如何在启用Mac App沙盒的情况下运行Shell脚本? [英] How to Run a Shell Script with Mac App Sandbox Enabled?

问题描述

是否可以在沙箱中运行一个应用程序，执行一个shell脚本?该脚本使用了两个基本命令:

 默认写杀死所有 

我知道沙箱有一些例外，可以通过权利文件添加，但不确定是否可以让用户确认小脚本的执行然后运行它?

请给我一个实用的提示...当我在关闭沙箱的情况下运行我的应用程序时，一切正常.使用沙箱时，两个命令均不起作用，这在控制台中显示:

  killall:警告:kill -TERM 12322:不允许操作 

解决方案

为什么要首先将如此强大的App沙箱化?您是否要修改默认设置并为特定的其他应用程序杀死所有功能(以某种方式)或为计算机上存在的所有应用程序"全部杀死?

如果对于其他特定应用程序，为什么不使用无外壳程序呢?对于默认设置，请使用com.apple.security.temporary-exception.shared-preference.read-write并添加要修改的域(例如com.apple.DigitalColorMeter)，然后使用CFPreferencesSetValue()

对于killall，请使用com.apple.security.temporary-exception.apple-events并运行Applescript/发送AppleEvents以终止特定进程.

Is it possible to have an app, that runs within the sandbox, execute a shell script? The script makes use of two basic commands:

defaults write
killall

I know that there are some exceptions to the sandbox, that can be added via the entitlements file, but not sure wheter it would be possible to have the user confirm the execution of the small script and then run it?

Please give me a practical hint... When I run my app with sandbox off, everything works fine. With sandbox on both commands are not working and this is shown in the console:

killall: warning: kill -TERM 12322: Operation not permitted

解决方案

Why would you want to sandbox such a powerful App it in the first place? Do you want to modify defaults and killall for specific other apps (somehow possible) or for "all that exist on the machine"?

If for specific other apps, why not do it without shell? For defaults write use com.apple.security.temporary-exception.shared-preference.read-write and add the domains you'd like to modify (eg. com.apple.DigitalColorMeter) and use CFPreferencesSetValue()

For killall use com.apple.security.temporary-exception.apple-events and run an Applescript / send AppleEvents to terminate specific processes.

这篇关于如何在启用Mac App沙盒的情况下运行Shell脚本?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！