Search code examples
objective-cmacosnetwork-programmingsystem-configuration

Could not remove Network Service with root authorization

I am trying to delete a specific service name from my preferences, but unfortunately I get the 1003 error when trying to use the following functions: SCPreferencesLock, SCPreferencesCommitChanges, SCPreferencesApplyChanges.

The 1003 code it`s specific for kSCStatusAccessError, which means that I do not have root privileges, even if the AuthorizationRef is root.

    // Create AuthorizationRef
AuthorizationRef auth = NULL;
OSStatus status;

AuthorizationFlags rootFlags =  kAuthorizationFlagDefaults |
                                kAuthorizationFlagInteractionAllowed |
                                kAuthorizationFlagPreAuthorize |
                                kAuthorizationFlagExtendRights;

// Get default authorization
status = AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment, rootFlags, &auth);

SCPreferencesRef preferences;

if (status == noErr) {
    preferences = SCPreferencesCreateWithAuthorization(NULL, CFSTR("personal.configuration"), NULL, auth);
    NSLog(@"Root autehntication");
} else {
    preferences = SCPreferencesCreate(NULL, CFSTR("personal.configuration"), NULL);
    NSLog(@"Default autehntication");
}


if(preferences == NULL) {
    NSLog(@"Could not create preferences");
}

CFArrayRef servicesArray = SCNetworkServiceCopyAll(preferences);
if (servicesArray == NULL) {
    NSLog(@"No network services");
}

// Get list of available services
SCNetworkServiceRef service;

for (int i = 0; i < CFArrayGetCount(servicesArray); i++) {
    // Get service reference
    service = (SCNetworkServiceRef)CFArrayGetValueAtIndex(servicesArray, i);
    // Get service anme
    CFStringRef serviceName = SCNetworkServiceGetName(service);
    NSString* strServiceName= (__bridge NSString *)(serviceName);

    NSLog(@"New network serivice found: %@", strServiceName);

    if ([strServiceName isEqualToString:@"Specific name"]) {

        if (!SCPreferencesLock(preferences, TRUE)){
            NSLog(@"\tFailed to call SCPreferencesLock: %d", SCError());
        }

        if(SCNetworkServiceRemove(service)) {
            NSLog(@"\tInternet Service successfully removed!");
        }

        if (!SCPreferencesCommitChanges(preferences)) {
            NSLog(@"\tFailed to commit preferences changes: %d", SCError());
        }

        if (!SCPreferencesApplyChanges(preferences)) {
            NSLog(@"\tFailed to apply preferences changes: %d", SCError());
        }

        SCPreferencesSynchronize(preferences);

        if (!SCPreferencesUnlock(preferences)) {
            NSLog(@"\tFailed to unlock preferences: %d", SCError());
        }
    }
}

CFRelease(servicesArray);
Solution

  • Based on the comments the issue is that the app is using the Cocoa sandbox.

    With App Sandbox, your app cannot modify the system’s network configuration (whether with the System Configuration framework, the CoreWLAN framework, or other similar APIs) because doing so requires administrator privileges.

    If you want to modify the System Configuration framework, you cannot use the sandbox.

    You can disable the sandbox by going to the apps entitlement file and changing the entry App Sandbox to NO and then the security dialog will appear.