Re: Determine if user can admin
Re: Determine if user can admin
- Subject: Re: Determine if user can admin
- From: Eric Long <email@hidden>
- Date: Tue, 19 Apr 2005 09:04:31 -0700
> 1) Something like "id | grep admin".
>> 1. Maybe this information is stored in the Open Directory information
>> on this user account.
>>
>> 2. Otherwise, you can find the group of the user and the additional
>> group and look for the gid for the admin group.
>>> The Carbon way:
>>>
>>> err = AuthorizationCreate(&user_rights,
>>> kAuthorizationEmptyEnvironment, user_flags, &user_authorizationRef);
>>>
>>> See Authorization Services docs for more details ..
>
I'll check out these suggestions. Thanks for your ideas.
I was really wondering if it is sufficient to check if a user is root or in
the admin group.
I'm trying to set things up in a manner that is more convenient for a user
who is allowed to administer the computer. Sort of like how the OS used to
require you to authorize constantly to do just about anything, then things
were made easier for users who are designated administrators, so they only
have to authenticate to perform tasks that actually alter the system.
I noticed the OS adds users with the "Allow user to administer this
computer" checkbox set to the sudoers file. I was just looking for a means
that would ensure whatever I do is in sync with whether or not a user has
that checkbox set for his or her account.
Eric
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden