From 52d06bce98f9408da7cf3b34fb95c9fa862cbee5 Mon Sep 17 00:00:00 2001 From: Charlie Fenton Date: Tue, 17 Jan 2012 09:38:32 +0000 Subject: [PATCH] Mac: In permissions error alert: show branded name and path to bad file or subdirectory svn path=/trunk/boinc/; revision=25081 --- checkin_notes | 12 +++++ client/check_security.cpp | 19 ++++--- client/sandbox.h | 2 +- clientgui/BOINCGUIApp.cpp | 98 +++++++++++++++++++++-------------- mac_installer/PostInstall.cpp | 5 +- 5 files changed, 88 insertions(+), 48 deletions(-) diff --git a/checkin_notes b/checkin_notes index 2740d16672..63a0084e18 100644 --- a/checkin_notes +++ b/checkin_notes @@ -617,3 +617,15 @@ Rom 16 Jan 2012 / configure.ac version.h + +Charlie 17 Jan 2012 + - Mac: In permissions error alert: show branded name, if permissions + error is in a subdirectory, show path to bad file or subdirectory. + + client/ + check_security.cpp + sandbox.h + clientgui/ + BOINCGUIApp.cpp + mac_installer/ + PosInstall.cpp diff --git a/client/check_security.cpp b/client/check_security.cpp index 2d2f1724a7..57e0f08e07 100644 --- a/client/check_security.cpp +++ b/client/check_security.cpp @@ -39,7 +39,10 @@ bool IsUserInGroupBM(); #endif -static int CheckNestedDirectories(char * basepath, int depth, int use_sandbox, int isManager); +static int CheckNestedDirectories(char * basepath, int depth, + int use_sandbox, int isManager, + char * path_to_error + ); #if (! defined(__WXMAC__) && ! defined(_MAC_INSTALLER)) static char * PersistentFGets(char *buf, size_t buflen, FILE *f); @@ -66,7 +69,7 @@ int check_security( #ifdef _MAC_INSTALLER char *bundlePath, char *dataPath, #endif -int use_sandbox, int isManager +int use_sandbox, int isManager, char* path_to_error ) { passwd *pw; group *grp; @@ -358,7 +361,7 @@ saverName[2] = "Progress Thru Processors"; return -1026; // Step through project directories - retval = CheckNestedDirectories(full_path, 1, use_sandbox, isManager); + retval = CheckNestedDirectories(full_path, 1, use_sandbox, isManager, path_to_error); if (retval) return retval; } @@ -380,7 +383,7 @@ saverName[2] = "Progress Thru Processors"; return -1029; // Step through slot directories - retval = CheckNestedDirectories(full_path, 1, use_sandbox, isManager); + retval = CheckNestedDirectories(full_path, 1, use_sandbox, isManager, path_to_error); if (retval) return retval; } @@ -497,7 +500,10 @@ saverName[2] = "Progress Thru Processors"; } -static int CheckNestedDirectories(char * basepath, int depth, int use_sandbox, int isManager) { +static int CheckNestedDirectories(char * basepath, int depth, + int use_sandbox, int isManager, + char * path_to_error + ) { int isDirectory; char full_path[MAXPATHLEN]; struct stat sbuf; @@ -583,7 +589,7 @@ static int CheckNestedDirectories(char * basepath, int depth, int use_sandbox, i if ((! isManager) && (sbuf.st_uid != boinc_master_uid)) continue; // Client can't check subdirectories owned by boinc_project } - retval = CheckNestedDirectories(full_path, depth + 1, use_sandbox, isManager); + retval = CheckNestedDirectories(full_path, depth + 1, use_sandbox, isManager, path_to_error); if (retval) break; } @@ -594,6 +600,7 @@ static int CheckNestedDirectories(char * basepath, int depth, int use_sandbox, i if (retval && !errShown) { fprintf(stderr, "Permissions error %d at %s\n", retval, full_path); + if (path_to_error) strcpy(path_to_error, full_path); errShown = 1; } return retval; diff --git a/client/sandbox.h b/client/sandbox.h index cf861be384..d8266bbc4f 100644 --- a/client/sandbox.h +++ b/client/sandbox.h @@ -23,7 +23,7 @@ extern int client_clean_out_dir(const char*, const char* reason); extern int delete_project_owned_file(const char* path, bool retry); extern int remove_project_owned_dir(const char* name); extern int remove_project_owned_file_or_dir(const char* path); -extern int check_security(int use_sandbox, int isManager); +extern int check_security(int use_sandbox, int isManager, char* path_to_error = NULL); #define BOINC_PROJECT_GROUP_NAME "boinc_project" diff --git a/clientgui/BOINCGUIApp.cpp b/clientgui/BOINCGUIApp.cpp index 2e1917fb33..0970384cae 100644 --- a/clientgui/BOINCGUIApp.cpp +++ b/clientgui/BOINCGUIApp.cpp @@ -294,46 +294,6 @@ bool CBOINCGUIApp::OnInit() { wxHelpProvider::Set(new wxHelpControllerHelpProvider()); -#ifdef SANDBOX - // Make sure owners, groups and permissions are correct for the current setting of g_use_sandbox - if (!iErrorCode) { -#if (defined(__WXMAC__) && defined(_DEBUG)) // TODO: implement this for other platforms - // GDB can't attach to applications which are running as a different user - // or group, so fix up data with current user and group during debugging - if (check_security(g_use_sandbox, true)) { - CreateBOINCUsersAndGroups(); - SetBOINCDataOwnersGroupsAndPermissions(); - SetBOINCAppOwnersGroupsAndPermissions(NULL); - } -#endif - iErrorCode = check_security(g_use_sandbox, true); - } - - if (iErrorCode) { - - ShowApplication(true); - - if (iErrorCode == -1099) { - strDialogMessage = - _("You currently are not authorized to manage the client.\n\nTo run BOINC as this user, please:\n - reinstall BOINC answering \"Yes\" to the question about\n non-administrative users\n or\n - contact your administrator to add you to the 'boinc_master'\n user group."); - } else { - strDialogMessage.Printf( - _("BOINC ownership or permissions are not set properly; please reinstall BOINC.\n(Error code %d)"), - iErrorCode - ); - - } - wxMessageDialog* pDlg = new wxMessageDialog(NULL, strDialogMessage, wxT("BOINC Manager"), wxOK); - - pDlg->ShowModal(); - if (pDlg) - pDlg->Destroy(); - - return false; - } -#endif // SANDBOX - - // Enable known image types wxInitAllImageHandlers(); @@ -351,6 +311,64 @@ bool CBOINCGUIApp::OnInit() { m_pSkinManager->ReloadSkin(strDesiredSkinName); +#ifdef SANDBOX + // Make sure owners, groups and permissions are correct for the current setting of g_use_sandbox + char path_to_error[MAXPATHLEN]; + path_to_error[0] = '\0'; + + if (!iErrorCode) { +#if (defined(__WXMAC__) && defined(_DEBUG)) // TODO: implement this for other platforms + // GDB can't attach to applications which are running as a different user + // or group, so fix up data with current user and group during debugging + if (check_security(g_use_sandbox, true)) { + CreateBOINCUsersAndGroups(); + SetBOINCDataOwnersGroupsAndPermissions(); + SetBOINCAppOwnersGroupsAndPermissions(NULL); + } +#endif + iErrorCode = check_security(g_use_sandbox, true, path_to_error); + } + + if (iErrorCode) { + + ShowApplication(true); + + if (iErrorCode == -1099) { + strDialogMessage.Printf( + _("You currently are not authorized to manage the client.\n\nTo run %s as this user, please:\n - reinstall %s answering \"Yes\" to the question about\n non-administrative users\n or\n - contact your administrator to add you to the 'boinc_master'\n user group."), + m_pSkinManager->GetAdvanced()->GetApplicationShortName().c_str(), + m_pSkinManager->GetAdvanced()->GetApplicationShortName().c_str() + ); + } else { + wxString strErrorPath = wxString::FromUTF8(path_to_error); + strDialogMessage.Printf( + _("%s ownership or permissions are not set properly; please reinstall %s.\n(Error code %d at %s)"), + m_pSkinManager->GetAdvanced()->GetApplicationShortName().c_str(), + m_pSkinManager->GetAdvanced()->GetApplicationShortName().c_str(), + iErrorCode , strErrorPath.c_str() + ); + fprintf(stderr, "%ls ownership or permissions are not set properly; please reinstall %ls.\n(Error code %d at %s)", + m_pSkinManager->GetAdvanced()->GetApplicationShortName().c_str(), + m_pSkinManager->GetAdvanced()->GetApplicationShortName().c_str(), + iErrorCode, path_to_error + ); + } + wxMessageDialog* pDlg = new wxMessageDialog( + NULL, + strDialogMessage, + m_pSkinManager->GetAdvanced()->GetApplicationName(), + wxOK + ); + + pDlg->ShowModal(); + if (pDlg) + pDlg->Destroy(); + + return false; + } +#endif // SANDBOX + + #ifdef __WXMSW__ // Perform any last minute checks that should keep the manager // from starting up. diff --git a/mac_installer/PostInstall.cpp b/mac_installer/PostInstall.cpp index e445dabd81..6ec91bab27 100755 --- a/mac_installer/PostInstall.cpp +++ b/mac_installer/PostInstall.cpp @@ -112,7 +112,10 @@ static OSErr QuitAppleEventHandler(const AppleEvent *appleEvt, AppleEvent* reply void print_to_log_file(const char *format, ...); void strip_cr(char *buf); -extern int check_security(char *bundlePath, char *dataPath, int use_sandbox, int isManager); +extern int check_security(char *bundlePath, char *dataPath, + int use_sandbox, int isManager, + char* path_to_error = NULL + ); #define NUMBRANDS 4