diff --git a/apps/desktop/electron-builder.json b/apps/desktop/electron-builder.json index 0e621e8a1f..21f0945318 100644 --- a/apps/desktop/electron-builder.json +++ b/apps/desktop/electron-builder.json @@ -77,9 +77,13 @@ { "from": "desktop_native/dist/desktop_proxy.${platform}-${arch}", "to": "MacOS/desktop_proxy" + }, + { + "from": "desktop_native/dist/desktop_proxy.${platform}-${arch}", + "to": "MacOS/desktop_proxy.inherit" } ], - "signIgnore": ["MacOS/desktop_proxy"], + "signIgnore": ["MacOS/desktop_proxy", "MacOS/desktop_proxy.inherit"], "target": ["dmg", "zip"] }, "win": { diff --git a/apps/desktop/resources/entitlements.desktop_proxy.inherit.plist b/apps/desktop/resources/entitlements.desktop_proxy.inherit.plist new file mode 100644 index 0000000000..794eada1ca --- /dev/null +++ b/apps/desktop/resources/entitlements.desktop_proxy.inherit.plist @@ -0,0 +1,10 @@ + + + + + com.apple.security.app-sandbox + + com.apple.security.inherit + + + diff --git a/apps/desktop/scripts/after-pack.js b/apps/desktop/scripts/after-pack.js index 08cff76e85..d4cbc00c81 100644 --- a/apps/desktop/scripts/after-pack.js +++ b/apps/desktop/scripts/after-pack.js @@ -70,6 +70,18 @@ async function run(context) { child_process.execSync( `codesign -s '${id}' -i ${packageId} -f --timestamp --options runtime --entitlements ${entitlementsPath} ${proxyPath}`, ); + + const inheritProxyPath = path.join(appPath, "Contents", "MacOS", "desktop_proxy.inherit"); + const inheritEntitlementsName = "entitlements.desktop_proxy.inherit.plist"; + const inheritEntitlementsPath = path.join( + __dirname, + "..", + "resources", + inheritEntitlementsName, + ); + child_process.execSync( + `codesign -s '${id}' -i ${packageId} -f --timestamp --options runtime --entitlements ${inheritEntitlementsPath} ${inheritProxyPath}`, + ); } } diff --git a/apps/desktop/src/entry.ts b/apps/desktop/src/entry.ts index 3bb8446136..9f03a84e62 100644 --- a/apps/desktop/src/entry.ts +++ b/apps/desktop/src/entry.ts @@ -16,16 +16,24 @@ if ( app.dock.hide(); }); - const proc = spawn(path.join(process.execPath, "..", "desktop_proxy"), process.argv.slice(1), { - cwd: process.cwd(), - stdio: "inherit", - shell: false, - }); + const proc = spawn( + path.join(process.execPath, "..", "desktop_proxy.inherit"), + process.argv.slice(1), + { + cwd: process.cwd(), + stdio: "inherit", + shell: false, + }, + ); - proc.on("exit", () => { + proc.on("exit", (...args) => { + // eslint-disable-next-line no-console + console.error("Proxy process exited", args); process.exit(0); }); - proc.on("error", () => { + proc.on("error", (...args) => { + // eslint-disable-next-line no-console + console.error("Proxy process errored", args); process.exit(1); }); } else {