OS X: Make sure real user uid == euid in elevated mode

This fixes a bug that prevents changing existing .ini files
during an elevated installation.

QFileSystemEngine::fillMetaData() on Unix uses :access() to check
whether the user can write to a file, based on the real user id.
Because OS X's AuthorizationExecuteWithPrivileges() does keep the
original real user id also in the elevated process,
QFileInfo::isWritable() was returning false for existing files,
which in turn let QSaveFile, and therefore QSettings, to not even
attempt to write to the file.

On Linux, we use sudo to start the elevated process, which already
resets the real user id by default.

Task-number: QTIFW-709
Change-Id: I5bfbd631f579412045b242a08baf206a5d444500
Reviewed-by: Karsten Heimrich <karsten.heimrich@theqtcompany.com>

1 files changed, 13 insertions, 0 deletions

diff --git a/src/sdk/main.cpp b/src/sdk/main.cpp
index a35f1a95a..cda9c932a 100644
--- a/src/sdk/main.cpp
+++ b/src/sdk/main.cpp
@@ -50,6 +50,11 @@
 
 #include <iostream>
 
+#if defined(Q_OS_OSX)
+#  include <unistd.h>
+#  include <sys/types.h>
+#endif
+
 #define QUOTE_(x) #x
 #define QUOTE(x) QUOTE_(x)
 #define VERSION "IFW Version: \"" QUOTE(IFW_VERSION_STR) "\""
@@ -144,6 +149,14 @@ int main(int argc, char *argv[])
             return EXIT_FAILURE;
         }
 
+#if defined(Q_OS_OSX)
+        // make sure effective == real user id.
+        uid_t realUserId = getuid();
+        uid_t effectiveUserId = geteuid();
+        if (realUserId != effectiveUserId)
+            setreuid(effectiveUserId, -1);
+#endif
+
         QInstaller::RemoteServer *server = new QInstaller::RemoteServer;
         QObject::connect(server, SIGNAL(destroyed()), &app, SLOT(quit()));
         server->init(socketName, key, (production ? QInstaller::Protocol::Mode::Production