0

• Here is the script to be executed via AppleScript:

bash-3.2$ cd /Users/jack/Desktop/
bash-3.2$ ls -l | grep static
-rwxrwxrwx   1 jack  admin      65  5 May 08:10 static-routes.sh
bash-3.2$ cat static-routes.sh 
#!/bin/bash
sudo route -n add -net 192.168.3.0/24 172.16.254.134
~

• AppleScript contains the following:

do shell script "~/Desktop/static-routes.sh"

• When executing the script from within an AppleScript, by clicking on "Run" button, pop up window saying:

Script Error sudo: a terminal is required to read the password; Either use the -S option to read from standard input or configure an askpass helper enter image description here

• When exeucuting script from the console without sudo, no additional prompts appear:

bash-3.2$: Desktop jack$ ./static-routes.sh 
add net 192.168.3.0: gateway 172.16.254.134

• Here is the snippet from /etc/sudoers:

bash-3.2$ sudo visudo
# root and users in group wheel can run anything on any machine as any user
root            ALL = (ALL) ALL
%admin          ALL = (ALL) ALL
jack ALL = (ALL) NOPASSWD: /Users/jack/Desktop/static-routes.sh

## Read drop-in files from /private/etc/sudoers.d
## (the '#' here does not indicate a comment)
#includedir /private/etc/sudoers.d
Defaults timestamp_timeout=60

Questions:

• Why this error is showing up, since, I have explicitly added the script to the sudoers file to be executed without password prompt via sudo?

• Which user does AppleScript use to execute the scripts? Is it possible to modify it?

readonly
  • 89
  • 7
  • Have a look at the [**`do shell script`**](https://developer.apple.com/library/archive/documentation/AppleScript/Conceptual/AppleScriptLangGuide/reference/ASLR_cmds.html#//apple_ref/doc/uid/TP40000983-CH216-SW40) _command_ in the [AppleScript Language Guide](https://developer.apple.com/library/archive/documentation/AppleScript/Conceptual/AppleScriptLangGuide/introduction/ASLR_intro.html#//apple_ref/doc/uid/TP40000983-CH208-SW1). See also: [Technical Note TN2065](https://developer.apple.com/library/archive/technotes/tn2065/_index.html) – user3439894 May 05 '20 at 15:23
  • @user3439894, okay, will do, thanks! – readonly May 05 '20 at 18:54

1 Answers1

1

The run a command that requires privileges from AppleScript, you need to specify that by adding the administrator privileges key, as in one of the following:

-- this will presented a standard authorization dialog
do shell script "~/Desktop/static-routes.sh" with administrator privileges

-- this will specifies an administrator account and password
-- (though note, the password will be visible as plain text in the script)
do shell script "~/Desktop/static-routes.sh" with administrator privileges user name XXXX password YYYY

You should not use sudo at the same time you use with administrator privileges; it's unnecessary and creates security holes. However, since you've changed the sudoers file already, you could try this:

do shell script "sudo ~/Desktop/static-routes.sh"

Putting sudo up front like that might cue AppleScript to do the correct thing.

See Technote 2065 for more information.

Ted Wrigley
  • 2,921
  • 2
  • 7
  • 17
  • After changing script to `do shell script "sudo ~/Desktop/static-routes.sh"` it started to work as expected. Thanks! – readonly May 05 '20 at 18:49