This page provides information about an "admin" facility that let's you define a Macintosh Darwin-script (bash) that allows you to become "root" without having to enter your password. You run "admin.gen" once to create an encrypted file in your $HOME/Library/Preferences which is protected as owner read-write only. The choice of encrypted file is controlled by "com.admin.plist", which should also be placed in $HOME/Library/Preferences.
IMPORTANT - Download the "Admin.Scripts.dmg" (below), double-click that DMG to open it, and copy both "admin" and "admin.gen" to your $HOME directory. Copy the "com.admin.plist" to your $HOME/Library/Preferences directory. Then run "admin,gen" from Terminal.app to create your encrypted file. You must supply your Administrator Password. Then "admin" looks for the created encrypted file pointed to by the "com.admin.plist".
To use "admin", login to Terminal.app and issue a command such as: $HOME/admin ; or: $HOME/admin echo ; or: $HOME/admin bash
For that last command, you should become "root" inside a bash shell. "exit" from the shell to return to your normal self. If you issue the $HOME/admin command with no parameter, you'll still be given "root" authority, but will remain as yourself. That authority lasts about 5 minutes. During that time you can issue "sudo" commands without needing a password. $HOME/admin echo just returns your password. I have added code in other shell scripts that need to do "sudo" commands by starting the scripts as follows:
#!/bin/bash
if [ -x "$HOME/admin" ] ; then
$HOME/admin
fi
The rest of the script follows, and has several "sudo" commands. If $HOME/admin doesn't exist, or doesn't execute properly, the first "sudo" will prompt for your password. But if all goes well, and $HOME/admin exists and executes, your "sudo" commands will execute without prompting for password for the next 5 minutes. As you leave your script, you should always do the command: sudo -k # kill sudo authorization. You can "do shell script" commands in Applescript, and they can execute "$HOME/admin" to establish "root" authority.
If you change your password, simply run "admin.gen" again with your new password as a parameter.
If you plan to use "admin" from crontab-scheduled jobs, it's best if you include a few environment variables before the schedule table. I typically have something like this:
CRONJOB=CRONJOB # variable to signal cron-submitted job.
MAILTO=yourname@mailserver.com # replace yourname@mailserver.com by your email-address
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:.:/Users/yourname # replace yourname by your short-name.
"admin" checks for $CRONJOB to suppress messages. I hope you find "admin" useful. It certainly has made my life easier.