登录窗口忽略自定义auth插件设置的上下文值。
登录窗口忽略自定义auth插件设置的上下文值。
提问于 2020-12-28 13:24:21
我正在我的mac上实现一个自动登录。我根本不希望登录窗口出现,我需要我的mac自动登录。为此,我实现了一个auth插件"customPlugin“,将它放在/Library/Security/SecurityAgentPlugins上,并修改了authorizationdb,如下所示:
<array>
<string>builtin:policy-banner</string>
<string>customPlugin:setCreds</string>
<string>NullAuthPlugin:before_loginwindow_login</string>
<string>loginwindow:login</string>
<string>NullAuthPlugin:before_builtin_login-begin</string>
<string>builtin:login-begin</string>
<string>builtin:reset-password,privileged</string>
<string>builtin:forward-login,privileged</string>
<string>builtin:auto-login,privileged</string>
<string>builtin:authenticate,privileged</string>
<string>PKINITMechanism:auth,privileged</string>
<string>builtin:login-success</string>
<string>loginwindow:success</string>
<string>loginwindow:FDESupport,privileged</string>
<string>HomeDirMechanism:login,privileged</string>
<string>HomeDirMechanism:status</string>
<string>MCXMechanism:login</string>
<string>CryptoTokenKit:login</string>
<string>loginwindow:done</string>
</array>NullAuthPlugin只记录系统授权上下文。NullAuthPlugin转储的日志确认了customPlugin,并将上下文值“用户名”和“密码”设置为我的凭据。
2020-12-23 10:28:40.054487+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:MechanismCreate: inPlugin=0x7fb0b2d167f0, inEngine=0x7fb0b2d16770, mechanismId='before_loginwindow_login'
2020-12-23 10:28:40.054700+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:MechanismCreate: err=0, *outMechanism=0x7fb0b2e454a0
2020-12-23 10:28:40.055989+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:MechanismInvoke: inMechanism=0x7fb0b2e454a0
2020-12-23 10:28:40.056129+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:PrintAuthState: pid=8358, ppid=1, euid=92, ruid=92
2020-12-23 10:28:40.056334+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:PrintAuthState: SessionGetInfo err=0, actualSessionID=100086, sessionAttr=0x30
2020-12-23 10:28:40.056568+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:PrintAuthState: GetSessionId err=0, sessionID=0x0
2020-12-23 10:28:40.056765+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:PrintAuthState: GetArguments err=-60008
2020-12-23 10:28:40.056957+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetContextValue key='username', value='administrator'
2020-12-23 10:28:40.057239+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetContextValue key='password', value='********'
2020-12-23 10:28:40.057538+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='authorize-right', value='system.login.console'
2020-12-23 10:28:40.057888+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='client-path', value='/System/Library/CoreServices/loginwindow.app'
2020-12-23 10:28:40.058073+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='client-pid', value=8342
2020-12-23 10:28:40.058246+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='client-type', value='BNDL'
2020-12-23 10:28:40.058440+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='client-uid', value=0
2020-12-23 10:28:40.058569+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='creator-pid', value=8342
2020-12-23 10:28:40.058674+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='tries', value=0
2020-12-23 10:28:40.058854+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='reason' value=00 00 00 00
2020-12-23 10:28:40.059239+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:MechanismInvoke: err=0
2020-12-23 10:29:00.472632+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:MechanismCreate: inPlugin=0x7fb0b2d167f0, inEngine=0x7fb0b2f90f30, mechanismId='before_builtin_login-begin'
2020-12-23 10:29:00.472738+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:MechanismCreate: err=0, *outMechanism=0x7fb0b2f37c10
2020-12-23 10:29:00.473971+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:MechanismInvoke: inMechanism=0x7fb0b2f37c10
2020-12-23 10:29:00.474078+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:PrintAuthState: pid=8358, ppid=1, euid=92, ruid=92
