• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
setuid tool - repair permissions
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

setuid tool - repair permissions

  • Subject: setuid tool - repair permissions
  • From: Chad Wagner <email@hidden>
  • Date: Mon, 16 Jul 2007 10:22:03 -0400
I have a couple of privileged operations I need to perform during installation, and I created a small executable to do it that runs as setuid root.  That all seems to be working fine, however I want the tool to be self-repairing, so that if the permissions aren't correct the user will be prompted for an admin password and the permissions will be fixed.  I am using AuthorizationExecuteWithPrivileges to run chown and chmod on the executable file.  It runs without any errors, but there is no apparent effect (i.e. permissions all remain the same).  Is this not the right way to go about doing this?  Does anyone have suggestions of a better way, or what I may be doing wrong?  I've been scratching my head over this for a while now...

Here's a code snippet:

OSStatus MyApp::FixPermissions( const char* filename )
{
    OSStatus myStatus = noErr;
AuthorizationFlags myFlags = kAuthorizationFlagDefaults;
AuthorizationRef myAuthorizationRef;


myStatus = AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment, myFlags, &myAuthorizationRef);
if (myStatus != errAuthorizationSuccess)
return myStatus;


do
{
{
AuthorizationItem myItems = { kAuthorizationRightExecute, 0, NULL, 0 };
AuthorizationRights myRights = { 1, &myItems };
myFlags = kAuthorizationFlagDefaults |
kAuthorizationFlagInteractionAllowed |
kAuthorizationFlagPreAuthorize |
kAuthorizationFlagExtendRights;
myStatus = AuthorizationCopyRights( myAuthorizationRef, &myRights, NULL, myFlags, NULL );
}
if (myStatus != errAuthorizationSuccess)
break;
{
char *myToolPath = "/usr/sbin/chown";
char fn[strlen(filename)+1];
strcpy(fn, filename);
char *myArguments[] = { "root:admin", fn };


myStatus = AuthorizationExecuteWithPrivileges( myAuthorizationRef, myToolPath, kAuthorizationFlagDefaults, myArguments, NULL );
if (myStatus == errAuthorizationSuccess)
{
myToolPath = "/bin/chmod";
myArguments[0] = "a+s";
myStatus = AuthorizationExecuteWithPrivileges( myAuthorizationRef, myToolPath, kAuthorizationFlagDefaults, myArguments, NULL );
}
}
} while (0);


AuthorizationFree( myAuthorizationRef, kAuthorizationFlagDefaults );
return myStatus;
}

Any help would be greatly appreciated!

TIA,
Chad
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: setuid tool - repair permissions
      • From: Julian Devlin <email@hidden>
  • Prev by Date: Re: Distribution script Apple Software Update
  • Next by Date: Re: setuid tool - repair permissions
  • Previous by thread: Re: Distribution script Apple Software Update
  • Next by thread: Re: setuid tool - repair permissions
  • Index(es):
    • Date
    • Thread