如何允许 Python.app 在 Mac OS X 上设置防火墙?
问题描述
当我在 Mac 上运行 python 应用程序时,它会显示许多关于希望Python.app"接受传入网络连接的对话框.
When I run a python application on Mac, it shows many dialogs about want "Python.app" to accept incoming network connections.
即使我允许它多次,它也会一次又一次地显示.
Even I Allow it many times, it shows again and again.
如何让它一次不显示?
我发现了这个问题:将 Python 添加到 OS X 防火墙选项?
我按照公认的答案去做,但最后当我运行 codesign -s "My Signing Identity" -f $(which python) 时,它说:
I followed the accepted answer to do but finally when I run codesign -s "My Signing Identity" -f $(which python), it said:
/usr/bin/python: replacing existing signature
error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/codesign_allocate: can't create output file: /usr/bin/python.cstemp (Operation not permitted)
/usr/bin/python: the codesign_allocate helper tool cannot be found or used
接下来怎么办?
解决方案
显然 El Capitan 有调用 System Integrity防止任何用户(甚至是根用户)修改某些操作系统资源的保护.例如本例中的/usr/bin 目录,您可以在其中拥有 python 可执行文件.要对 python 二进制文件进行自签名,您可以通过在恢复模式下重新启动您的 mac(按住 CMD+R 重新启动)然后在终端中键入以下内容来禁用 SIP:
Apparently El Capitan has something call System Integrity Protection that prevents any user (even root) to modify certain OS resources. Such as the /usr/bin directory in this case, where you have the python executable. To self sign the python binary you can disable SIP by rebooting your mac in recovery mode (reboot while holding CMD+R) and then typing this in the terminal:
csrutil 禁用
然后重新启动到常规 OSX,并按照步骤对 python 进行自签名并执行:
then boot back into regular OSX, and follow the steps to self sign python and execute:
codesign -s "我的签名身份" -f $(which python)
最后重新启动进入恢复模式,并重新启用 SIP:
and finally reboot back into Recovery Mode, and re-enable SIP:
csrutil 启用
相关文章