PureBasic Forum
http://forums.purebasic.com/english/

Module RunAsAdmin (root rights)
http://forums.purebasic.com/english/viewtopic.php?f=12&t=71693
Page 1 of 1

Author:  mk-soft [ Thu Nov 08, 2018 7:49 pm ]
Post subject:  Module RunAsAdmin (root rights)

Sometime we need root rights for programs

Now for OSX and Linux. Only Window is not ready...

Update v1.03
- New login window for linux

Update v1.04
- Linux over pkexec

Code:
;-TOP

; Comment : Module RunAsAdmin
; Author  : mk-soft
; Version : v1.04
; Date    : 09.11.2018
; Update  : 16.03.2019
; OS      : OSX, Linux

; Thanks to:
; - Airr
; - Wolfram

EnableExplicit

; ***************************************************************************************

;- Begin Module RunAsAdmin

DeclareModule RunAsAdmin
  Declare Login()
EndDeclareModule

; ---

Module RunAsAdmin
 
  ; -----------------------------------------------------------------------------------
 
  CompilerIf #PB_Compiler_OS = #PB_OS_MacOS
    ; Error codes returned by Authorization API.
    Enumeration AuthorizationResult
      #errAuthorizationSuccess                 = 0      ;/* The authorization was successful. */
      #errAuthorizationInvalidSet              = -60001 ;/* The authorization rights are invalid. */
      #errAuthorizationInvalidRef              = -60002 ;/* The authorization reference is invalid. */
      #errAuthorizationInvalidTag              = -60003 ;/* The authorization tag is invalid. */
      #errAuthorizationInvalidPointer          = -60004 ;/* The returned authorization is invalid. */
      #errAuthorizationDenied                  = -60005 ;/* The authorization was denied. */
      #errAuthorizationCanceled                = -60006 ;/* The authorization was cancelled by the user. */
      #errAuthorizationInteractionNotAllowed   = -60007 ;/* The authorization was denied since no user interaction was possible. */
      #errAuthorizationInternal                = -60008 ;/* Unable To obtain authorization For this operation. */
      #errAuthorizationExternalizeNotAllowed   = -60009 ;/* The authorization is Not allowed To be converted To an external format. */
      #errAuthorizationInternalizeNotAllowed   = -60010 ;/* The authorization is Not allowed To be created from an external format. */
      #errAuthorizationInvalidFlags            = -60011 ;/* The provided option flag(s) are invalid For this authorization operation. */
      #errAuthorizationToolExecuteFailure      = -60031 ;/* The specified program could Not be executed. */
      #errAuthorizationToolEnvironmenterror    = -60032 ;/* An invalid status was returned during execution of a privileged tool. */
      #errAuthorizationBadAddress              = -60033 ;/* The requested socket address is invalid (must be 0-1023 inclusive). */
    EndEnumeration
   
    ; Authorization
    #kAuthorizationEmptyEnvironment = #Null
    #kAuthorizationRightExecute = 0 ; UTF8("system.privilege.admin")
    #kAuthorizationFlagDefaults = 0
    #kAuthorizationFlagInteractionAllowed   = (1 << 0)
    #kAuthorizationFlagPreAuthorize = (1 << 4)
    #kAuthorizationFlagExtendRights = (1 << 1)
   
    ; -----------------------------------------------------------------------------------
   
    ; Structures
    Structure AuthorizationItem
      *name ;A zero-terminated string in UTF-8 encoding.
      valueLength.i
      *value       
      flags.i     
    EndStructure
   
    Structure AuthorizationRights
      AuthorizationItemSet.i
      *AuthorizationRights
    EndStructure
   
    Structure CMD
      *parameter1
      *parameter2
      *parameter3
      *parameter4
      *parameter5
      *parameter6
      *parameter7
      *parameter8
      cmd_terminator.i
    EndStructure
   
    ImportC "/System/Library/Frameworks/Security.framework/Security"
      AuthorizationCreate(rights, environment, flags, *AuthorizationRef)
      AuthorizationExecuteWithPrivileges(AuthorizationRef, cmd, flags, *arguments, file_ptr)
      AuthorizationFree(authRef, flags)
      AuthorizationCopyRights(authorization, *rights, *environment, flags.l, *authorizedRights)
    EndImport
  CompilerEndIf
 
  ; -----------------------------------------------------------------------------------
 
  CompilerSelect #PB_Compiler_OS
    CompilerCase #PB_OS_MacOS
      Procedure _Login()
        Protected authorizationRef.i, status.i, flags.i, *tool, result.i
        Protected right.AuthorizationItem
        Protected rights.AuthorizationRights
        Protected ArgList.CMD
       
        status = AuthorizationCreate(#Null, #kAuthorizationEmptyEnvironment, #kAuthorizationFlagDefaults, @authorizationRef)
        If status <> #errAuthorizationSuccess
          MessageRequester("Error", "Creating Initial Authorization: Errorcode " + Str(status), #PB_MessageRequester_Error)
        Else
          right\name = UTF8("system.privilege.admin")
          rights\AuthorizationItemSet = 1
          rights\AuthorizationRights = @right
          flags = #kAuthorizationFlagDefaults | #kAuthorizationFlagInteractionAllowed | #kAuthorizationFlagPreAuthorize | #kAuthorizationFlagExtendRights
          status = AuthorizationCopyRights(authorizationRef, @rights, #Null, flags, #Null);
          If status <> #errAuthorizationSuccess
            MessageRequester("Error", "No Authorization Rights: Errorcode " + Str(status), #PB_MessageRequester_Error)
            End
          EndIf
        EndIf
        *tool = UTF8(ProgramFilename())
        ArgList\parameter1 = UTF8("1")
        status = AuthorizationExecuteWithPrivileges(authorizationRef, *tool,  #kAuthorizationFlagDefaults, @ArgList, #Null);
        If status <> #errAuthorizationSuccess
          MessageRequester("Error", "Execute With Privileges: Errorcode " + Str(status))
        EndIf
        End
      EndProcedure
    CompilerCase #PB_OS_Linux
     
