Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Prevent networksetup from asking password

Tags:

I have a little app that I use to change proxies on my Mac. It uses the networksetup command to set the proxy settings, and that worked fine on Lion. On Mountain Lion though, it asks the admin password every single time I change the proxy settings.

networksetup is trying to modify the system network configuration. Type your password to allow this.

Is there any way to prevent this from happening? Or is there a better way to change the proxy settings in Cocoa? On Lion the system remembered when I put the password in, so I had to authenticate only after reboots.

I also noticed that in Chrome, the Proxy Switchy plugin suffers from the same behaviour. It says

scutil is trying to modify the system network configuration. Type your password to allow this.

like image 382
Lauri Koskela Avatar asked Aug 05 '12 19:08

Lauri Koskela


2 Answers

Use sudo to accomplish this by adding a passwordless rule for the user you want to be able to execute this command.

  • Run visudo to launch an editor to modify the /etc/sudoers file

    visudo -f /etc/sudoers 
  • At the end of the file, add the line

    $USERNAME ALL=(root) NOPASSWD: /usr/sbin/networksetup 

Where $USERNAME is, put the actual username you want to provide nopassword access to the networksetup command.

  • Save the file
  • Test it as your user by running

    /usr/bin/sudo /usr/sbin/networksetup -version 

which will echo a version message if it's set up correctly, or prompt for a password if you've made a mistake.

This is a much safer route because it limits who can run the command as root to a specific user, setting the networksetup binary itself suid root means anyone who logs into the system could modify your network configuration. OSX is a multiuser operating system, and it should be treated like one.

If you're really paranoid, make sure you use the full path when calling /usr/bin/sudo as well.

like image 98
synthesizerpatel Avatar answered Jan 23 '23 14:01

synthesizerpatel


You can set permission suid to /usr/sbin/networksetup and then networksetup will run with root permission, so you don't need to input password anymore.

sudo chmod u+s /usr/sbin/networksetup 

About suid: http://www.linuxnix.com/2011/12/suid-set-suid-linuxunix.html

like image 34
user805627 Avatar answered Jan 23 '23 13:01

user805627