Commit 1106467f authored by Kali Kaneko's avatar Kali Kaneko Committed by meskio

[feat] osx build templates

parent f8218b2b
......@@ -7,8 +7,26 @@ PROVIDER_CONFIG ?= branding/config/vendor.conf
DEFAULT_PROVIDER = branding/assets/default/
VERSION ?= $(shell git describe)
# detect OS, we use it for dependencies
UNAME = `uname`
all: icon locales get build
depends:
-@make depends$(UNAME)
go get -u golang.org/x/text/cmd/gotext github.com/cratonica/2goarray
dependsLinux:
sudo apt install libgtk-3-dev libappindicator3-dev golang pkg-config cmake
dependsDarwin:
# TODO - bootstrap homebrew if not there
brew install python3 golang make pkg-config upx
brew install --default-names gnu-sed
dependsCygwin:
choco install -y golang python nssm nsis wget 7zip
get:
go get -tags $(TAGS) ./...
go get -tags "$(TAGS) bitmaskd" ./...
......@@ -24,18 +42,32 @@ endif
prepare: generate relink_default
mkdir -p build/${PROVIDER}/bin/
cp branding/templates/makefile/Makefile build/${PROVIDER}/Makefile
VERSION=${VERSION} PROVIDER_CONFIG=${PROVIDER_CONFIG} branding/scripts/generate-vendor-make.py build/${PROVIDER}/vendor.mk
branding/scripts/check-ca-crt.py ${PROVIDER} ${PROVIDER_CONFIG}
-@make icon
prepare_win:
mkdir -p build/${PROVIDER}/windows/
cp -r branding/templates/windows build/${PROVIDER}
VERSION=${VERSION} PROVIDER_CONFIG=${PROVIDER_CONFIG} branding/scripts/generate-win.py build/${PROVIDER}/windows/data.json
cd build/${PROVIDER}/windows && python3 generate.py
# TODO create build/PROVIDER/assets/
# TODO create build/PROVIDER/staging/
# TODO create/copy build/PROVIDER/assets/
# TODO create/copy build/PROVIDER/staging/
prepare_osx:
echo "osx..."
mkdir -p build/${PROVIDER}/osx/scripts
mkdir -p build/${PROVIDER}/staging
ifeq (,$(wildcard build/${PROVIDER}/assets))
ln -s ../../branding/assets/default build/${PROVIDER}/assets
endif
ifeq (,$(wildcard build/${PROVIDER}/staging/openvpn-osx))
curl -L https://downloads.leap.se/thirdparty/osx/openvpn/openvpn -o build/${PROVIDER}/staging/openvpn-osx
endif
cp -r branding/templates/osx build/${PROVIDER}
VERSION=${VERSION} PROVIDER_CONFIG=${PROVIDER_CONFIG} branding/scripts/generate-osx.py build/${PROVIDER}/osx/data.json
cd build/${PROVIDER}/osx && python3 generate.py
cd build/${PROVIDER}/osx/scripts && chmod +x preinstall postinstall
prepare_snap:
echo "snap..."
......@@ -49,9 +81,12 @@ build: $(foreach path,$(wildcard cmd/*),build_$(patsubst cmd/%,%,$(path)))
build_%:
go build -tags $(TAGS) -ldflags "-X main.version=`git describe --tags`" -o $* ./cmd/$*
strip $*
# FIXME does not work in osx
# strip $*
mkdir -p build/bin
mv $* build/bin/
mkdir -p build/${PROVIDER}/staging
ln -s ../../bin/$* build/${PROVIDER}/staging/$*
test:
go test -tags "integration $(TAGS)" ./...
......@@ -64,15 +99,12 @@ build_win:
clean:
make -C icon clean
rm -f build/bitmask-vpn
rm -f build/${PROVIDER}/bin/bitmask-*
unlink branding/assets/default
icon:
make -C icon
get_deps:
sudo apt install libgtk-3-dev libappindicator3-dev golang pkg-config
LANGS ?= $(foreach path,$(wildcard locales/*),$(patsubst locales/%,%,$(path)))
empty :=
......
