set actions +x, clarify admin privs

User specified action (script/binary) now set to +x (#2) Clarifies that OverSight requires admin access to function properly (#10)
2022-11-21 16:40:52 -10:00 · 2022-11-21 16:40:52 -10:00 · 4425d1df0f
parent 692e000b1a
commit 4425d1df0f
6 changed files with 25 additions and 9 deletions
--- a/Application/Application/PrefsWindowController.m
+++ b/Application/Application/PrefsWindowController.m
@ -475,6 +475,9 @@ bail:
    //set path in ui
    self.executePath.stringValue = panel.URL.path;
    
+    //ensure its executable
+    execTask(CHMOD, @[@"+x", panel.URL.path], YES, NO);
+    
    //save path & sync
    [NSUserDefaults.standardUserDefaults setObject:self.executePath.stringValue forKey:PREF_EXECUTE_PATH];
    [NSUserDefaults.standardUserDefaults synchronize];
--- a/Installer/Installer.xcodeproj/project.pbxproj
+++ b/Installer/Installer.xcodeproj/project.pbxproj
@ -198,7 +198,7 @@
 				CD86B6E923A5BBE7003F6BA4 /* configure.sh */,
 			);
 			name = Script;
-			path = Configure/Script;
+			path = Source/Script;
 			sourceTree = "<group>";
 		};
 		CD73DA9C20049158001FFC84 /* Shared */ = {
--- a/Installer/Source/main.m
+++ b/Installer/Source/main.m
@ -40,7 +40,7 @@ int main(int argc, char *argv[])
    if(YES != hasAdminPrivileges())
    {
        //show alert
-        showAlert(@"ERROR: Insuffient Privileges.", @"Administrator privileges are required to monitor the camera & microphone.");
+        showAlert(@"ERROR: Insuffient Privileges.", @"OverSight can only be installed / run on accounts with administrative privileges");
        
        //bail
        goto bail;
--- a/Shared/Consts.h
+++ b/Shared/Consts.h
@ -208,6 +208,9 @@
 //support us
 #define ACTION_SUPPORT 5

+//path to chmod
+#define CHMOD @"/bin/chmod"
+
 //path to xattr
 #define XATTR @"/usr/bin/xattr"

--- a/Shared/Utilities.h
+++ b/Shared/Utilities.h
@ -48,8 +48,8 @@ NSString* topLevelApp(NSString* binaryPath);
 // b) signed with signing auth
 OSStatus verifyApp(NSString* path, NSString* signingAuth);

-//get name of logged in user
-NSString* getConsoleUser(void);
+//get user id of logged in user
+uid_t getConsoleUserID(void);

 //check if process is alive
 BOOL isProcessAlive(pid_t processID);
--- a/Shared/Utilities.m
+++ b/Shared/Utilities.m
@ -408,10 +408,20 @@ bail:
 }

 //get name of logged in user
-NSString* getConsoleUser()
+uid_t getConsoleUserID()
 {
-    //copy/return user
-    return CFBridgingRelease(SCDynamicStoreCopyConsoleUser(NULL, NULL, NULL));
+    //uid
+    uid_t userID = 0;
+    
+    //copy logged in user
+    if(NULL == CFBridgingRelease(SCDynamicStoreCopyConsoleUser(NULL, &userID, NULL)))
+    {
+        //error?
+        // defer to current user
+        userID = getuid();
+    }
+    
+    return userID;
 }

 //get process name
@ -1679,8 +1689,8 @@ BOOL hasAdminPrivileges()
    //admin group
    struct group* adminGroup = NULL;
    
-    //get password entry for current user
-    pwentry = getpwuid(getuid());
+    //get password entry for console user
+    pwentry = getpwuid(getConsoleUserID());
    
    //get admin group
    adminGroup = getgrnam("admin");