From f33e3e2db7c1acc8d9edb6b6848507a05be8736a Mon Sep 17 00:00:00 2001 From: dmitry <dmitry.puzyrkov@demlabs.net> Date: Thu, 25 Jul 2024 00:25:42 +0700 Subject: [PATCH] [+] conftool use macos authorisation framework for service control. --- conftool/CMakeLists.txt | 8 +++++++- conftool/service/macos_auth.h | 2 ++ conftool/service/macos_auth.m | 31 ++++++++++++++++++++++++++++++ conftool/service/service_linux.cpp | 12 ++++++------ conftool/service/service_macos.cpp | 11 ++++++----- 5 files changed, 52 insertions(+), 12 deletions(-) create mode 100644 conftool/service/macos_auth.h create mode 100644 conftool/service/macos_auth.m diff --git a/conftool/CMakeLists.txt b/conftool/CMakeLists.txt index e838095af..0bf4af2d7 100644 --- a/conftool/CMakeLists.txt +++ b/conftool/CMakeLists.txt @@ -15,7 +15,8 @@ add_executable(${PROJECT_NAME} ./main.cpp ./config/cellframeconfigfile.cpp ./service/service_win.cpp ./service/service_linux.cpp - ./service/service_macos.cpp) + ./service/service_macos.cpp + ./service/macos_auth.m) target_link_libraries(cellframe-node-config ) @@ -24,6 +25,11 @@ if (LINUX OR WIN32) target_link_libraries(cellframe-node-config PRIVATE stdc++fs ) endif() +if (APPLE) +target_link_libraries(cellframe-node-config PUBLIC "-framework Security -framework Foundation") +endif() + + target_compile_features(${PROJECT_NAME} PRIVATE cxx_std_20) diff --git a/conftool/service/macos_auth.h b/conftool/service/macos_auth.h new file mode 100644 index 000000000..d44d95dd3 --- /dev/null +++ b/conftool/service/macos_auth.h @@ -0,0 +1,2 @@ +extern "C" int callSec (char *tool, char* args[]); + diff --git a/conftool/service/macos_auth.m b/conftool/service/macos_auth.m new file mode 100644 index 000000000..68ed2401f --- /dev/null +++ b/conftool/service/macos_auth.m @@ -0,0 +1,31 @@ +#ifdef __APPLE__ + + +#import <Foundation/Foundation.h> + + +int callSec (char *tool, char* args[]) { + NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init]; + + // Create authorization reference + AuthorizationRef authorizationRef; + OSStatus status; + + status = AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment, kAuthorizationFlagDefaults, &authorizationRef); + + // Run the tool using the authorization reference + FILE *pipe = NULL; + + status = AuthorizationExecuteWithPrivileges(authorizationRef, tool, kAuthorizationFlagDefaults, args, &pipe); + + if (status == errAuthorizationSuccess) { + return 0; + } else { + NSLog(@"Authorization Result Code: %d", status); + } + + [pool drain]; + return -1; +} + +#endif \ No newline at end of file diff --git a/conftool/service/service_linux.cpp b/conftool/service/service_linux.cpp index fe2928f88..b8a620773 100644 --- a/conftool/service/service_linux.cpp +++ b/conftool/service/service_linux.cpp @@ -4,7 +4,7 @@ #include "../commands/abstractcommand.h" bool CServiceControl::enable(){ - std::string cmd = "systemctl enable " + (std::filesystem::path{variable_storage["CONFIGS_PATH"]}/"share"/"cellframe-node.service > /dev/null").string(); + std::string cmd = "systemctl enable " + variable_storage["SERVICE_FILE_PATH"] + " > /dev/null"; int res = std::system(cmd.c_str()); return res == 0 ? true : false; @@ -12,7 +12,7 @@ bool CServiceControl::enable(){ bool CServiceControl::disable() { - std::string cmd = "systemctl disable cellframe-node.service > /dev/null"; + std::string cmd = "systemctl disable " + variable_storage["SERVICE_NAME"] +" > /dev/null"; int res = std::system(cmd.c_str()); return res == 0 ? true : false; } @@ -21,7 +21,7 @@ unsigned int CServiceControl::serviceStatus() { unsigned int status = 0; - std::string cmd = "systemctl is-enabled cellframe-node.service > /dev/null"; + std::string cmd = "systemctl is-enabled " + variable_storage["SERVICE_NAME"] + " > /dev/null"; int res = std::system(cmd.c_str()); if (res == 0) @@ -42,21 +42,21 @@ unsigned int CServiceControl::serviceStatus() bool CServiceControl::start() { - std::string cmd = "systemctl start cellframe-node.service > /dev/null"; + std::string cmd = "systemctl start " + variable_storage["SERVICE_NAME"] + " > /dev/null"; int res = std::system(cmd.c_str()); return res == 0 ? true : false; } bool CServiceControl::stop() { - std::string cmd = "systemctl stop cellframe-node.service > /dev/null"; + std::string cmd = "systemctl stop " + variable_storage["SERVICE_NAME"] + " > /dev/null"; int res = std::system(cmd.c_str()); return res == 0 ? true : false; } bool CServiceControl::restart() { - std::string cmd = "systemctl restart cellframe-node.service > /dev/null"; + std::string cmd = "systemctl restart " + variable_storage["SERVICE_NAME"] + " > /dev/null"; int res = std::system(cmd.c_str()); return res == 0 ? true : false; } diff --git a/conftool/service/service_macos.cpp b/conftool/service/service_macos.cpp index fad759209..bf42bc2fc 100644 --- a/conftool/service/service_macos.cpp +++ b/conftool/service/service_macos.cpp @@ -2,18 +2,19 @@ #include "service.h" #include "../commands/abstractcommand.h" +#include "macos_auth.h" bool CServiceControl::enable() { - //starts too - int res = std::system("launchctl load -w /Library/LaunchDaemons/com.demlabs.cellframe-node.plist"); + char *args[] = {"/bin/launchctl","load", "-w", "/Library/LaunchDaemons/com.demlabs.cellframe-node.plist", NULL}; + int res = callSec("/usr/bin/sudo", args); return res == 0 ? true : false; } bool CServiceControl::disable() { - //stops too - int res = std::system("launchctl unload -w /Library/LaunchDaemons/com.demlabs.cellframe-node.plist"); + char *args[] = {"/bin/launchctl", "unload", "-w", "/Library/LaunchDaemons/com.demlabs.cellframe-node.plist", NULL}; + int res = callSec("/usr/bin/sudo", args); return res == 0 ? true : false; } @@ -21,7 +22,7 @@ unsigned int CServiceControl::serviceStatus() { unsigned int status = 0; std::string cmd = std::string(); - int res = std::system("launchctl list com.demlabs.cellframe-node > /dev/null"); + int res = std::system("launchctl print system/com.demlabs.cellframe-node > /dev/null"); if (res == 0) { status |= SERVICE_ENABLED; -- GitLab