Cocoa mail archive
Re: More authorization woes, the methods giving me trouble
FROM : OL&L Lists
DATE : Sat Dec 25 01:42:33 2004
At 8:00 PM -0700 12/22/04, April Gendill wrote:
>all right, well I'm still having some trouble. Basically the code
>I;m trying to use is a nearly un altered version of the DT's
>AuthSample. But it's altered enough that I broke it.
>
>What I am able to get it to do.
>
>I can get it to launch the helper tool after getting the admin
>password. I am not able to pass arguments to the helper tool, I've
>tried several different things but it does not work. so the code
>below is just the no arguments version..
>
>By the time I call the method below I've created the external ref
>
>static int performCommand(AuthorizationRef authorizationRef,
>MyAuthorizedCommand myCommand,NSString *file)
>{
>
>
> int comms[2] = {};
> int childStatus = 0;
> int written;
> pid_t pid;
>
> AuthorizationExternalForm extAuth;
>
> NSString * pp = [NSString
>stringWithFormat:@"%@/BOM_trigger",[[NSBundle
>mainBundle]resourcePath]];
> char * path = [pp fileSystemRepresentation];
>
> /* Turn an AuthorizationRef into an external "byte blob" form so
>it can be transmitted to the authtool. */
> if (AuthorizationMakeExternalForm(authorizationRef, &extAuth))
> return kMyAuthorizedCommandInternalError;
>
> /* Create a descriptor pair for interprocess communication. */
> if (pipe(comms))
> return kMyAuthorizedCommandInternalError;
>
> switch(pid = fork())
> {
> case 0: /* Child */
> {
> char *const envp[] = ;
>
> dup2(comms[0], 0);
> close(comms[0]);
> close(comms[1]);
> execle(path, path, NULL, envp); //I need for this to
>accept 2 args, 1 a file mode d or f, and 2 the path to the file to
>remove.
>
> //Currently it ignores everything
> return 0;
> }
> case -1: /* an error occured */
> close(comms[0]);
> close(comms[1]);
> return kMyAuthorizedCommandInternalError;
> default: /* Parent */
> break;
> }
>
>
> /* Write the ExternalizedAuthorization to our output pipe. */
> if (write(comms[1], &extAuth, sizeof(extAuth)) != sizeof(extAuth))
> {
> close(comms[1]);
> return kMyAuthorizedCommandInternalError;
> }
>
> /* Write the commands we want to execute to our output pipe */
> //written = write(comms[1], &myCommand, sizeof(MyAuthorizedCommand));
>
> /* Close output pipe to notify client we are done. */
> close(comms[1]);
>
> //if (written != sizeof(MyAuthorizedCommand))
> //return kMyAuthorizedCommandInternalError;
>
> /* Wait for the tool to return */
> if (waitpid(pid, &childStatus, 0) != pid)
> return kMyAuthorizedCommandInternalError;
>
> if (!WIFEXITED(childStatus))
> return kMyAuthorizedCommandInternalError;
>
> return WEXITSTATUS(childStatus);
>}
>
>Now this is the receiving main() method in the helper tool. The
>problem here, other than not getting the arguments, is that it is
>not reading the data written to the pipe from the launching method
>above.
>
>int main(int argc, char *argv[])
>{
>
> int c =0;
>
> OSStatus status;
> AuthorizationRef auth;
> int bytesRead;
> MyAuthorizedCommand myCommand;
>
> AuthorizationExternalForm extAuth;
>
> // Read the Authorization "byte blob" from our input pipe.
> if (read(0, &extAuth, sizeof(extAuth)) != sizeof(extAuth)){
> NSLog(@"kMyAuthorizedCommandInternalError First line");
> exit(kMyAuthorizedCommandInternalError);
> }
> // Restore the externalized Authorization back to an AuthorizationRef
> if (AuthorizationCreateFromExternalForm(&extAuth, &auth)){
> NSLog(@"kMyAuthorizedCommandInternalError Second line");
> exit(kMyAuthorizedCommandInternalError);
> }
>
>
> // Read a 'MyAuthorizedCommand' object from stdin.