......@@ -3,15 +3,14 @@ Install it
Install dependencies:
```
# apt install libgtk-3-dev libappindicator3-dev golang pkg-config
# make depends
```
Build the systray:
```
$ git clone 0xacab.org/leap/bitmask-vpn
$ cd bitmask-systray
$ go get .
$ go build
$ git clone 0xacab.org/leap/bitmask-vpn && cd bitmask-vpn
$ make get
$ make build
```
To be able to build the assets you'll need:
......@@ -24,12 +23,10 @@ OSX
Using homebrew:
```
$ brew install golang zmq pkg-config
$ brew install --default-names gnu-sed
$ git clone 0xacab.org/leap/bitmask-vpn
$ cd bitmask-systray
$ go get .
$ go build
$ make depends
$ git clone 0xacab.org/leap/bitmask-vpn && cd bitmask-vpn
$ make get
$ make build
```
......@@ -56,8 +53,8 @@ for windows and OSX there is [a helper written in go](https://0xacab.org/leap/bi
To build and run it:
```
$ go build
$ ./bitmask-systray
$ make build
$ ./bitmask-vpn
```
......@@ -71,7 +68,7 @@ Is also posible to compile the systray to use bitmask as backend:
In that case bitmask-systray assumes that you already have bitmaskd running. Run bitmask and the systray:
```
$ bitmaskd
$ ./bitmask-systray
$ ./bitmask-vpn
```
......@@ -97,6 +94,7 @@ Report an issue
-------------------
When you report an issue include the following information:
* what you expected to see
* what you got
* the version of the program. You can check the version on the about page.
......
......@@ -12,21 +12,41 @@ Configure
- Copy your provider CA certificate to the same folder: 'branding/config/<provider>-ca.crt'
- Make sure that the folder 'branding/assets/<provider>' exists. Copy there all the needed assets.
Checkout
--------------------------------------------------------------------------------
git clone https://0xacab.org/leap/bitmask-vpn
cd bitmask-vpn
git pull --tags
Build
--------------------------------------------------------------------------------
Some of the following scripts need network access, since they will check
make build
Package
--------------------------------------------------------------------------------
NOTE: Some of the following scripts need network access, since they will check
whether the configuration published by your provider matches what is configured
before the build.
Run:
PROVIDER=example.org make prepare
make build
PROVIDER=example make prepare_all
You can also specify a cusom config file:
PROVIDER=example.org PROVIDER_CONFIG make prepare
PROVIDER=example PROVIDER_CONFIG=/path/to/vendor.conf make prepare_all
make build
After this, you will find the build scripts ready in the following folder:
cd build/example
make package_win
make package_osx
make package_snap
make package_deb
......@@ -20,6 +20,7 @@ def getLocalCert(provider):
def getRemoteCert(uri):
print("... checking cert from", uri)
fp = urllib.request.urlopen(uri)
remote_cert = fp.read().decode('utf-8').strip()
fp.close()
......
#!/usr/bin/env python3
import json
import os
import sys
import configparser
from provider import getDefaultProvider
from provider import getProviderData
VERSION = os.environ.get('VERSION', 'unknown')
def writeOutput(data, outfile):
with open(outfile, 'w') as outf:
outf.write(json.dumps(data))
if __name__ == "__main__":
env_provider_conf = os.environ.get('PROVIDER_CONFIG')
if env_provider_conf:
if os.path.isfile(env_provider_conf):
print("[+] Overriding provider config per "
"PROVIDER_CONFIG variable")
configfile = env_provider_conf
config = configparser.ConfigParser()
config.read(configfile)
provider = getDefaultProvider(config)
data = getProviderData(provider, config)
if len(sys.argv) != 2:
print('Usage: generate-osx.py <output_file>')
sys.exit(1)
outputf = sys.argv[1]
data['applicationNameLower'] = data.get('applicationName').lower()
data['URL'] = data.get('infoURL')
data['version'] = VERSION
writeOutput(data, outputf)
