summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJon Morrow <jmorrow@chef.io>2020-02-01 13:29:08 -0800
committerJon Morrow <jmorrow@chef.io>2020-02-01 13:29:08 -0800
commitf2eed815bb3b99399fc5ce5620d2bd19daa473d8 (patch)
treea52cf9835bd4abab7bb03f7f26959e0869d86fae
parent3023717497cb5540190c1977d578599437325330 (diff)
downloadchef-f2eed815bb3b99399fc5ce5620d2bd19daa473d8.tar.gz
Adding entitlement for unsigned memory executionjm/add_unsigned_memory_entilement
ffi loads c code into memory in an unsigned way and this allows workstation to work with the hardened runtime. Signed-off-by: Jon Morrow <jmorrow@chef.io>
-rw-r--r--omnibus/Gemfile.lock20
-rw-r--r--omnibus/resources/chef/pkg/entitlements.plist8
2 files changed, 19 insertions, 9 deletions
diff --git a/omnibus/Gemfile.lock b/omnibus/Gemfile.lock
index 07113591e1..22312e8fc9 100644
--- a/omnibus/Gemfile.lock
+++ b/omnibus/Gemfile.lock
@@ -1,9 +1,9 @@
GIT
remote: https://github.com/chef/omnibus
- revision: d642ae6fd57f4a74846e325fecadebb132069894
+ revision: 5baaf7a1d4ee66a9273e127c7e09ce0bb3b33d90
branch: master
specs:
- omnibus (7.0.1)
+ omnibus (7.0.2)
aws-sdk-s3 (~> 1)
chef-cleanroom (~> 1.0)
chef-sugar (>= 3.3)
@@ -32,7 +32,7 @@ GEM
artifactory (3.0.12)
awesome_print (1.8.0)
aws-eventstream (1.0.3)
- aws-partitions (1.267.0)
+ aws-partitions (1.269.0)
aws-sdk-core (3.89.1)
aws-eventstream (~> 1.0, >= 1.0.2)
aws-partitions (~> 1, >= 1.239.0)
@@ -166,9 +166,9 @@ GEM
erubis (2.7.0)
faraday (1.0.0)
multipart-post (>= 1.2, < 3)
- ffi (1.12.1)
- ffi (1.12.1-x64-mingw32)
- ffi (1.12.1-x86-mingw32)
+ ffi (1.12.2)
+ ffi (1.12.2-x64-mingw32)
+ ffi (1.12.2-x86-mingw32)
ffi-libarchive (1.0.0)
ffi (~> 1.0)
ffi-win32-extensions (1.0.3)
@@ -226,7 +226,7 @@ GEM
mixlib-versioning (1.2.12)
molinillo (0.6.6)
multi_json (1.14.1)
- multipart-post (2.0.0)
+ multipart-post (2.1.1)
necromancer (0.5.1)
net-scp (2.0.0)
net-ssh (>= 2.6.5, < 6.0.0)
@@ -257,17 +257,19 @@ GEM
pastel (0.7.3)
equatable (~> 0.6)
tty-color (~> 0.5)
- pedump (0.5.2)
+ pedump (0.5.4)
awesome_print
iostruct (>= 0.0.4)
- multipart-post (~> 2.0.0)
+ multipart-post (>= 2.0.0)
progressbar
+ rainbow
zhexdump (>= 0.0.2)
plist (3.5.0)
progressbar (1.10.1)
proxifier (1.0.3)
public_suffix (4.0.3)
rack (2.1.1)
+ rainbow (3.0.0)
retryable (3.0.5)
ruby-progressbar (1.10.1)
rubyntlm (0.6.2)
diff --git a/omnibus/resources/chef/pkg/entitlements.plist b/omnibus/resources/chef/pkg/entitlements.plist
new file mode 100644
index 0000000000..bb87459e76
--- /dev/null
+++ b/omnibus/resources/chef/pkg/entitlements.plist
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+ <dict>
+ <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
+ <true/>
+ </dict>
+</plist> \ No newline at end of file