Error 62529 when doing AuthorisationMBS

Beatrix_Willius · March 1, 2020, 7:20am

Follow up to https://forum.xojo.com/58729-how-to-change-owner-of-script-to-root/. My script now works in Terminal but it doesn’t work with AuthorisationMBS. The code is:

[code]dim theScript as FolderItem 'get path to the script

'write shell script to temp file
dim TempFile as FolderItem = Folderitem.TemporaryFile
dim TempBinary as BinaryStream = BinaryStream.Open(TempFile, True)
TempBinary.Write("#!/bin/sh" + EndOfLine.UNIX + “chown root:admin “”$1"”")
TempBinary.Close

'set permissions for shell script
dim theShell as new Shell
theShell.Execute("chmod 777 " + TempFile.ShellPath)
if theShell.ExitCode <> 0 then Return False

'do Authorization
if theAuthorisation = nil then
theAuthorisation = new AuthorizationMBS
theAuthorisation.KeepRights = true
if not theAuthorisation.SimpleNewAuthorization then Return False
end if

dim s(-1) as string
s.AddRow(theScript.ShellPath)
theAuthorisation.Execute(TempFile.UnixpathMBS, s, true)
if theAuthorisation.LastError = 0 then
dim theResult as Integer = theAuthorisation.Wait
Return True
else
theError = Str(theAuthorisation.LastError)
Return False
end if[/code]

I get an error 62529 when running the code. What does the code mean and what am I doing wrong?

Christian_Schmitz · March 4, 2020, 12:06pm

Sorry, no idea what error 62529 is.

For your problem I can only recommend two things:

Perform shell script with AppleScript where you can let the AppleScript ask for admin privileges.
Use AuthorisationMBS to run the script directly.

In both cases the script should not contain a sudo line.

Beatrix_Willius · March 4, 2020, 12:43pm

Thanks for your reply.

I’m going to investigate.
Valentina-Server needs to be started with root.

Tim_Parnell · March 4, 2020, 12:51pm

Using AuthorisationMBS gets permission, that’s the point. I’ve used it, and you don’t add the sudo.

Christian_Schmitz · March 4, 2020, 1:12pm

If you need to run the script again and again, you can also run one script which sets owner of the file to root and the setuid bit for the file.

Christian_Schmitz · March 4, 2020, 1:12pm

e.g. like this:

chown -R root /Library/xx/Updater
chgrp -R wheel /Library/xx/Updater
chmod -R 555 /Library/xx/Updater

and

chmod 4555 /Library/xx/Updater/Updater

Beatrix_Willius · March 4, 2020, 1:59pm

@Tim Parnell: unfortunately, no. The script needs to be run as root. It’s not really complicated:

launchctl load /Library/LaunchDaemons/com.paradigmasoft.vserver_x64.plist

If the script is not run as root then the database service is run as a user.

@Christian Schmitz: I’ll try that instead.

Sam_Rowlands · March 5, 2020, 4:53am

Which version of the macOS are you using this on. I vaguely recall that there’s something about Authorization only being do-able by using an XPC helper, but I can’t recall if that’s enforced yet or not. It is however the method that Apple wants developers to be using.

Beatrix_Willius · March 5, 2020, 6:30am

I’ve tried the code on both High Sierra and Catalina. All my other authorizations work fine.

What is an XPC Helper?

Sam_Rowlands · March 5, 2020, 6:51am

If all your other Authorizations work, then don’t worry about it. I should have asked this first, apologizes.