尝试在 kext 文件上运行 kextutil 返回权限错误

问题描述 投票:0回答:1

Stackoverflow 社区您好。

尝试运行以下教程 - 这样我就可以学习如何编写驱动程序实用程序。
http://www.robertopasini.com/index.php/2-uncategorised/625-osx-creating-a-device-driver

我正尝试在我的构建生成的 kext 文件上运行 kextutil。 按照说明,我将其复制到我的临时文件夹中。 但我收到以下错误:

admins-Mac-mini:Debug admin$ kextutil -n -t /tmp/ssvac.kext
Skipping staging and system policy checks because not running as root, expect staging errors.
Kext rejected due to improper filesystem permissions: <OSKext 0x7f91d402f140 [0x7fff898b2cc0]> { URL = "file:///private/tmp/ssvac.kext/", ID = "myappleid.ssvac" }
Code Signing Failure: code signature is invalid
Authentication Failures: 
    File owner/permissions are incorrect (must be root:wheel, nonwritable by group/other): 
        /private/tmp/ssvac.kext
        Contents
        _CodeSignature
        CodeResources
        MacOS
        ssvac
        Info.plist

Diagnostics for /private/tmp/ssvac.kext:
Authentication Failures: 
    File owner/permissions are incorrect (must be root:wheel, nonwritable by group/other): 
        /private/tmp/ssvac.kext
        Contents
        _CodeSignature
        CodeResources
        MacOS
        ssvac
        Info.plist

admins-Mac-mini:Debug admin$

我尝试像这样更改权限/所有者:

admins-Mac-mini:Debug admin$ chown root:wheel /tmp/ssvac.kext/

admins-Mac-mini:Debug admin$ ls -lah /tmp/ssvac.kext/
total 0
drwxrwxrwx  3 root   wheel    96B 16 Oct 16:37 .
drwxrwxrwt  7 root   wheel   224B 19 Oct 08:08 ..
drwxr-xr-x  5 admin  wheel   160B 16 Oct 16:37 Contents
admins-Mac-mini:Debug admin$ kextutil -n -t /tmp/ssvac.kext

不知道具体如何解决。 如果您有任何建议,我将不胜感激。

谢谢!

编辑1

My mistake was when I copied from the debug folder to /tmp/, I didn't use the -r switch.  Now that I have, this is the error I'm getting: 

admins-Mac-mini:Debug admin$ cp -r ssvac.kext/ /tmp/
admins-Mac-mini:Debug admin$ sudo kextutil /tmp/
Contents/                     com.apple.launchd.GufwRL5Sf0/ com.google.Keystone/          powerlog/                     ssvac.kext/
admins-Mac-mini:Debug admin$ sudo kextutil /tmp/ssvac.kext/
Password:
Untrusted kexts are not allowed
Kext with invalid signature (-67050) denied: /private/var/db/KernelExtensionManagement/Staging/tmp.RLlmC1/59AFE9EA-12E3-42C0-B3FC-E98EF987D9B2.kext
Bundle (/private/tmp/ssvac.kext) failed to validate, deleting: /private/var/db/KernelExtensionManagement/Staging/tmp.RLlmC1/59AFE9EA-12E3-42C0-B3FC-E98EF987D9B2.kext
Unable to stage kext (/private/tmp/ssvac.kext) to secure location.
admins-Mac-mini:Debug admin$
xcode macos iokit kernel-extension
1个回答
1
投票

正如您从 

ls
输出中看到的,kext 实际上是至少包含 Info.plist 文件和预定义目录布局中的代码签名信息的目录。 (从 
Contents
子目录开始)通常它还包含一个二进制可执行文件。 kext 中的所有文件和子目录必须具有适当的权限才能考虑加载 kext。这意味着在使用 -R 时,必须使用 
chown
标志
递归地
应用权限。

而不是使用 

chown
,我通常建议简单地将 kext 复制到临时位置(用于测试,在 macOS 11 之前)或 
/Library/Extensions
(从 macOS 11 开始,或者在部署时,或者在测试 kext 的启动时间行为时) ) as root 用户,因为在代码/编译/加载/调试周期中,作为非特权用户尝试将其替换为更新版本时不会遇到问题:

# Copies kext to /tmp, owned by root
sudo cp -r "path/to/built.kext" "/tmp/"
# Attempts to load kext
sudo kextutil "/tmp/built.kext"

(强制性免责声明指出,许多类型的 kext 现已弃用,您需要确保编写 kext 真的、真的、真的是您项目的正确前进方向。)

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.