Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Run applications as another user without switching Apps
This is regurgitating a hint I got from the comments section of another hint about Apache (I think). What this does is allow you to keep a program within the constraints of another user, without having that user logged in via the GUI. Run a suspect program within a bubble! I'd advise setting up a dummy account with very limited access if you wanted to make a "bubble." Note: I'm going to refer to the subsequent account as the "bubble account" and that account's session as the "bubble" from now on to give you the right idea about this.
  1. Open a new terminal window
  2. Type the following where short_name is the short name of the "bubble" account: sudo short_name -
  3. Type the password to the "bubble" account.
  4. Type the following where app_name is the name of the app you wish to open:
    /Applications/app_name.app/Contents/MacOS/app_name
    For instance, this would launch Safari:
    /Applications/Safari.app/Contents/MacOS/Safari
A couple of things to remember (very important!):
  • Copying and pasting between this app and others will not work unless the others are also in the bubble.
  • Apps running from within the bubble will still be able to launch subsequent applications under the original account (from what I can tell). For instance, going to an ftp:// URL in Safari while it's in the bubble will use the Finder running in the non-bubble account, with all available privileges.
  • Closing the terminal (or hitting Ctrl+C while in the window) will close the app running within the bubble.
  • Many programs will show exceptions and weird messages in the Terminal at various times while the program is running, if you've programmed before you'll know this is totally normal and expected.
  • The programs running in the bubble may have different appearance settings than those you would otherwise run. To change this, login under the bubble account and go to System Preferences
  • Running two copies of a program (one inside and one outside the bubble) works absolutely perfectly, in fact I'm writing this on my "bubbled" Safari app right now!
  • Some problems may occur, like not being able to drag and drop using Safari. Work around them
  • This does not seem to save preferences with the bubble account as file vault if the user is not logged in in the background.
I've tested this thoroughly, and it's pretty interesting I think.

[robg adds: This hint is the generic version of Run Mail as another user. I thought it was worth sharing the generic form in addition to the specific example...]
    •    
  • Currently 1.75 / 5
  You rated: 4 / 5 (4 votes cast)
 
[40,473 views]  

Run applications as another user without switching | 20 comments | Create New Account
Click here to return to the 'Run applications as another user without switching' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Run applications as another user without switching
Authored by: Felix_the_Mac on May 21, '04 10:25:06AM

I have been trying to get chroot to work which will add further security to this approach. chroot sets the root directory for a process so that it cannot access anything outside a particulat directory structure e.g. /users/dummy

However whenever I issue the chroot command I get the following errors:


Felixs-Computer:/ Felix$ chroot /jail
chroot: /jail: Operation not permitted
Felixs-Computer:/ Felix$ sudo sh
Password:
sh-2.05b# chroot /jail
chroot: /bin/bash: No such file or directory
sh-2.05b# chroot /jail /bin/bash
chroot: /bin/bash: No such file or directory
sh-2.05b#
sh-2.05b#

any help would be appreciated!



[ Reply to This | # ]
Run applications as another user without switching
Authored by: kianga on May 21, '04 10:48:51AM

Regarding chroot, I seriously doubt that this is going to work. When you use chroot, everything else above the new root directory becomes inaccessible.

This includes things like the shell (/bin/bash), but more importantly all the system frameworks (e.g. Cocoa), which are located in /System/Library/Frameworks.

Basically, you have to copy all important system files into the appropriate directories below the chrooted directory, e.g. /jail/System/Library/Frameworks, /jail/bin/bash, etc. Also, the /Volumes directory wouldn't be available either.

Using a chroot on a GUI-less UNIX server is difficult enough; I doubt it will work on a system as complex as OS X.



[ Reply to This | # ]
chrooting OSX works fine
Authored by: daniel_steffen on May 25, '04 11:57:57AM

it's perfectly possible and very useful, see
http://darwinports.gene-hacker.net/docs/howto/chroot_10.2/
you have to set aside ~ 4GB for a disk image containing the chroot though



[ Reply to This | # ]
Chroot Probelm
Authored by: CrazyDuke on May 21, '04 10:55:04AM

I think your problem is that initially you were not allowed to do it, but when you did "sudo sh" you created a new shell but I don't think any of the path information was passed along. You should simply do "su -" (that is the same command above without a user) and that will prompt you for your root password and you will then be in as root.

