pinentry-mac: fix build with Darwin sandbox enabled

author: Randy Eckenrode <randy@largeandhighquality.com> 2023-05-19 15:58:26 -0400
committer: Randy Eckenrode <randy@largeandhighquality.com> 2023-05-26 12:43:03 -0400
commit: 8f84341c90f3b20f506e54cf45a6e106379d0741 (patch)
tree: ebf797ee9c05e386597d03565370a0c6d5016eca /pkgs/tools/security/pinentry
parent: bc7872990b0f3a8fd9629351cbeff72863b9482e (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/pkgs/tools/security/pinentry/mac.nix b/pkgs/tools/security/pinentry/mac.nix
index daf2d82d66b04..d824a816dc908 100644
--- a/pkgs/tools/security/pinentry/mac.nix
+++ b/pkgs/tools/security/pinentry/mac.nix
@@ -32,6 +32,11 @@ stdenv.mkDerivation rec {
     chmod -R u+w macosx/*.nib
   '';
 
+  # Unfortunately, PlistBuddy from xcbuild is not compatible enough pinentry-mac’s build process.
+  sandboxProfile = ''
+    (allow process-exec (literal "/usr/libexec/PlistBuddy"))
+  '';
+
   nativeBuildInputs = [ autoreconfHook texinfo ];
   buildInputs = [ libassuan libgpg-error libiconv Cocoa ];
author	Randy Eckenrode <randy@largeandhighquality.com>	2023-05-19 15:58:26 -0400
committer	Randy Eckenrode <randy@largeandhighquality.com>	2023-05-26 12:43:03 -0400
commit	8f84341c90f3b20f506e54cf45a6e106379d0741 (patch)
tree	ebf797ee9c05e386597d03565370a0c6d5016eca /pkgs/tools/security/pinentry
parent	bc7872990b0f3a8fd9629351cbeff72863b9482e (diff)