MACOSX: how to start a daemon that needs root privileges from a cocoa application
The conditions are as follows: MacOSX 10.7 and Cocoa graphical application written in objective-c.
I am facing the following problem. I cannot start the daemon app from the / user / bin folder from my Cocoa app. I know I must be root for this.
I have an installer, not * .pkg, but a hand-written installer. I need to start my daemons after the installation process is complete. How do I elevate privileges in an objective-c application?
I have this code. But the call to AuthorizationExecuteWithPrivileges is deprecated.
We shouldn't use it.
AuthorizationItem authItem = { kSMRightModifySystemDaemons, 0, NULL, 0 };
AuthorizationRights authRights = { 1, &authItem };
AuthorizationFlags flags = kAuthorizationFlagDefaults |
kAuthorizationFlagInteractionAllowed |
kAuthorizationFlagPreAuthorize |
kAuthorizationFlagExtendRights;
AuthorizationRef authRef = NULL;
OSStatus status = AuthorizationCreate(&authRights,
kAuthorizationEmptyEnvironment, flags, &authRef);
status = AuthorizationExecuteWithPrivileges(authorizationRef, tool, kAuthorizationFlagDefaults, args, &pipe);
The second way is to use a privileged helper. This method looks very complicated for my case. I just need to start the daemons after installation.
In the course, I can ask the user to restart the mac. But I would like to avoid this.
Another possibility is the SUID bit in the daemon executable. But I don't think it's safe.
My question is: Is there an even easier way to do this?
source to share
Well, there might be an answer here.
You need:
- Create a wrapper script with your operations.
- Create an apple script
NSString
where you ask the shell script to executewith administrator privilege
. - Create an instance
NSAppleScript
and execute apple script.
More details: