Geek Answers Handbook

Configure Mac OSX Login Screen (SFAuthorizationPluginView)

I am trying to expand the login screen in MacOSX 10.9.1 (Mavericks). As I found out, this is possible by introducing a new authentication plugin and installing it in the authorization database .

I downloaded the NameAndPassword example, which shows how to implement the interface and overwrite / extend SFAuthorizationPluginView . But the problem is that I cannot build it under the Mavericks. So I decided to download a second example called NullAuthPlugin. This one compiles, but I did not know how to install it.

So, my question is one, if there is a good and updated tutorial for this (TechNotes - form 2008-09-16)?

And question number two, if this could be developed using C # (Xamarin.Mac / MonoMac), because I am not very good at Objective-C / C / C ++.

Thanks!

+4
mono macos loginview monomac
source share
2 answers

Well, errors have been reported by Apple several times, but so far they have not done anything. The simplest answer: you need a fixed version of the NameAndPassword plugin - the official is broken. I installed my fixed plugin on GitHub: https://github.com/skycocker/NameAndPassword

It is important that you replace

<string>loginwindow:login</string>

in the authorization policy database with

 <string>NameAndPassword:invoke</string>

Otherwise, it will not log in. I would not have understood this without Merlin69 .

+4
source share

First of all: Never, EVER, never start debugging a login plugin by putting it in the console login right. You need to create a special test "dummy" directly in auth db, completely independent of any other right that the OS may require to call during its operation. Call it as "MyTestRight-RemoveMeAfterTest".

Create a plist file that looks something like this:

 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>class</key> <string>evaluate-mechanisms</string> <key>comment</key> <string>Used to validate a terminal user.</string> <key>mechanisms</key> <array> <string>NameAndPassword:invoke</string> </array> </dict> </plist>

Install it using the "security" command from the terminal:

"security authorizationdb write MyTestRight-RemoveMeAfterTest <MyTestRight-RemoveMeAfterTest_plist_file"

NEVER edit auth db manually, even if you can still do this, which is the case with osx prior to 10.9. If you make a mistake and the OS cannot parse the file, you will find yourself in a world of resentment. I was there. I have been doing these plugins for years. If os cannot read the file, you will be in the same situation if your plug-in freezes when connected to a stream without an oar. If you do not have the forethought to enable SSH, you will have to boot into another partition or boot from a backup of the temporary mechanism. In the latter case, you better save your latest changes to some external drive.

After you set the right in db, you should check it from an external program.

You need to call the security infrastructure, as shown in the readme file included with the example username and password, and request your right, as the OS would do.

Be careful when using any of the apple samples. Use them only as a guide. NameAndPassword has errors and could never start. It was last updated in 2006 and uses many features that are currently outdated. It doesn't actually do anything, but it's just a shell.

-2
source share

More articles:


All Articles