如何在 Xcode 4 的运行脚本构建阶段使用 sudo?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/6803329/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to use sudo inside of a Run Script build phase in Xcode 4?
提问by ericg
I need use execute a command inside of a script in a Run Script build phase in Xcode 4 using sudo. However, the compiler complains:
我需要使用 sudo 在 Xcode 4 的运行脚本构建阶段的脚本内执行命令。但是,编译器抱怨:
sudo: no tty present and no askpass program specified
sudo:不存在 tty 且未指定 askpass 程序
Anyone have a clever solution for this problem?
有人对这个问题有一个聪明的解决方案吗?
采纳答案by ericg
One solution is to place the sudo password in an executable shell script like the following:
一种解决方案是将 sudo 密码放在一个可执行的 shell 脚本中,如下所示:
#!/bin/bash
echo thesudopassword
This shell script might be called password.sh
这个 shell 脚本可能被称为 password.sh
Then, setup the environment variable SUDO_ASKPASS=password.sh
然后,设置环境变量 SUDO_ASKPASS=password.sh
Once this is setup, the -A option can be passed to sudo. This option uses the ASKPASS program to obtain the sudo password. The ASKPASS program need only write the password to stdout.
设置完成后,可以将 -A 选项传递给 sudo。此选项使用 ASKPASS 程序获取 sudo 密码。ASKPASS 程序只需要将密码写入标准输出。
So, for example,
所以,例如,
sudo -A ditto -V /tmp/testserver.dst /
This is obviously a rather insecure solution, but it does work.
这显然是一个相当不安全的解决方案,但它确实有效。
回答by arcticmac
Two ideas that haven't been suggested yet, both of which are probably better/safer than the currently accepted answer:
尚未提出的两个想法,这两个想法都可能比当前接受的答案更好/更安全:
First option would be to put the part of the script that needs to be run as root in a script file (.sh or something), and then make it setuid as root: chmod go-w,+sx scriptfile, sudo chown root scriptfile. This means that script will automatically run as root, which avoids you needing to authenticate to run it (just to change it). As long as its operation isn't subject to user input, this should be quite safe. (Of course, if you make a script that takes an input argument and deletes it or runs it, or does most anything else with it, that would notbe safe.)
第一个选项是将需要以 root 身份运行的脚本部分放在脚本文件(.sh 或其他文件)中,然后将其设为 setuid 为 root: chmod go-w,+sx scriptfile, sudo chown root scriptfile。这意味着脚本将自动以 root 身份运行,这避免了您需要进行身份验证才能运行它(只是为了更改它)。只要它的操作不受用户输入的影响,这应该是相当安全的。(当然,如果你犯了一个脚本,需要一个输入参数,并将其删除或运行它,否则不会任何东西与它,那会不会是安全的。)
Second option would be to use applescript (possibly via osascript). Applescript allows you to do shell script "sudo command goes here" with administrator privileges, which will pop up a graphical dialog asking for a password.
第二种选择是使用applescript(可能通过osascript)。Applescript 允许您 do shell script "sudo command goes here" with administrator privileges,它将弹出一个图形对话框,要求输入密码。
The first of these options would be good for an automated environment, though it might not deal well with (for example) being checked into an SCM, or being sent to another user. The second option would work better with that, but requires a password input every time, so doesn't work as well for an automated build script.
这些选项中的第一个对自动化环境很有用,尽管它可能无法很好地处理(例如)被检入 SCM 或发送给另一个用户。第二个选项会更好地工作,但每次都需要输入密码,因此不适用于自动构建脚本。
回答by ericg
Another solution to this problem is to modify sudoers file and add your account to it and state that you should never be asked for the sudo password. To accomplish this is fairly straightforward:
此问题的另一个解决方案是修改 sudoers 文件并将您的帐户添加到其中,并声明永远不应要求您提供 sudo 密码。要做到这一点非常简单:
run:
跑:
sudo visudo
In the User privilege specification section add a line that looks like
在用户权限规范部分添加一行看起来像
youraccountname ALL=(ALL) NOPASSWD: ALL
Of course, this can be a dangerous thing to do, so be careful. I would suggest reading the man page for sudoers and visudo before going this route.
当然,这可能是一件危险的事情,所以要小心。我建议在走这条路线之前阅读 sudoers 和 visudo 的手册页。
回答by Robert Schmid
After much searching I found the following solution.
经过大量搜索,我找到了以下解决方案。
Summary
概括
- Create a keychain and store your admin password in the keychain
- Create a script which uses /usr/bin/security to access the password In your run script,
- Set the ASK_PASS env variable and use the -A option with sudo
- 创建钥匙串并将您的管理员密码存储在钥匙串中
- 创建一个使用 /usr/bin/security 访问密码的脚本 在您的运行脚本中,
- 设置 ASK_PASS 环境变量并在 sudo 中使用 -A 选项
回答by A.Badger
You can either run commands directly as a administrator with the following (changing echo YourCommandHere > /tmp/helloto your command):
您可以使用以下命令直接以管理员身份运行命令(更改echo YourCommandHere > /tmp/hello为您的命令):
osascript -e 'do shell script "sudo echo YourCommandHere > /tmp/hello " with administrator privileges'
Or run a script in your source directory using:
或者使用以下命令在源目录中运行脚本:
osascript -e 'do shell script "bash -x $SOURCE_ROOT/MyAdminScript.sh 1>/tmp/build-log 2>/tmp/build-log.err" with administrator privileges'
This runs the script and logs it output to /tmp/build-log and /tmp/build-log.err
这将运行脚本并将其输出记录到 /tmp/build-log 和 /tmp/build-log.err
For useful variables in the script see https://help.apple.com/xcode/mac/8.0/#/itcaec37c2a6
有关脚本中有用的变量,请参阅https://help.apple.com/xcode/mac/8.0/#/itcaec37c2a6
回答by Juan Sebastian
You can also execute XCode giving it the project as parameter from the Terminal using sudo like this:
您还可以使用 sudo 执行 XCode,将项目作为终端的参数,如下所示:
sudo /Developer/Applications/Xcode.app/Contents/MacOS/Xcode /path/to/your/project.xcodeproj
This is the easiest solution I could think of, but there may be some drawbacks, since you would be executing XCode as root.
这是我能想到的最简单的解决方案,但可能存在一些缺点,因为您将以 root 身份执行 XCode。
回答by gregschlom
No need to write your sudo password anywhere. Just open a terminal window and type
无需在任何地方写下您的 sudo 密码。只需打开一个终端窗口并输入
$ sudo echo "hello"
Once you've typed your password, it will be good for a while - not sure how long - and the shell spawned by Xcode will inherit this permission.
一旦你输入了密码,它就会有一段时间——不确定多久——并且由 Xcode 产生的 shell 将继承这个权限。
If you get the "no tty present" message again later, just repeat the procedure
如果稍后再次收到“no tty present”消息,只需重复该过程