#!/usr/bin/env python3
# Generates a simplified file with variables that
# can be imported from the main vendorized Makefile.
import os
import sys
import configparser
from provider import getDefaultProvider
from provider import getProviderData
VERSION = os.environ.get('VERSION', 'unknown')
TEMPLATE = """
# Variables for the build of {applicationName}.
# Generated automatically. Do not edit.
APPNAME := {applicationName}
BINNAME := {binaryName}
VERSION := {version}
"""
def writeOutput(data, outfile):
configString = TEMPLATE.format(
binaryName=data['binaryName'],
applicationName=data['applicationName'],
version=data['version'],
)
with open(outfile, 'w') as outf:
outf.write(configString)
if __name__ == "__main__":
env_provider_conf = os.environ.get('PROVIDER_CONFIG')
if env_provider_conf:
if os.path.isfile(env_provider_conf):
print("[+] Overriding provider config per "
"PROVIDER_CONFIG variable")
configfile = env_provider_conf
config = configparser.ConfigParser()
config.read(configfile)
provider = getDefaultProvider(config)
data = getProviderData(provider, config)
if len(sys.argv) != 2:
print('Usage: generate-vendor-make.py <output_file>')
sys.exit(1)
outputf = sys.argv[1]
data['version'] = VERSION
writeOutput(data, outputf)
#########################################
# (c) LEAP Encryption Access Project 2018
include vendor.mk
#########################################
#
# TODO review some of these targets, can go in the parent makefile
#
SYSTRAY := 0xacab.org/leap/bitmask-vpn
STAGING := staging
SYSTRAY_BIN := bitmask-vpn
HELPER_BIN := bitmask_helper
BUILD_RELEASE?=no
WIN_CERT_PATH?=z:\leap\LEAP.pfx
WIN_CERT_PASS?=
OSX_CERT = "Developer ID Installer: LEAP Encryption Access Project"
TGZ_PATH = $(shell pwd)/dist/$(BINNAME)-$(VERSION)
tgz:
mkdir -p $(TGZ_PATH)
git -C `go env GOPATH`/src/$(SYSTRAY) archive HEAD | tar -x -C $(TGZ_PATH)
mkdir $(TGZ_PATH)/helpers
wget -O $(TGZ_PATH)/helpers/bitmask-root https://0xacab.org/leap/bitmask-dev/raw/master/src/leap/bitmask/vpn/helpers/linux/bitmask-root
chmod +x $(TGZ_PATH)/helpers/bitmask-root
wget -O $(TGZ_PATH)/helpers/se.leap.bitmask.policy https://0xacab.org/leap/bitmask-dev/raw/master/src/leap/bitmask/vpn/helpers/linux/se.leap.bitmask.policy
cd dist; tar cvzf $(BINNAME)-$(VERSION).tgz $(BINNAME)-$(VERSION)
rm -r $(TGZ_PATH)
# -----------------------------------------------------------------------------
# Windows
# -----------------------------------------------------------------------------
CROSS_FLAGS = CGO_ENABLED=1 GOARCH=386 GOOS=windows CC="/usr/bin/i686-w64-mingw32-gcc" CGO_LDFLAGS="-lssp" CXX="i686-w64-mingw32-c++"
openvpn_win:
if not exist staging\openvpn mkdir staging\openvpn
wget https://build.openvpn.net/downloads/releases/latest/tap-windows-latest-stable.exe -O staging/openvpn/tap-windows.exe
