cocoa - 来自 cocoa 的 sudo chmod 命令

Question

我想从我的 Cocoa 项目运行以下命令。 (隐藏聚光灯图标)

sudo chmod 600 /System/Library/CoreServices/Search.bundle/Contents/MacOS/Search

我找到了两种调用命令并获得以下输出的方法

1)使用 NSTask

NSTask *writeTask = [[NSTask alloc] init];
[writeTask setLaunchPath:@"/bin/chmod"];

[writeTask setArguments: @[@"755",@"/System/Library/CoreServices/Search.bundle/Contents/MacOS/Search"]];

[writeTask launch];

>>chmod: Unable to change file mode on /System/Library/CoreServices/Search.bundle/Contents/MacOS/Search: Operation not permitted

2) 管道

NSString *command = @"sudo chmod 755/System/Library/CoreServices/Search.bundle/Contents/MacOS/Search";
fp = popen([command UTF8String], "r");

>>sudo: no tty present and no askpass program specified

我还没有找到如何在 super 用户模式下运行其中任何一个的方法。如何提示用户输入密码并最终以所需的权限运行此命令？

Answer 1

在 10.7 之前，您可以使用 AuthorizationExecuteWithPrivileges() 来执行具有权限的任务。然而，这在 10.7 中已被弃用，Apple 建议使用 ServiceManagement 框架来执行特权任务。

SMJobBless demonstrates how to securely install a helper tool that performs a privileged operation and how to associate the tool with an application that invokes it.

SMJobBless uses ServiceManagement.framework that was introduced in Mac OS X v10.6 Snow Leopard.

As of Snow Leopard, this is the preferred method of managing privilege escalation on Mac OS X and should be used instead of earlier approaches such as BetterAuthorizationSample or directly calling AuthorizationExecuteWithPrivileges.

苹果的sample code