Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tools: add macosx-firewall script to avoid popups #10114

Closed
wants to merge 7 commits into from
Closed

tools: add macosx-firewall script to avoid popups #10114

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
7a5201d
tools: add macosx-firwall script to avoid popups
danbev Dec 3, 2016
c39bf95
fix long line
danbev Dec 5, 2016
d255df9
quote variables to allow for paths with spaces
danbev Dec 5, 2016
e546655
add comment explaining the usage of cd and pwd
danbev Dec 5, 2016
4f29ee5
show usage os running the script
danbev Dec 5, 2016
46ad909
fix lone line
danbev Dec 6, 2016
cef43de
add cctest to firewall script
danbev Dec 7, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions BUILDING.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,14 @@ On OS X, you will also need:
this under the menu `Xcode -> Preferences -> Downloads`
* This step will install `gcc` and the related toolchain containing `make`

* You may want to setup [firewall rules](tools/macosx-firewall.sh) to avoid
popups asking to accept incoming network connections when running tests:

```console
$ sudo ./tools/macosx-firewall.sh
```
Running this script will add rules for the executable `node` in the out directory and the symbolic `node` link in the projects root directory.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

long line here... can you please wrap at 80 chars

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry about that, was using a MarkDown editor and did not notice.


On FreeBSD and OpenBSD, you may also need:
* libexecinfo

Expand Down
40 changes: 40 additions & 0 deletions tools/macosx-firewall.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
#!/bin/bash
# Script that adds rules to Mac OS X Socket Firewall to avoid
# popups asking to accept incoming network connections when
# running tests.
SFW="/usr/libexec/ApplicationFirewall/socketfilterfw"
TOOLSDIR="`dirname \"$0\"`"
TOOLSDIR="`( cd \"$TOOLSDIR\" && pwd) `"
ROOTDIR="`( cd \"$TOOLSDIR/..\" && pwd) `"
OUTDIR="$TOOLSDIR/../out"
# Using cd and pwd here so that the path used for socketfilterfw does not
# contain a '..', which seems to cause the rules to be incorrectly added
# and they are not removed when this script is re-run. Instead the new
# rules are simply appended. By using pwd we can get the full path
# without '..' and things work as expected.
OUTDIR="`( cd \"$OUTDIR\" && pwd) `"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the cd + pwd to ensure the directory exists?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is really so that the path added is the full path without the .. in it. This is what is displayed when the command is run (if using .. in that path that is):

Application at path ( /Users/danielbevenius/work/nodejs/node/tools/../out/Debug/node ) added to firewall

But the entry when running /usr/libexec/ApplicationFirewall/socketfilterfw --listapps shows up without the path. Running the script again will not remove these paths, instead the new rules will just be added and the list will grow. But with the full path (without ..) it works as expected and the rules are removed and added properly.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add a comment explaining the use of pwd (what you wrote in your comment earlier)?

NODE_RELEASE="$OUTDIR/Release/node"
NODE_DEBUG="$OUTDIR/Debug/node"
NODE_LINK="$ROOTDIR/node"

if [ -f $SFW ];
then
# Duplicating these commands on purpose as the symbolic link node might be
# linked to either out/Debug/node or out/Release/node depending on the
# BUILDTYPE.
$SFW --remove "$NODE_DEBUG"
$SFW --remove "$NODE_DEBUG"
$SFW --remove "$NODE_RELEASE"
$SFW --remove "$NODE_RELEASE"
$SFW --remove "$NODE_LINK"

$SFW --add "$NODE_DEBUG"
$SFW --add "$NODE_RELEASE"
$SFW --add "$NODE_LINK"

$SFW --unblock "$NODE_DEBUG"
$SFW --unblock "$NODE_RELEASE"
$SFW --unblock "$NODE_LINK"
else
echo "SocketFirewall not found in location: $SFW"
fi