How to determine if a process owner is a Mac OS X administrator in C ++

Question

How to determine if a process owner is a Mac OS X administrator in C ++

How to programmatically check if the user who was executing my executable file is an administrator?

This is C ++ on Mac OS XX 10.6 (Snow Leopard) or higher. My numerous searches have not found anything.

+4

c ++ macos

meg18019 Jun 14 '12 at 1:29

source share

4 answers

Arafangion · Answer 1 · 2012-06-14T02:10:11+0000

Check the groups user is in and make sure the user is in the desired group. I think you want to check if the user belongs to "admin", but instead you can check for other, more specific access. Why do you still want to check the admin? As a rule, it’s better to try to try to complete the task, and not check the wide level of access and failure if the user does not have such access, but he has the specific access that you need.

Kyokook Hwang · Answer 2 · 2012-06-14T01:37:17+0000

How to check user id by calling getuid ()? OS X is based on BSD. So, I think you could check the identifier of the user who starts the process with this function.

Mecki · Answer 3 · 2015-09-16T17:34:21+0000

 #include <grp.h> #include <pwd.h> #include <string.h> bool currentUserIsAdmin ( ) { // A user cannot be member in more than NGROUPS groups, // not counting the default group (hence the + 1) gid_t groupIDs[NGROUPS + 1]; // ID of user who started the process uid_t userID = getuid(); // Get user password info for that user struct passwd * pw = getpwuid(userID); int groupCount; if (pw) { // Look up groups that user belongs to groupCount = NGROUPS + 1; // getgrouplist returns ints and not gid_t and // both may not necessarily have the same size int intGroupIDs[NGROUPS + 1]; getgrouplist(pw->pw_name, pw->pw_gid, intGroupIDs, &groupCount); // Copy them to real array for (int i = 0; i < groupCount; i++) groupIDs[i] = intGroupIDs[i]; } else { // We cannot lookup the user but we can look what groups this process // currently belongs to (which is usually the same group list). groupCount = getgroups(NGROUPS + 1, groupIDs); } for (int i = 0; i < groupCount; i++) { // Get the group info for each group struct group * group = getgrgid(groupIDs[i]); if (!group) continue; // An admin user is member of the group named "admin" if (strcmp(group->gr_name, "admin") == 0) return true; } return false; }

Jeffery thomas · Answer 4 · 2012-06-14T02:59:11+0000

Open Directory seems to be the right way to do this. You could save it using getegid() and / or setegid()

I have not tested it, but this may work:

 // 80 should be the admin group number, but it Apple might change it in a later release. if (getegid() == 80 || setegid(80) == 0) { // Yea! I'm an admin. }

Just a few quick ideas to continue. I hope they lead you in the right direction.

How to determine if a process owner is a Mac OS X administrator in C ++

More articles: