Kosta88 Posted March 25, 2013 Share Posted March 25, 2013 It's quite a simple task, but I'm failing on one point. I want to create a script connecting a VPN connection on boot, so my script looks like this: tell application "Terminal" do script "route add {censored}.{censored}.{censored}.{censored} -interface ppp0" (the {censored}... is the IP for which I want a static route) end tell The terminal of course replies "must be root to alter routing table". If I say "sudo route add...", then I get a password prompt. So, what do I need to do to run a script as root, but NOT writing a password in the script? Thanks Kosta Link to comment Share on other sites More sharing options...
qwerty12 Posted March 25, 2013 Share Posted March 25, 2013 Leverage the power of sudoers - particularly the NOPASSWD specifier: http://ubuntuforums.org/showthread.php?t=1132821 Link to comment Share on other sites More sharing options...
Kosta88 Posted March 26, 2013 Author Share Posted March 26, 2013 Arrg, pulling my hairs already... I never thought it will be THIS hard. Alright, what I did: - created a script via applescript (saved to desktop, test.app), script runs fine by itself, requires me to type in the password in the terminal window - then I entered sudo visudo and added following: %admin ALL=(ALL)NOPASSWD:/Users/Kosta/Desktop/test.app - also did "chmod 755 test.app" directly in the desktop folder - entered the test.app into Login Items And yet, on logout/login, asks for password!! Also rebooted, before you ask. Link to comment Share on other sites More sharing options...
qwerty12 Posted March 26, 2013 Share Posted March 26, 2013 Add the command you're running inside your script to sudoers. test.app gets executed as your normal user when invoked by OS X during startup - you can't do anything about that - so by whitelisting the command you want to run that's inside the AppleScript, when it runs "sudo <command>", sudo will let it through for that command. Link to comment Share on other sites More sharing options...
Kosta88 Posted March 26, 2013 Author Share Posted March 26, 2013 Alright, I found the script itself, it's in the /Contents/Resources/Scripts, but how do I path to that command, without now going through the trials? The previous path is /Users/Kosta/Desktop/test.app, and now test.app/Contents/Resources/Scripts...? Is there a safer way, because I reckon putting a "main.scpt" into sudoers, would be a major security risk, no? I tried another thing: now I wrote a shell script, in my user folder /Users/Kosta/my_script, simply as a test. Then I have it chmod 755 of course. sudo visudo, and entered last line as: Kosta ALL = NOPASSWD: /Users/Kosta/my_script Still, when I execute the script by typing ./myscript (even sudo ./my_script), it requires a password. Why? Link to comment Share on other sites More sharing options...
eep357 Posted March 26, 2013 Share Posted March 26, 2013 Easy way of giving applescript admin privilege is this tell application "Terminal" do script "blah blah script here" with administrator privileges end tell but would of course require password. You could instead have your VPN credentials saved as part of the connection settings: and use something like this: tell application "System Events" tell current location of network preferences set VPNservice to service "NAME OF YOUR VPN" connect VPNservice end tell end tell Link to comment Share on other sites More sharing options...
Kosta88 Posted March 26, 2013 Author Share Posted March 26, 2013 The problem is not making vpn authentication, also not a problem making vpn connect automatically. Already solved that. The problem is that I want to create a persistent static route for a single ip, but not over a gateway, but via the interface. In my case ppp0 is the interface. Link to comment Share on other sites More sharing options...
Kosta88 Posted March 26, 2013 Author Share Posted March 26, 2013 OK, apparently there is no viable way to do this, except putting it into the script. Since I can export the script as an app, with "execute only" option, virtually hiding the password, I guess this is safe enough. Now, last question, if any ideas... the VPN connection in OSX is fairly stable, even after 12 hours it was still connected. Is there a viable reconnect, or does OSX reconnect on line drop by itself? I read on another homepage one can do "return 120" value and click "stay open"... this helps anyway? It's vital the VPN stays open, not even one glitch. I didn't yet test 72hrs, but will do soon The script is now like this: tell application "System Events" tell current location of network preferences setVPNservicetoservice "VPN CONNECT" if existsVPNservice then connectVPNservice repeat until (connected of current configuration of VPNservice) delay 1 endrepeat endtell endtell do shell script "route -nv add -net {censored}.{censored}.{censored}.{censored} -interface ppp0" user name "xxxxxx" password "xxxxxxxx" withadministrator privileges What do I need to do really to have the script up and running (and reconnecting if there is a problem)? Link to comment Share on other sites More sharing options...
Recommended Posts