Execute shell command as root (sudo)

Posted on
Mon Mar 27, 2017 7:50 pm
kwijibo007 offline
Posts: 325
Joined: Sep 27, 2013
Location: Melbourne, Australia

Execute shell command as root (sudo)

Hi All,

I would like to write a plugin that presents an on/off device which enables/disables remote login (SSH) on the Mac running Indigo server.

The command(s) to do this in terminal are:

Code: Select all
systemsetup -getremotelogin #Query state
systemsetup -setremotelogin off  #Enable SSH
systemsetup -f -setremotelogin off  #Disable SSH


The problem is that this needs to be ran as root (prefixing with sudo). Is there anyway to run a command as root inside a plugin or is it impossible?

Pete

P.S Congrats to me on my 100th post!! :D

Posted on
Tue Mar 28, 2017 11:29 am
jay (support) offline
Site Admin
User avatar
Posts: 18199
Joined: Mar 19, 2008
Location: Austin, Texas

Re: Execute shell command as root (sudo)

I think if you wrap it in an AppleScript thusly it will work:

Code: Select all
do shell script "YOUR COMAND HERE" with administrator privileges


I think that'll cause the authentication dialog to open. Not positive it'll work, but I'm pretty sure this is what PyCharm does when installing packages, etc.

Note, however, that the user will have to be sitting at the Mac to authenticate. AFAIK, there is no way to automatically run a sudo process.

Jay (Indigo Support)
Twitter | Facebook | LinkedIn

Posted on
Tue Mar 28, 2017 12:25 pm
roussell offline
User avatar
Posts: 1108
Joined: Aug 18, 2008
Location: Alabama

Re: Execute shell command as root (sudo)

You can also exclude the file in sudoers to allow running it without a password. I suggest rather than editing the sudoers file, create an override like so:
Code: Select all
sudo visudo -f /etc/sudoers.d/myOverrides
A new file called 'myOverrides' will be created and open in visudo (like the vi editor, but performs checks to make sure you don't lock yourself out of sudo with a syntax error). To allow any user to run the application without a password enter the following in to the file:
Code: Select all
ALL ALL=(ALL) NOPASSWD: /usr/sbin/systemsetup
Save the file and exit. Then if you run
Code: Select all
sudo /usr/sbin/systemsetup
it won't ask for a password, but note that you still have to use the sudo command.

WARNING: This has obvious security concerns. You can minimize those somewhat making a copy of the systemsetup file somewhere else with an innocuous name:
Code: Select all
sudo cp /usr/sbin/systemsetup /Users/indigo/birthdaylist
(assuming the username you run Indigo under is "indigo")
Then of course you'd change your myOverrides file to point to the copied version of the file. You can also restrict it to the username Indigo is running as:
Code: Select all
indigo ALL=(ALL) NOPASSWD: /Users/indigo/birthdaylist
You can also specify arguments such as:
Code: Select all
indigo ALL=(ALL) NOPASSWD: /Users/indigo/birthdaylist -setremotelogin on
indigo ALL=(ALL) NOPASSWD: /Users/indigo/birthdaylist -f -setremotelogin off
The above will allow that command with those arguments to run without a password for the user 'indigo', but other users/commands/arguments will require a password.

Terry
Last edited by roussell on Tue Mar 28, 2017 2:19 pm, edited 3 times in total.

Posted on
Tue Mar 28, 2017 12:54 pm
RogueProeliator offline
User avatar
Posts: 2501
Joined: Nov 13, 2012
Location: Baton Rouge, LA

Re: Execute shell command as root (sudo)

Wow, great tip, Terry! I haven't needed that but was unaware that was even a thing... will put that away in the brain so that when I need it I won't remember but might feel a tickle making me search for it. :-)

Posted on
Tue Mar 28, 2017 1:45 pm
jay (support) offline
Site Admin
User avatar
Posts: 18199
Joined: Mar 19, 2008
Location: Austin, Texas

Re: Execute shell command as root (sudo)

RogueProeliator wrote:
Wow, great tip, Terry! I haven't needed that but was unaware that was even a thing... will put that away in the brain so that when I need it I won't remember but might feel a tickle making me search for it. :-)


+1 - awesome tip.

Jay (Indigo Support)
Twitter | Facebook | LinkedIn

Posted on
Tue Mar 28, 2017 2:16 pm
roussell offline
User avatar
Posts: 1108
Joined: Aug 18, 2008
Location: Alabama

Re: Execute shell command as root (sudo)

Heh, thanks guys, hope it helps the OP. I suck at software development, but *nix is my jam... 8)

Terry

Posted on
Tue Mar 28, 2017 3:48 pm
kwijibo007 offline
Posts: 325
Joined: Sep 27, 2013
Location: Melbourne, Australia

Re: Execute shell command as root (sudo)

roussell wrote:
Heh, thanks guys, hope it helps the OP


Fantastic stuff. Thanks Terry, exactly what I was looking for. :D

I have no excuses now... I'd better write the plugin.

Pete

Posted on
Tue Apr 04, 2017 11:10 pm
kwijibo007 offline
Posts: 325
Joined: Sep 27, 2013
Location: Melbourne, Australia

Re: Execute shell command as root (sudo)

I've posted the plugin here.

Thanks again Terry for your help.

Pete

Posted on
Wed Apr 05, 2017 6:20 am
roussell offline
User avatar
Posts: 1108
Joined: Aug 18, 2008
Location: Alabama

Re: Execute shell command as root (sudo)

kwijibo007 wrote:
I've posted the plugin here.

Thanks again Terry for your help.

Pete


Anytime Pete, happy to be of service! Nice plugin BTW!

Terry

Page 1 of 1

Who is online

Users browsing this forum: No registered users and 4 guests