Sign macOS CLI with stable identifier

Pyiner · Pyiner · commit f22d98944302 · 2026-05-13T10:51:07.000+08:00
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -66,6 +66,10 @@ jobs:
         if: contains(matrix.target, 'apple-darwin')
         run: cargo build --release --target ${{ matrix.target }}
 
+      - name: Ad-hoc sign macOS CLI binary
+        if: contains(matrix.target, 'apple-darwin')
+        run: bash scripts/codesign-macos-cli.sh target/${{ matrix.target }}/release/garyx
+
       - name: Build (Linux — glibc 2.17 floor via cargo-zigbuild)
         if: contains(matrix.target, 'linux')
         run: cargo zigbuild --release --target ${{ matrix.target }}.2.17
diff --git a/AGENTS.md b/AGENTS.md
@@ -104,10 +104,16 @@ needs installed-app validation.
 - On macOS, do not treat a matching hash as sufficient after copying a locally
   built `garyx` binary into a launchd-managed path such as
   `/opt/homebrew/bin/garyx`. Clear removable target-file xattrs, ad-hoc re-sign
-  the installed file, and verify it executes before restarting, otherwise
-  launchd/AMFI may kill it with `OS_REASON_CODESIGNING`. `com.apple.provenance`
-  can be inherited or protected on Homebrew paths even when `xattr -d` returns
-  success, so do not rely on xattr output alone.
+  the installed file with the stable identifier `com.bytedance.garyx` (or use
+  `bash scripts/codesign-macos-cli.sh <path-to-garyx>`), and verify it executes
+  before restarting, otherwise launchd/AMFI may kill it with
+  `OS_REASON_CODESIGNING`. `com.apple.provenance` can be inherited or protected
+  on Homebrew paths even when `xattr -d` returns success, so do not rely on
+  xattr output alone.
+- For local macOS gateway development, prefer `scripts/install-local-cli.sh`
+  after source changes. Release archives, `install.sh`, `garyx update`, and
+  desktop `build:rust` should all preserve the same CLI identifier so directory
+  authorization is not re-requested just because a new binary was installed.
 - Restart through the Garyx CLI with a wake target when working in an agent
   thread, for example `garyx gateway restart --wake thread <thread_id>
   --wake-message "continue"`.
diff --git a/CLAUDE.md b/CLAUDE.md
@@ -104,10 +104,16 @@ needs installed-app validation.
 - On macOS, do not treat a matching hash as sufficient after copying a locally
   built `garyx` binary into a launchd-managed path such as
   `/opt/homebrew/bin/garyx`. Clear removable target-file xattrs, ad-hoc re-sign
-  the installed file, and verify it executes before restarting, otherwise
-  launchd/AMFI may kill it with `OS_REASON_CODESIGNING`. `com.apple.provenance`
-  can be inherited or protected on Homebrew paths even when `xattr -d` returns
-  success, so do not rely on xattr output alone.
+  the installed file with the stable identifier `com.bytedance.garyx` (or use
+  `bash scripts/codesign-macos-cli.sh <path-to-garyx>`), and verify it executes
+  before restarting, otherwise launchd/AMFI may kill it with
+  `OS_REASON_CODESIGNING`. `com.apple.provenance` can be inherited or protected
+  on Homebrew paths even when `xattr -d` returns success, so do not rely on
+  xattr output alone.
+- For local macOS gateway development, prefer `scripts/install-local-cli.sh`
+  after source changes. Release archives, `install.sh`, `garyx update`, and
+  desktop `build:rust` should all preserve the same CLI identifier so directory
+  authorization is not re-requested just because a new binary was installed.
 - Restart through the Garyx CLI with a wake target when working in an agent
   thread, for example `garyx gateway restart --wake thread <thread_id>
   --wake-message "continue"`.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -13,7 +13,7 @@ members = [
 resolver = "2"
 
