site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=wRRkbicpHmlNWpHKaKUukctaQKBMT0lHrl7rGO2RVok=; b=a/pwiZw8G1huL7w5SCLs0Wn2vreZ9Dd5cD7coZResMN7SkEl5WDH/ma9B2vIwk8loe kC/jy22FfGmHGee/XnQZMyE4hfhLtD7w/a77+SBBVd4HeSrTvHcEA3QnothfofLPqtyV XUJu7yztezyQHUgGI3xeRJDNd8TstsJF8QPso= Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=rqgE6qMIuiz8irKfNZvG4+WiT7UKVOAaiicfAirvSPPwMKbSOZ7a8nIIOWaI5wq34n zBBXm68ZbbzNnwqu6rxBaNuTTe9H0DRj1KEfmBT7Wt9mSsJ54rlRMImZFsCWaczh176M hFnUE03te77kQaIW9n6/LFAgi4ombkJZba/Ug= As you said below options will pop dialog for authorization. Authorization is during installation time. Right? no, and not only, if you are requesting it in pkg installer setup e.g needs admin root "privilege" ... A: BOOTTIME LaunchDaemons/ <plist version="1.0"> <dict> <key>Label</key> <string>com.company.tool</string> <key>KeepAlive</key> <false/> <key>Program</key> <string>/Library/Application Support/Company/tool</string> <key>ProgramArguments</key> <array> <string>load</string> </array> </dict> </plist> this exec will be executed as root at boot-time, "launchd know that every time system boots load that particular kext??" is knowing nothing, this is a starter-service tool, create a service that's it myservicescript: kextload -t /Library/Application Support/Company/Mykext.kext B ON-DEMAND USERSPACE e.g my previous email Best On Thu, May 28, 2009 at 10:14 AM, Rahulkumar Tibdewal <rahulkumar_tibdewal@persistent.co.in> wrote:
Hi
That are lot possible solutions. And I was fighting for one. About launchd, I tried to use use it by providing sudu, kextload and TcpFilter.kext as parameter. But it asked for pasword on console. Definitely because not having root privileges.
As you said below options will pop dialog for authorization. Authorization is during installation time. Right? Then what? How does it make launchd know that every time system boots load that particular kext??
Thank you very much Rahul
________________________________________ From: darwin-kernel-bounces+rahulkumar_tibdewal=persistent.co.in@lists.apple.com [darwin-kernel-bounces+rahulkumar_tibdewal=persistent.co.in@lists.apple.com] On Behalf Of mm w [0xcafefeed@gmail.com] Sent: Thursday, May 28, 2009 10:29 PM To: darwin-kernel@lists.apple.com Subject: Re: copy some kernel extensions to /tmp directory and then load that kext when program Launches
Hello,
now the priviledge access, you need to have root access to load and unload a kext e.g adding code in your kernel space,
1- you can use launchd and start the service at boot-time with root priviledge 2- any action in the user-space from a non-root user will apply an authentication
what is your job: handling the user-space authentication process:
A: you can use: a shell script and running it from your app using various popen-like family functions
#!/usr/bin/env bash
exec osascript <<EOF do shell script "kextload -t \"${1}\"" with administrator privileges EOF
# will return a status 0 or 1 you can check this from your GUI APP
B: the same by running a applescript (cf documentation to embed this into your app)
do shell script "kextload -t \"" & kext & "\"" with administrator privileges
C: the same by running a applescript script thru the osascript command
on run argv set kext to (item 1 of argv) do shell script "kextload -t \"" & kext & "\"" with administrator privileges end run
D: using Security C API
#include <Security/Authorization.h>
any of those solutions will pop up a auth dialog
Best, _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/rahulkumar_tibdewal%40p...
This email sent to rahulkumar_tibdewal@persistent.co.in
DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails.
_______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... This email sent to site_archiver@lists.apple.com