mattrajca/sudo-touchid mattrajca/sudo-touchid

  • Stars
    star
    1,547
  • Rank 30,235 (Top 0.6 %)
  • Language
    C
  • Created about 8 years ago
  • Updated about 3 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
mattrajca/sudo-touchid
github

mattrajca

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A fork of `sudo` with Touch ID support.

sudo-touchid

sudo-touchid is a fork of sudo with Touch ID support on macOS (powered by the LocalAuthentication framework). Once compiled, it will allow you to authenticate sudo commands with Touch ID in the Terminal on supported Macs (such as the late 2016 MacBook Pros).

Screenshot

Warning

  • I am not a security expert. While I am using this as a fun experiment on my personal computer, your security needs may vary.
  • This has only been tested on the 2016 15" MacBook Pro with Touch Bar running macOS 10.12.1.

Building

To build sudo-touchid, simply open the included Xcode project file with Xcode 8+, select the Build All target, and click Build.

Running

If we try running our newly-built sudo executable now, we'll get an error:

sudo must be owned by uid 0 and have the setuid bit set

To fix this, we can use our system's sudo command and the chown/chmod commands to give our newly-built sudo the permissions it needs:

cd (built-products-directory)

sudo chown root:wheel sudo && sudo chmod 4755 sudo

Now if we try running our copy of sudo, it should work:

cd (built-products-directory)

./sudo -s

If you don't have a Mac with a biometric sensor, sudo-touchid will fail. If you'd still like to test whether the LocalAuthentication framework is working correctly, you can change the kAuthPolicy constant to LAPolicyDeviceOwnerAuthentication in sudo/plugins/sudoers/auth/sudo_auth.m. This will present a dialog box asking the user for his or her password:

While not useful in practice, you can use this to verify that the LocalAuthentication code does in fact work.

Installing

Replacing the system's sudo program is quite risky (can prevent your Mac from booting) and requires disabling System Integrity Protection (aka "Rootless").

Instead of replacing sudo, we can install our build under /usr/local/bin and give the path precedence over /usr/bin, this way our build is found first.

sudo cp (built-products-directory)/sudo /usr/local/bin/sudo

sudo chown root:wheel /usr/local/bin/sudo && sudo chmod 4755 /usr/local/bin/sudo

You can set up your PATH by adding export PATH=/usr/local/bin:$PATH to .bashrc (thanks @edenzik).

Now you should be able to enter sudo in any Terminal (or iTerm) window and authenticate with Touch ID!

More Repositories

1

DAVKit

A Cocoa framework for talking to WebDAV servers
Objective-C
114
star
2

MapKit

An iOS library for displaying tiled maps with support for custom tile providers
Objective-C
82
star
3

GoEV3

LEGO Mindstorms EV3 API for Google Go
Go
60
star
4

Safari-Extensions

A repository of Safari Extensions
JavaScript
52
star
5

MNIST

Getting Started with Deep MNIST and TensorFlow on iOS
Objective-C++
50
star
6

pymessage-lite

A simple Python library for fetching recipients and messages from OS X's iMessage database
Python
29
star
7

TranslationKit

A simple Cocoa framework which utilizes Google Translate to translate text
Objective-C
26
star
8

Physics-Demos

A variety of physics-based demos for iOS and Mac OS X
C
22
star
9

CQTKit

A fast implementation of the Constant Q Transform on top of the Accelerate framework
C++
22
star
10

Nibble

A native Apple I (M6502) emulator for Mac OS X and iOS
Objective-C
18
star
11

PsychedelicArt

Algorithmically generating random psychedelic art with Core Image
Objective-C
11
star
12

Mandelbrot

A Mandelbrot set renderer for OS X which leverages GCD, OpenCL, and Metal
Objective-C
11
star
13

Automator-actions

A repository of Automator actions for Mac OS X
Objective-C
11
star
14

MIDIVis

A demo Core Animation application that visualizes MIDI files
Objective-C
11
star
15

FastCoding

A category on NSObject which makes it easy to archive a class's properties in one method call
Objective-C
8
star
16

SharedXPC

Demonstrates issues with connecting to shared XPC Services on Sierra and provides a workaround using Mach ports
Objective-C
8
star
17

NXTKit

A Cocoa framework for talking to Lego NXT Bricks
Objective-C
7
star
18

NXT-Joystick

Drive a NXT bot with iPhone
Objective-C
5
star
19

SceneKit

SceneKit playground
Objective-C
5
star
20

Snake

A simple Snake game for Mac OS X
Objective-C
5
star
21

NXT-Band

Record and play back NXT melody files (RMD) on Mac OS X
Objective-C
4
star
22

NXT-Browser

Mac OS X file browser for your NXT brick
Objective-C
4
star
23

CenteringScrollView

Sample code showing how to center content in a NSScrollView in the world of Auto Layout.
Swift
4
star
24

Seashells3D

An example of parametric geometry in SceneKit
Objective-C
3
star
25

sudoku-solver

A sudoku solver written in C that uses a backtracking algorithm
C
3
star
26

FacebookAlbumFetcher

Lets Mac users batch-download their Facebook friends' photo albums. Requires OS X 10.8.2.
Objective-C
3
star
27

scripts

A bunch of useful Bash and Python scripts
Python
3
star
28

PDFDrop-SafariExtz

a Safari Extension that makes it easy to send open PDFs from Safari to Dropbox
JavaScript
3
star
29

Mastermind

A simple Mastermind game for Mac OS X
Objective-C
3
star
30

ISSKit

iOS static library for tracking the International Space Station
2
star
31

TTT

Tic-Tac-Toe game which uses the alpha-beta minimax algorithm for its AI
C
2
star
32

SkyKit

Demo project that shows how to use MapKit to render Google Sky imagery
Objective-C
2
star
33

SGP4

An OS X/iOS compatible fork of danrw's SGP4 C++ Satellite Library
C++
1
star
34

HeapKit

A Swift implementation of the Heap data structure
Swift
1
star
35

fb2cal

View your Facebook friends' birthdays right from your favorite calendaring program
Python
1
star