 [workspace.package]
-version = "0.1.19"
+version = "0.1.20"
 edition = "2024"
 license = "MIT"
 repository = "https://github.com/Pyiner/garyx"
diff --git a/desktop/garyx-desktop/package.json b/desktop/garyx-desktop/package.json
@@ -13,7 +13,7 @@
     "build": "npm run build:ui",
     "build:ui": "tsc --noEmit && electron-vite build",
     "build:web": "tsc --noEmit && vite build --config vite.web.config.ts",
-    "build:rust": "cargo build --release -p garyx --manifest-path ../../Cargo.toml",
+    "build:rust": "cargo build --release -p garyx --manifest-path ../../Cargo.toml && bash ../../scripts/codesign-macos-cli.sh ../../target/release/garyx",
     "build:packaged": "npm run build:ui",
     "preview": "electron-vite preview",
     "install:app": "node ./scripts/install-mac-app.mjs",
diff --git a/docs/installation.md b/docs/installation.md
@@ -20,8 +20,7 @@ curl -fsSL https://raw.githubusercontent.com/Pyiner/garyx/main/install.sh | bash
 ```bash [From source]
 git clone https://github.com/Pyiner/garyx
 cd garyx
-cargo build --release
-# binary: target/release/garyx
+scripts/install-local-cli.sh
 ```
 
 :::
diff --git a/garyx/src/commands.rs b/garyx/src/commands.rs
@@ -96,6 +96,8 @@ const CODEX_ENV_METADATA_KEY: &str = "desktop_codex_env";
 const CLAUDE_OAUTH_ENV: &str = "CLAUDE_CODE_OAUTH_TOKEN";
 const CODEX_API_KEY_ENV: &str = "OPENAI_API_KEY";
 const GITHUB_RELEASE_REPO: &str = "Pyiner/garyx";
+#[cfg(any(target_os = "macos", test))]
+const MACOS_CLI_CODESIGN_IDENTIFIER: &str = "com.bytedance.garyx";
 const DEFAULT_CHANNEL_AGENT_ID: &str = "claude";
 
 #[derive(Debug, Deserialize)]
@@ -169,6 +171,45 @@ fn replacement_binary_path(
     Ok(std::env::current_exe()?)
 }
 
+#[cfg(any(target_os = "macos", test))]
+fn macos_cli_codesign_args(binary_path: &Path) -> Vec<std::ffi::OsString> {
+    let mut args = vec![
+        std::ffi::OsString::from("--force"),
+        std::ffi::OsString::from("--sign"),
+        std::ffi::OsString::from("-"),
+        std::ffi::OsString::from("--identifier"),
+        std::ffi::OsString::from(MACOS_CLI_CODESIGN_IDENTIFIER),
+    ];
+    args.push(binary_path.as_os_str().to_os_string());
+    args
+}
+
+#[cfg(target_os = "macos")]
+fn ad_hoc_codesign_macos_binary(binary_path: &Path) -> Result<(), Box<dyn std::error::Error>> {
+    let output = std::process::Command::new("/usr/bin/codesign")
+        .args(macos_cli_codesign_args(binary_path))
+        .output()?;
+    if output.status.success() {
+        return Ok(());
+    }
+
+    let stdout = String::from_utf8_lossy(&output.stdout);
+    let stderr = String::from_utf8_lossy(&output.stderr);
+    Err(format!(
+        "codesign failed for {} with identifier {}: {}{}",
+        binary_path.display(),
+        MACOS_CLI_CODESIGN_IDENTIFIER,
+        stdout,
+        stderr
+    )
+    .into())
+}
+
+#[cfg(not(target_os = "macos"))]
+fn ad_hoc_codesign_macos_binary(_binary_path: &Path) -> Result<(), Box<dyn std::error::Error>> {
+    Ok(())
+}
+
 fn register_plugin_state_logging(plugin_manager: &mut ChannelPluginManager) {
     plugin_manager.register_state_hook(|status| {
         tracing::info!(
@@ -1223,6 +1264,7 @@ pub(crate) async fn cmd_update(
         perms.set_mode(0o755);
         fs::set_permissions(&staged_path, perms)?;
     }
+    ad_hoc_codesign_macos_binary(&staged_path)?;
     fs::rename(&staged_path, &destination)?;
 
     println!(
diff --git a/garyx/src/commands/tests.rs b/garyx/src/commands/tests.rs
@@ -1152,6 +1152,27 @@ fn detect_release_target_for_supported_platforms() {
     assert!(detect_release_target_for("windows", "x86_64").is_err());
 }
 
