diff options
| author | thakis@chromium.org <thakis@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-05-02 01:47:10 +0000 |
|---|---|---|
| committer | thakis@chromium.org <thakis@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-05-02 01:47:10 +0000 |
| commit | 753b36fea0186ce2f6f81f0bf9adce5ba72ec7ec (patch) | |
| tree | 7b54d1bf5f6fa96b27056f52c37b7368d53b6aeb | |
| parent | 5c5cd906ed8caca7375db929f7429ee5206b1fa7 (diff) | |
| download | chromium_src-753b36fea0186ce2f6f81f0bf9adce5ba72ec7ec.zip chromium_src-753b36fea0186ce2f6f81f0bf9adce5ba72ec7ec.tar.gz chromium_src-753b36fea0186ce2f6f81f0bf9adce5ba72ec7ec.tar.bz2 | |
gcapi mac: Only sudo if necessary when running the setup script.
BUG=none
Patch from Amy Wang <arw@google.com>!
R=mark@chromium.org
Review URL: https://codereview.chromium.org/14500003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@197774 0039d316-1c4b-4281-b951-d872f2087c98
| -rw-r--r-- | chrome/installer/gcapi_mac/gcapi.mm | 39 |
1 files changed, 34 insertions, 5 deletions
diff --git a/chrome/installer/gcapi_mac/gcapi.mm b/chrome/installer/gcapi_mac/gcapi.mm index 3d4e922..57f0d02 100644 --- a/chrome/installer/gcapi_mac/gcapi.mm +++ b/chrome/installer/gcapi_mac/gcapi.mm @@ -372,13 +372,42 @@ int InstallGoogleChrome(const char* source_path, } @try { + NSTask* task = [[[NSTask alloc] init] autorelease]; + // install.sh tries to make the installed app admin-writable, but // only when it's not run as root. - NSString* run_as = [NSString stringWithUTF8String:user->pw_name]; - NSTask* task = [[[NSTask alloc] init] autorelease]; - [task setLaunchPath:@"/usr/bin/sudo"]; - [task setArguments: - @[@"-u", run_as, install_script, app_path, kChromeInstallPath]]; + if (geteuid() == 0) { + // Use |su $(whoami)| instead of sudo -u. If the current user is in more + // than 16 groups, |sudo -u $(whoami)| will drop all but the first 16 + // groups, which can lead to problems (e.g. if "admin" is one of the + // dropped groups). + // Since geteuid() is 0, su won't prompt for a password. + NSString* run_as = [NSString stringWithUTF8String:user->pw_name]; + [task setLaunchPath:@"/usr/bin/su"]; + + NSString* single_quote_escape = @"'\"'\"'"; + NSString* install_script_quoted = [install_script + stringByReplacingOccurrencesOfString:@"'" + withString:single_quote_escape]; + NSString* app_path_quoted = + [app_path stringByReplacingOccurrencesOfString:@"'" + withString:single_quote_escape]; + NSString* install_path_quoted = [kChromeInstallPath + stringByReplacingOccurrencesOfString:@"'" + withString:single_quote_escape]; + + NSString* install_script_execution = + [NSString stringWithFormat:@"exec '%@' '%@' '%@'", + install_script_quoted, + app_path_quoted, + install_path_quoted]; + [task setArguments: + @[run_as, @"-c", install_script_execution]]; + } else { + [task setLaunchPath:install_script]; + [task setArguments:@[app_path, kChromeInstallPath]]; + } + [task launch]; [task waitUntilExit]; if ([task terminationStatus] != 0) { |