2020-12-23 10:29:00.474213+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:PrintAuthState: SessionGetInfo err=0, actualSessionID=100086, sessionAttr=0x30
2020-12-23 10:29:00.474351+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:PrintAuthState: GetSessionId err=0, sessionID=0x0
2020-12-23 10:29:00.474484+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:PrintAuthState: GetArguments err=-60008
2020-12-23 10:29:00.474592+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetContextValue key='username', value='administrator'
2020-12-23 10:29:00.474690+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetContextValue key='password', value='********'
2020-12-23 10:29:00.474788+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetContextValue key='uid', value=502
2020-12-23 10:29:00.474883+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetContextValue key='gid', value=20
2020-12-23 10:29:00.474979+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetContextValue key='home', value='/Users/administrator'
2020-12-23 10:29:00.475074+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetContextValue key='longname', value='Administrator'
2020-12-23 10:29:00.475173+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetContextValue key='shell', value='/bin/bash'
2020-12-23 10:29:00.475271+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='authorize-right', value='system.login.console'
2020-12-23 10:29:00.475375+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='client-path', value='/System/Library/CoreServices/loginwindow.app'
2020-12-23 10:29:00.475474+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='client-pid', value=8342
2020-12-23 10:29:00.475572+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='client-type', value='BNDL'
2020-12-23 10:29:00.475666+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='client-uid', value=0
2020-12-23 10:29:00.475759+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='creator-pid', value=8342
2020-12-23 10:29:00.475849+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='tries', value=0
2020-12-23 10:29:00.475953+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetHintValue key='reason' value=00 00 00 00
2020-12-23 10:29:00.476097+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetContextValue key='dsAttrTypeStandard:GeneratedUID' value=39 39 32 43 44 34 33 31 2d 35 46 41 34 2d 34 36 30 36 2d 38 43 46 33 2d 32 42 33 44 35 43 37 33 38 37 37 42 00
2020-12-23 10:29:00.476269+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> GetContextValue key='dsAttrTypeStandard:AuthenticationAuthority', value='<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <array> <string>;ShadowHash;HASHLIST:<SALTED-SHA512-PBKDF2,SRP-RFC5054-4096-SHA512-PBKDF2></string> <string>;Kerberosv5;;administrator@LKDC:SHA1.A6D292D36146C71BAA8524AF45CF54502CBF48BE;LKDC:SHA1.A6D292D36146C71BAA8524AF45CF54502CBF48BE</string> </array> </plist> '
2020-12-23 10:29:00.476601+0530 0x5e2b7 Debug 0x0 8358 SecurityAgent: (NullAuthPlugin) >>>-----> NullAuth:MechanismInvoke: err=0但是,当loginwindow:login被调用时,它没有继续进行登录过程,因为用户名和密码已经可用,而是显示登录窗口,我仍然需要输入用户名和密码。只有在我这样做之后,builtin:login-begin才会被调用(在日志中,您可以看到调用NullAuthPlugin机制before_loginwindow_login和before_builtin_login-begin之间20秒的差别)。
除了设置上下文值‘用户名’和‘密码’之外,我还需要在我的自定义的auth插件中做些什么来实现我想要的自动登录功能呢?
回答 1
Stack Overflow用户
发布于 2021-11-08 22:43:59
您需要设置值,然后提交裁决。您还需要禁用loginwindow:login完成机制。在没有代码的情况下,有更容易的方法来实现这个目标。
到目前为止,在Mac上自动登录的最简单方法就是使用内置的功能。不需要密码!
如果您正在设置上下文值,则需要确保也要调用插件回调并得到结果。例如,在设置上下文值之后,需要设置kAuthorizationResultAllow。假设控制台登录列表中的所有其他机制都同意,它将允许您进入,但有一个很大的警告。
最大的警告是,您需要从列表中删除内置的loginwindow:login机制。当加载时,它将始终显示其UI,并等待您输入数据。这正是它的工作方式,并且内置的登录窗口mech将不会提交裁决,直到您这样做,除非您正在设置系统级别自动登录提示。如果您需要这样做,那么您可以直接使用OS自动登录功能。
当然,FileVault也会要求您解锁磁盘,从而停止所有这些技巧。如果要转发这些凭据,请查看我们是如何在NoMADLogin中做到这一点的。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/65478311
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号