> bytesRead = read(0, &myCommand, sizeof(MyAuthorizedCommand));
>
> NSLog(@"myCommand %s",myCommand.file);//This is always empty
>so I of course assume I'm messing up the pipe some how.
>
> //Is there possibly a way to Use NSTask than the
>messy method above?
>
> // Make sure that we received a full 'MyAuthorizedCommand' object
> if (bytesRead == sizeof(MyAuthorizedCommand))
> {
> const char *rightName = rightNameForCommand(&myCommand);
> AuthorizationItem right = { rightName, 0, NULL, 0 } ;
> AuthorizationRights rights = { 1, &right };
> AuthorizationFlags flags = kAuthorizationFlagDefaults |
>kAuthorizationFlagInteractionAllowed
> | kAuthorizationFlagExtendRights;
>
>
> if (status = AuthorizationCopyRights(auth, &rights,
>kAuthorizationEmptyEnvironment, flags, NULL))
> {
> exit(kMyAuthorizedCommandAuthFailed);
> }
> NSLog(@"Remove");
> // Peform the opertion stored in 'myCommand'.
> }
> return 0;
>
> So anyway, Yeah this is just the same code from the example
>but changed just enough to prevent it from working. Can any one out
>there help perhaps?
>
>April
Don't even try calling the helper tool without the help of Apple's
MIB library. It takes all the difficulty out of it. Using that lib
you pass all commands and data to the tool via CFDictionaries.
Michael
Orbital Launch & Lift, Inc.
http://www.orbitallaunch.com
DATE : Sat Dec 25 01:42:33 2004
At 8:00 PM -0700 12/22/04, April Gendill wrote:
>all right, well I'm still having some trouble. Basically the code
>I;m trying to use is a nearly un altered version of the DT's
>AuthSample. But it's altered enough that I broke it.
>
>What I am able to get it to do.
>
>I can get it to launch the helper tool after getting the admin
>password. I am not able to pass arguments to the helper tool, I've
>tried several different things but it does not work. so the code
>below is just the no arguments version..
>
>By the time I call the method below I've created the external ref
>
>static int performCommand(AuthorizationRef authorizationRef,
>MyAuthorizedCommand myCommand,NSString *file)
>{
>
>
> int comms[2] = {};
> int childStatus = 0;
> int written;
> pid_t pid;
>
> AuthorizationExternalForm extAuth;
>
> NSString * pp = [NSString
>stringWithFormat:@"%@/BOM_trigger",[[NSBundle
>mainBundle]resourcePath]];
> char * path = [pp fileSystemRepresentation];
>
> /* Turn an AuthorizationRef into an external "byte blob" form so
>it can be transmitted to the authtool. */
> if (AuthorizationMakeExternalForm(authorizationRef, &extAuth))
> return kMyAuthorizedCommandInternalError;
>
> /* Create a descriptor pair for interprocess communication. */
> if (pipe(comms))
> return kMyAuthorizedCommandInternalError;
>
> switch(pid = fork())
> {
> case 0: /* Child */
> {
> char *const envp[] = ;
>
> dup2(comms[0], 0);
> close(comms[0]);
> close(comms[1]);
> execle(path, path, NULL, envp); //I need for this to
>accept 2 args, 1 a file mode d or f, and 2 the path to the file to
>remove.