+#[test]
+fn macos_cli_codesign_args_use_stable_identifier() {
+    let args = macos_cli_codesign_args(Path::new("/tmp/garyx"));
+    let args = args
+        .iter()
+        .map(|arg| arg.to_string_lossy().into_owned())
+        .collect::<Vec<_>>();
+
+    assert_eq!(
+        args,
+        vec![
+            "--force",
+            "--sign",
+            "-",
+            "--identifier",
+            "com.bytedance.garyx",
+            "/tmp/garyx"
+        ]
+    );
+}
+
 #[test]
 fn parse_sha256_checksum_accepts_standard_release_file() {
     let checksum = parse_sha256_checksum(
diff --git a/install.sh b/install.sh
@@ -49,6 +49,7 @@ main() {
   mkdir -p "$INSTALL_DIR"
   cp "${tmpdir}/garyx-${version}-${target}/garyx" "$INSTALL_DIR/"
   chmod +x "$INSTALL_DIR/garyx"
+  codesign_macos_cli "$INSTALL_DIR/garyx"
 
   echo ""
   echo "Installed garyx to ${INSTALL_DIR}/garyx"
@@ -128,6 +129,19 @@ verify_checksum() {
   echo "Checksum OK."
 }
 
+codesign_macos_cli() {
+  local binary="$1"
+  local identifier="com.bytedance.garyx"
+
+  if [ "$(uname -s)" != "Darwin" ]; then
+    return 0
+  fi
+
+  echo "Signing garyx with stable macOS identifier ${identifier}..."
+  /usr/bin/codesign --force --sign - --identifier "$identifier" "$binary"
+  /usr/bin/codesign --verify --verbose=2 "$binary"
+}
+
 die() {
   echo "Error: $*" >&2
   exit 1
diff --git a/scripts/codesign-macos-cli.sh b/scripts/codesign-macos-cli.sh
@@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+# Ad-hoc sign the Garyx CLI with a stable macOS code-signing identifier.
+
+set -euo pipefail
+
+if [[ "$(uname -s)" != "Darwin" ]]; then
+  echo "Skipping macOS codesign on non-Darwin host."
+  exit 0
+fi
+
+if [[ $# -ne 1 ]]; then
+  echo "Usage: $0 /path/to/garyx" >&2
+  exit 2
+fi
+
+binary="$1"
+identifier="com.bytedance.garyx"
+
+if [[ ! -f "$binary" ]]; then
+  echo "Error: binary does not exist: $binary" >&2
+  exit 1
+fi
+
+/usr/bin/codesign --force --sign - --identifier "$identifier" "$binary"
+/usr/bin/codesign --verify --verbose=2 "$binary"
diff --git a/scripts/install-local-cli.sh b/scripts/install-local-cli.sh
@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+# Build and install the local Garyx CLI, preserving the macOS TCC identity.
+
+set -euo pipefail
+
+REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+INSTALL_DIR="${GARYX_INSTALL:-$HOME/.cargo/bin}"
+DESTINATION="${INSTALL_DIR}/garyx"
+
+cd "$REPO_ROOT"
+
+cargo build --release -p garyx
+mkdir -p "$INSTALL_DIR"
+install -m 755 target/release/garyx "$DESTINATION"
+bash scripts/codesign-macos-cli.sh "$DESTINATION"
+"$DESTINATION" --version
