Open erikng opened 3 years ago
To use a privileged helper tool the application and helper has to be signed by a valid deverloper certificate.
This would be a great feature as half my users are Standard users. When there are critical OS Updates available we need a way to get users (Standard and Admin) to upgrade and using the same front-end would lead to a better UX overall.
I've added the logic and code needed for a privileged helper in my forked version here: https://github.com/abstertee/NudgeSwift/tree/main/Nudge-Helper
But we still need an Apple Signing cert and some details from that cert that need to be entered in some of the files.
@abstertee was the privileged helper to run scripts as root? I've done some research on Privileged Helpers and I don't see how they would solve point 1 in this issue.
@erikng yes, the idea is that the privileged helper runs the script commands as root. The helper would help companies with standard users because the helper tool runs with root privilege while the app runs under the user's context.
I like the Idea very much. Maybe it is possible to use the tool macOS-enterprise-privileges just to give the user the rights to do a upgrade. For updates it seems to work with standard user rights as well.
@erikng : now that the executable is properly signed and notarized, and issue #53 is closed (you mentioned it here), can you implement anything like this? Is it still on your roadmap?
SupportApp by Root3.nl has implemented a PrivilegedHelper to execute scripts.