-
-
Save dardo82/433e6b7930c01cadfac0a772a27aae9f to your computer and use it in GitHub Desktop.
#!/bin/sh | |
BIN="/usr/local/bin/askpass"; touch $BIN; chmod 755 $BIN | |
security add-generic-password -a $USER -s login -T "" -w | |
echo "#!/bin/sh\\nsecurity find-generic-password -a $USER -s login -w" > $BIN | |
echo "\\n# Set sudo helper.\\nexport SUDO_ASKPASS=$BIN" >> ~/.${SHELL##/*/}rc |
So, the use case I am dealing with is like this: I am making an app where some scripts require sudo privilege. I want my askpass helper program to be complete such that if the user's password is not already stored in a keychain, then I want to popup the UI to add the new password into the keychain and then further query it. But the code security add-generic-password -a $USER -s login -T "" -w
doesn't popup a GUI. So the script is stuck...
Have you tried following the @gingerbeardman guide?
In short you should use sudo -A
instead of just sudo
.
Yes, that right. I am using sudo -A
only. The issue is that security add-generic-password doesn't support a UI, i guess. So it's not useful for me because I don't want the user to execute mac-askpass.sh through terminal. I actually see another option in security
to bypass sudo which is security execute-with-privileges
. Have you worked with this option? Not much doc is mentioned on the man page related to what sort of privilege escalation does it provide? Some pointers to documentation?
Have you tried searching on Google as I would do? 🧑💻
Why? Explain your use case...