Skip to content

Commit

Permalink
8257924: Use full path when running external executable from jpackage
Browse files Browse the repository at this point in the history
Reviewed-by: herrick, asemenyuk
  • Loading branch information
Alexander Matveev committed Dec 10, 2020
1 parent 1ce2a36 commit eb1c8a1
Show file tree
Hide file tree
Showing 9 changed files with 22 additions and 21 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,7 @@ private static void doValidate(Map<String, ? super Object> params)

// Signing will not work without Xcode with command line developer tools
try {
ProcessBuilder pb = new ProcessBuilder("xcrun", "--help");
ProcessBuilder pb = new ProcessBuilder("/usr/bin/xcrun", "--help");
Process p = pb.start();
int code = p.waitFor();
if (code != 0) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -582,7 +582,7 @@ public static void addNewKeychain(Map<String, ? super Object> params)
});

List<String> args = new ArrayList<>();
args.add("security");
args.add("/usr/bin/security");
args.add("list-keychains");
args.add("-s");

Expand All @@ -607,7 +607,7 @@ public static void restoreKeychainList(Map<String, ? super Object> params)
}

List<String> args = new ArrayList<>();
args.add("security");
args.add("/usr/bin/security");
args.add("list-keychains");
args.add("-s");

Expand Down Expand Up @@ -658,7 +658,7 @@ static void signAppBundle(
"message.already.signed"), p.toString()));
} else {
List<String> args = new ArrayList<>();
args.addAll(Arrays.asList("codesign",
args.addAll(Arrays.asList("/usr/bin/codesign",
"--timestamp",
"--options", "runtime",
"-s", signingIdentity,
Expand Down Expand Up @@ -706,7 +706,7 @@ static void signAppBundle(

try {
List<String> args = new ArrayList<>();
args.addAll(Arrays.asList("codesign",
args.addAll(Arrays.asList("/usr/bin/codesign",
"--timestamp",
"--options", "runtime",
"--force",
Expand Down Expand Up @@ -751,7 +751,7 @@ static void signAppBundle(

// sign the app itself
List<String> args = new ArrayList<>();
args.addAll(Arrays.asList("codesign",
args.addAll(Arrays.asList("/usr/bin/codesign",
"--timestamp",
"--options", "runtime",
"--force",
Expand All @@ -778,7 +778,8 @@ static void signAppBundle(

private static boolean isFileSigned(Path file) {
ProcessBuilder pb =
new ProcessBuilder("codesign", "--verify", file.toString());
new ProcessBuilder("/usr/bin/codesign",
"--verify", file.toString());

try {
IOUtils.exec(pb);
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2014, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2014, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -152,7 +152,7 @@ public Path bundle(Map<String, ? super Object> params,
MAC_APP_STORE_PKG_SIGNING_KEY.fetchFrom(params);

List<String> buildOptions = new ArrayList<>();
buildOptions.add("productbuild");
buildOptions.add("/usr/bin/productbuild");
buildOptions.add("--component");
buildOptions.add(appLocation.toString());
buildOptions.add("/Applications");
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -164,7 +164,7 @@ public static String findKey(String keyPrefix, String teamName, String keychainN
try (ByteArrayOutputStream baos = new ByteArrayOutputStream();
PrintStream ps = new PrintStream(baos)) {
List<String> searchOptions = new ArrayList<>();
searchOptions.add("security");
searchOptions.add("/usr/bin/security");
searchOptions.add("find-certificate");
searchOptions.add("-c");
searchOptions.add(key);
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2016, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -56,7 +56,7 @@ private static Path findCertificate(String certificate) {
Path result = null;

List<String> args = new ArrayList<>();
args.add("security");
args.add("/usr/bin/security");
args.add("find-certificate");
args.add("-c");
args.add(certificate);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -245,7 +245,7 @@ private String findSetFileUtility() {

// generic find attempt
try {
ProcessBuilder pb = new ProcessBuilder("xcrun", "-find", "SetFile");
ProcessBuilder pb = new ProcessBuilder("/usr/bin/xcrun", "-find", "SetFile");
Process p = pb.start();
InputStreamReader isr = new InputStreamReader(p.getInputStream());
BufferedReader br = new BufferedReader(isr);
Expand Down Expand Up @@ -387,7 +387,7 @@ private Path buildDMG( Map<String, ? super Object> params,
// to install-dir in DMG as critical error, since it can fail in
// headless enviroment.
try {
pb = new ProcessBuilder("osascript",
pb = new ProcessBuilder("/usr/bin/osascript",
getConfig_VolumeScript(params).toAbsolutePath().toString());
IOUtils.exec(pb, 180); // Wait 3 minutes. See JDK-8248248.
} catch (IOException ex) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -418,7 +418,7 @@ private Path createPKG(Map<String, ? super Object> params,

// Generate default CPL file
Path cpl = CONFIG_ROOT.fetchFrom(params).resolve("cpl.plist");
ProcessBuilder pb = new ProcessBuilder("pkgbuild",
ProcessBuilder pb = new ProcessBuilder("/usr/bin/pkgbuild",
"--root",
root,
"--install-location",
Expand All @@ -433,7 +433,7 @@ private Path createPKG(Map<String, ? super Object> params,
preparePackageScripts(params);

// build application package
pb = new ProcessBuilder("pkgbuild",
pb = new ProcessBuilder("/usr/bin/pkgbuild",
"--root",
root,
"--install-location",
Expand All @@ -454,7 +454,7 @@ private Path createPKG(Map<String, ? super Object> params,
Files.createDirectories(outdir);

List<String> commandLine = new ArrayList<>();
commandLine.add("productbuild");
commandLine.add("/usr/bin/productbuild");

commandLine.add("--resources");
commandLine.add(CONFIG_ROOT.fetchFrom(params).toAbsolutePath().toString());
Expand Down
4 changes: 2 additions & 2 deletions test/jdk/tools/jpackage/macosx/base/SigningBase.java
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -51,7 +51,7 @@ private static void checkString(List<String> result, String lookupString) {
private static List<String> codesignResult(Path target, boolean signed) {
int exitCode = signed ? 0 : 1;
List<String> result = new Executor()
.setExecutable("codesign")
.setExecutable("/usr/bin/codesign")
.addArguments("--verify", "--deep", "--strict", "--verbose=2",
target.toString())
.saveOutput()
Expand Down
4 changes: 2 additions & 2 deletions test/jdk/tools/jpackage/macosx/base/SigningCheck.java
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ public static void checkCertificates() {

private static List<String> findCertificate(String name, String keyChain) {
List<String> result = new Executor()
.setExecutable("security")
.setExecutable("/usr/bin/security")
.addArguments("find-certificate", "-c", name, "-a", keyChain)
.executeAndGetOutput();

Expand Down Expand Up @@ -89,7 +89,7 @@ private static void validateCertificateTrust(String name) {
// will not be listed as trusted by dump-trust-settings
if (SigningBase.DEV_NAME.equals("jpackage.openjdk.java.net")) {
List<String> result = new Executor()
.setExecutable("security")
.setExecutable("/usr/bin/security")
.addArguments("dump-trust-settings")
.executeWithoutExitCodeCheckAndGetOutput();
result.stream().forEachOrdered(TKit::trace);
Expand Down

1 comment on commit eb1c8a1

@openjdk-notifier
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.