|
Applescript: Using shell script to change permissions without admin password
Hey guys, I wrote an Applescript that uses terminal to change the owner of volume. Everything works great, except, when I run the script as a nonadmin user it wants an admin password. I wrote the script in the first place so that nonadmin users could change the permissions on this one item. Here is my script:
Code:
do shell script ¬-Bell |
1. If you want to do something that requires admin rights, you have to authenticate. (Whether you provide those credentials ahead of time or not.)
2. Using "with adminstrator privileges" without both a login and a password will prompt the user to authenticate if he or she is not an adminstrator. 3. Do not use sudo and "with administrator privileges" together. http://developer.apple.com/technotes/tn2002/tn2065.html The real question is: what higher-level goal are you trying to accomplish here? |
A possible way around it.
If you create an Applescript that calls a shell script, and you give the shell script admin rights, it should work.
Applescript: Code:
tell application "Terminal"Code:
#!/bin/bash |
Mikey - If I try using just sudo with no "with administrator privileges" the script tells me that the shell needed a password. How do I add the login and password to my script so that a nonadmin will not be asked to authenticate.
cwt - I have never made a shellscript before, can i just make it in textedit? |
Yes. Save the file with a .sh extension (or rename it) and then in a Terminal window, make it executable:
chmod 711 /path/to/file 7 = read/write/executable by owner 1 = executable by group 1 = executable by others You may also need to chown it to be owned by root. Be sure that you understand the script, because there is no safety net. |
1) It is not possible to make a script run with admin privileges except by embedding the admin password - which is a very bad idea.
2) Please tell us what your higher-level goal is - as asked by Mikey-San in post #2. |
Higher-level goal? I'm guessing you mean my reason for needing this. I administer computers for a school. All of the machines have two drives, one for boot, one to read/write media on to. A piece of software that is used by the school has a bad habit of adjusting the permissions on this media drive and not changing them back, thus giving the students random permissions errors. As much fun as it is to constantly go around fixing permissions problems, i figured i would just make a script that the students could run that would fix the problem.
Also, i don't really see the problem in embedding the admin password into the script, since they are run only, and personally I've never been able to figure out a way to see the contents of a run only application made in applescript. Is there a way to do this? |
Quote:
Anyway, I think the way to go to fix this kind of problem would be to have a shell script that runs periodically (e.g. every 3 minutes) and checks the permissions and sets them back to what they should be. You could install this to run with 'root' privileges (e.g. as a system 'cron' job (use the GUI utility "Cronnix", or as a 'launchd' item (use the GUI utility "Lingon")). Quote:
|
alright, that makes sense, I apologize, but I have to ask for help making the shell script since I am new to that idea. I used text edit to make a test file containing:
sudo chmod student /path/to/file I save it and give it the extension .sh However, if I try to run it manually it still opens in text edit, if i run it in terminal i get this: /path/to/shell: line 1: {rtf1macansicpg10000cocoartf824cocoasubrtf420: command not found /path/to/shell: line 2: syntax error near unexpected token `}' /path/to/shell: line 2: `{\fonttbl\f0\fswiss\fcharset77 Helvetica;}' Help? Thanks again guys for the good explanations. |
Quote:
(The problem is that TextEdit defaults to saving as rich text documents, while shell scripts need to be plain, unformatted text. It is possible to use TextEdit to create plain text files but I'd recommend one of the special-purpose text editors - I mention some in that FAQ.) |
Quote:
Quote:
Quote:
|
Thanks Hayne, very helpful
|
The Software is called Pro Tools, it is an audio DAW. Commonly you run files in it off of a volume that is not the boot volume. Also, commonly, users set up this media drive to ignore all permissions, and the students are taught to do this for their home machines. Pro Tools randomly changes the owner of the media drive because of how some of it's basic processes run, the full explanation is rather long and probably wouldn't make sense if you don't use the software. I believe it gets access to change the owner because the students are setting the drives to ignore permissions, though I am not certain. I am not the only one with this problem, i see similar incidents on the Pro Tools forums. Thanks to Haynes tutorial I think I have written something that works pretty well, I'll test it for a while to make sure I don't destroy something :P Thanks everyone.
-Bell |
Quote:
|
Quote:
|
Quote:
|
ok, the plist should be something like this (things in curly braces you need to add in yourself)
Code:
<?xml version="1.0" encoding="UTF-8"?>two things I'm not clear on:
|
Using passwords in applescripts
Quote:
thx |
The danger is that some malicious program (that you inadvertently downloaded) will search through all your scripts and find the password and thus have complete control over the system.
|
Quote:
|
| All times are GMT -5. The time now is 10:16 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site design © IDG Consumer & SMB; individuals retain copyright of their postings
but consent to the possible use of their material in other areas of IDG Consumer & SMB.