Skip to content

Commit 409aa86

Browse files
AkihiroSudaAkihiroSuda
authored
Merge pull request #1850 from AkihiroSuda/relax-entitlement-warning
Relax "QEMU binary /Users/<USER>/.colima/_wrapper/<HASH>/bin/qemu-system-x86_64 is not properly signed"
2 parents 6938ae5 + d2b9076 commit 409aa86

File tree

1 file changed

+16
-2
lines changed

1 file changed

+16
-2
lines changed

pkg/qemu/entitlementutil/entitlementutil.go

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -62,13 +62,27 @@ func Sign(qExe string) error {
6262
return nil
6363
}
6464

65+
// isColimaWrapper__useThisFunctionOnlyForPrintingHints returns true
66+
// if qExe is like "/Users/<USER>/.colima/_wrapper/4e1b408f843d1c63afbbdcf80c40e4c88d33509f/bin/qemu-system-x86_64".
67+
//
68+
// The result can be used *ONLY* for controlling hint messages.
69+
// DO NOT change the behavior of Lima depending on this result.
70+
//
71+
//nolint:revive
72+
func isColimaWrapper__useThisFunctionOnlyForPrintingHints__(qExe string) bool {
73+
return strings.Contains(qExe, "/.colima/_wrapper/")
74+
}
75+
6576
// AskToSignIfNotSignedProperly asks to sign the QEMU binary with the "com.apple.security.hypervisor" entitlement.
6677
//
6778
// On Homebrew, QEMU binaries are usually already signed, but Homebrew's signing infrastructure is broken for Intel as of Augest 2023.
6879
// https://github.com/lima-vm/lima/issues/1742
6980
func AskToSignIfNotSignedProperly(qExe string) {
7081
if isSignedErr := IsSigned(qExe); isSignedErr != nil {
71-
logrus.WithError(isSignedErr).Warnf("QEMU binary %q is not properly signed with the \"com.apple.security.hypervisor\" entitlement", qExe)
82+
logrus.WithError(isSignedErr).Warnf("QEMU binary %q does not seem properly signed with the \"com.apple.security.hypervisor\" entitlement", qExe)
83+
if isColimaWrapper__useThisFunctionOnlyForPrintingHints__(qExe) {
84+
logrus.Info("Hint: the warning above is usually negligible for colima ( Printed due to https://github.com/abiosoft/colima/issues/796 )")
85+
}
7286
var ans bool
7387
if isatty.IsTerminal(os.Stdout.Fd()) || isatty.IsCygwinTerminal(os.Stdout.Fd()) {
7488
prompt := &survey.Confirm{
@@ -86,7 +100,7 @@ func AskToSignIfNotSignedProperly(qExe string) {
86100
logrus.Infof("Successfully signed %q with the \"com.apple.security.hypervisor\" entitlement", qExe)
87101
}
88102
} else {
89-
logrus.Warn("You have to sign the QEMU binary with the \"com.apple.security.hypervisor\" entitlement manually. See https://github.com/lima-vm/lima/issues/1742 .")
103+
logrus.Warn("If QEMU does not start up, you may have to sign the QEMU binary with the \"com.apple.security.hypervisor\" entitlement manually. See https://github.com/lima-vm/lima/issues/1742 .")
90104
}
91105
} else {
92106
logrus.Infof("QEMU binary %q seems properly signed with the \"com.apple.security.hypervisor\" entitlement", qExe)

0 commit comments

Comments
 (0)