this is a dodge; we should sign with a real certificate and distribute
signed binaries. until we more formally exist, this allows application
firewall to at least cope better with us.
Change-Id: I84d18f72f7b9a42f4eb41f86e2e6dc1ae54f662a
Reviewed-on: http://gerrit.openafs.org/1057
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
chmod a-x config/afssettings
fi
+# properly, we should acquire a certificate from a real CA and ship
+# signed binaries. for now, make Application Firewall (Security prefs pane)
+# happy like this. See TN2206
+if [ -f /usr/bin/codesign ]; then
+ codesign -s - /usr/sbin/afsd
+fi
+
#here we should run tools which configure the client, and then if it's enabled:
#start the new launchd daemon
launchctl load -w /Library/LaunchDaemons/org.openafs.filesystems.afs.plist