Reason I say this is that "chroot: /bin/bash: No such file or directory" is referring to the command "chroot" it can't find it cuz there probably is no path variable set.

Now as far as whether it won't work due to losing frameworks, etc, I don't know I guess that's something you'll have to try.



[ Reply to This | # ]
Chroot Probelm
Authored by: thochman on May 22, '04 07:19:55PM

Reason I say this is that "chroot: /bin/bash: No such file or directory" is referring to the command "chroot" it can't find it cuz there probably is no path variable set.

Actually, it's chroot saying that /bin/bash cannot be found. If it was bash, the line would start with "bash" and not "chroot". :) The reason this is occurring is because chroot is using /jail as the / directory. Well, since no command is specified, chroot attempts to load up a shell. Namely, /bin/bash. If there's no /jail/bin/bash then chroot spits out the error seen here.



[ Reply to This | # ]
Run applications as another user without switching
Authored by: rhowell on May 21, '04 10:42:27AM

Now if only Apple would build this into ssh sessions, so we can run apps remotely. Here's the error one gets:

[feynman:~] rhowell% /Applications/Safari.app/Contents/MacOS/Safari
kCGErrorRangeCheck : Window Server communications from outside of session allowed for root and console user only
INIT_Processeses(), could not establish the default connection to the WindowServer.Abort

I guess this is what ARD ($$$) is for...



[ Reply to This | # ]
One-liner?
Authored by: jecwobble on May 21, '04 11:38:01AM
I'm not at my Mac right now so I can't test this (I know it works with out the "-u" option to run something as root), but I imagine a one line method for *.app applications could be:
sudo -u short_name open /Applications/app_name.app/Contents/MacOS/app_name
...and a one line method for Carbon applications could be (split after "/Versions/" for readability:
sudo -u short_name /System/Library/Frameworks/Carbon.framework/Versions/
Current/Support/LaunchCFMApp /Applications/carbon_app_name


[ Reply to This | # ]
One-liner?
Authored by: funkaster on May 21, '04 06:02:26PM
You don't need the whole path to the application, for instance, to open Safari you would type:
sudo -u some_user open /Applications/Safari
open is just like double clicking on the finder, you can even open documents with that.

---
funkaster./

[ Reply to This | # ]

Doesn't work here
Authored by: anjoschu on May 22, '04 02:29:30AM

I tried open and on my machine it opens the application as the current logged-in user, not as the shell-sudoer.



[ Reply to This | # ]
Run applications as another user without switching
Authored by: dmmorse on May 21, '04 01:20:13PM
If you launch an application using this hint and place an "&" at the end of the command, like this:

/Applications/Safari.app/Contents/MacOS/Safari &

then the shell will run the application in the background and you can close the shell window without causing the "bubble" application to quit.

[ Reply to This | # ]
Problem with sudo
Authored by: karnat10 on May 21, '04 01:43:16PM
This didn't work for me how the original poster wrote it. In order to open a session as the "bubble" user, I had to type:

sudo -u short_name -s
This did actually open a terminal session with the short_name user. The same as su in other unices.

By the way, I think the "correct" name of this concept is neither bubble nor jail, but sandbox.

[ Reply to This | # ]
With login you do not need the root password
Authored by: anjoschu on May 22, '04 03:22:42AM

I find this sandbox thing pretty interesting. What disturbed me was that you need the root password to sudo something as another user. To me it makes more sense to use the sandbox user's password.

This works with "login username"

Unfortunately, I have not yet found a way to perform a script like "login username; /Applications/Safari.app/Contents/MacOS/Safari", as the command after the ; does not make it into the new shell.

By the way, if you want to be able to sudo from a non-Admin user, edit the file /etc/sudoers accordingly.

The warning about the application being able to launch applications as the GUI user is true. E.g. when you double click on an application from a sanbox user's Finder.app, the app launches as the GUI user. Same as with the open command. There must be some system call for "open". Now if we only could modify this so that applications open other applications as the sandbox user.



