Using Terminal without password

Discussion in 'MacBook Pro' started by bsblvnv, Mar 31, 2010.

  1. bsblvnv macrumors regular

    Joined:
    Jan 29, 2010
    Location:
    Las Vegas
    #1
    I do not have a password set on my MBP, but anytime that I have to sudo anything in Terminal it asks for my password. If I just leave it blank like at login, it says the password is incorrect. What I have to do is set up a password use it in Terminal then I remove it afterwards. This is very annoying. Is there any way that I can do this without having to set the password every time?
     
  2. zymeth macrumors newbie

    zymeth

    Joined:
    Jun 14, 2009
    #2
    hello there,

    this would require you to go to your terminal, type: "sudo visudo" (or sudo nano /etc/sudoers not recommended) and change the entry for your user to:
    USERNAME ALL = NOPASSWD: ALL

    usually that will be
    root ALL = NOPASSWD: ALL

    hope that helps :)
     
  3. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #3
    It may be annoying but its one of the safety mechanisms built into OSX and I would highly recommend removing it. You're basically enabling root access w/o any password.
     
  4. Puppybasher macrumors newbie

    Joined:
    Mar 14, 2010
    #4
    Ofc you need to set a password temporarily to do this :p
    Though you shouldn't set root to NOPASSWD but your own username. But like maflynn said this is not advised because it's not really "safe".
     
  5. bsblvnv thread starter macrumors regular

    Joined:
    Jan 29, 2010
    Location:
    Las Vegas
    #5
    What do you mean not really safe? I'm not worried about hackers, the only thing that would worry me is if I somehow got some virus or something that crashed my mac. Nobody uses the MB but me and it is usually no more than 10 feet away, so just wondering whats not safe about it. It is really annoying but if it is going to kill my mac than I would rather be annoyed
     
  6. belvdr macrumors 603

    Joined:
    Aug 15, 2005
    #6
    You could easily mess up a command and require reinstalling the OS, apps, and/or restoring data. It also means (if I'm reading this right) that any application you install will automatically be able to do anything it wants. If true, this would also apply to anything you are running, such as a malicious website with a trojan horse.
     
  7. bluetick macrumors member

    Joined:
    Mar 15, 2010
    #7
    Say, some virus or malware (last being more probable) gets launched on your mac. If you have no password, it'll easily get (almost) full acces to your machine, including system files and all that.
     
  8. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #8
    Sorry to put this bluntly, but why are you even using sudo/Terminal to begin with? Based on what you've posted so far it's clear you really have very little idea of what you're doing.
     
  9. bluetick macrumors member

    Joined:
    Mar 15, 2010
    #9
    Well, eventually he will. Computers are better learned by experiment, rather than by reading thick and dusty books, arent they?
     
  10. belvdr macrumors 603

    Joined:
    Aug 15, 2005
    #10
    The method of learning differs between individuals.
     
  11. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #11
    I can see this "experiment" leading to a case of

    Code:
    sudo rm -rf / testfile.txt
    followed by a "HELP I did something in Terminal and now my computer doesn't work!" thread.

    My question still stands, slightly rephrased- Other than convenience, why are you wanting to eliminate password protection on your machine?
     
  12. iketeru macrumors member

    Joined:
    Jul 31, 2007
    #12
    damn, this is an open backdoor just begging to be broken into. just set a simple password!
     
  13. bluetick macrumors member

    Joined:
    Mar 15, 2010
    #13
    Learning is hard, who doubts.
     
  14. calderone macrumors 68040

    calderone

    Joined:
    Aug 28, 2009
    Location:
    Seattle
    #14
    Of course learning is hard, and the first lesson is to not do something as stupid as requiring no password in when using sudo.

    This should be practiced sparingly and on commands that are mostly innocuous.

    For example, part of our workflow for deploying new machines is to set the machine name. We do this via scutil, instead of requiring a password for this particular command, we added an exception for the client administrator so that our automation processes could run without interaction.

    Anyhow, my recommendation, be annoyed until you run until a case where you need to allow an exception for a particular command due to its frequency or for processes where no interaction automation is required or desired.
     
  15. bsblvnv thread starter macrumors regular

    Joined:
    Jan 29, 2010
    Location:
    Las Vegas
    #15
    Well I may not be a programmer or a hacker or someone who spent 5 years in college getting a degree in computer programming, but what I do know how to do is read.

    Like

    $ cd /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources

    $ sudo mv AliasBadgeIcon.icns AliasBadgeIcon_OFF.icns

    removes alias arrows for icons

    And

    sudo pmset -g
    sudo pmset -a sms 0

    which disables sudden motion senson

    And

    sudo defaults write /Library/Preferences/com.apple.loginwindow LoginwindowText "Your Message"

    To add a message to the login window

    Or how about to change the frequency of Time Machine backups?

    sudo defaults write /System/Library/LaunchDaemons/com.apple.backupd-auto StartInterval -int 1800

    And since I never use spotlight maybe I should just remove the icon its kind annoying anyways

    sudo chmod 0 /System/Library/CoreServices/Spotlight.app
    killall Spotlight

    want to make the menu bar completely transparent?

    sudo defaults write /System/Library/LaunchDaemons/com.apple.WindowServer 'EnvironmentVariables' -dict 'CI_NO_BACKGROUND_IMAGE' 1

    what about making it grey?

    sudo defaults write /System/Library/LaunchDaemons/com.apple.WindowServer 'EnvironmentVariables' -dict 'CI_NO_BACKGROUND_IMAGE' 0

    when you decide Apple got it right in the OS to change it back

    sudo defaults delete /System/Library/LaunchDaemons/com.apple.WindowServer 'EnvironmentVariables

    Oh and my personal favorite, when you tell someone they are wrong for wanting to learn something

    sudo If you don't want to help with someones question please go to the next thread.