>
> //Currently it ignores everything
> return 0;
> }
> case -1: /* an error occured */
> close(comms[0]);
> close(comms[1]);
> return kMyAuthorizedCommandInternalError;
> default: /* Parent */
> break;
> }
>
>
> /* Write the ExternalizedAuthorization to our output pipe. */
> if (write(comms[1], &extAuth, sizeof(extAuth)) != sizeof(extAuth))
> {
> close(comms[1]);
> return kMyAuthorizedCommandInternalError;
> }
>
> /* Write the commands we want to execute to our output pipe */
> //written = write(comms[1], &myCommand, sizeof(MyAuthorizedCommand));
>
> /* Close output pipe to notify client we are done. */
> close(comms[1]);
>
> //if (written != sizeof(MyAuthorizedCommand))
> //return kMyAuthorizedCommandInternalError;
>
> /* Wait for the tool to return */
> if (waitpid(pid, &childStatus, 0) != pid)
> return kMyAuthorizedCommandInternalError;
>
> if (!WIFEXITED(childStatus))
> return kMyAuthorizedCommandInternalError;
>
> return WEXITSTATUS(childStatus);
>}
>
>Now this is the receiving main() method in the helper tool. The
>problem here, other than not getting the arguments, is that it is
>not reading the data written to the pipe from the launching method
>above.
>
>int main(int argc, char *argv[])
>{
>
> int c =0;
>
> OSStatus status;
> AuthorizationRef auth;
> int bytesRead;
> MyAuthorizedCommand myCommand;
>
> AuthorizationExternalForm extAuth;
>
> // Read the Authorization "byte blob" from our input pipe.
> if (read(0, &extAuth, sizeof(extAuth)) != sizeof(extAuth)){
> NSLog(@"kMyAuthorizedCommandInternalError First line");
> exit(kMyAuthorizedCommandInternalError);
> }
> // Restore the externalized Authorization back to an AuthorizationRef
> if (AuthorizationCreateFromExternalForm(&extAuth, &auth)){
> NSLog(@"kMyAuthorizedCommandInternalError Second line");
> exit(kMyAuthorizedCommandInternalError);
> }
>
>
> // Read a 'MyAuthorizedCommand' object from stdin.
> bytesRead = read(0, &myCommand, sizeof(MyAuthorizedCommand));
>
> NSLog(@"myCommand %s",myCommand.file);//This is always empty
>so I of course assume I'm messing up the pipe some how.
>
> //Is there possibly a way to Use NSTask than the
>messy method above?
>
> // Make sure that we received a full 'MyAuthorizedCommand' object
> if (bytesRead == sizeof(MyAuthorizedCommand))
> {
> const char *rightName = rightNameForCommand(&myCommand);
> AuthorizationItem right = { rightName, 0, NULL, 0 } ;
> AuthorizationRights rights = { 1, &right };
> AuthorizationFlags flags = kAuthorizationFlagDefaults |
>kAuthorizationFlagInteractionAllowed
> | kAuthorizationFlagExtendRights;
>
>
> if (status = AuthorizationCopyRights(auth, &rights,
>kAuthorizationEmptyEnvironment, flags, NULL))
> {
> exit(kMyAuthorizedCommandAuthFailed);
> }
> NSLog(@"Remove");
> // Peform the opertion stored in 'myCommand'.
> }
> return 0;
>
> So anyway, Yeah this is just the same code from the example
>but changed just enough to prevent it from working. Can any one out
>there help perhaps?
>
>April
Don't even try calling the helper tool without the help of Apple's
MIB library. It takes all the difficulty out of it. Using that lib
you pass all commands and data to the tool via CFDictionaries.
Michael
Orbital Launch & Lift, Inc.
http://www.orbitallaunch.com
| Related mails | Author | Date |
|---|---|---|
| More authorization woes, the methods giving me trouble |
April Gendill | Dec 23, 04:00 |
| Re: More authorization woes, the methods giving me trouble |
m | Dec 23, 08:30 |
| Re: More authorization woes, the methods giving me trouble |
April Gendill | Dec 23, 16:41 |
| Re: More authorization woes, the methods giving me trouble |
m | Dec 24, 02:21 |
| Re: More authorization woes, the methods giving me trouble |
OL&L Lists | Dec 25, 01:42 |
