modified = T.let(false, T::Boolean) needs_codesigning = T.let(false, T::Boolean) modified = change_dylib_id(dylib_id_for(file), file) if file.dylib? needs_codesigning ||= modified each_linkage_for(file, :dynamically_linked_libraries) do |bad_name| # Don't fix absolute paths unless they are rooted in the build directory. new_name = if bad_name.start_with?("/") && !rooted_in_build_directory?(bad_name) bad_name else fixed_name(file, bad_name) end loader_name = loader_name_for(file, new_name) modified = change_install_name(bad_name, loader_name, file) if loader_name != bad_name needs_codesigning ||= modified end each_linkage_for(file, :rpaths) do |bad_name| new_name = opt_name_for(bad_name) loader_name = loader_name_for(file, new_name) next if loader_name == bad_name modified = change_rpath(bad_name, loader_name, file) needs_codesigning ||= modified end # Strip duplicate rpaths and rpaths rooted in the build directory. # We do this separately from the rpath relocation above to avoid # failing to relocate an rpath whose variable duplicate we deleted. each_linkage_for(file, :rpaths, resolve_variable_references: true) do |bad_name| next if !rooted_in_build_directory?(bad_name) && file.rpaths.count(bad_name) == 1 modified = delete_rpath(bad_name, file) needs_codesigning ||= modified end # codesign the file if needed codesign_patched_binary(file) if needs_codesigning end end super end |
#fixed_name(file, bad_name) ⇒ String
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
If file is a dylib or bundle itself, look for the dylib named by bad_name relative to the lib directory, so that we can skip the more expensive recursive search if possible.
121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 |
# File 'extend/os/mac/keg_relocate.rb', line 121 def fixed_name(file, bad_name) if bad_name.start_with? ::Keg::PREFIX_PLACEHOLDER bad_name.sub(::Keg::PREFIX_PLACEHOLDER, HOMEBREW_PREFIX) elsif bad_name.start_with? ::Keg::CELLAR_PLACEHOLDER bad_name.sub(::Keg::CELLAR_PLACEHOLDER, HOMEBREW_CELLAR) elsif (file.dylib? || file.mach_o_bundle?) && (file.dirname/bad_name).exist? "@loader_path/#{bad_name}" elsif file.mach_o_executable? && (lib/bad_name).exist? "#{lib}/#{bad_name}" elsif file.mach_o_executable? && (libexec/"lib"/bad_name).exist? "#{libexec}/lib/#{bad_name}" elsif (abs_name = find_dylib(bad_name)) && abs_name.exist? abs_name.to_s else opoo "Could not fix #{bad_name} in #{file}" bad_name end end |
#loader_name_for(file, target) ⇒ String
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
105 106 107 108 109 110 111 112 113 114 115 |
# File 'extend/os/mac/keg_relocate.rb', line 105 def loader_name_for(file, target) # Use @loader_path-relative install names for other Homebrew-installed binaries. if ENV["HOMEBREW_RELOCATABLE_INSTALL_NAMES"] && target.start_with?(HOMEBREW_PREFIX) dylib_suffix = find_dylib_suffix_from(target) target_dir = Pathname.new(target.delete_suffix(dylib_suffix)).cleanpath "@loader_path/#{target_dir.relative_path_from(file.dirname)/dylib_suffix}" else target end end |
#mach_o_files ⇒ Array<Pathname>
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 |
# File 'extend/os/mac/keg_relocate.rb', line 195 def mach_o_files hardlinks = Set.new mach_o_files = [] path.find do |pn| next if pn.symlink? || pn.directory? next if !pn.dylib? && !pn.mach_o_bundle? && !pn.mach_o_executable? # if we've already processed a file, ignore its hardlinks (which have the same dev ID and inode) # this prevents relocations from being performed on a binary more than once next unless hardlinks.add? [pn.stat.dev, pn.stat.ino] mach_o_files << pn end mach_o_files end |
#prepare_codesign_writable_files(file) ⇒ Object
83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 |