# eventually, this should be built statically and cross compiled in the same pipeline that we build the installer.
wget https://downloads.leap.se/thirdparty/windows/openvpn-x86_64-w64-mingw32.tar.bz2 -O staging/openvpn/openvpn.tar.bz2
7z e -y -ostaging/openvpn/ staging/openvpn/openvpn.tar.bz2
7z e -y -r -ostaging/openvpn/ staging/openvpn/openvpn.tar *.dll
7z e -y -r -ostaging/openvpn/ staging/openvpn/openvpn.tar *.exe
copy .\staging\openvpn\openvpn.exe .\staging
copy .\staging\openvpn\*.dll .\staging
openvpn_cross_win:
mkdir -p staging/openvpn
wget https://build.openvpn.net/downloads/releases/latest/tap-windows-latest-stable.exe -O $(STAGING)/openvpn/tap-windows.exe
wget https://downloads.leap.se/thirdparty/windows/openvpn-x86_64-w64-mingw32.tar.bz2 -O $(STAGING)/openvpn/openvpn.tar.bz2
tar xvjf $(STAGING)/openvpn/openvpn.tar.bz2 -C $(STAGING)/openvpn/
cp $(STAGING)/openvpn/bin/openvpn.exe $(STAGING)/openvpn
cp $(STAGING)/openvpn/bin/*.dll $(STAGING)
cp $(STAGING)/openvpn/lib/engines-1_1/*.dll $(STAGING)
helper_win:
go build -ldflags "-s -w" -o $(STAGING)/$(HELPER_BIN).exe $(SYSTRAY)/cmd/bitmask-helper
systray_win:
go get -u $(SYSTRAY)/cmd/bitmask-vpn
powershell '$$gopath=go env GOPATH;$$version=git -C $$gopath/src/$(SYSTRAY) describe --tags; go build -ldflags "-H windowsgui -s -w -X main.version=$$version" -o $(STAGING)/$(SYSTRAY_BIN).exe $(SYSTRAY)/cmd/bitmask-vpn'
build_win: staging\nssm.exe helper_win systray_win
# since it's tedious, I assume you did bootstrap openvpn_win manually already.
echo "[+] building windows"
if not exist dist mkdir dist
powershell '$$gopath=go env GOPATH;$$version=git -C $$gopath/src/$(SYSTRAY) describe --tags; $(MAKE) -C win VERSION=$$version'
"C:\Program Files (x86)\NSIS\makensis.exe" win/RiseupVPN-installer.nsi
sign_win:
echo "[+] signing windows build"
python win/sign.py $(WIN_CERT_PATH) $(WIN_CERT_PASS)
build_cross_win: staging/nssm.exe
echo "!define VERSION $(VERSION)" > $(STAGING)/version.nsh
$(CROSS_FLAGS) $(MAKE) helper_win
$(CROSS_FLAGS) go get $(SYSTRAY)/cmd/bitmask-vpn
$(CROSS_FLAGS) go build -ldflags "-H windowsgui -s -w -X main.version=$(VERSION)" -o $(STAGING)/$(SYSTRAY_BIN).exe $(SYSTRAY)/cmd/bitmask-vpn
mkdir -p dist
make -C win VERSION=$(VERSION)
makensis win/RiseupVPN-installer.nsi
# -----------------------------------------------------------------------------
# OSX
# -----------------------------------------------------------------------------
package_osx:
echo "[+] Building osx package..."
osx/quickpkg --output dist/$(APPNAME)-$(VERSION)_unsigned.pkg --scripts osx/scripts/ dist/$(APPNAME).app/
@if [ $(BUILD_RELEASE) = no ]; then\
echo "[!] BUILD_RELEASE=no, skipping signature";\
else\
echo "[+] Signing the bundle";\
productsign --sign $(OSX_CERT) dist/$(APPNAME)-$(VERSION)_unsigned.pkg dist/$(APPNAME)-$(VERSION).pkg;\
fi
# -----------------------------------------------------------------------------
# Linux
# -----------------------------------------------------------------------------
build_snap:
echo "[+] building snap..."
snapcraft build
snapcraft snap
mkdir -p dist
mv $(BINNAME)* dist/
build_deb: tgz
echo "[+] building deb..."
