Jamf Nation Community

zskidmor · ‎03-05-2014

Simple Question but having trouble finding it on the web.

I am building a netboot image an due to some restrictions with our 802.1x network, I can't use the root user.

I am using a different account as admin but I want it to act as root for all functions (essentially give it the same permission level) so that apps don't prompt for a password (casper imaging, carbon copy cloner)

Is there a way to do this? I see that I could use automater to run Casper Imaging as sudo on startup, but I would prefer no password prompts for any functions for future proofing.

Thanks!

Zach

Josh_S · ‎03-05-2014

You would want to use the NOPASSWD functionality within the sudoers file (edit with visudo). I have the following two lines in my sudoers file on my NetBoot image which allow me to run an automator action to open Casper Imaging on boot/login and flatten a FileVault 2 encrypted drive via a script I put in the dock.

administrator   ALL=NOPASSWD:/Applications/Casper Suite/Casper Imaging.app/Contents/MacOS/Casper Imaging
administrator   ALL=NOPASSWD:/usr/sbin/diskutil partitionDisk*

zskidmor · ‎03-07-2014

Thanks for the tip, I have been editing my sudoers file but no change, can you post yours so I can see how its formatted?

Josh_S · ‎03-07-2014

I literally just added those exact two lines using visudo. No other changes at all. I then made an Automator action that runs the script

#!/bin/sh
sudo /Applications/Casper Suite/Casper Imaging.app/Contents/MacOS/Casper Imaging

Careful with the string. It needs to exactly match what's in your sudoers file. Copy/paste to be sure.

Also, the sudoers edit assumes that your logging in user is named "administrator" (short name).

Jamf Nation Community

Root User Permissions