CODEWITHSUNDEEP
xcodemacoscocoainstallation
SMGreenfield
SMGreenfield

Reputation: 1720

How to elevate privileges to use CFPreferencesSetValue for "any user" -- macos 10.10 - 10.12

After installation of our software in /Applications, I wanted our end users to be able to see the serial number they entered in our about box. Since the software is activated for ALL USERS, I figured I need to write that information to a common preference file location. However Apple's docs say that CFPreferencesAppSynchronize can't be used for kCFPreferencesAnyUser:

"Note that you can only save preferences for “Any User” if you have root privileges"

So of course the code below doesn't work (although CFPreferencesAppSynchronize returns true):

void WritePrefTest(void)
{
    // Write it out
    CFStringRef textKey = CFSTR("myTextKey");
    CFStringRef applicationID = CFSTR("com.foo.bar");
    CFStringRef textValue = CFSTR("text that should be written");

    CFPreferencesSetValue(textKey, textValue, applicationID, kCFPreferencesAnyUser, kCFPreferencesCurrentHost);

    Boolean wasSuccessful = CFPreferencesAppSynchronize(kCFPreferencesAnyUser);
    assert(wasSuccessful); 

    // read it back in

    CFStringRef prefText = (CFStringRef)CFPreferencesCopyAppValue(textKey, applicationID);
    NSLog(@"The text from com.foo.bar == %@", (__bridge NSString *)prefText);
}

Since activation and entry of the serial number takes place OUTSIDE the installer, should I 1) request elevating privileges (never done that before), 2) create a plist in some other folder (/Library/Application Support) -- assuming I'm allowed to write there -- or 3) write it into some other macos-accepted folder?

Upvotes: 0

Views: 601

Answers (1)

SMGreenfield
SMGreenfield

Reputation: 1720

Ah hah!

While CFPreferencesAppSynchronize() will NOT CREATE a new file in /Library/Preferences using the kCFPreferencesAnyUser parameter, it WILL WRITE to an existing file, IF that file's permissions are already set to allow writing by an admin user (and that user is logged in). Since our installation requires admin privileges, when the user runs the Apple Installer, the elevated privileges of the Apple Installer can create that file in /Library/Preferences and give it admin write privileges, so that later during product activation the user's serial number can be added for all users to access.

Note that this plist file is NOT the plist containing user-specific preferences, nor would we expect the end-user running an already-installed app be writing to that file (which would fail if they weren't an admin user).

So this gets us around the issue (though I'm certain more experienced developers may have some thoughts to add).

Upvotes: 1

Related Questions