@if [ $(BUILD_RELEASE) = no ]; then\
dch -v $(VERSION) -M "debian package generated from the git repository" && echo "[!] BUILD_RELEASE=no, incrementing changelog";\
else\
echo "[!] BUILD_RELEASE";\
fi
mkdir -p build
cp dist/$(BINNAME)-$(VERSION).tgz build/$(BINNAME)_$(shell echo ${VERSION} | cut -d '-' -f 1-2).orig.tar.gz
cd build && tar xzf $(BINNAME)_$(shell echo ${VERSION} | cut -d '-' -f 1-2).orig.tar.gz
cp -r debian/ build/$(BINNAME)-$(VERSION)/
cd build/$(BINNAME)-$(VERSION) && debuild -us -uc
cp build/*.deb dist/
git checkout -- debian/changelog
# -----------------------------------------------------------------------------
# Utils
# -----------------------------------------------------------------------------
clean:
rm -rf dist/ build/
staging\nssm.exe:
xcopy /y "C:\ProgramData\chocolatey\lib\NSSM\tools\nssm.exe" $(STAGING)
staging/nssm.exe:
wget https://nssm.cc/release/nssm-2.24.zip -O $(STAGING)/nssm.zip
unzip $(STAGING)/nssm.zip -d $(STAGING)
mv $(STAGING)/nssm-*/win32/nssm.exe $(STAGING)
rm -rf $(STAGING)/nssm-* $(STAGING)/nssm.zip
default_device = "en99"
set block-policy drop
scrub in all
set skip on lo0
antispoof for $default_device
# block all traffic on default device
block out on $default_device all
# allow traffic to gateways
pass out on $default_device to <bitmask_gateways>
# allow traffic to local networks over the default device
pass out on $default_device to $default_device:network
# block all DNS, except to the gateways
block out proto udp to any port 53
pass out proto udp to <bitmask_gateways> port 53
This diff is collapsed.
This diff is collapsed.
# some notes on cross-compiling for osx
wget https://s3.dockerproject.org/darwin/v2/MacOSX10.10.sdk.tar.xz
sha256sum 631b4144c6bf75bf7a4d480d685a9b5bda10ee8d03dbf0db829391e2ef858789
git clone https://github.com/tpoechtrager/osxcross
mv MacOSX* osxcross/tarballs
sudo apt-get install -y --force-yes clang llvm-dev libxml2-dev uuid-dev \
libssl-dev bash patch make tar xz-utils bzip2 gzip sed cpio libbz2-dev
cd oscross
./build.sh
PATH=$PATH:/home/user/dev/osxcross/osxcross/target/bin/ MACOSX_DEPLOYMENT_TARGET=10.10 CGO_ENABLED=1 GOOS=darwin CC="o64-clang" go build 0xacab.org/leap/bitmask-systray
