Mac Forums

Mac Forums (http://www.mac-forums.com/forums/)
-   OS X - Development and Darwin (http://www.mac-forums.com/forums/os-x-development-darwin/)
-   -   Slightly Better authorization sample fails only in Leopard (http://www.mac-forums.com/forums/os-x-development-darwin/264095-slightly-better-authorization-sample-fails-only-leopard.html)

globalian 01-19-2012 06:33 AM
Slightly Better authorization sample fails only in Leopard
 
Hi All,

I have been using slightly better authorization model sample program for executing OpenVPN command from the shell. It seems that while adding the IP into the routing table, I get the following error at Leopard ( 10.6.8 ) - "route: must be root to alter routing table". In Lion ( 10.7.2 ) the same authorization model works fine for me. There is no routing table insertion error as above. Is there any difference between the AuthorizationCreate() & AuthorizationExecuteWithPrivileges() calls on Lion and Leopard? If I want to stick with the same authorization elevation model, will there be any additional flag(s) to be set for Leopard program? Below are my current flag setting :

int main() {

OSStatus myStatus;
AuthorizationFlags myFlags = kAuthorizationFlagDefaults; // 1
AuthorizationRef myAuthorizationRef; // 2

myStatus = AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment, // 3
myFlags, &myAuthorizationRef);
if (myStatus != errAuthorizationSuccess)
return myStatus;

{
AuthorizationItem myItems = {kAuthorizationRightExecute, 0, // 4
NULL, 0};
AuthorizationRights myRights = {1, &myItems}; // 5

myFlags = kAuthorizationFlagDefaults | // 6
kAuthorizationFlagInteractionAllowed |
kAuthorizationFlagPreAuthorize |
kAuthorizationFlagExtendRights;
myStatus = AuthorizationCopyRights (myAuthorizationRef, // 7
&myRights, NULL, myFlags, NULL );
}

if (myStatus != errAuthorizationSuccess) goto DoneWorking;

{
char myToolPath[] = "/Applications/MyApp/MyApp.app/Contents/Resources/openvpn";
char *myArguments[] = { "--remote","us1.vpn.testnw.com", "1194", "udp" , "--config", "/Applications/MyApp/MyApp.app/Contents/Resources/cfg/myapp_openvpn160.conf", NULL };
FILE *myCommunicationsPipe = NULL;
char myReadBuffer[128];

myFlags = kAuthorizationFlagDefaults; // 8
myStatus = AuthorizationExecuteWithPrivileges // 9
(myAuthorizationRef, myToolPath, myFlags, myArguments,
&myCommunicationsPipe);

if (myStatus == errAuthorizationSuccess)
for(;;)
{
int bytesRead = read (fileno (myCommunicationsPipe),
( unsigned char * ) myReadBuffer, sizeof (myReadBuffer));
if (bytesRead < 1) goto DoneWorking;
write (fileno (stdout), (unsigned char * ) myReadBuffer, bytesRead);
}
}

DoneWorking:
AuthorizationFree (myAuthorizationRef, kAuthorizationFlagDefaults); // 10

if (myStatus) printf("Status: %ld\n", myStatus);
return myStatus;
}




I am struck with this problem for more than 2 days. Any help on this is more appreciated.

Thanks,
Globalian


All times are GMT -4. The time now is 11:47 AM.

Powered by vBulletin
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.