Is there a way to run this command without Terminal (right in KM) and automate entering a su password?
You’ve seen the Execute a Shell Script action?
You can execute a text-script or a script-file.
There is no convenient way to automate sudo, but it can be done.
Thank you Chris, all works!
I tried Shell Script action, had no success, thought there must be some special syntax… But it turned out easier than I thought. I love KM
Amen to that!
Care to share?
I'm having an issue where external HDs are waking my mac at night, so I want to set Put hard disks to sleep when possible to ON when my mac sleeps, then OFF when it wakes. I've tried:
echo x | sudo pmset -a disksleep 10
...where x is my password.
sudoers file, using
sudo visudo in Terminal, so
pmset doesn't need a password.
The (corrected) line to add will be:
your_short_username ALL=NOPASSWD: /usr/bin/pmset
Original, wrong, autocorrected version -- kept for context but hidden in embarrassment:
your_short_username ALL=NOPASSWD: /user/bin/pmset
It's vi, so
i to enter interactive mode, add the line, then hit the
Esc key and type
:wq and hit Return to write-and-quit.
I was hoping not to have to disable passwords, but this seems like the easiest solution. Thanks!
You're only disabling the
sudo password requirement for
pmset, and only for your account -- that's much safer than
echoing a password that, if discovered (how are you storing it, are you clearing your
history file? Etc...) would allow all sorts of shenanigans...
I'm not sure what I'm doing with this
sudo visudo thing. Where do I add the line? This is making me a bit nervy.
Apologies, @noisneil -- the proper way to do it these days is to add a file into
/private/etc/sudoers.d/ (and I always forget that...). It's often done on a file-per-command basis, so:
In Terminal, type
whoami and note your short username -- you can select and Copy it if you want. Then
sudo visudo /private/etc/sudoers.d/pmset and enter your password if asked.
Terminal window will be empty except for a bunch of
~ down the left. So, with the cursor at the top, hit
i to enter "Insert" mode. Type or paste in your short username, a space to tab, then
ALL=NOPASSWD: /usr/bin/pmset (autocorrected path mistake corrected). Hit
ESC to exit "Insert" mode and then
:wq and Return to write-and-quit.
@Nige_S, I followed your instructions and successfully used
sudo pmset -a disksleep 10 in Terminal to enable the setting in Battery preferences. However, when trying to run it as a KM shell script, I get:
Try passing your username in the command as well:
sudo pmset -u username -a disksleep 10
One day I'll get the hang of KM shells and $ENV and user and..., and get it right first time every time. But that day ain't today! So the above has been tested on Monterey.
No joy with that either, I'm afraid.
So it works with
-u when I'm "getting" from pmset, but when "setting" it whines because I'm not root. I'll have more of a poke later, or perhaps the smart kids will arrive and solve the problem.
If you really want to make this happen and are happy to
echo your password, the following should work -- although you might have to get creative with character escaping if your password has anything funky in it (the single quotes should take care of most):
echo 'mysecretpassword' | sudo -S pmset -a disksleep 10
Ok that works great! I have no problem echoing the password; I mean, if you've managed to log into my mac and thought to dig around in my KM macros, you've earned it!
Any reason to undo the
sudo visudo? Might as well leave it, right?
Oh, FFS... I'm such an idiot (and autocorrect does my head in!)
Check the sudoers file created earlier and make sure that the path is right:
username ALL=NOPASSWD: /usr/bin/pmset
Note that the "e" in "user" shouldn't be there...
Nailed it! Yep, works now! Thanks @Nige_S, you're a hero.
I realise I semi-hijacked this thread, but I do think this has added at least one full solution to the topic.
Right, let's hope this actually stops my mac from waking in the middle of the night.
The above works, but I just tried to apply the same logic to the below, with no luck. Any reason you can think of?
echo 'my secret password' | sudo spctl --master-disable
sudo? That's the flag that says "get the password from standard input (the pipe in this case) rather than a terminal".
To quote you...