    Sorry for the rant guys, but I am tired of people telling me not to do something instead of telling me why not to do it, then telling me how to do it and let me make my own decision whether it may be right or wrong.
     
  16. calderone macrumors 68040

    calderone

    Joined:
    Aug 28, 2009
    Location:
    Seattle
    #16
    And you use those, how often?

    Do what you want, but don't come crying when you screw something up.

    EDIT: To add, you say you can "read" but that does not mean you understand the commands and if they are formatted properly. Anyone can type out a command on the net, tell you it does X, you paste it in, type your password and... who knows that will happen.
     
  17. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #17
    Famous. Last. Words.

    I never told you that you were wrong, my question was intended to make you actually think about what you were doing. As in the posts I linked to above, even people who "know how to read" make mistakes because they don't appreciate what kind of trouble they can get into if something goes wrong.

    password: #
     
  18. bsblvnv thread starter macrumors regular

    Joined:
    Jan 29, 2010
    Location:
    Las Vegas
    #18
    OK back to teaching someone instead of TELLING THEM WHAT TO DO! Really I thought I asked a simple question. After reading a couple of the intelligently written replies I have decided not to do it. I was not under the impression that it would not have the possible consequences that it may have. And if I chose to do it and something bad did happen... well thats why we have backups right. Anyways I am going to stop with this thread. zymeth, maflynn, Puppybasher, belvdr, and bluetick thanks for your help. As for the rest of you, please take this one piece of advice from someone who is wrong often and can admit it. I make mistakes all the time, and someday. Maybe just maybe you might make one too.
     
  19. calderone macrumors 68040

    calderone

    Joined:
    Aug 28, 2009
    Location:
    Seattle
    #19
    Fewer than you I am sure, since I don't plan to go around masquerading as root so I can tweak my Macs interface without having to type a password.

    EDIT: I had a chuckle on those threads Miles01110. There was one recently where some deleted /private.
     
  20. gorn macrumors member

    Joined:
    Jun 17, 2009
    #20
    I agree root without a password isn't a great idea. But that isn't reason to be obnoxious to him. And what's with acting like people shouldn't be allowed to experiment because then they might start a "oh no I rm -rf'ed" thread? You learn to ride a bike by falling off. When I first started using Linux (And didn't know anything) I didn't know about sudo and so I wrote my own replacement for su that didn't require any password. I survived.

    Anyway the NOPASSWORD is sudoers works. I do this in a linux VM for convenience.

    Sudo is pretty powerful and has a lot of options, you could set it so some commands don't require a password (defaults) and others do (mv/rm).

    bsblvnv ALL=NOPASSWD:/usr/bin/defaults

    Also if the main problem is that you don't want a password for your user from the GUI, then you could have a root password. By default sudo doesn't use the root password but can be configured to do so, see "rootpw" at http://www.gratisoft.us/sudo/man/sudoers.html . Another option would be to use "su" rather than "sudo". su switches users to the root user and requires the root, not user password. First set a root password with:

    sudo passwd root

    Then you can do "su" to get a root shell (With the root password). or to act similar to sudo you can do:
    su root -c "mv AliasBadgeIcon.icns AliasBadgeIcon_OFF.icns"

    Note you need the quotes around the whole command, not quite as convenient as sudo, but less to configure.
     
  21. gorn macrumors member

    Joined:
    Jun 17, 2009
    #21
    False sense of security.
     
  22. plinden macrumors 68040

    plinden

    Joined:
    Apr 8, 2004
    #22
    I have 20 years of experience working in Unix/Linux systems and even I've typed "sudo rm -rf *" in the wrong directory a couple of times. Luckily the extra step of typing the password has saved me every time.

    I never add NOPASSWD: ALL to my entry in sudoers. Why it's even an option, I don't know.

    The advice of those telling you to use a password is correct. Sorry if you can't accept that.

    By the way, I spend at least 50% of my time in Terminal and probably have to type my password dozens of times a day.
     
  23. calderone macrumors 68040

    calderone

    Joined:
    Aug 28, 2009
    Location:
    Seattle
    #23
    What!? Care to explain.
     
  24. bsblvnv thread starter macrumors regular

    Joined:
    Jan 29, 2010
    Location:
    Las Vegas
    #24

    THANK YOU THANK YOU THANK YOU!!! This is exactly what I want. I don't mind typing in the password in terminal, but I hate setting up a password in the GUI just to use terminal and then disabling it 30 seconds later. I did it 8 times in a span of 40 minutes last night and it just gets really annoying. So I am reading the article now and hopefully it works like I think I am understanding.
     
  25. gorn macrumors member

    Joined:
    Jun 17, 2009
    #25
    I'm partially playing devils advocate, but if you go around thinking that you won't make mistakes because your password protects you, then you'll be less careful and will make mistakes. You should have the protection, but think as if you don't.

    On a server, root is a very big deal and mistakes as root could cause serious downtime. (Also worms like root for a DDoSes, packet sniffing and stealth port scanning)

    But on a personal machine, for me at least, my local user is incredibly valuable and a "rm -rf *" in ~, (no sudo needed) would be devastating, except that I have good backups. Hard drives fail often anyway.

    And if someone/thing hacked your user, but failed to get root, your passwords (Not keychain, but Firefox saved passwords maybe), emails (private content, or including passwords), cookies (gmail, facebook, etc), tax forms (SSN), etc are most likely readable.
     

Share This Page