Writing a (better) application to run shell scripts with admin rights
Following on from my post yesterday, in which I describe a method of creating an application using Automator to run shell scripts that require administrator privileges (sudo), I have now figured out how to achieve the same thing with AppleScript editor, with the improvement that the system dialog is used to obtain administrator privileges, rather than a custom dialog box.
To do this, create an Application in AppleScript Editor:
- Open AppleScript Editor
- Click File > New
- Click File > Save
- Enter name, select a path, select File Format > Application, Save
- Enter the following commands:
set myPath to POSIX path of (path to resource "MyShellScript.sh")
do shell script quoted form of myPath with administrator privileges
- Click on the toolbar button in the top right of AppleScript Editor that reveals the right side bar.
- Drag your shell script from a Finder window into the Resources list. Important: the shell script must be executable; make sure you
chmod 755. - Save the application
You may wish to sign the application with your Developer ID, and make it Run Only. To do this, click File > Export…, select the Developer ID and make any required other settings changes:
Once saved, add an icon to make the app appropriate for your organisation.
When running the application, you should be prompted with a system authentication dialog window:
Example Scripts
Below is the same example as my previous post, adapted to use AppleScript Editor.
Jamf Pro: check for new policies
As a simple example, here is an application script that checks for connection to the JSS, and if successful, runs jamf manage and jamf policy: