Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Installer only reliably runs when admin user is the *only* user logged in #336

Open
Smaug123 opened this issue Oct 22, 2024 · 0 comments
Open

Installer only reliably runs when admin user is the *only* user logged in #336

Smaug123 opened this issue Oct 22, 2024 · 0 comments

Comments

@Smaug123
Copy link

The following code takes the final entry in the list of logged in users, not the actual logged in user:

asahi-installer/src/system.py

Lines 82 to 89 in 2f9b795

self.login_user = None
scout = subprocess.run(["scutil"], input=b"show State:/Users/ConsoleUser\n",
stdout=subprocess.PIPE).stdout.strip()
for line in scout.split(b"\n"):
if b"kCGSSessionUserNameKey : " in line:
consoleuser = line.split(b"kCGSSessionUserNameKey : ")[1].decode("ascii")
if consoleuser != "_mbsetupuser":
self.login_user = consoleuser

That means even if you are running the installer as an admin, you might still fail to run at the "are you an admin" check (

asahi-installer/src/main.py

Line 223 in 2f9b795

if self.sysinfo.boot_mode == "macOS" and self.sysinfo.login_user not in self.cur_os.admin_users:
).

I suspect it would instead be correct to filter the array for any entry which has kCGSSessionUserIDKey matching the UID and perhaps the GID.

For example, my own scutil output right now is as follows. (Sorry, I've grabbed this from my non-admin user patrick but the SessionInfo is in the same order for the admin user factotum. I also don't know if any of this is sensitive so I've redacted everything.)

> show State:/Users/ConsoleUser
<dictionary> {
  GID : 20
  Name : patrick
  SessionInfo : <array> {
    0 : <dictionary> {
      CGSSessionUniqueSessionUUID : blah
      kCGSSessionAuditIDKey : blah
      kCGSSessionGroupIDKey : 20
      kCGSSessionIDKey : blah
      kCGSSessionLoginwindowSafeLogin : blah
      kCGSSessionOnConsoleKey : blah
      kCGSSessionSystemSafeBoot : blah
      kCGSSessionUserIDKey : 502
      kCGSSessionUserNameKey : factotum
      kCGSessionLoginDoneKey : blah
      kCGSessionLongUserNameKey : blah
      kSCSecuritySessionID : blah
    }
    1 : <dictionary> {
      CGSSessionUniqueSessionUUID : blah
      kCGSSessionAuditIDKey : blah
      kCGSSessionGroupIDKey : 20
      kCGSSessionIDKey : blah
      kCGSSessionLoginwindowSafeLogin : blah
      kCGSSessionOnConsoleKey : blah
      kCGSSessionSystemSafeBoot : blah
      kCGSSessionUserIDKey : 501
      kCGSSessionUserNameKey : patrick
      kCGSessionLoginDoneKey : blah
      kCGSessionLongUserNameKey : blah
      kSCSecuritySessionID : blah
    }
  }
  UID : 501
}

As things stand, the code believes patrick is logged in, regardless of who is actually logged in.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Smaug123