authorization_util.h revision c407dc5cd9bdc5668497f21b26b09d988ab439de
1// Copyright (c) 2009 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_COCOA_AUTHORIZATION_UTIL_H_ 6#define CHROME_BROWSER_COCOA_AUTHORIZATION_UTIL_H_ 7 8// AuthorizationExecuteWithPrivileges fork()s and exec()s the tool, but it 9// does not wait() for it. It also doesn't provide the caller with access to 10// the forked pid. If used irresponsibly, zombie processes will accumulate. 11// 12// Apple's really gotten us between a rock and a hard place, here. 13// 14// Fortunately, AuthorizationExecuteWithPrivileges does give access to the 15// tool's stdout (and stdin) via a FILE* pipe. The tool can output its pid 16// to this pipe, and the main program can read it, and then have something 17// that it can wait() for. 18// 19// The contract is that any tool executed by the wrappers declared in this 20// file must print its pid to stdout on a line by itself before doing anything 21// else. 22// 23// http://developer.apple.com/mac/library/samplecode/BetterAuthorizationSample/listing1.html 24// (Look for "What's This About Zombies?") 25 26#include <CoreFoundation/CoreFoundation.h> 27#include <Security/Authorization.h> 28#include <stdio.h> 29#include <sys/types.h> 30 31namespace authorization_util { 32 33// Obtains an AuthorizationRef that can be used to run commands as root. If 34// necessary, prompts the user for authentication. If the user is prompted, 35// |prompt| will be used as the prompt string and an icon appropriate for the 36// application will be displayed in a prompt dialog. Note that the system 37// appends its own text to the prompt string. Returns NULL on failure. 38AuthorizationRef AuthorizationCreateToRunAsRoot(CFStringRef prompt); 39 40// Calls straight through to AuthorizationExecuteWithPrivileges. If that 41// call succeeds, |pid| will be set to the pid of the executed tool. If the 42// pid can't be determined, |pid| will be set to -1. |pid| must not be NULL. 43// |pipe| may be NULL, but the tool will always be executed with a pipe in 44// order to read the pid from its stdout. 45OSStatus ExecuteWithPrivilegesAndGetPID(AuthorizationRef authorization, 46 const char* tool_path, 47 AuthorizationFlags options, 48 const char** arguments, 49 FILE** pipe, 50 pid_t* pid); 51 52// Calls ExecuteWithPrivilegesAndGetPID, and if that call succeeds, calls 53// waitpid() to wait for the process to exit. If waitpid() succeeds, the 54// exit status is placed in |exit_status|, otherwise, -1 is stored. 55// |exit_status| may be NULL and this function will still wait for the process 56// to exit. 57OSStatus ExecuteWithPrivilegesAndWait(AuthorizationRef authorization, 58 const char* tool_path, 59 AuthorizationFlags options, 60 const char** arguments, 61 FILE** pipe, 62 int* exit_status); 63 64} // namespace authorization_util 65 66#endif // CHROME_BROWSER_COCOA_AUTHORIZATION_UTIL_H_ 67