Apple Intelligence now features Image Playground, Genmoji, Writing Tools enhancements, seamless support for ChatGPT, and visual intelligence.

Apple Intelligence has also begun language expansion with localized English support for Australia, Canada, Ireland, New Zealand, South Africa, and the U.K. Learn more >

You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Applescript "with administrator privileges" and without Password prompt

i,

I have to configure some phone settings in the central VOIP/VPN/Gateway Router via a ssh (with certificate) command.

There is only a option to allow or disallow the ssh access in the router. Therefor I wrote a applescript to allow only the specific ssh command "set /Setup/Voice-Call-Manager/Call-Router/Call-Routing/". To avoid the configuration access for anyone and to hard code passwords I have to execute this script with root permissions (do shell script "/usr/bin/su - " & user & " -c " & "'" & cmd & "'" with administrator privileges"). In any other unix implementation I can use "chmod 4755; chown 0:0". Even I compiled the Applescript and stored it as Carbon App, I get a user/password prompt.

How can I avoid this prompt or authorize the script/app in any way?

Thanks Henri

MacPro Quad 3.0 (Leo Server), MacBook Pro 2.53, MacBook Pro 2.4, Macbook Pro 2.0, Mac OS X (10.5.6), IBM pSeries, Dell VMware ESX

Posted on Dec 15, 2009 10:07 AM

Reply
4 replies

Dec 16, 2009 2:31 AM in response to Camelot

I agree, but to use the private key of the applescript caller opens any user the ability to change any WLAN key, VPN settings or delete the admin account, not a good idea....

Therefor I would like to run the applescript with root, "su - <adminuser> ssh router set ....".
This restricts the access to the router config to this applescript and I would like avoid the hard coding of the root password in the applescript.

I tried also the add the command to /etc/sudoers, this work fine from the command line but how to call "sudo applescript" from the desktop without entering the admin password?

Thanks

Henri

Dec 15, 2009 11:04 AM in response to HenriHoffmann

Well, the obvious solution is to embed the password within the do shell script command:

do shell script "/usr/bin/su - " & user & " -c " & "'" & cmd & "'" with administrator privileges password "blahblah"


but I'm unsure why you're using 'with administrator privileges' as well as '/usr/bin/su -'. Both commands would give root permission, so it seems like you're doubling up here.

Applescript "with administrator privileges" and without Password prompt

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.