Add new vaulting implementation

2026-04-14 04:38:20 +10:00 · 2023-10-06 16:09:44 -04:00
parent 5e61f0c61f
commit f968a493b9
4 changed files with 16 additions and 15 deletions
--- a/resources/build/misc.py
+++ b/resources/build/misc.py
@@ -335,11 +335,9 @@ class BuildMiscellaneous:
            logging.info(f"- Setting custom OpenCore picker timeout to {self.constants.oc_timeout} seconds")
            self.config["Misc"]["Boot"]["Timeout"] = self.constants.oc_timeout

-        if self.constants.vault is True and utilities.check_command_line_tools() is True:
+        if self.constants.vault is True:
            logging.info("- Setting Vault configuration")
            self.config["Misc"]["Security"]["Vault"] = "Secure"
-            support.BuildSupport(self.model, self.constants, self.config).get_efi_binary_by_path("OpenShell.efi", "Misc", "Tools")["Enabled"] = False
-

    def _t1_handling(self) -> None:
        """
--- a/resources/build/support.py
+++ b/resources/build/support.py
@@ -108,17 +108,11 @@ class BuildSupport:
        if self.constants.vault is False:
            return

-        if utilities.check_command_line_tools() is False:
-            # sign.command checks for the existence of '/usr/bin/strings' however does not verify whether it's executable
-            # sign.command will continue to run and create an unbootable OpenCore.efi due to the missing strings binary
-            # macOS has dummy binaries that just reroute to the actual binaries after you install Xcode's Command Line Tools
-            logging.info("- Missing Command Line tools, skipping Vault for saftey reasons")
-            logging.info("- Install via 'xcode-select --install' and rerun OCLP if you wish to vault this config")
-            return
-
-        logging.info("- Vaulting EFI")
-        subprocess.run([str(self.constants.vault_path), f"{self.constants.oc_folder}/"], stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
-
+        logging.info("- Vaulting EFI\n=========================================")
+        popen = subprocess.Popen([str(self.constants.vault_path), f"{self.constants.oc_folder}/"], stdout=subprocess.PIPE, stderr=subprocess.STDOUT, universal_newlines=True)
+        for stdout_line in iter(popen.stdout.readline, ""):
+            logging.info(stdout_line.strip())
+        logging.info("=========================================")

    def validate_pathing(self) -> None:
        """
--- a/resources/constants.py
+++ b/resources/constants.py
@@ -187,7 +187,7 @@ class Constants:
        ## Security Settings
        self.sip_status:     bool = True  #  System Integrity Protection
        self.secure_status:  bool = False  # Secure Boot Model
-        self.vault:          bool = False  # EFI Vault
+        self.vault:          bool = True  # EFI Vault
        self.disable_cs_lv:  bool = False  # Disable Library validation
        self.disable_amfi:   bool = False  # Disable AMFI

--- a/resources/wx_gui/gui_settings.py
+++ b/resources/wx_gui/gui_settings.py
@@ -836,6 +836,15 @@ class SettingsFrame(wx.Frame):
                        "Export constants.py values to a txt file.",
                    ],
                },
+                "OpenCore Vaulting": {
+                    "type": "checkbox",
+                    "value": self.constants.vault,
+                    "variable": "vault",
+                    "description": [
+                        "Untick to disable vaulting for",
+                        "testing purposes."
+                    ],
+                },
                "Developer Root Volume Patching": {
                    "type": "title",
                },