Skip to content

Commit

Permalink
Merge pull request #100 from spacetelescope/python_permissions_instru…
Browse files Browse the repository at this point in the history
…ctions

Add instructions about how to allow incoming Python connections
  • Loading branch information
ivalaginja authored Jun 9, 2023
2 parents 029c8c1 + 3917878 commit 101101b
Showing 1 changed file with 33 additions and 0 deletions.
33 changes: 33 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,39 @@ Shared memory configuration
On MacOS you need to increase the amount of shared memory that is available to programs. The default (4MB) is by far not enough for anything we do.
Note: it appears that Catalina seem to allow more shared memory than what is indicated in the documentation, so no action seem to be needed.

Python permissions
---------------------------

On MacOS, even after having allowed your firewall to receive incoming connections from Python applications while running catkit2,
it might keep popping up windows asking you to accept incoming connections every single time you start a server or service.
To prevent this, you can create a self-signed certificate in your keychain. The instructions for that are below,
found on: https://stackoverflow.com/a/59186900/10112569

```
With the OS X firewall enabled, you can remove the "Do you want the application "python" to accept incoming network connections?" message.
Create a self-signed certificate.
Open Keychain Access. Applications > Utilities > Keychain Access.
Keychain Access menu > Certificate Assistant > Create a Certificate...
Enter a Name like "My Certificate".
Select Identity Type: Self Signed Root
Select Certificate Type: Code Signing
Check the Let me override defaults box
Click Continue
Enter a unique Serial Number
Enter 7300 for Validity Period.
Click Continue
Click Continue for the rest of the dialogs
Now sign your application
codesign -s "My Certificate" -f $(which python)
In the dialog that appears, click "Allow".
Note that when using a virtual environment, you need to activate the virtual environment before running this command.
```

Installation
------------

Expand Down

0 comments on commit 101101b

Please sign in to comment.