      Global WinLogin
      Global Label_Prog, Text_Program, Label_User, Label_Passwd, String_User, String_Passwd, Button_Ok
     
      ; -------------------------------------------------------------------------------
     
      Procedure OpenWinLogin(x = 100, y = 100, width = 420, height = 180)
        WinLogin = OpenWindow(#PB_Any, x, y, width, height, "Login", #PB_Window_SystemMenu)
        Label_Prog = TextGadget(#PB_Any, 10, 10, 90, 25, "Program:")
        Text_Program = TextGadget(#PB_Any, 110, 10, 300, 25, "")
        Label_User = TextGadget(#PB_Any, 10, 50, 90, 25, "User:")
        Label_Passwd = TextGadget(#PB_Any, 10, 80, 90, 25, "Password:")
        String_User = StringGadget(#PB_Any, 110, 50, 300, 25, "")
        String_Passwd = StringGadget(#PB_Any, 110, 80, 300, 25, "", #PB_String_Password)
        Button_Ok = ButtonGadget(#PB_Any, 310, 130, 100, 30, "Ok")
      EndProcedure
     
      ; -------------------------------------------------------------------------------
     
      Procedure _Login()
        Protected cmd.s, program.s
       
        program = GetFilePart(ProgramFilename())
        ; pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY PROGRAM_TO_RUN
        cmd = "-c " + #DQUOTE$ + "pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY " + ProgramFilename() + " 1" + #DQUOTE$
        If RunProgram("bash", cmd, "", #PB_Program_Wait)
          End
        Else
          MessageRequester("Error", "Execute With Privileges!", #PB_MessageRequester_Error)
          End
        EndIf
       
      EndProcedure
     
      ; -------------------------------------------------------------------------------
     
      Procedure _LoginSuDo()
        Protected user.s, passwd.s, cmd.s
       
        OpenWinLogin()
        SetGadgetText(Text_Program, GetFilePart(ProgramFilename()))
        SetGadgetText(String_User, UserName())
       
        Repeat
          Select WaitWindowEvent()
            Case #PB_Event_CloseWindow
              End
            Case #PB_Event_Gadget
              If EventGadget() = Button_Ok
                Break
              EndIf
          EndSelect
        ForEver
        user = GetGadgetText(String_User)
        passwd = GetGadgetText(String_Passwd)
        CloseWindow(WinLogin)
       
        If user = UserName()
          cmd.s = "-c " + #DQUOTE$ + "echo " + passwd + " | sudo -S " + ProgramFilename() + " 1" + #DQUOTE$
        Else
          cmd.s = "-c " + #DQUOTE$ + "echo " + passwd + " | sudo -u " + user + " -S " + ProgramFilename() + " 1" + #DQUOTE$
        EndIf
        If RunProgram("bash", cmd, "")
          End
        Else
          MessageRequester("Error", "Execute With Privileges!", #PB_MessageRequester_Error)
          End
        EndIf
       
      EndProcedure
     
    CompilerCase #PB_OS_Windows
      Procedure _Login()
        ;TODO
        ProcedureReturn 1
      EndProcedure
     
  CompilerEndSelect
 
  ; -----------------------------------------------------------------------------------
 
  Procedure Login()
    If CountProgramParameters() = 0
      ProcedureReturn _Login()
    Else
      ProcedureReturn #True
    EndIf
  EndProcedure
 
  ; -----------------------------------------------------------------------------------
 
EndModule

;- End Module RunAsAdmin

; ***************************************************************************************

CompilerIf #PB_Compiler_IsMainFile
 
  ;IncludeFile "..."
 
  If RunAsAdmin::Login()
    MessageRequester("Info", "Program run as admin!", #PB_MessageRequester_Info)
  EndIf
 
CompilerEndIf

Author:  mk-soft [ Fri Nov 09, 2018 1:16 pm ]
Post subject:  Re: Module RunAsAdmin (root rights)

Update v1.03
- New login window for linux

Author:  vwidmer [ Sun Nov 11, 2018 2:24 pm ]
Post subject:  Re: Module RunAsAdmin (root rights)

Maybe use pkexec on linux?

https://linux.die.net/man/1/pkexec

Author:  mk-soft [ Sun Nov 11, 2018 3:05 pm ]
Post subject:  Re: Module RunAsAdmin (root rights)

I had a look at pkexec.
For "pkexec" and GUI applications you have to create a policy file.
So you can't start the program "gedit" without this "police file".

Author:  vwidmer [ Sat Mar 16, 2019 2:43 am ]
Post subject:  Re: Module RunAsAdmin (root rights)

Maybe some way to use it in one of these other ways?

1)
Code:
pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY PROGRAM_TO_RUN

2)
Code:
https://gist.githubusercontent.com/lentschi/605b031ea32d7c5c0655b5008ed8ee2a/raw/b56b0977803b93f09eeb3d472ac52d3f059eb185/xsudo.sh

Author:  mk-soft [ Sat Mar 16, 2019 12:13 pm ]
Post subject:  Re: Module RunAsAdmin (root rights)

Work now over pkexec...

Thanks :wink:

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/