• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: More authorization woes, the methods giving me trouble
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: More authorization woes, the methods giving me trouble


  • Subject: Re: More authorization woes, the methods giving me trouble
  • From: OL&L Lists <email@hidden>
  • Date: Fri, 24 Dec 2004 16:42:33 -0800

Title: Re: More authorization woes, the methods giving me trouble
At 8:00 PM -0700 12/22/04, April Gendill wrote:
all right, well I'm still having some trouble. Basically the code I;m trying to use is a nearly un altered version of the DT's AuthSample. But it's altered enough that I broke it.

What I am able to get it to do.

I can get it to launch the helper tool after getting the admin password. I am not able to pass arguments to the helper tool, I've tried several different things but it does not work. so the code below is just the no arguments version..

By the time I call the method below I've created the external ref

static int performCommand(AuthorizationRef authorizationRef, MyAuthorizedCommand myCommand,NSString *file)
{


    int comms[2] = {};
    int childStatus = 0;
    int written;
    pid_t pid;

    AuthorizationExternalForm extAuth;

        NSString * pp = [NSString stringWithFormat:@"%@/BOM_trigger",[[NSBundle mainBundle]resourcePath]];
        char * path = [pp fileSystemRepresentation];
  
    /* Turn an AuthorizationRef into an external "byte blob" form so it can be transmitted to the authtool. */
    if (AuthorizationMakeExternalForm(authorizationRef, &extAuth))
        return kMyAuthorizedCommandInternalError;

    /* Create a descriptor pair for interprocess communication. */
    if (pipe(comms))
        return kMyAuthorizedCommandInternalError;

    switch(pid = fork())
    {
        case 0: /* Child */
        {          
            char *const envp[] = { NULL };

            dup2(comms[0], 0);
            close(comms[0]);
            close(comms[1]);
            execle(path, path, NULL, envp); //I need for this to accept 2 args, 1 a file mode d or f, and 2 the path to the file to remove.
                                                                                        //Currently it ignores everything
            return 0;
        }
        case -1: /* an error occured */
            close(comms[0]);
            close(comms[1]);
            return kMyAuthorizedCommandInternalError;
        default: /* Parent */
            break;
    }


    /* Write the ExternalizedAuthorization to our output pipe. */
    if (write(comms[1], &extAuth, sizeof(extAuth)) != sizeof(extAuth))
    {
        close(comms[1]);
        return kMyAuthorizedCommandInternalError;
    }

    /* Write the commands we want to execute to our output pipe */
    //written = write(comms[1], &myCommand, sizeof(MyAuthorizedCommand));
  
    /* Close output pipe to notify client we are done. */
    close(comms[1]);
  
    //if (written != sizeof(MyAuthorizedCommand))
        //return kMyAuthorizedCommandInternalError;

    /* Wait for the tool to return */
    if (waitpid(pid, &childStatus, 0) != pid)
        return kMyAuthorizedCommandInternalError;
      
    if (!WIFEXITED(childStatus))
        return kMyAuthorizedCommandInternalError;
  
    return WEXITSTATUS(childStatus);
}

Now this is the receiving main() method in the helper tool. The problem here, other than not getting the arguments, is that it is not reading the data written to the pipe from the launching method above.

int main(int argc, char *argv[])
{

        int c =0;
               
        OSStatus status;
    AuthorizationRef auth;
    int bytesRead;
    MyAuthorizedCommand myCommand;
  
        AuthorizationExternalForm extAuth;

        // Read the Authorization "byte blob" from our input pipe.
        if (read(0, &extAuth, sizeof(extAuth)) != sizeof(extAuth)){
                        NSLog(@"kMyAuthorizedCommandInternalError First line");
            exit(kMyAuthorizedCommandInternalError);
                        }
        // Restore the externalized Authorization back to an AuthorizationRef
        if (AuthorizationCreateFromExternalForm(&extAuth, &auth)){
                NSLog(@"kMyAuthorizedCommandInternalError Second line");
            exit(kMyAuthorizedCommandInternalError);
                        }


        // Read a 'MyAuthorizedCommand' object from stdin.
    bytesRead = read(0, &myCommand, sizeof(MyAuthorizedCommand));
  
        NSLog(@"myCommand %s",myCommand.file);//This is always empty so I of course assume I'm messing up the pipe some how.
                                                                                //Is there possibly a way to Use NSTask than the messy method above?

    // Make sure that we received a full 'MyAuthorizedCommand' object
    if (bytesRead == sizeof(MyAuthorizedCommand))
    {
        const char *rightName = rightNameForCommand(&myCommand);
        AuthorizationItem right = { rightName, 0, NULL, 0 } ;
        AuthorizationRights rights = { 1, &right };
        AuthorizationFlags flags = kAuthorizationFlagDefaults | kAuthorizationFlagInteractionAllowed
                                    | kAuthorizationFlagExtendRights;
      
      
        if (status = AuthorizationCopyRights(auth, &rights, kAuthorizationEmptyEnvironment, flags, NULL))
        {
            exit(kMyAuthorizedCommandAuthFailed);
        }
                NSLog(@"Remove");
        // Peform the opertion stored in 'myCommand'.
    }
        return 0;

        So anyway, Yeah this is just the same code from the example but changed just enough to prevent it from working. Can any one out there help perhaps?

April

Don't even try calling the helper tool without the help of Apple's MIB library. It takes all the difficulty out of it. Using that lib you pass all commands and data to the tool via CFDictionaries.

Michael
Orbital Launch & Lift, Inc.
http://www.orbitallaunch.com
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

References: 
 >More authorization woes, the methods giving me trouble (From: April Gendill <email@hidden>)

  • Prev by Date: Re: One delegate's method doesn't work
  • Next by Date: Re: Cloning an NSTableView which uses bindings
  • Previous by thread: Re: More authorization woes, the methods giving me trouble
  • Next by thread: Address Book Framework and Group Selection
  • Index(es):
    • Date
    • Thread