Almost two years ago I discovered that the OSX’s
sudo binary doesn’t display the “insults” (see
man sudoers) and wrote a post on how to fix that. Today I’d like to append that information with a helpful shell function to check if your current
sudo has insults or the latest update has reverted the patched version again (of course, it did).
This function is in my
~/.zshrc and was tested in
zsh, it should also work in
1 2 3 4 5
Testing it on an unpatched system:
1 2 3 4
Then I patch
sudo and test again:
1 2 3
How does it work?
The default message for the wrong password on OSX is lame “Sorry, try again.”, so we need to test for that. I sifted through the man page and this combination of options worked great:
-Sreads the password from stdin; the password is supplied by the
echoand is knowingly incorrect;
-kresets the timestamp so that the password is required;
-vauthenticates the user, verifying the password, but not running any command;
-p ''disables the prompt for password so that nothing except the message about the incorrect password is printed.
We redirect the
2>&1, get the first line and test if it’s the default error. If it is, we print “sudo doesn’t have insults” and exit with code 1.