From e70415f1d77f6ad4ab1e581900d2b42436118bd9 Mon Sep 17 00:00:00 2001
From: Andrey Lihatskiy <alihatskiy@productengine.com>
Date: Wed, 3 Nov 2021 20:01:57 +0200
Subject: SL-16299 Added entitlements for the app bundle signing

---
 indra/newview/slplugin.entitlements | 12 ++++++++++++
 indra/newview/viewer_manifest.py    |  2 +-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/indra/newview/slplugin.entitlements b/indra/newview/slplugin.entitlements
index a1c430a57a..1c2f2e5d2c 100644
--- a/indra/newview/slplugin.entitlements
+++ b/indra/newview/slplugin.entitlements
@@ -4,5 +4,17 @@
 <dict>
 	<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
 	<true/>
+	<key>com.apple.security.automation.apple-events</key>
+	<true/>
+	<key>com.apple.security.cs.allow-jit</key>
+	<true/>
+	<key>com.apple.security.cs.disable-library-validation</key>
+	<true/>
+	<key>com.apple.security.device.audio-input</key>
+	<true/>
+	<key>com.apple.security.device.camera</key>
+	<true/>
+	<key>com.apple.security.cs.allow-dyld-environment-variables</key>
+	<true/>
 </dict>
 </plist>
diff --git a/indra/newview/viewer_manifest.py b/indra/newview/viewer_manifest.py
index b932f43141..1d82e95e98 100755
--- a/indra/newview/viewer_manifest.py
+++ b/indra/newview/viewer_manifest.py
@@ -1309,7 +1309,7 @@ class DarwinManifest(ViewerManifest):
                             self.run_command(['codesign', '--force', '--timestamp', '--keychain', viewer_keychain, '--sign', identity, cef_path])
                             self.run_command(['codesign', '--force', '--timestamp', '--keychain', viewer_keychain, '--sign', identity, greenlet_path])
                             self.run_command(['codesign', '--verbose', '--deep', '--force', '--entitlements', self.src_path_of("slplugin.entitlements"), '--options', 'runtime', '--keychain', viewer_keychain, '--sign', identity, slplugin_path])
-                            self.run_command(['codesign', '--verbose', '--deep', '--force', '--options', 'runtime', '--keychain', viewer_keychain, '--sign', identity, app_in_dmg])
+                            self.run_command(['codesign', '--verbose', '--deep', '--force', '--entitlements', self.src_path_of("slplugin.entitlements"), '--options', 'runtime', '--keychain', viewer_keychain, '--sign', identity, app_in_dmg])
                             signed=True # if no exception was raised, the codesign worked
                         except ManifestError as err:
                             if sign_attempts:
-- 
cgit v1.2.3