使用 SMJobBless() 编写特权助手工具 [英] Writing a privileged helper tool with SMJobBless()
问题描述
尽管 API 从 Mac OS X Leopard 开始就已开放,但令人惊讶且遗憾的是,关于如何正确使用 SMJobBless() 来创建特权辅助工具的文档非常少.即使直接从 Apple 的示例项目中复制代码,也有很多问题.幸运的是,我已经找到了解决此问题的方法,并为我的辅助工具工作奠定了基础.
Even though the API has been open since Mac OS X Leopard, there's surprisingly, and unfortunately, very little documentation on how to correctly use SMJobBless() for creating privileged helper tools. There are a lot of gotchas, even when copying code directly from Apple's sample project. Luckily, I've found my way around this, and have gotten the basis for my helper tool working.
然而,看起来 SMJobBless() 只会祝福这个工具并复制它,但不会运行它.我已经在我的辅助工具的 main() 函数中包含了应该运行的代码,但没有运行(因为 NSLog() 莫名其妙地没有)t 工作——根据我已经发现的一点点信息——我试过syslog()处理一些Hello world"类型的字符串,但系统上什么也没出现安慰).没有任何迹象表明辅助工具已启动.
文档大多没用.它只是说在调用 SMJobBless() 之后,辅助工具就准备好了",甚至没有说明准备好"是什么意思.
However, it would seem that SMJobBless() only blesses the tool and copies it over, but doesn't run it. I've included code in my helper tool's main() function that should run, but doesn't (since NSLog() inexplicably doesn't work–according to the tiny bit of information I have found–I've tried syslog()ing some "Hello world" type strings, but nothing appears on the system console). There's no indication that the helper tool is launched at all.
The documentation is mostly useless. It simply says that after SMJobBless() is called, the helper tool is 'ready', with no indication of what 'ready' even means.
此外,Apple 的示例不包含任何进程间通信代码,也没有解释应该如何与辅助工具交互.你使用分布式对象吗?马赫端口?谁知道?没有关于如何做到这一点的官方消息.
Furthermore, Apple's sample doesn't include any interprocess communication code, and doesn't explain how one is supposed to interact with the helper tool. Do you use Distributed Objects? Mach ports? Who knows? There's no official word on how to do it.
那么,有没有人知道如何完成这项工作?我已经确认安装了帮助工具,并且身份验证有效,但我根本无法弄清楚如何启动帮助工具并与之通信 - 文档中只是存在这样一个空白,这对于现在来说是个谜.这非常令人沮丧;我不可能是遇到这个问题的唯一人(但任何地方都很少提到它),而且 SMJobBless() 显然有效不知何故,因为这是 Apple 使用的.
So, does anyone have any information on how to get this done? I've confirmed that the helper tool is installed, and authentication works, but I simply can't figure out how to launch the helper tool and communicate with it - there's simply such a gap in the documentation that this is a mystery for now. It's very frustrating; I can't be the only one with this problem (but there's little mention of it anywhere), and SMJobBless() obviously works somehow, since it's what Apple uses.
(请不要提及 AuthorizationExecuteWithPrivileges().我没有使用它:它已被弃用,肯定会消失,并且是一个主要的安全漏洞.不用了,谢谢.)
(Please don't mention AuthorizationExecuteWithPrivileges(). I'm not using it: it's deprecated, sure to go away, and is a major security hole. No thanks.)
推荐答案
如果您想提升权限,XPC 不是一个选项(来自 https://developer.apple.com/library/archive/documentation/MacOSX/Conceptual/BPSystemStartup/Chapters/CreatingXPCServices.html):
XPC isn't an option if you're trying to elevate privileges (from https://developer.apple.com/library/archive/documentation/MacOSX/Conceptual/BPSystemStartup/Chapters/CreatingXPCServices.html):
默认情况下,XPC 服务运行在最受限制的环境中可能——沙盒化,文件系统访问、网络访问和很快.不支持将服务的权限提升为 root.
By default, XPC services are run in the most restricted environment possible—sandboxed with minimal filesystem access, network access, and so on. Elevating a service’s privileges to root is not supported.
SMJobBless 将安装一个辅助工具并将其注册到 Launchd,如 Apple 提供的 SMJobBless 示例.让您的辅助工具真正启动的诀窍是简单地尝试连接到您的辅助工具所宣传的服务.
SMJobBless will install a helper tool and register it with Launchd, as in the SMJobBless example provided by Apple. The trick to getting your helper tool to actually launch is to simply attempt to connect to your helper tool's advertised services.
有一个名为 ssd 的 WWDC2010 示例,它通过套接字演示了一个简单的启动客户端/服务器模型.Apple 不再提供它,但我在这里找到了一个链接:https://lists.apple.com/archives/macnetworkprog/2011/Jul/msg00005.html
There was a WWDC2010 example called ssd that demonstrated a simple launchd client/server model via sockets. It's not available from Apple any longer, but I've found a link here: https://lists.apple.com/archives/macnetworkprog/2011/Jul/msg00005.html
我已将 ssd 示例中的服务器代码中的调度队列处理合并到 SMJobBless 示例中的辅助工具中,并且当我的主应用程序尝试在适当的端口.请参阅 Launchd 上的 WWDC2010 视频,了解可用于与辅助工具(套接字除外)通信的其他机制.
I've incorporated the dispatch queue handling in the server code from the ssd example into the helper tool in the SMJobBless example and can confirm that my helper tool is indeed running (as root) when my main app attempts a connection on the appropriate port. See the WWDC2010 video on Launchd to understand the other mechanisms with which you can communicate with your helper tool (other than sockets).
我不确定我是否可以合法地重新分发我拥有的修改后的源代码,但合并这两个项目并运行您的辅助工具应该相当简单.
I'm not sure I can legally redistribute the modified sources I have, but it should be fairly straightforward to merge the two projects and get your helper tool running.
这是我编写的一个示例项目,它使用分布式对象在应用程序和助手之间进行通信:https://www.dropbox.com/s/5kjl8koyqzvszrl/Elevator.zip
Here is an example project I wrote that uses a distributed object for communication between the app and helper: https://www.dropbox.com/s/5kjl8koyqzvszrl/Elevator.zip
这篇关于使用 SMJobBless() 编写特权助手工具的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
