How to Run The `sudo` Command in KM?

Is there a way to run this command without Terminal (right in KM) and automate entering a su password?

Hey Ilya,

You’ve seen the Execute a Shell Script action?

You can execute a text-script or a script-file.

There is no convenient way to automate sudo, but it can be done.

Some hints:



Thank you Chris, all works!

I tried Shell Script action, had no success, thought there must be some special syntax… But it turned out easier than I thought. I love KM

Amen to that!  :-{)


1 Like

Care to share?

I'm having an issue where external HDs are waking my mac at night, so I want to set Put hard disks to sleep when possible to ON when my mac sleeps, then OFF when it wakes. I've tried:

echo x | sudo pmset -a disksleep 10

...where x is my password.


Edit your sudoers file, using sudo visudo in Terminal, so pmset doesn't need a password.

The (corrected) line to add will be:

your_short_username ALL=NOPASSWD: /usr/bin/pmset

Original, wrong, autocorrected version -- kept for context but hidden in embarrassment:

your_short_username ALL=NOPASSWD: /user/bin/pmset

It's vi, so i to enter interactive mode, add the line, then hit the Esc key and type :wq and hit Return to write-and-quit.


I was hoping not to have to disable passwords, but this seems like the easiest solution. Thanks!

You're only disabling the sudo password requirement for pmset, and only for your account -- that's much safer than echoing a password that, if discovered (how are you storing it, are you clearing your history file? Etc...) would allow all sorts of shenanigans...


I'm not sure what I'm doing with this sudo visudo thing. Where do I add the line? This is making me a bit nervy.

Apologies, @noisneil -- the proper way to do it these days is to add a file into /private/etc/sudoers.d/ (and I always forget that...). It's often done on a file-per-command basis, so:

In Terminal, type whoami and note your short username -- you can select and Copy it if you want. Then sudo visudo /private/etc/sudoers.d/pmset and enter your password if asked.

Terminal window will be empty except for a bunch of ~ down the left. So, with the cursor at the top, hit i to enter "Insert" mode. Type or paste in your short username, a space to tab, then ALL=NOPASSWD: /usr/bin/pmset (autocorrected path mistake corrected). Hit ESC to exit "Insert" mode and then :wq and Return to write-and-quit.

@Nige_S, I followed your instructions and successfully used sudo pmset -a disksleep 10 in Terminal to enable the setting in Battery preferences. However, when trying to run it as a KM shell script, I get:


Try passing your username in the command as well:

sudo pmset -u username -a disksleep 10

One day I'll get the hang of KM shells and $ENV and user and..., and get it right first time every time. But that day ain't today! So the above has been tested on Monterey.

No joy with that either, I'm afraid.


So it works with -u when I'm "getting" from pmset, but when "setting" it whines because I'm not root. I'll have more of a poke later, or perhaps the smart kids will arrive and solve the problem.

If you really want to make this happen and are happy to echo your password, the following should work -- although you might have to get creative with character escaping if your password has anything funky in it (the single quotes should take care of most):

echo 'mysecretpassword' | sudo -S pmset -a disksleep 10
1 Like

Ok that works great! I have no problem echoing the password; I mean, if you've managed to log into my mac and thought to dig around in my KM macros, you've earned it!

Any reason to undo the sudo visudo? Might as well leave it, right?

Oh, FFS... I'm such an idiot (and autocorrect does my head in!)

Check the sudoers file created earlier and make sure that the path is right:

username ALL=NOPASSWD: /usr/bin/pmset

Note that the "e" in "user" shouldn't be there...

1 Like

Nailed it! Yep, works now! Thanks @Nige_S, you're a hero. :trophy:

I realise I semi-hijacked this thread, but I do think this has added at least one full solution to the topic.

Right, let's hope this actually stops my mac from waking in the middle of the night.

The above works, but I just tried to apply the same logic to the below, with no luck. Any reason you can think of?

echo 'my secret password' | sudo spctl --master-disable

The missing -S after sudo? That's the flag that says "get the password from standard input (the pipe in this case) rather than a terminal".

1 Like

To quote you...


1 Like