Re: Executing shell script with root privilege
Steven, You are right. I got my way. Regards, Cocoa.learner On Mon, Feb 15, 2010 at 9:01 PM, Steven Degutis steven.degu...@gmail.comwrote: Essentially you need to use the Security.framework API which you were already using in the beginning. You're already heading in the right direction. If you continue to read the docs on it, you'll get your sample code working; they're pretty thorough docs I believe. -Steven On Mon, Feb 15, 2010 at 1:48 AM, cocoa learner cocoa.lear...@gmail.comwrote: Ok let me put my problem in simple words - I have a cocoa app and I want to launch a shell script which has to do some task with root privilege. How can I do it??? Regards, Cocoa.learner On Mon, Feb 15, 2010 at 1:49 AM, Nick Zitzmann n...@chronosnet.com wrote: On Feb 13, 2010, at 11:05 PM, cocoa learner wrote: And permission of this script is - -rwx-- 1 root wheel 536 Feb 14 10:51 /Users/test/myScript When I am executing the app launchScript is returning me TRUE but my script is not getting executed. I am totally lost, have no clue why it's happening like this. Does any body know why this script is not getting executed? Am I doing any thing wrong? Yes and yes. You set your script's permissions to 700 root/wheel, which means that you don't have permission to run the script. AEWP() executes tasks with root privileges, but it doesn't execute them _as_ root. If you need to do that, then you must use a wrapper that sets the uid to root. Check the archives for more information. It might be easier, though, to set the permissions to 755 instead, and put in a check for root privileges. And if that still doesn't work, then you might need to execute the shell as the task, and point the shell to the script, but I'm pretty sure you just have the permissions set incorrectly. Nick Zitzmann http://www.chronosnet.com/ ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/steven.degutis%40gmail.com This email sent to steven.degu...@gmail.com -- Steven Degutis http://www.thoughtfultree.com/ http://www.degutis.org/ ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Executing shell script with root privilege
Essentially you need to use the Security.framework API which you were already using in the beginning. You're already heading in the right direction. If you continue to read the docs on it, you'll get your sample code working; they're pretty thorough docs I believe. -Steven On Mon, Feb 15, 2010 at 1:48 AM, cocoa learner cocoa.lear...@gmail.comwrote: Ok let me put my problem in simple words - I have a cocoa app and I want to launch a shell script which has to do some task with root privilege. How can I do it??? Regards, Cocoa.learner On Mon, Feb 15, 2010 at 1:49 AM, Nick Zitzmann n...@chronosnet.com wrote: On Feb 13, 2010, at 11:05 PM, cocoa learner wrote: And permission of this script is - -rwx-- 1 root wheel 536 Feb 14 10:51 /Users/test/myScript When I am executing the app launchScript is returning me TRUE but my script is not getting executed. I am totally lost, have no clue why it's happening like this. Does any body know why this script is not getting executed? Am I doing any thing wrong? Yes and yes. You set your script's permissions to 700 root/wheel, which means that you don't have permission to run the script. AEWP() executes tasks with root privileges, but it doesn't execute them _as_ root. If you need to do that, then you must use a wrapper that sets the uid to root. Check the archives for more information. It might be easier, though, to set the permissions to 755 instead, and put in a check for root privileges. And if that still doesn't work, then you might need to execute the shell as the task, and point the shell to the script, but I'm pretty sure you just have the permissions set incorrectly. Nick Zitzmann http://www.chronosnet.com/ ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/steven.degutis%40gmail.com This email sent to steven.degu...@gmail.com -- Steven Degutis http://www.thoughtfultree.com/ http://www.degutis.org/ ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Executing shell script with root privilege
On Feb 13, 2010, at 11:05 PM, cocoa learner wrote: And permission of this script is - -rwx-- 1 root wheel 536 Feb 14 10:51 /Users/test/myScript When I am executing the app launchScript is returning me TRUE but my script is not getting executed. I am totally lost, have no clue why it's happening like this. Does any body know why this script is not getting executed? Am I doing any thing wrong? Yes and yes. You set your script's permissions to 700 root/wheel, which means that you don't have permission to run the script. AEWP() executes tasks with root privileges, but it doesn't execute them _as_ root. If you need to do that, then you must use a wrapper that sets the uid to root. Check the archives for more information. It might be easier, though, to set the permissions to 755 instead, and put in a check for root privileges. And if that still doesn't work, then you might need to execute the shell as the task, and point the shell to the script, but I'm pretty sure you just have the permissions set incorrectly. Nick Zitzmann http://www.chronosnet.com/ ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Executing shell script with root privilege
Ok let me put my problem in simple words - I have a cocoa app and I want to launch a shell script which has to do some task with root privilege. How can I do it??? Regards, Cocoa.learner On Mon, Feb 15, 2010 at 1:49 AM, Nick Zitzmann n...@chronosnet.com wrote: On Feb 13, 2010, at 11:05 PM, cocoa learner wrote: And permission of this script is - -rwx-- 1 root wheel 536 Feb 14 10:51 /Users/test/myScript When I am executing the app launchScript is returning me TRUE but my script is not getting executed. I am totally lost, have no clue why it's happening like this. Does any body know why this script is not getting executed? Am I doing any thing wrong? Yes and yes. You set your script's permissions to 700 root/wheel, which means that you don't have permission to run the script. AEWP() executes tasks with root privileges, but it doesn't execute them _as_ root. If you need to do that, then you must use a wrapper that sets the uid to root. Check the archives for more information. It might be easier, though, to set the permissions to 755 instead, and put in a check for root privileges. And if that still doesn't work, then you might need to execute the shell as the task, and point the shell to the script, but I'm pretty sure you just have the permissions set incorrectly. Nick Zitzmann http://www.chronosnet.com/ ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Executing shell script with root privilege
Hi all,
I want to execute a shell script with root privilege and here is the code
for that I am using -
- (BOOL) launchScript
{
OSStatus authStatus;
AuthorizationRef authRef = nil;
authStatus = AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment,
kAuthorizationFlagDefaults, authRef);
if (authStatus != errAuthorizationSuccess)
{
return FALSE;
}
AuthorizationItem right = {kAuthorizationRightExecute, 0, NULL, 0};
AuthorizationRights rights = {1, right};
AuthorizationFlags flags = (kAuthorizationFlagDefaults |
kAuthorizationFlagInteractionAllowed |
kAuthorizationFlagPreAuthorize |
kAuthorizationFlagExtendRights);
authStatus = AuthorizationCopyRights(authRef, rights, NULL, flags, NULL);
if (authStatus != errAuthorizationSuccess)
{
AuthorizationFree(authRef, kAuthorizationFlagDestroyRights);
return FALSE;
}
char *cmd = /Users/test/myScript;
char *args[] = {NULL};
FILE *pipe = NULL;
authStatus = AuthorizationExecuteWithPrivileges(authRef,
cmd,
kAuthorizationFlagDefaults,
args,
pipe);
if (authStatus == errAuthorizationSuccess)
{
return TRUE;
}
return FALSE;
}
And the shell script looks like this -
#!/bin/bash
WHO=`whoami`
echo I am executed as [ $WHO ] /tmp/debugScript
id -u /tmp/debugScript
And permission of this script is -
-rwx-- 1 root wheel 536 Feb 14 10:51 /Users/test/myScript
When I am executing the app launchScript is returning me TRUE but my
script is not getting executed. I am totally lost, have no clue why it's
happening like this.
Does any body know why this script is not getting executed? Am I doing any
thing wrong?
Regards
Cocoa.learner
___
Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com
This email sent to arch...@mail-archive.com