# File 'extend/os/mac/keg.rb', line 83 def prepare_codesign_writable_files(file) result = system_command("codesign", args: [ "--display", "--file-list", "-", file ], print_stderr: false) return unless result.success? files = result.stdout.lines.map { |f| Pathname(f.chomp) } saved_perms = {} files.each do |f| unless f.writable? saved_perms[f] = f.stat.mode FileUtils.chmod "u+rw", f.to_path end end yield ensure saved_perms&.each do |f, p| f.chmod p if p end end |
#prepare_debug_symbols ⇒ Object
104 105 106 107 108 109 110 111 112 113 114 115 116 117 |
# File 'extend/os/mac/keg.rb', line 104 def prepare_debug_symbols binary_executable_or_library_files.each do |file| odebug "Extracting symbols #{file}" result = system_command("dsymutil", args: [file], print_stderr: false) next if result.success? # If it fails again, error out ofail <<~EOS Failed to extract symbols from #{file}: #{result.stderr} EOS end end |
#prepare_relocation_to_locations ⇒ ::Keg::Relocation
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 |
# File 'extend/os/mac/keg_relocate.rb', line 212 def prepare_relocation_to_locations relocation = super brewed_perl = runtime_dependencies&.any? { |dep| dep["full_name"] == "perl" && dep["declared_directly"] } perl_path = if brewed_perl || name == "perl" "#{HOMEBREW_PREFIX}/opt/perl/bin/perl" elsif tab.built_on.present? perl_path = "/usr/bin/perl#{tab.built_on["preferred_perl"]}" # For `:all` bottles, we could have built this bottle with a Perl we don't have. # Such bottles typically don't have strict version requirements. perl_path = "/usr/bin/perl#{MacOS.preferred_perl_version}" unless File.exist?(perl_path) perl_path else "/usr/bin/perl#{MacOS.preferred_perl_version}" end relocation.add_replacement_pair(:perl, ::Keg::PERL_PLACEHOLDER, perl_path) if (openjdk = openjdk_dep_name_if_applicable) openjdk_path = HOMEBREW_PREFIX/"opt"/openjdk/"libexec/openjdk.jdk/Contents/Home" relocation.add_replacement_pair(:java, ::Keg::JAVA_PLACEHOLDER, openjdk_path.to_s) end relocation end |
#recursive_fgrep_args ⇒ String
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
240 241 242 243 244 |
# File 'extend/os/mac/keg_relocate.rb', line 240 def recursive_fgrep_args # Don't recurse into symlinks; the man page says this is the default, but # it's wrong. -O is a BSD-grep-only option. "-lrO" end |
#relocate_dynamic_linkage(relocation, skip_protodesc_cold: false) ⇒ void
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
This method returns an undefined value.
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
# File 'extend/os/mac/keg_relocate.rb', line 25 def relocate_dynamic_linkage(relocation, skip_protodesc_cold: false) mach_o_files.each do |file| file.ensure_writable do modified = T.let(false, T::Boolean) needs_codesigning = T.let(false, T::Boolean) if file.dylib? id = relocated_name_for(file.dylib_id, relocation) modified = change_dylib_id(id, file) if id needs_codesigning ||= modified end each_linkage_for(file, :dynamically_linked_libraries) do |old_name| new_name = relocated_name_for(old_name, relocation) modified = change_install_name(old_name, new_name, file) if new_name needs_codesigning ||= modified end each_linkage_for(file, :rpaths) do |old_name| new_name = relocated_name_for(old_name, relocation) modified = change_rpath(old_name, new_name, file) if new_name needs_codesigning ||= modified end # codesign the file if needed codesign_patched_binary(file) if needs_codesigning end end end |
#relocated_name_for(old_name, relocation) ⇒ String?
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
162 163 164 165 166 167 168 169 170 171 |
# File 'extend/os/mac/keg_relocate.rb', line 162 def relocated_name_for(old_name, relocation) old_prefix, new_prefix = relocation.replacement_pair_for(:prefix) old_cellar, new_cellar = relocation.replacement_pair_for(:cellar) if old_name.start_with? old_cellar old_name.sub(old_cellar, new_cellar) elsif old_name.start_with? old_prefix old_name.sub(old_prefix, new_prefix) end end |