love4taylor
commented
1 year ago Open love4taylor opened 1 year ago
love4taylor
commented
1 year ago 
angryjonny
commented
1 year ago Dropping sudo from the command worked for me.
i.e. brew services start sudo-touchid
love4taylor
commented
1 year ago It doesn't work, plist is under the user Library folder which means it won't run with root privileges? So I don't think it will do anything.
~
❯ brew services start sudo-touchid
Warning: sudo-touchid must be run as root to start at system startup!
Bootstrap failed: 5: Input/output error
Try re-running the command as root for richer errors.
Error: Failure while executing; `/bin/launchctl bootstrap gui/501 /Users/love4taylor/Library/LaunchAgents/homebrew.mxcl.sudo-touchid.plist` exited with 5.
artginzburg
commented
1 year ago Turns out the problem is you need to first tap brew/services, and then you can run via sudo. Without sudo, the service won't work anyway, as it modifies system configuration.
I'll update the ReadMe
love4taylor
commented
1 year ago It seems that the sudo brew command does not report an error now, but I reopened a terminal and it did not pop up the touch-id authentication is still the password, so it does not seem to have worked.
~
❯ sudo brew services start sudo-touchid
Warning: Taking root:admin ownership of some sudo-touchid paths:
/opt/homebrew/Cellar/sudo-touchid/0.4/bin
/opt/homebrew/Cellar/sudo-touchid/0.4/bin/sudo-touchid
/opt/homebrew/opt/sudo-touchid
/opt/homebrew/opt/sudo-touchid/bin
/opt/homebrew/var/homebrew/linked/sudo-touchid
This will require manual removal of these paths using `sudo rm` on
brew upgrade/reinstall/uninstall.
==> Successfully started `sudo-touchid` (label: homebrew.mxcl.sudo-touchid)~
❯ sudo ls
Password:First after entering the command, you need to restart the terminal session.
Also, the brew services command just starts the service — it does not call sudo-touchid right away.
I'll also update the ReadMe about that.
love4taylor
commented
1 year ago I tried restarting the terminal session, but it didn't work.
https://user-images.githubusercontent.com/6081912/201380493-db50cd9b-a23c-4860-9d32-f139fbe456ee.mov
artginzburg
commented
1 year ago Dropping
sudofrom the command worked for me. i.e.brew services start sudo-touchid
@angryjonny wait, how? I thought sudo-touchid cannot work without root access. Or does brew services allow anything to run as root now?
artginzburg
commented
1 year ago @love4taylor try running plain sudo-touchid. The service does not do it for some reason. I still don't know why does it not, strange as hell.
love4taylor
commented
1 year ago The plist generated by brew looks like this, It seems to be different from the one provided in your repo.
~
❯ cat /Library/LaunchDaemons/homebrew.mxcl.sudo-touchid.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>homebrew.mxcl.sudo-touchid</string>
<key>LimitLoadToSessionType</key>
<array>
<string>Aqua</string>
<string>Background</string>
<string>LoginWindow</string>
<string>StandardIO</string>
<string>System</string>
</array>
<key>ProgramArguments</key>
<array>
<string>/opt/homebrew/opt/sudo-touchid/bin/sudo-touchid</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>Wow. The manual installation plist does not have the "LimitLoadToSessionType" key indeed. The brew-generated one also did not have it before. I'll try to look into it.
But looks like the new key is not related to sudo-touchid not working. The plist just automates running sudo-touchid. Have you tried running just the script?
love4taylor
commented
1 year ago I tried the script install, sh does not have permission to install to /usr/local/bin, sudo sh is needed, but since the script ended up executing sudo-touchid manually, I am not sure if the installed service is working or not, I tried sudo-touchid -d and restart session/reboot but did not succeed in modifying the pam file.
love4taylor
commented
1 year ago If I simply run sudo-touchid I'm sure it will work, I just care more about the plist service for automated changes after upgrading the system.
artginzburg
commented
1 year ago Could you try explicitly setting the Program arguments string to /usr/bin/sudo /opt/homebrew/opt/sudo-touchid/bin/sudo-touchid? I'll also try that and report here if it works for me.
P.S. Did that just now and restarted the system. Doesn't seem to work. sudo brew services shows "error" status:
artginzburg
commented
1 year ago I think the initial issue was resolved by Homebrew (just untapped homebrew/services and ran sudo brew services start sudo-touchid to check that). The background service not running at load is discussed here: #8.
Could anyone confirm that the initial issue is resolved?
love4taylor
commented
1 year ago It doesn't seem to help to do so.
TheAifam5
commented
1 year ago -r--r--r-- 1 root wheel 246 Mar 18 05:34 /etc/pam.d/sudoI think the script should check for proper chmod first or set and restore.
This is on Ventura 13.3.
artginzburg
commented
1 year ago Doesn't seem like chmod is related to this issue. There's another issue where I tried something related to permissions — https://github.com/artginzburg/sudo-touchid/issues/8#issuecomment-1419015042