#pragma section-numbers off
= Authorization =
 Authorization is a Python wrapper for Apple's Authorization API.  Basically, it allows you to spawn arbitrary processes as root after successfully authenticating as an administrator.  This is useful for installers, twiddling kernel settings (via sysctl or the like), etc. 

= status =

Authorization is currently at its first public release, 0.1.

= examples =

{{{
#!python
import os, sys, struct, tempfile
from Authorization import Authorization, kAuthorizationFlagDestroyRights

AUTHORIZEDTOOL = "#!%s\n%s" % (sys.executable,
r"""
import os
print os.getuid(), os.geteuid()
os.setuid(0)
print "I'm root!"
""")

def main():
    auth = Authorization(destroyflags=(kAuthorizationFlagDestroyRights,))
    fd, name = tempfile.mkstemp('.py')
    os.write(fd, AUTHORIZEDTOOL)
    os.close(fd)
    os.chmod(name, 0700)
    try:
        pipe = auth.executeWithPrivileges(name)
        sys.stdout.write(pipe.read())
        pipe.close()
    finally:
        os.unlink(name)

if __name__=='__main__':
    main()
}}}


== Leopard ==

This will not compile directly on Leopard.  You will need to change line 14 of Authorization.pxi from "raise" to "raise _err".

The following shows a concrete example for using this with Leopard.

{{{
# This has been tested on a Mac OS X 10.5.5 Leopard stock Python installation
# on October 25, 2008

# The following is sufficient for using Pyrex, 
# it doesn't need to be installed
export PATH=$HOME/Downloads/Pyrex-0.9.8.5:$PATH
export PYTHONPATH=$HOME/Downloads/Pyrex-0.9.8.5:$PYTHONPATH

cd $HOME/Downloads/Authorization-0.1

# Solve "Use __cinit__ instead"
perl -pi -e  's/__new__/__cinit__/g' ./src/Authorization.pxi

# Solve "Reraise not inside except clause"
perl -pi -e 's/raise /#raise /g' ./src/Authorization.pxi

# Compile, but do not install
python ./setup.py build_ext --inplace

# Solve "cannot import name kAuthorizationFlagDestroyRights"
perl -pi -e  's/, kAuthorizationFlagDestroyRights//g' ./test/test.py
perl -pi -e  's/destroyflags=\(kAuthorizationFlagDestroyRights,\)//g' ./test/test.py

# Test
export PYTHONPATH=./lib/:$PYTHONPATH
python test/test.py

# should give:
# I'm root!
}}}

= homepage =