#!/usr/bin/python
# Generate bundles for brandable Bitmask Lite.
# (c) LEAP Encryption Access Project
# (c) Kali Kaneko 2018-2019
import json
import os
import os.path
import shutil
import stat
from string import Template
here = os.path.split(os.path.abspath(__file__))[0]
ENTRYPOINT = 'bitmask-vpn'
HELPER = 'bitmask-helper'
OPENVPN = 'openvpn-osx'
TEMPLATE_INFO = 'template-info.plist'
TEMPLATE_HELPER = 'template-helper.plist'
TEMPLATE_PREINSTALL = 'template-preinstall'
TEMPLATE_POSTINSTALL = 'template-postinstall'
data = json.load(open(os.path.join(here, 'data.json')))
APPNAME = data.get('applicationName')
VERSION = data.get('version', 'unknown')
APP_PATH = os.path.abspath(here + '/../dist/' + APPNAME + ".app")
STAGING = os.path.abspath(here + '/../staging/')
ASSETS = os.path.abspath(here + '/../assets/')
ICON = os.path.join(ASSETS, APPNAME.lower() + '.icns')
SCRIPTS = os.path.join(os.path.abspath(here), 'scripts')
INFO_PLIST = APP_PATH + '/Contents/Info.plist'
HELPER_PLIST = os.path.join(SCRIPTS, 'se.leap.bitmask-helper.plist')
PREINSTALL = os.path.join(SCRIPTS, 'preinstall')
POSTINSTALL = os.path.join(SCRIPTS, 'postinstall')
RULEFILE = os.path.join(here, 'bitmask.pf.conf')
VPN_UP = os.path.join(here, 'client.up.sh')
VPN_DOWN = os.path.join(here, 'client.down.sh')
try:
os.makedirs(APP_PATH + "/Contents/MacOS")
except Exception:
pass
try:
os.makedirs(APP_PATH + "/Contents/Resources")
except Exception:
pass
try:
os.makedirs(APP_PATH + "/Contents/helper")
except Exception:
pass
data['entrypoint'] = ENTRYPOINT
data['info_string'] = APPNAME + " " + VERSION
data['bundle_identifier'] = 'se.leap.' + data['applicationNameLower']
data['bundle_name'] = APPNAME
# utils
def copy_payload(filename, destfile=None):
if destfile is None:
destfile = APP_PATH + "/Contents/MacOS/" + filename
else:
destfile = APP_PATH + destfile
shutil.copyfile(STAGING + '/' + filename, destfile)
cmode = os.stat(destfile).st_mode
os.chmod(destfile, cmode | stat.S_IXUSR | stat.S_IXGRP | stat.S_IXOTH)
def generate_from_template(template, dest, data):
print("[+] File written from template to", dest)
template = Template(open(template).read())
with open(dest, 'w') as output:
output.write(template.substitute(data))
# 1. Generation of the Bundle Info.plist
# --------------------------------------
generate_from_template(TEMPLATE_INFO, INFO_PLIST, data)
# 2. Generate PkgInfo
# -------------------------------------------
with open(APP_PATH + "/Contents/PkgInfo", "w") as f:
# is this enough? See what PyInstaller does.
f.write("APPL????")
# 3. Copy the binary payloads
# --------------------------------------------
copy_payload(ENTRYPOINT)
copy_payload(HELPER)
copy_payload(OPENVPN, destfile='/Contents/Resources/openvpn.leap')
# 4. Copy the app icon from the assets folder
# -----------------------------------------------
shutil.copyfile(ICON, APP_PATH + '/Contents/Resources/app.icns')
# 5. Generate the scripts for the installer
# -----------------------------------------------
# Watch out that, for now, all the brandings are sharing the same helper name.
# This is intentional: I prefer not to have too many root helpers laying around
# until we consolidate a way of uninstalling and/or updating them.
# This also means that only one of the derivatives will work at a given time
# (ie, uninstall bitmask legacy to use riseupvpn).
# If this bothers you, and it should, let's work on improving uninstall and
# updates.
generate_from_template(TEMPLATE_HELPER, HELPER_PLIST, data)
generate_from_template(TEMPLATE_PREINSTALL, PREINSTALL, data)
generate_from_template(TEMPLATE_POSTINSTALL, POSTINSTALL, data)
# 6. Copy helper pf rule file
# ------------------------------------------------
shutil.copy(RULEFILE, APP_PATH + '/Contents/helper/')
# 7. Copy openvpn up/down scripts
# ------------------------------------------------
shutil.copy(VPN_UP, APP_PATH + '/Contents/helper/')
shutil.copy(VPN_DOWN, APP_PATH + '/Contents/helper/')
# 8. Generate uninstall script
# -----------------------------------------------
# TODO copy the uninstaller script from bitmask-dev
# TODO substitute vars
# this is a bit weak procedure for now.
# To begin with, this assumes everything is hardcoded into
# /Applications/APPNAME.app
# We could consider moving the helpers into /usr/local/sbin,
# so that the plist files always reference there.
# We're all set!
# -----------------------------------------------
print("[+] Output written to build/{provider}/dist/{appname}.app".format(
provider=data['name'].lower(),
appname=APPNAME))
This diff is collapsed.