[ Reply to This | # ]
visudoers ??
Authored by: slughead on May 23, '04 03:18:04PM
can anyone remember the command to edit the sudoers file (it's basically vi with syntax correction specifically for the sudoers file..).

it's something like visudoers .. anyone?

---
http://lp.org -- that's all you need to know

[ Reply to This | # ]

"sudo visudo" (n/t)
Authored by: anjoschu on May 26, '04 07:32:20AM

no text



[ Reply to This | # ]
With login you do not need the root password
Authored by: mzs on May 29, '04 07:41:24PM
This is what I do:

/usr/bin/login -p username

This is almost always works the way I want.

Using the explicit path uses the login command instead of the the login shell builtin. This is better because the shell forks and execs the login command. This way you are able to hit ^D (CTRL+D) to logout of the user you were using temporarily back to where you were before.

The -p option tells the login command to not throw away the environment of the previous user when becoming the temporary user. This can cause some programs to behave oddly in the temporary user but usually I login to an account that has not done much customization in the login files. So in effect I get my configuration for commands in the temporary user, which I like. Also this works around the fact that there is no /etc/termcap by default. (This is a good thing, terminfo is much better.) It just keeps the terminal I had previously. The other environment variables like HOME that matter are still tweaked appropriately by login though.

[ Reply to This | # ]

Run applications as another user without switching
Authored by: e1en0r on May 22, '04 01:17:35PM

it's also interesting to note that if you have shapeshifter running, the appearance is not shape-shifted for the non-logged in user. i don't have shapeshifter running as the other user. i wonder what would happen if i did. i wonder if it would use it?

i tried this with safari (using su, not sudo) and safari is now in my dock twice. when i downloaded a disk image from the non-logged in user's safari it downloaded to the non-logged in user's desktop. however when i launched the finder as the non-logged in user it then appeared on my desktop. when i ctrl-c'd the finder it disappeared from the desktop. also, i was able to click on the dmg file on my desktop, which then switched to the non-logged in user's finder, and then i hit command-n to open a finder window, and i saw that the disk image was mounted as that non-logged in user. i was only allowed to click on the dmg file on the desktop once though. after that it acted as though it was invisible. however since i had the finder window open i just deleted it from there. also, quitting the non-logged in safari using command-q worked just as well as ctrl-c.



[ Reply to This | # ]
Launch as User Applescript
Authored by: anjoschu on May 23, '04 05:07:00AM

For anyone who's interested, I whipped up a little Applescript that lets you do just that without having to use Terminal:

http://www.schuderer.net/pub/Launch as User.dmg

http://www.schuderer.net/scripts.shtml [Explanation & Usage]

Tell me what you think. Enjoy.

[ Reply to This | # ]

Launch as User Applescript
Authored by: slughead on May 23, '04 03:09:04PM

If I knew applescript, that's exactly what I would've posted.

Thanks anjoschu, this is a lot easier for day-to-day use!

---
http://lp.org -- that's all you need to know



[ Reply to This | # ]
Security considerations, implementation detail
Authored by: nothingmuch on May 24, '04 05:27:40AM

Hi,

What about security? For example, think of the xhosts command, and various authorization/authentication techniques for X.

I tried sshing to the local box with a user that did not have the current view, and then starting a GUI app. It doesn't work.

There's no difference in the envs, and so forth, and the sudo user cannot play with /dev/console, so I assume it must be a unix domain socket, or a TCP/UDP socket somewhere along the way, that the sudo user can play with, since it belongs to a proper group, but that gets through the check OK, because the real gid is of the old user. But I can't find anything (too bad, proxying this could have been really fun).

So how does it work?
AFAIK, Objective-C has objects that can communicate accross processes, and even accross machines (dubbed distributed objects, methinks). Maybe that's how it's done.

Anybody know better?



[ Reply to This | # ]
Run applications as another user without switching
Authored by: dpwk on May 24, '04 05:53:19PM
You could also use su user -c "command" like so:
su -c loa "open /Applications/TextEdit.app"
many ways to do this. This tells su to issue the single command in the quotation marks as the user specified. After the command exits, you are dropped back into your own shell.

---
gigabling megashiznit

[ Reply to This | # ]