MacBook – How to install sudo insults on Mac

darwinmacbook prosudoterminal

How do I install sudo insults^† on Mac terminal?

Apparently Apple has cleaned it up from Darwin, so adding Defaults insults through sudo visudo does not help.

^{^† The insulting things sudo command says when you enter wrong password.}

Best Answer

To install a sudo with insults you have to compile it yourself:

Requirements: Xcode 8.0, Sierra 10.12, probably SIP disabled

Backup sudo and visudo:

sudo cp /usr/bin/sudo  /usr/bin/sudo.backup
sudo cp /usr/sbin/visudo  /usr/sbin/visudo.backup

Create a dir: mkdir sudo
Change to the directory: cd sudo

Curl the Apple open source sudo:

curl https://opensource.apple.com/tarballs/sudo/sudo-83.tar.gz | tar zxf -

cd to the source folder:
```
cd sudo-83/src
```

configure, make and make install it:

./configure --with-password-timeout=0 --disable-setreuid --with-env-editor --with-pam --with-libraries=bsm --with-noexec=no --sysconfdir="/private/etc" --with-timedir="/var/db/sudo" --with-all-insults
make
sudo make install

The file sudo-83/src/INSTALL contains a lot more tweak options for the configure command!

The files may be installed to /usr/local/bin/ and /usr/local/sbin/ so you may have to move them (in my case I had to):

sudo mv /usr/local/sbin/visudo /usr/sbin/visudo
sudo rm /usr/local/bin/sudoedit
sudo mv /usr/local/bin/sudoreplay /usr/bin/
sudo mv /usr/local/bin/sudo /usr/bin/sudo
/usr/bin/sudo ln -s /usr/bin/sudo /usr/bin/sudoedit

or modify your path and prepend /usr/local/bin and /usr/local/sbin.

Enter /usr/bin/sudo /usr/sbin/visudo

Add the line in insert mode (simply hit i)

Defaults        lecture_file = "/etc/sudo_lecture" #<-already there
Defaults        insults

Save the file after hitting esc with :wq!.

Probably you have to quit and relaunch Terminal now.

Results:

host:~ user$ ls -l /usr/bin/sudo*
-rwsr-xr-x  1 root  wheel  restricted 225428 Oct 19 02:01 /usr/bin/sudo
-r-x--x--x  1 root  wheel  restricted 369136 Oct 19 02:00 /usr/bin/sudo.backup
lrwxr-xr-x  1 root  wheel  restricted     13 Oct 19 02:03 /usr/bin/sudoedit -> /usr/bin/sudo
-rwxr-xr-x  1 root  wheel  restricted  49544 Oct 19 02:01 /usr/bin/sudoreplay
host:~ user$ sudo openssl sha1 /usr/bin/sudo*
SHA1(/usr/bin/sudo)= 87d9ad990813b5a949d07267d566bb3a1fddeec0
SHA1(/usr/bin/sudo.backup)= 088c317bf7b8a146803533173699021b9aef5b16
SHA1(/usr/bin/sudoedit)= 87d9ad990813b5a949d07267d566bb3a1fddeec0
SHA1(/usr/bin/sudoreplay)= f76c5ad8d6f2aebbc24d77fee54a54ba9d207e25

Last login: Wed Oct 19 02:09:33 on console
host:~ user$ sudo ifconfig
Password:
Do you think like you type?
Password:
He has fallen in the water!
Password:
I don't wish to know that.
sudo: 3 incorrect password attempts

The files may be overwritten after a system update/upgrade!

Recompiling sudo with insults also works in older systems - you have to choose the respective tarball though (e.g. sudo-73.tar.gz should work with 10.9 and 10.10).

By modifying the ins_*.h in the src folder you should be able to include more insults. You can also add additional ins_*.h files but then you have to include them in insults.h like the other four already are. You may also include non-english insults of course!

Related Solutions

MacOS – Lion Terminal remembers sudo password after quitting

This is normal, and an inherent consequence of the way sudo handles its 5-minute don't-need-to-reauthenticate window. When you authenticate to sudo, it records your account as having authenticated. Because the authentication is tied to your account (not a Terminal session or something like that), it's still valid if you quit & reopen Terminal, log out & back in, or even switch to a different session type (e.g. console login vs. SSH session vs. cron job running as your user ID, etc). I'm not certain offhand if it survives a reboot -- if not, it's because there's a step in the system startup process that wipes the timestamp files.

BTW, you can clear your own timestamp file with sudo -K.

MacOS – How to terminate the running sudo command that always reopens

First of all, there are a number of commands you can try to break out of whatever weird shell state you're in. Ctrl+C, Ctrl+Z, and Ctrl+\ may exit the sudo command, and Ctrl+D would exit the 'tee.' Assuming the command is not running as your controlling shell (which it probably isn't, judging by how not entering your password gives you a shell), one of those will likely get you back to your actual shell (e.g. bash). Then you should look at the following files to see what's putting you in that state:

/etc/profile
.bashrc
.login
.bash_profile
.profile

You can also edit those files from any OSX text editor (rather than having to get into a shell to do it), although it's a bit tricky - from the "file open" dialog, press Cmd+Shift+G and then type the full path to it (i.e. /etc/profile or /Users/username/.bashrc).

It's also possible that your login shell itself may have been changed in some way. In that case, you need to go to the Users & Groups system preferences, then ctrl-click on your username, then select "Advanced Options." Ensure that the "login shell" dropdown reads /bin/bash.

Best Answer

Related Solutions

MacOS – Lion Terminal remembers sudo password after quitting

MacOS – How to terminate the running sudo command that always reopens

Related Question