kudzues/vphone-cli
1
0
Fork 0
mirror of https://github.com/Lakr233/vphone-cli.git synced 2026-04-05 04:59:05 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
vphone-cli/scripts/start_amfidont_for_vphone.sh
Xin Huang 08c9cb78ee Nix PATH preservation, amfidont boot, and preflight stability (#196) 
* fix: preserve caller PATH through Nix zshenv reset in cfw scripts

Nix darwin's /etc/zshenv resets PATH on every zsh subprocess,
discarding the Makefile's carefully constructed PATH (which includes
.venv/bin and /opt/homebrew/bin). This caused 'Missing Python deps'
and ldid PKCS12_parse errors during cfw_install.

Pass the Makefile PATH through _VPHONE_PATH env var (which zshenv
won't touch), and restore it at the top of each cfw_install script.

* fix(cfw_install_dev): add python resolver, use glob for vphoned sources

- Add _resolve_python3() matching cfw_install.sh so the venv python
  is used instead of Nix system python (which lacks capstone/keystone).
- Replace hardcoded VPHONED_SRCS list with glob pattern to auto-pick
  up new .m files (was missing 5 files: accessibility, apps, clipboard,
  settings, url — causing linker errors).

* fix: amfidont uses bundle binary CDHash and .build path

make boot launches the bundle binary (.build/vphone-cli.app/Contents/
MacOS/vphone-cli), not the release binary. amfidont's --path must
cover the .app bundle location.

- amfidont_allow_vphone depends on bundle (not build)
- start_amfidont_for_vphone.sh extracts CDHash from bundle binary
- --path points to .build/ so amfidont covers .app bundle contents

* fix(preflight): prevent run_capture errexit on non-zero return

zsh set -e is global scope — set -e inside run_capture then
return 137 triggers errexit and kills the script before reaching
the assert-bootable check. Use '|| rc=$?' instead to capture
the exit code without modifying errexit state.
2026-03-12 13:51:45 +08:00

52 lines
1.6 KiB
Bash
Raw Permalink Blame History

#!/bin/zsh
# start_amfidont_for_vphone.sh — Start amfidont for the current vphone build.
#
# This is the README "Option 2" host workaround packaged for this repo:
# - computes the signed bundle binary CDHash (what `make boot` actually launches)
# - uses the .build path so amfidont covers binaries inside the .app bundle
# - starts amfidont in daemon mode so signed vphone-cli launches are allowlisted
set -euo pipefail
SCRIPT_DIR="${0:A:h}"
PROJECT_ROOT="${SCRIPT_DIR:h}"
BUNDLE_BIN="${PROJECT_ROOT}/.build/vphone-cli.app/Contents/MacOS/vphone-cli"
AMFIDONT_BIN="${HOME}/Library/Python/3.9/bin/amfidont"
[[ -x "$AMFIDONT_BIN" ]] || {
echo "amfidont not found at $AMFIDONT_BIN" >&2
echo "Install it first: xcrun python3 -m pip install --user amfidont" >&2
exit 1
}
[[ -x "$BUNDLE_BIN" ]] || {
echo "Missing bundle binary: $BUNDLE_BIN" >&2
echo "Run 'make bundle' first." >&2
exit 1
}
CDHASH="$(
codesign -dv --verbose=4 "$BUNDLE_BIN" 2>&1 \
| sed -n 's/^CDHash=//p' \
| head -n1
)"
[[ -n "$CDHASH" ]] || {
echo "Failed to extract CDHash for $BUNDLE_BIN" >&2
exit 1
}
# amfidont --path must cover the actual binary location inside the .app
AMFI_PATH="${PROJECT_ROOT}/.build"
ENCODED_AMFI_PATH="${AMFI_PATH// /%20}"
echo "[*] Project root: $PROJECT_ROOT"
echo "[*] AMFI path: $AMFI_PATH"
echo "[*] Bundle CDHash: $CDHASH"
sudo env PYTHONPATH="/Applications/Xcode.app/Contents/SharedFrameworks/LLDB.framework/Resources/Python" \
/usr/bin/python3 "$AMFIDONT_BIN" daemon \
--path "$ENCODED_AMFI_PATH" \
--cdhash "$CDHASH" \
--verbose \
>/dev/null 2>&1
Reference in New Issue View Git Blame Copy Permalink