fix plist files and enhance privilege escalation method

2024-11-23 19:49:05 +08:00 · 2022-01-14 03:17:36 +08:00 · 2022-01-14 03:17:36 +08:00 · b4f61c735e
commit b4f61c735e
parent 29bb10a40a
14 changed files with 116 additions and 71 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -1717,6 +1717,25 @@ dependencies = [
 "tiff",
 ]

+[[package]]
+name = "include_dir"
+version = "0.7.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "482a2e29200b7eed25d7fdbd14423326760b7f6658d21a4cf12d55a50713c69f"
+dependencies = [
+ "include_dir_macros",
+]
+
+[[package]]
+name = "include_dir_macros"
+version = "0.7.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5e074c19deab2501407c91ba1860fa3d6820bfde307db6d8cb851b55a10be89b"
+dependencies = [
+ "proc-macro2",
+ "quote",
+]
+
 [[package]]
 name = "inotify"
 version = "0.7.1"
@ -3215,6 +3234,7 @@ dependencies = [
 "flexi_logger",
 "hbb_common",
 "hound",
+ "include_dir",
 "lazy_static",
 "libc",
 "libpulse-binding",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -70,7 +70,7 @@ dispatch = "0.2"
 core-foundation = "0.9"
 core-graphics = "0.22"
 notify = "4.0.17"
-
+include_dir = "0.7.2"
 [target.'cfg(target_os = "linux")'.dependencies]
 libpulse-simple-binding = "2.24"
 libpulse-binding = "2.25"
--- a/privileges_scripts/install.scpt
+++ b/privileges_scripts/install.scpt
@ -1,16 +0,0 @@
-set current_dir to POSIX path of ((path to me as text) & "::")
-
-set sh1 to "cp " & current_dir & "com.carriez.rustdesk.daemon.plist /Library/LaunchDaemons/com.carriez.rustdesk.daemon.plist && chown root:wheel /Library/LaunchDaemons/com.carriez.rustdesk.daemon.plist"
-set sh2 to "cp " & current_dir & "com.carriez.rustdesk.agent.root.plist /Library/LaunchAgents/com.carriez.rustdesk.agent.root.plist && chown root:wheel /Library/LaunchAgents/com.carriez.rustdesk.agent.root.plist"
-set sh3 to "cp " & current_dir & "com.carriez.rustdesk.agent.user.plist /Library/LaunchAgents/com.carriez.rustdesk.agent.user.plist && chown root:wheel /Library/LaunchAgents/com.carriez.rustdesk.agent.user.plist"
-
-set sh to sh1 & ";" & sh2 & ";" & sh3 & "
-launchctl enable system/com.carriez.rustdesk.daemon;
-launchctl start system/com.carriez.rustdesk.daemon;
-launchctl enable system/com.carriez.rustdesk.agent.root;
-launchctl start system/com.carriez.rustdesk.agent.root;
-launchctl enable system/com.carriez.rustdesk.agent.user
-launchctl start system/com.carriez.rustdesk.agent.user
-"
-
-do shell script sh with prompt "RustDesk需要安装服务" with administrator privileges
--- a/privileges_scripts/launch_service.scpt
+++ b/privileges_scripts/launch_service.scpt
@ -1,10 +0,0 @@
-set sh to "
-launchctl enable system/com.carriez.rustdesk.daemon;
-launchctl start system/com.carriez.rustdesk.daemon;
-launchctl enable system/com.carriez.rustdesk.agent.root;
-launchctl start system/com.carriez.rustdesk.agent.root;
-launchctl enable system/com.carriez.rustdesk.agent.user
-launchctl start system/com.carriez.rustdesk.agent.user
-"
-
-do shell script sh with prompt "RustDesk需要启动服务" with administrator privileges
--- a/privileges_scripts/stop_service.scpt
+++ b/privileges_scripts/stop_service.scpt
@ -1,10 +0,0 @@
-set sh to "
-launchctl disable system/com.carriez.rustdesk.daemon;
-launchctl stop system/com.carriez.rustdesk.daemon;
-launchctl disable system/com.carriez.rustdesk.agent.root;
-launchctl stop system/com.carriez.rustdesk.agent.root;
-launchctl disable system/com.carriez.rustdesk.agent.user
-launchctl stop system/com.carriez.rustdesk.agent.user
-"
-
-do shell script sh with prompt "RustDesk需要停止服务" with administrator privileges
--- a/src/lang/cn.rs
+++ b/src/lang/cn.rs
@ -195,6 +195,5 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Socks5 Proxy", "Socks5 代理"),
        ("Hostname", "主机名"),
        ("Discovered", "已发现"),
-        ("install_daemon", "为了支持在登录系统时可以访问你的桌面，RustDesk需要\"安装系统服务\"")
    ].iter().cloned().collect();
    }
--- a/src/platform/macos.rs
+++ b/src/platform/macos.rs
@ -17,9 +17,12 @@ use core_graphics::{
    window::{kCGWindowName, kCGWindowOwnerPID},
 };
 use hbb_common::{allow_err, bail, log};
+use include_dir::{include_dir, Dir};
 use objc::{class, msg_send, sel, sel_impl};
 use scrap::{libc::c_void, quartz::ffi::*};

