site_archiver@lists.apple.com Delivered-To: installer-dev@lists.apple.com Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:cc:message-id:from:to :in-reply-to:content-type:content-transfer-encoding:mime-version :subject:date:references:x-mailer; bh=pEf0cwvi8DJurATpCdX0+XzEB0TcmJCoArCgWpuhGis=; b=Pib9lPyMcKgkzBcYNh/Gn9IxmHsL78K0aSgiRnD39NRl3MbsHR24if3HLVUBbSxccJ rK0NP8IcZ3ww9He+OL05yFQZfSkn/MpIvzczzYetwqaJcieCs0H6CI/TLlPZUJ/6mWBD f0H73JGYjUX8WxP0sHFdw5oi7DGMwBCrhShzo= Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=cc:message-id:from:to:in-reply-to:content-type :content-transfer-encoding:mime-version:subject:date:references :x-mailer; b=qRdEaMeQwiomIlejjNTj8kBN5G/omzVAt/1hGUiioL4rqRIbuMkn9PNgJDnzzilGjA F9kcHS2+//I+yiSoSF28i7f70PYHmDFepTjpXR9ICyBLfV5lGaHQ9wRA1SzTX/kKGqLj V60Ja1U5ixcT6Wk6VVetuEr9/adCg/pyuFOOs= On Apr 3, 2009, at 3:42 PM, Rick Mann wrote: Both of these are used in large-scale deployments of computers. -- Karl Kuehn larkost@softhome.net _______________________________________________ Do not post admin requests to the list. They will be ignored. Installer-dev mailing list (Installer-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/installer-dev/site_archiver%40lists.a... We want to execute our updates in the background, but they require authentication. I've tried creating a script with setuid set, but the installer still complains that it needs to be authenticated. I then wrote a tiny C program that execs my script, and prints the effective user ID, but it still complains. I don't know why the c program is not working, but in 10.5 Apple restricted setuid to only being available to compiled programs (ie: no scripts). But if you are going to need root permissions to update things, then don't you need it during the install? And if so, then if you put in a postflight script it should run as root already (script or program), solving your problem. However, I am going to urge you to think this through, there are two cases you should make sure that your installer (and by extension now your updater) takes into consideration: 1) The installer could be run via something like Apple Remote Desktop and be running either underneath a totally unaware user, or it could be running behind the loginwindow. Both of these circumstances mean that you should not have any GUI component that is not part of the normal installer system (ie: installer bundles). 2) Your installer could be run on a filesystem other than the booted one, even if you have set the "only on booted volume" flag. This is used internally by Apple in packaging computers (for special runs), and projects like InstaDMG also do this. This email sent to site_archiver@lists.apple.com