Elevating permissions on OSX
When a file change requires root permissons you can use ‘/usr/libexec/authopen’ which elevates permissions and reads or writes that file for you. But what about executing programs with elevated permissions? On the command line you can of course use ’sudo’ …but what if you don’t want to drag the user to the command line? I thought an ‘authexec’ was missing. So after a little research I’ve modified an example from the Apple documentation that explains how to use
AuthorizationCreate(..)
AuthorizationCopyRights(..)
AuthorizationExecuteWithPrivileges(..)
to elevate permssions. ‘authexec yourapp’ will (just like sudo) ask you to confirm the authentication and then start your application with elevated permissions.
For convenience I’ve put the source and the universal binary online.
I’m trying to understand authorization on Mac OS X and your example seems to be just the help that I need. Unfortunately, I can’t get it to build - when I run the make file I get:
gcc authexec.c -arch i386 -o authexec.i386 -framework Security -isysroot /Developer/SDKs/MacOSX10.4u.sdk
gcc: installation problem, cannot exec `cc1′: No such file or directory
make: *** [authexec.i386] Error 1
When I try to run gcc directly, I get:
ld: can’t map file: /Developer/SDKs/MacOSX10.4u.sdk ((os/kern) invalid argument)
And when I build it in xcode and try to run it, it compiles file - but I get
ZeroLink: unknown symbol ‘_AuthorizationCreate’
Abort trap
I’m perplexed - and I’d really value your suggestions!