+static PRIVILEGES_SCRIPTS_DIR: Dir =
+    include_dir!("$CARGO_MANIFEST_DIR/src/platform/privileges_scripts");
 static mut LATEST_SEED: i32 = 0;

 extern "C" {
@ -100,31 +103,75 @@ pub fn is_can_screen_recording(prompt: bool) -> bool {

 pub fn is_installed_daemon(prompt: bool) -> bool {
    if !prompt {
-
-        if !std::path::Path::new("/Library/LaunchDaemons/com.carriez.rustdesk.daemon.plist").exists(){
+        if !std::path::Path::new("/Library/LaunchDaemons/com.carriez.rustdesk.daemon.plist")
+            .exists()
+        {
            return false;
        }

-        if !std::path::Path::new("/Library/LaunchAgents/com.carriez.rustdesk.agent.root.plist").exists(){
+        if !std::path::Path::new("/Library/LaunchAgents/com.carriez.rustdesk.agent.root.plist")
+            .exists()
+        {
            return false;
        }

-        if !std::path::Path::new("/Library/LaunchAgents/com.carriez.rustdesk.agent.user.plist").exists(){
+        if !std::path::Path::new("/Library/LaunchAgents/com.carriez.rustdesk.agent.user.plist")
+            .exists()
+        {
            return false;
        }

        return true;
    }

-    if !std::process::Command::new("osascript")
-        .arg("./privileges_scripts/install.scpt")
-        .status()
-        .unwrap()
-        .success() {
-        return false;
+    let install_script = PRIVILEGES_SCRIPTS_DIR.get_file("install.scpt").unwrap();
+    let install_script_body = install_script.contents_utf8().unwrap();
+
+    let daemon_plist = PRIVILEGES_SCRIPTS_DIR
+        .get_file("com.carriez.rustdesk.daemon.plist")
+        .unwrap();
+    let daemon_plist_body = daemon_plist.contents_utf8().unwrap();
+
+    let root_agent_plist = PRIVILEGES_SCRIPTS_DIR
+        .get_file("com.carriez.rustdesk.agent.root.plist")
+        .unwrap();
+    let root_agent_plist_body = root_agent_plist.contents_utf8().unwrap();
+
+    let user_agent_plist = PRIVILEGES_SCRIPTS_DIR
+        .get_file("com.carriez.rustdesk.agent.user.plist")
+        .unwrap();
+    let user_agent_plist_body = user_agent_plist.contents_utf8().unwrap();
+
+    match std::process::Command::new("osascript")
+        .arg("-e")
+        .arg(install_script_body)
+        .arg(daemon_plist_body)
+        .arg(root_agent_plist_body)
+        .arg(user_agent_plist_body)
+        .spawn()
+    {
+        Ok(mut proc) => proc.wait().is_ok(),
+        Err(e) => {
+            log::error!("run osascript failed: {}", e);
+            false
+        },
+    }
+}
+
+pub fn launch_or_stop_daemon(launch: bool) {
+    let mut script_filename = "launch_service.scpt";
+    if !launch {
+        script_filename = "stop_service.scpt";
    }

-    return true;
+    let script_file = PRIVILEGES_SCRIPTS_DIR.get_file(script_filename).unwrap();
+    let script_body = script_file.contents_utf8().unwrap();
+
+    std::process::Command::new("osascript")
+        .arg("-e")
+        .arg(script_body)
+        .spawn()
+        .ok();
 }

