More authorization woes, the methods giving me trouble
More authorization woes, the methods giving me trouble
- Subject: More authorization woes, the methods giving me trouble
- From: April Gendill <email@hidden>
- Date: Wed, 22 Dec 2004 20:00:52 -0700
all right, well I'm still having some trouble. Basically the code I;m trying to use is a nearly un altered version of the DT's AuthSample. But it's altered enough that I broke it.
What I am able to get it to do.
I can get it to launch the helper tool after getting the admin password. I am not able to pass arguments to the helper tool, I've tried several different things but it does not work. so the code below is just the no arguments version..
By the time I call the method below I've created the external ref
static int performCommand(AuthorizationRef authorizationRef, MyAuthorizedCommand myCommand,NSString *file)
{
int comms[2] = {};
int childStatus = 0;
int written;
pid_t pid;
AuthorizationExternalForm extAuth;
NSString * pp = [NSString stringWithFormat:@"%@/BOM_trigger",[[NSBundle mainBundle]resourcePath]];
char * path = [pp fileSystemRepresentation];
/* Turn an AuthorizationRef into an external "byte blob" form so it can be transmitted to the authtool. */
if (AuthorizationMakeExternalForm(authorizationRef, &extAuth))
return kMyAuthorizedCommandInternalError;
/* Create a descriptor pair for interprocess communication. */
if (pipe(comms))
return kMyAuthorizedCommandInternalError;
switch(pid = fork())
{
case 0: /* Child */
{
char *const envp[] = { NULL };
dup2(comms[0], 0);
close(comms[0]);
close(comms[1]);
execle(path, path, NULL, envp); //I need for this to accept 2 args, 1 a file mode d or f, and 2 the path to the file to remove.
//Currently it ignores everything
return 0;
}
case -1: /* an error occured */
close(comms[0]);
close(comms[1]);
return kMyAuthorizedCommandInternalError;
default: /* Parent */
break;
}
/* Write the ExternalizedAuthorization to our output pipe. */
if (write(comms[1], &extAuth, sizeof(extAuth)) != sizeof(extAuth))
{
close(comms[1]);
return kMyAuthorizedCommandInternalError;
}
/* Write the commands we want to execute to our output pipe */
//written = write(comms[1], &myCommand, sizeof(MyAuthorizedCommand));
/* Close output pipe to notify client we are done. */
close(comms[1]);
//if (written != sizeof(MyAuthorizedCommand))
//return kMyAuthorizedCommandInternalError;
/* Wait for the tool to return */
if (waitpid(pid, &childStatus, 0) != pid)
return kMyAuthorizedCommandInternalError;
if (!WIFEXITED(childStatus))
return kMyAuthorizedCommandInternalError;
return WEXITSTATUS(childStatus);
}
Now this is the receiving main() method in the helper tool. The problem here, other than not getting the arguments, is that it is not reading the data written to the pipe from the launching method above.
int main(int argc, char *argv[])
{
int c =0;
OSStatus status;
AuthorizationRef auth;
int bytesRead;
MyAuthorizedCommand myCommand;
AuthorizationExternalForm extAuth;
// Read the Authorization "byte blob" from our input pipe.
if (read(0, &extAuth, sizeof(extAuth)) != sizeof(extAuth)){
NSLog(@"kMyAuthorizedCommandInternalError First line");
exit(kMyAuthorizedCommandInternalError);
}
// Restore the externalized Authorization back to an AuthorizationRef
if (AuthorizationCreateFromExternalForm(&extAuth, &auth)){
NSLog(@"kMyAuthorizedCommandInternalError Second line");
exit(kMyAuthorizedCommandInternalError);
}
// Read a 'MyAuthorizedCommand' object from stdin.
bytesRead = read(0, &myCommand, sizeof(MyAuthorizedCommand));
NSLog(@"myCommand %s",myCommand.file);//This is always empty so I of course assume I'm messing up the pipe some how.
//Is there possibly a way to Use NSTask than the messy method above?
// Make sure that we received a full 'MyAuthorizedCommand' object
if (bytesRead == sizeof(MyAuthorizedCommand))
{
const char *rightName = rightNameForCommand(&myCommand);
AuthorizationItem right = { rightName, 0, NULL, 0 } ;
AuthorizationRights rights = { 1, &right };
AuthorizationFlags flags = kAuthorizationFlagDefaults | kAuthorizationFlagInteractionAllowed
| kAuthorizationFlagExtendRights;
if (status = AuthorizationCopyRights(auth, &rights, kAuthorizationEmptyEnvironment, flags, NULL))
{
exit(kMyAuthorizedCommandAuthFailed);
}
NSLog(@"Remove");
// Peform the opertion stored in 'myCommand'.
}
return 0;
}
So anyway, Yeah this is just the same code from the example but changed just enough to prevent it from working. Can any one out there help perhaps?
April
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden