• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
execute system("some script") on behalf of root from non-root app
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

execute system("some script") on behalf of root from non-root app

  • Subject: execute system("some script") on behalf of root from non-root app
  • From: eveningnick eveningnick <email@hidden>
  • Date: Wed, 5 Jan 2011 21:24:19 +0200
Hello
I am trying to write a simple uninstaller, that has to call few
root-demanding actions - stopping/unloading daemon and unloading kext.
I can do that from a script-uninstaller, like this:

#!/bin/sh
launchctl stop my.agent
launctctl -w unload /Library/LaunchAgents/my.agent.plist
sudo launchctl stop my.daemon
sudo launchctl -w unload /Library/LaunchDaemons/my.daemon.plist
sudo kextunload /Library/Extensions/mykext.kext

when i run this script, it requests password for the first encountered
sudo command (if the sudo's timeout had expired).

I want to do all these operations from within a GUI
application-uninstaller for the convenience of the user.

What i did - is created a helper tool, which executes system() for
every line of the script above. This tool is launched when "Uninstall"
button is clicked in my GUI application. I do it this way:

- (IBAction)uninstallButtonClicked:(id)sender {
	AuthorizationRef authref;
	const char *uninstallHelperPath = "/Library/Application
Support/MyApplication/UninstallHelper";
	AuthorizationItem item = {
		kAuthorizationRightExecute,		//name
		strlen(uninstallHelperPath),	              //value length
		uninstallHelperPath,			      //value
		0						      //flags
	};
	AuthorizationRights requestedRights = {
		1,		//count
		&item	//array of authorization items
	};
	OSStatus result;
	result = AuthorizationCreate(&requestedRights, kAuthorizationEmptyEnvironment,
						kAuthorizationFlagExtendRights | kAuthorizationFlagInteractionAllowed,
						&authref);
	if(result != errAuthorizationSuccess)
		return;
	AuthorizationExecuteWithPrivileges(authref, uninstallHelperPath,
kAuthorizationFlagDefaults, /*arguments*/ NULL, NULL);
	AuthorizationFree(authref, kAuthorizationFlagDestroyRights);
}

Having clicked on a button, it requests admin's password and launches
the helper tool. But in System Console i see messages like "to unload
kext you need to be root", "unable to stop the daemon". Only agent can
be stopped.
Why does this happen? Isn't my helper application works already on
behalf of root already? Then why does it ask me to switch to root once
again if it is lauched as root already?

Thanks
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: execute system("some script") on behalf of root from non-root app
      • From: Nick Zitzmann <email@hidden>
  • Prev by Date: Re: Context in GCD source cancel handler?
  • Next by Date: Re: execute system("some script") on behalf of root from non-root app
  • Previous by thread: Re: Context in GCD source cancel handler?
  • Next by thread: Re: execute system("some script") on behalf of root from non-root app
  • Index(es):
    • Date
    • Thread