 pub fn get_cursor_pos() -> Option<(i32, i32)> {
--- a/src/platform/privileges_scripts/com.carriez.rustdesk.agent.root.plist
+++ b/src/platform/privileges_scripts/com.carriez.rustdesk.agent.root.plist
@ -2,8 +2,6 @@
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
    <dict>
-        <key>Disable<key>
-        <false />
        <key>Label</key>
        <string>com.carriez.rustdesk.agent.root</string>
        <key>LimitLoadToSessionType</key>
--- a/src/platform/privileges_scripts/com.carriez.rustdesk.agent.user.plist
+++ b/src/platform/privileges_scripts/com.carriez.rustdesk.agent.user.plist
@ -2,10 +2,8 @@
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
    <dict>
-        <key>Disable<key>
-        <false />
        <key>Label</key>
-        <string>com.carriez.rustdesk.agent.root</string>
+        <string>com.carriez.rustdesk.agent.user</string>
        <key>LimitLoadToSessionType</key>
        <array>
            <string>Aqua</string>
--- a/src/platform/privileges_scripts/com.carriez.rustdesk.daemon.plist
+++ b/src/platform/privileges_scripts/com.carriez.rustdesk.daemon.plist
@ -4,12 +4,8 @@
    <dict>
        <key>Label</key>
        <string>com.carriez.rustdesk.daemon</string>
-        <key>Disabled</key>
-        <true/>
        <key>KeepAlive</key>
        <true/>
-        <key>Label</key>
-        <string>com.youqu.todesk.service</string>
        <key>ProgramArguments</key>
        <array>
        	<string>/Applications/RustDesk.app/Contents/MacOS/rustdesk</string>
--- a/src/platform/privileges_scripts/install.scpt
+++ b/src/platform/privileges_scripts/install.scpt
@ -0,0 +1,19 @@
+on run {daemon_file, root_agent_file, user_agent_file}
+
+	set sh1 to "echo " & quoted form of daemon_file & " > /Library/LaunchDaemons/com.carriez.rustdesk.daemon.plist && chown root:wheel /Library/LaunchDaemons/com.carriez.rustdesk.daemon.plist;"
+
+	set sh2 to "echo " & quoted form of root_agent_file & " > /Library/LaunchAgents/com.carriez.rustdesk.agent.root.plist && chown root:wheel /Library/LaunchAgents/com.carriez.rustdesk.agent.root.plist;"
+
+	set sh3 to "echo " & quoted form of user_agent_file & " > /Library/LaunchAgents/com.carriez.rustdesk.agent.user.plist && chown root:wheel /Library/LaunchAgents/com.carriez.rustdesk.agent.user.plist;"
+
+    set sh4 to "launchctl load -w /Library/LaunchDaemons/com.carriez.rustdesk.daemon.plist;"
+
+    set sh5 to "launchctl load -w /Library/LaunchAgents/com.carriez.rustdesk.agent.root.plist;"
+
+    set sh6 to "launchctl load -w /Library/LaunchAgents/com.carriez.rustdesk.agent.user.plist;"
+
+	set sh to sh1 & sh2 & sh3 & sh4 & sh5 &sh6
+
+	log (sh)
+	do shell script sh with prompt "RustDesk 需要安装服务" with administrator privileges
+end run
--- a/src/platform/privileges_scripts/launch_service.scpt
+++ b/src/platform/privileges_scripts/launch_service.scpt
@ -0,0 +1,7 @@
+set sh1 to "launchctl load -w /Library/LaunchAgents/com.carriez.rustdesk.agent.root.plist;"
+
+set sh2 to "launchctl load -w /Library/LaunchAgents/com.carriez.rustdesk.agent.user.plist;"
+
+set sh to sh1 & sh2
+
+do shell script sh with prompt "RustDesk 需要停止服务" with administrator privileges
--- a/src/platform/privileges_scripts/stop_service.scpt
+++ b/src/platform/privileges_scripts/stop_service.scpt
@ -0,0 +1,7 @@
+set sh1 to "launchctl unload -w /Library/LaunchAgents/com.carriez.rustdesk.agent.root.plist;"
+
+set sh2 to "launchctl unload -w /Library/LaunchAgents/com.carriez.rustdesk.agent.user.plist;"
+
+set sh to sh1 & sh2
+
+do shell script sh with prompt "RustDesk 需要停止服务" with administrator privileges
--- a/src/ui.rs
+++ b/src/ui.rs
@ -360,22 +360,12 @@ impl UI {
        if value.is_empty() {
            options.remove(&key);
        } else {
-            options.insert(key, value);
+            options.insert(key.clone(), value.clone());
        }
        ipc::set_options(options.clone()).ok();

-        #[cfg(macos)]
-        if key == "stop-service" {
-            let mut service_script = "./privileges_scripts/stop_service.scpt";
-            if value == "Y" {
-                command = "./privileges_scripts/launch_service.scpt";
-            }
-
-            std::process::Command::new("osascript")
-                .arg(service_script)
-                .status()
-                .unwrap()
-                .success();
+        if cfg!(target_os = "macos") && &key == "stop-service" {
+            crate::platform::macos::launch_or_stop_daemon(value != "Y");
        }
    }