Prevent networksetup from asking password

macos cocoa proxy passwords osx-mountain-lion
16,839

Solution 1

Use sudo to accomplish this by adding a passwordless rule for the user you want to be able to execute this command.

  • Run visudo to launch an editor to modify the /etc/sudoers file

    visudo -f /etc/sudoers

  • At the end of the file, add the line

    $USERNAME ALL=(root) NOPASSWD: /usr/sbin/networksetup

Where $USERNAME is, put the actual username you want to provide nopassword access to the networksetup command.

  • Save the file

  • Test it as your user by running

    /usr/bin/sudo /usr/sbin/networksetup -version

which will echo a version message if it's set up correctly, or prompt for a password if you've made a mistake.

This is a much safer route because it limits who can run the command as root to a specific user, setting the networksetup binary itself suid root means anyone who logs into the system could modify your network configuration. OSX is a multiuser operating system, and it should be treated like one.

If you're really paranoid, make sure you use the full path when calling /usr/bin/sudo as well.

Solution 2

You can set permission suid to /usr/sbin/networksetup and then networksetup will run with root permission, so you don't need to input password anymore.

sudo chmod u+s /usr/sbin/networksetup

About suid: http://www.linuxnix.com/2011/12/suid-set-suid-linuxunix.html

Share:
16,839

Related videos on Youtube

Lauri Koskela
Author by

Lauri Koskela

Updated on July 11, 2022

Comments

  • Lauri Koskela
    Lauri Koskela almost 2 years

    I have a little app that I use to change proxies on my Mac. It uses the networksetup command to set the proxy settings, and that worked fine on Lion. On Mountain Lion though, it asks the admin password every single time I change the proxy settings.

    networksetup is trying to modify the system network configuration. Type your password to allow this.

    Is there any way to prevent this from happening? Or is there a better way to change the proxy settings in Cocoa? On Lion the system remembered when I put the password in, so I had to authenticate only after reboots.

    I also noticed that in Chrome, the Proxy Switchy plugin suffers from the same behaviour. It says

    scutil is trying to modify the system network configuration. Type your password to allow this.

  • SirDarius
    SirDarius almost 11 years
    You misunderstood the question, what you are talking about is about giving a password to networksetup for commands that expect one. The OP's issue is that networksetup needs to be run by user with admin privileges. It's not even networksetup that asks for a password here, but the authentication manager.
  • sorin
    sorin almost 11 years
    This seemed to work on OS X 10.8 but I am afraid that if I repair permissions using Disk Util this fix will go away.
  • Sean
    Sean over 10 years
    This gives me the error cp: /Library/Preferences/SystemConfiguration/preferences.plist.o‌​ld: Permission denied
  • synthesizerpatel
    synthesizerpatel over 10 years
    Don't set binaries suid - it's bad practice and is why sudo exists in the first place. I've added an sudo based answer for this question to show the more security minded solution for this problem.
  • dcnicholls
    dcnicholls over 9 years
    More information, please. I tried the above (let's assume my admin user name is 'fred') adding {fred ALL=(root) NOPASSWD: /usr/sbin/networksetup} and got a long series of errors with the test (NB sbin not bin). How should I format the command?
  • nanoamp
    nanoamp over 9 years
    I've edited the answer to fix the path, and make the test clearer. If you call networksetup without any parameters then you would get a long page of usage tips. But that does prove that it works without a password.
  • thefonso
    thefonso almost 9 years
    These instructions produce THIS error now "sudo: parse error in /etc/sudoers near line 48 sudo: no valid sudoers sources found, quitting" How do we edit the file Now?
  • stevendaniels
    stevendaniels almost 9 years
    Use visudo to edit the file. It will ensure the file doesn't have any errors.
  • tdc
    tdc over 8 years
    I've gone ahead and tried this but I'm still getting the prompt continuously (trying to install Private Internet Access client on OSX), despite the -version check working as expected. For what it's worth I'm on El Capitan - did the location of networksetup change?
  • Jeef
    Jeef over 8 years
    sudo doesn't fix the error however - but the new UAC mode in 10.10 and 10.11 removes it.
  • I0_ol
    I0_ol almost 7 years
    This doesn't seem to be working anymore. I'm assuming because of SIP.
  • JBis
    JBis over 5 years
    Link broken please fix

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Force OSX text field to accept copy-paste
Send notification to Mountain lion notification center
Mac OS X 10.8 - Configure smbd to follow symbolic links
GLUT on OS X with OpenGL 3.2 Core Profile
jQuery .load is not loading a local html file inside a Cocoa WebView
How can I Pause a NSOperation in a NSOperationQueue?
Getting an existing NSLayoutConstraint for the width?
Simulate keypress for system wide hotkeys
Use of undeclared identifier Objective-C Code
How to extract hardcoded strings from a binary in Mac?