<div dir="ltr">Hey Ian,<div><br></div><div>Thanks for the offer, unfortunately, however, Pallet doesn't run any shell commands (everything is passed done through spinning up a Tcl shell and passing input/output through IPC), so I'm afraid your example wouldn't work.</div><div><br></div><div>Thanks again, though!</div><div>-Kyle</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Aug 5, 2015 at 5:25 PM, Ian Wadham <span dir="ltr"><<a href="mailto:iandw.au@gmail.com" target="_blank">iandw.au@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=""><br>
On 06/08/2015, at 4:14 AM, Kyle Sammons wrote:<br>
<br>
> Hey everyone,<br>
><br>
> Currently I'm at a fork in the road for the Revitalizing Pallet GSoC<br>
> project, and was hoping to crowd source some ideas about how to deal<br>
> with the Apple authorization framework used to get super user privileges<br>
> to allow 'port' to execute correctly under the hood. This task is the<br>
> last major one on my GSoC queue. There are three possible roads to go<br>
> down here; I don't know which one is the "best" or "correct" one, hence<br>
> the crowd sourcing here.<br>
<br>
</span>Here is another possibility, which I used in Fossick… Note that I went the<br>
command-line route and used "tail -f" to receive output asynchronously.<br>
You may not need that if you have gone the other route. The guts of the<br>
authorisation is to use AppleScript. Hope this helps.<br>
<br>
/**<br>
* This method uses AppleScript to run a privileged Unix script asynchronously<br>
* in the background, with output to a file (e.g. a script containing MacPorts'<br>
* "port install <software item>" command). The NSTask object defined above<br>
* uses "tail -f" to collect the output as it occurs. The return string is nil<br>
* if the script started OK or contains an error text if it failed. AppleScript<br>
* is run "with administrator privileges", which means that it pops up the usual<br>
* Apple request for an admin password when installing non-Apple software.<br>
*/<br>
- (NSString *) runPrivilegedScript: (NSString *) filePath<br>
output: (NSString *) outputFilePath;<br>
-------------------------------------------------------------------------------------------------------<br>
<br>
- (NSString *) runPrivilegedScript: (NSString *) filePath<br>
output: (NSString *) outputFilePath<br>
{<br>
NSDictionary * error;<br>
NSString * script = [NSString stringWithFormat: @"do shell script " \<br>
"\"'%@' >'%@' 2>&1 &\" " \<br>
"with administrator privileges " \<br>
"without altering line endings",<br>
filePath, outputFilePath];<br>
NSLog(@"SCRIPT: %@", script);<br>
NSAppleScript * appleScript = [[NSAppleScript new] initWithSource:script];<br>
if ([appleScript executeAndReturnError:&error]) {<br>
NSLog(@"AppleScript running! '%@' >'%@' 2>&1 &", filePath, outputFilePath);<br>
<br>
// Start the output-watcher.<br>
self.task = [[NSTask alloc] init];<br>
[self.task setLaunchPath:@"/usr/bin/tail"];<br>
[self.task setArguments:[NSArray arrayWithObjects:<br>
@"-f", outputFilePath, nil]];<br>
self.tailOfOutput = [NSPipe pipe];<br>
self.errorOutput = [NSPipe pipe];<br>
[self.task setStandardOutput: tailOfOutput];<br>
[self.task setStandardError: errorOutput];<br>
[self.task setStandardInput: [NSPipe pipe]]; // No standard input.<br>
[self.task launch];<br>
[[self.tailOfOutput fileHandleForReading] readInBackgroundAndNotify];<br>
[[NSNotificationCenter defaultCenter]<br>
addObserver: self<br>
selector: @selector (receiveOutput:)<br>
name: NSFileHandleReadCompletionNotification<br>
object: nil];<br>
return nil;<br>
}<br>
else {<br>
NSLog(@"Failed to run AppleScript!\n%@", error);<br>
return [error description];<br>
}<br>
// TODO: "User cancelled." is a possible error reason (i.e. hit Cancel<br>
// instead of entering a password). OS X seems to allow unlimited<br>
// failed attempts to enter the password.<br>
<span class="">}<br>
<br>
> 0. Do nothing; leave the current code in place, but continue to ignore<br>
> it; require the user to run it with superuser privileges;<br>
</span><snip><br>
<br>
Cheers, Ian W.<br>
<br>
</blockquote></div><br></div>