Comments (10)
Thanks @jviotti I will look into it. Any ideas from your side?
from sudo-prompt.
I have very little macOS programming knowledge, and my MacBook Pro doesn't have Touch ID, but I'll see if I can find something :)
from sudo-prompt.
I've been using Etcher a lot, so I tried to take a closer look at this, and I had a quick question. If I execute the AppleScript directly or if I do the following, I get the Touch ID prompt.
osascript -e 'do shell script "echo foo" with administrator privileges'
Perhaps it has something to do with the applet binary? What is it actually doing?
Thanks!
from sudo-prompt.
Thanks @ryankon
The applet is just an AppleScript packaged as an app by Xcode.
We moved away from copying the osascript
binary since this applet technique lets us set the prompt's icon by changing the applet's icon dynamically.
You can inspect the applet in Xcode: decode the applet base64, unzip, then open Contents/Resources/Scripts in Xcode, which looks like this:
do shell script "./sudo-prompt-script" with administrator privileges
MacOS/sudo-prompt-script
then looks like this:
#!/bin/bash
# Set sudo timestamp for subsequent sudo calls if tty_tickets are disabled:
/bin/mkdir -p /var/db/sudo/$USER > /dev/null 2>&1
/usr/bin/touch /var/db/sudo/$USER > /dev/null 2>&1
# AppleScript's "do shell script" may alter stdout line-endings.
# It may also set stdout to stderr if there was a non-zero return code and no stderr.
# We therefore prefer to redirect output streams and capture return code manually:
/bin/bash sudo-prompt-command 1>stdout 2>stderr
/bin/echo $? > code
# Correct ownership of stdout, stderr and code so that user can delete them:
/usr/sbin/chown $USER stdout stderr code
# Always return 0 so that AppleScript does not show error dialog:
exit 0
sudo-prompt-command
is written out dynamically.
This might be a red herring but I think I recall that with administrator privileges
works slightly differently when executing a native shell command vs executing a compound shell script but I'm not sure if this is accurate.
Perhaps osascript
is wired up to show the Touch ID prompt when it sees with administrator privileges
but Xcode AppleScript applets are not? Perhaps the applet just needs to be rebuilt on a newer macOS? Could you look into this on your Mac?
from sudo-prompt.
Perhaps the applet just needs to be rebuilt on a newer macOS? Could you look into this on your Mac?
This might just do the trick.
from sudo-prompt.
Thanks for the detailed response @jorangreef
Unfortunately, I attempted to rebuild the AppleScript app using the latest Xcode (9.2) on MacOS 10.3.3, and it still prompts for a password instead of using Touch ID.
If we want to preserve the prompt customizability, we may have to use the Local Authentication framework instead. I can try to carve out some time in the coming weeks to take a closer look. Thoughts?
from sudo-prompt.
Sure, thanks @ryankon for trying the rebuild.
It would be great to look into using the Local Authentication framework, especially if we can interact with it from C/C++ with a minimum of anything else. I have tried to keep sudo-prompt
free from being a native add-on for convenience. Please let me know what ideas you have or what might work.
from sudo-prompt.
@ryankon , would you like to try rebuild the AppleScript app again to see if Xcode now prompts with Touch ID?
from sudo-prompt.
Closing for now, let me know if anything changes with this please.
from sudo-prompt.
any update for this issue?
from sudo-prompt.
Related Issues (20)
- 'Command failed' in Electron app HOT 1
- Not possible in Mac App Store, aka app-sandbox HOT 5
- macOS Catalina Operation not permitted HOT 1
- OS dialog prompt is not being prompted in Windows 10 HOT 1
- Operation not permitted in macOS with sudo-prompt
- Prompt shows but name and icon are not visible on macOS HOT 8
- "User did not grant permissions" if I click "Yes" too quickly on Windows? HOT 1
- `sudo-prompt` fails to detect `pkexec` or `kdesudo` in "strictly" confined snap
- Special characters handling on Linux
- Strange behaviour with Electron 9 on Win10 HOT 1
- in Eelectron app Rendering process, sudo run cp not work
- Hello, why option.name just support [a-z0-9 ] ?
- How to get elevated shell and run a command without sudo prefix HOT 1
- macOS: Application cannot be opened because the developer cannot be verified
- BigSur 11.1 issue: The authorization was denied since no user interaction was possible HOT 1
- Linux: option.env not used
- Unexpected behaviour with linux - electron.js HOT 1
- electron exe with root system privileges in linux, It's possible to do ?
- How to run multiple commands without requiring password every time HOT 6
- Any pkg similar to this, but without root/admin?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sudo-prompt.