#!/bin/sh
# --------------------------------------------
# Signs a RiseupVPN pkg file
# Usage: signbundle <file> <version>
#
# Use it when you have built it in a
# machine with no access to the certificates.
# --------------------------------------------
OSX_CERT="Developer ID Installer: LEAP Encryption Access Project"
productsign --sign "$OSX_CERT" $1 $1-signed.pkg
mv $1-signed.pkg ../dist/$applicationName-OSX-$2-signed.pkg
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>WorkingDirectory</key>
<string>/tmp</string>
<key>StandardOutPath</key>
<string>bitmask-helper.log</string>
<key>StandardErrorPath</key>
<string>bitmask-helper-err.log</string>
<key>GroupName</key>
<string>daemon</string>
<key>RunAtLoad</key>
<true/>
<key>SessionCreate</key>
<true/>
<key>KeepAlive</key>
<true/>
<key>ThrottleInterval</key>
<integer>5</integer>
<key>Label</key>
<string>se.leap.BitmaskHelper</string>
<key>Program</key>
<string>/Applications/$applicationName.app/Contents/MacOS/bitmask-helper</string>
</dict>
</plist>
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleDevelopmentRegion</key>
<string>English</string>
<key>CFBundleExecutable</key>
<string>$entrypoint</string>
<key>CFBundleGetInfoString</key>
<string>$info_string</string>
<key>CFBundleIconFile</key>
<string>app.icns</string>
<key>CFBundleIdentifier</key>
<string>$bundle_identifier</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleName</key>
<string>$bundle_name</string>
<key>CFBundlePackageType</key>
<string>APPL</string>
<key>CFBundleShortVersionString</key>
<string>$info_string</string>
<key>CFBundleSignature</key>
<string>????</string>
<key>CFBundleVersion</key>
<string>$version</string>
<key>NSAppleScriptEnabled</key>
<string>YES</string>
<key>NSMainNibFile</key>
<string>MainMenu</string>
<key>NSPrincipalClass</key>
<string>NSApplication</string>
</dict>
</plist>
#!/bin/sh
# Bitmask Post-Instalation script
# (c) LEAP Encryption access Project
# We copy the bitmask-helper plist to the LaunchDaemons folder, and load the bitmask-helper that runs as root.
LOG=/tmp/$applicationName-install.log
chmod +x /Applications/$applicationName.app/Contents/MacOS/bitmask-helper
cp se.leap.bitmask-helper.plist /Library/LaunchDaemons/ \
&& echo `date` ":: $applicationName post-install: copied bitmask-helper Plist." >> $$LOG
launchctl load /Library/LaunchDaemons/se.leap.bitmask-helper.plist && echo `date` ":: $applicationName post-install: loaded bitmask-helper." >> $$LOG
chown admin:wheel /Applications/$applicationName.app/Contents/helper
echo `date` ":: $applicationName post-install: ok." >> $$LOG
exit 0
#!/bin/sh
# Bitmask Pre-Instalation script
# (c) LEAP Encryption access Project
# We unload the bitmask-helper if it is running, because we can be installing an upgrade.
LOG=/tmp/$applicationName-install.log
ps aux | grep [b]itmask-helper \
&& launchctl unload /Library/LaunchDaemons/se.leap.bitmask-helper.plist \
&& echo `date` ":: $applicationName pre-install: unloaded bitmask-helper." >> $$LOG
echo `date` ":: $applicationName pre-install: ok." >> $$LOG
exit 0