Re: More authorization woes, the methods giving me trouble
Re: More authorization woes, the methods giving me trouble
- Subject: Re: More authorization woes, the methods giving me trouble
- From: OL&L Lists <email@hidden>
- Date: Fri, 24 Dec 2004 16:42:33 -0800
Title: Re: More authorization woes, the methods giving me
trouble
At 8:00 PM -0700 12/22/04, April Gendill wrote:
all right, well I'm still having some
trouble. Basically the code I;m trying to use is a nearly un altered
version of the DT's AuthSample. But it's altered enough that I broke
it.
What I am able to get it to
do.
I can get it to launch the helper tool
after getting the admin password. I am not able to pass arguments to
the helper tool, I've tried several different things but it does not
work. so the code below is just the no arguments
version..
By the time I call the method below I've
created the external ref
static int
performCommand(AuthorizationRef authorizationRef, MyAuthorizedCommand
myCommand,NSString *file)
{
int comms[2] = {};
int childStatus = 0;
int written;
pid_t
pid;
AuthorizationExternalForm extAuth;
NSString * pp = [NSString stringWithFormat:@"%@/BOM_trigger",[[NSBundle
mainBundle]resourcePath]];
char * path = [pp
fileSystemRepresentation];
/* Turn an AuthorizationRef into an external "byte blob"
form so it can be transmitted to the authtool. */
if (AuthorizationMakeExternalForm(authorizationRef,
&extAuth))
return kMyAuthorizedCommandInternalError;
/* Create a descriptor pair for interprocess communication.
*/
if (pipe(comms))
return kMyAuthorizedCommandInternalError;
switch(pid = fork())
{
case 0: /* Child */
{
char *const
envp[] = { NULL };
dup2(comms[0],
0);
close(comms[0]);
close(comms[1]);
execle(path, path, NULL, envp); //I need
for this to accept 2 args, 1 a file mode d or f, and 2 the path to the
file to remove.
//Currently it ignores everything
return
0;
}
case -1: /*
an error occured */
close(comms[0]);
close(comms[1]);
return
kMyAuthorizedCommandInternalError;
default: /* Parent */
break;
}
/* Write the ExternalizedAuthorization to our output pipe.
*/
if (write(comms[1],
&extAuth, sizeof(extAuth)) != sizeof(extAuth))
{
close(comms[1]);
return kMyAuthorizedCommandInternalError;
}
/* Write the commands we want to execute to our output pipe
*/
//written = write(comms[1], &myCommand,
sizeof(MyAuthorizedCommand));
/* Close output pipe to notify client we are done.
*/
close(comms[1]);
//if (written != sizeof(MyAuthorizedCommand))
//return kMyAuthorizedCommandInternalError;
/* Wait for the tool to return */
if (waitpid(pid, &childStatus,
0) != pid)
return kMyAuthorizedCommandInternalError;
if (!WIFEXITED(childStatus))
return kMyAuthorizedCommandInternalError;
return WEXITSTATUS(childStatus);
}
Now this is the receiving main() method
in the helper tool. The problem here, other than not getting the
arguments, is that it is not reading the data written to the pipe from
the launching method above.
int
main(int argc,
char *argv[])
{
int c =0;
OSStatus status;
AuthorizationRef
auth;
int bytesRead;
MyAuthorizedCommand
myCommand;
AuthorizationExternalForm extAuth;
// Read the Authorization "byte blob" from our input
pipe.
if (read(0, &extAuth, sizeof(extAuth)) !=
sizeof(extAuth)){
NSLog(@"kMyAuthorizedCommandInternalError First
line");
exit(kMyAuthorizedCommandInternalError);
}
// Restore the externalized Authorization back to an
AuthorizationRef
if (AuthorizationCreateFromExternalForm(&extAuth,
&auth)){
NSLog(@"kMyAuthorizedCommandInternalError Second
line");
exit(kMyAuthorizedCommandInternalError);
}
// Read a 'MyAuthorizedCommand' object from
stdin.
bytesRead =
read(0, &myCommand, sizeof(MyAuthorizedCommand));
NSLog(@"myCommand
%s",myCommand.file);//This is always empty so I of course
assume I'm messing up the pipe some how.
//Is
there possibly a way to Use NSTask than the messy method
above?
// Make sure that we received a full 'MyAuthorizedCommand'
object
if (bytesRead ==
sizeof(MyAuthorizedCommand))
{
const char *rightName =
rightNameForCommand(&myCommand);
AuthorizationItem right = { rightName,
0, NULL,
0 } ;
AuthorizationRights rights = { 1,
&right };
AuthorizationFlags flags = kAuthorizationFlagDefaults |
kAuthorizationFlagInteractionAllowed
| kAuthorizationFlagExtendRights;
if (status = AuthorizationCopyRights(auth, &rights,
kAuthorizationEmptyEnvironment, flags,
NULL))
{
exit(kMyAuthorizedCommandAuthFailed);
}
NSLog(@"Remove");
// Peform the opertion stored in 'myCommand'.
}
return
0;
So
anyway, Yeah this is just the same code from the example but changed
just enough to prevent it from working. Can any one out there help
perhaps?
April
Don't even try calling the helper tool without the help of
Apple's MIB library. It takes all the difficulty out of it. Using that
lib you pass all commands and data to the tool via
CFDictionaries.
Michael
Orbital Launch & Lift, Inc.
http://www.orbitallaunch.com
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden