AuthorizationExecuteWithPrivileges question

FROM : Mark Douma
DATE : Thu Oct 14 19:45:50 2004

I have an application in which I need to delete some files in the 
/System/Library/Caches/ folder (and issue a restart). The way I am 
attempting to do this is to use Authorization Services to use 
AuthorizationExecuteWithPrivileges with the '/bin/rm' command to delete 
the files.

The way I've been specifying the path to the files that need to be 
deleted is to use a wildcard character to catch all variations on a 
particular base-filename. For example,

/System/Library/Caches/fontTablesAnnex*

would cover /System/Library/Caches/fontTablesAnnex, 
/System/Library/Caches/fontTablesAnnex_259, etc. for each user.

Trying to use this same wildcard character notation in the array I pass 
to the AuthorizationExecuteWithPrivileges command proves to be 
problematic. Here's the code:

------------------------------------------------------------------------
-----------------------------------------------------
AuthorizationRef authRef;
OSStatus status;
AuthorizationFlags flags;

flags = kAuthorizationFlagDefaults;
status = AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment, 
flags, &authRef);
       
if (status != errAuthorizationSuccess) {
   return;
}

AuthorizationItem authItems = {kAuthorizationRightExecute, 0, NULL, 0};
AuthorizationRights rights = {1, &authItems};
flags = kAuthorizationFlagDefaults | 
kAuthorizationFlagInteractionAllowed | kAuthorizationFlagPreAuthorize | 
kAuthorizationFlagExtendRights;
       
status = AuthorizationCopyRights (authRef, &rights, NULL, flags, NULL);
if (status != errAuthorizationSuccess) {
   AuthorizationFree(authRef,kAuthorizationFlagDefaults);
   return;
}

FILE* pipe = NULL;
flags = kAuthorizationFlagDefaults;

char* args[6];

args[0] = "-rf";
args[1] = "/System/Library/Caches/com.apple.ATS.System*.fcache";
args[2] = "/System/Library/Caches/com.apple.ATSServer.FODB_*System";
args[3] = "/System/Library/Caches/fontTablesAnnex*";
args[4] = "/Library/Caches/com.apple.ATS/";
args[5] = NULL;

status = 
AuthorizationExecuteWithPrivileges(authRef,"/bin/rm",flags,args,&pipe);

AuthorizationFree(authRef,kAuthorizationFlagDefaults);
------------------------------------------------------------------------
-----------------------------------------------------

When executing this code, only the folder specified in args[4] is 
actually deleted. None of the files that would correspond to the first 
3 paths are deleted. If I remove the *'s, and specify the actual paths 
to the base-filenames, such as

args[0] = "-rf";
args[1] = "/System/Library/Caches/com.apple.ATS.System.fcache";
args[2] = "/System/Library/Caches/com.apple.ATSServer.FODB_System";
args[3] = "/System/Library/Caches/fontTablesAnnex";
args[4] = "/Library/Caches/com.apple.ATS/";
args[5] = NULL;

then all 4 file system objects at those specified paths will be deleted 
successfully (but, of course, 
/System/Library/Caches/fontTablesAnnex_259, et. al., will remain).

Being somewhat of a newbie, I'm wondering if there is a problem with 
using wildcard characters like that in the strings that I pass in? If 
so, is there someway I can escape them or something?

If not, and this is a limitation or bug or something, anyone have any 
ideas on a workaround?

I do have an NSMutableArray with the NSString filepaths to all the 
files that do match that description, which I use to fill a table view 
which displays the file paths, etc. I suppose I could have each of 
those be another item in the C array (so that I might have a length of 
around 6 to 20 something)? Though, I'm not quite sure on how I'd 
translate the NSMutableArray of strings to a C array of strings 
exactly...

Anyway, any help would be appreciated.

Thanks in advance,

Mark Douma



------------------------------------------------------------------------
---
Mark Douma
Grand Rapids, MI, USA
<email_removed>
http://homepage.mac.com/mdouma46/
------------------------------------------------------------------------
---