How do I install sudo insults on Mac?
To install a sudo with insults you have to compile it yourself:
Requirements: Xcode 8.0, Sierra 10.12, probably SIP disabled
-
Backup sudo and visudo:
sudo cp /usr/bin/sudo /usr/bin/sudo.backup sudo cp /usr/sbin/visudo /usr/sbin/visudo.backup - Create a dir:
mkdir sudo - Change to the directory:
cd sudo -
Curl the Apple open source sudo:
curl https://opensource.apple.com/tarballs/sudo/sudo-83.tar.gz | tar zxf - -
cd to the source folder:
cd sudo-83/src -
configure, make and make install it:
./configure --with-password-timeout=0 --disable-setreuid --with-env-editor --with-pam --with-libraries=bsm --with-noexec=no --sysconfdir="/private/etc" --with-timedir="/var/db/sudo" --with-all-insults make sudo make installThe file sudo-83/src/INSTALL contains a lot more tweak options for the configure command!
-
The files may be installed to /usr/local/bin/ and /usr/local/sbin/ so you may have to move them (in my case I had to):
sudo mv /usr/local/sbin/visudo /usr/sbin/visudo sudo rm /usr/local/bin/sudoedit sudo mv /usr/local/bin/sudoreplay /usr/bin/ sudo mv /usr/local/bin/sudo /usr/bin/sudo /usr/bin/sudo ln -s /usr/bin/sudo /usr/bin/sudoeditor modify your path and prepend /usr/local/bin and /usr/local/sbin.
Enter
/usr/bin/sudo /usr/sbin/visudo-
Add the line in insert mode (simply hit i)
Defaults lecture_file = "/etc/sudo_lecture" #<-already there Defaults insultsSave the file after hitting esc with
:wq!. - Probably you have to quit and relaunch Terminal now.
Results:
host:~ user$ ls -l /usr/bin/sudo*
-rwsr-xr-x 1 root wheel restricted 225428 Oct 19 02:01 /usr/bin/sudo
-r-x--x--x 1 root wheel restricted 369136 Oct 19 02:00 /usr/bin/sudo.backup
lrwxr-xr-x 1 root wheel restricted 13 Oct 19 02:03 /usr/bin/sudoedit -> /usr/bin/sudo
-rwxr-xr-x 1 root wheel restricted 49544 Oct 19 02:01 /usr/bin/sudoreplay
host:~ user$ sudo openssl sha1 /usr/bin/sudo*
SHA1(/usr/bin/sudo)= 87d9ad990813b5a949d07267d566bb3a1fddeec0
SHA1(/usr/bin/sudo.backup)= 088c317bf7b8a146803533173699021b9aef5b16
SHA1(/usr/bin/sudoedit)= 87d9ad990813b5a949d07267d566bb3a1fddeec0
SHA1(/usr/bin/sudoreplay)= f76c5ad8d6f2aebbc24d77fee54a54ba9d207e25
Last login: Wed Oct 19 02:09:33 on console
host:~ user$ sudo ifconfig
Password:
Do you think like you type?
Password:
He has fallen in the water!
Password:
I don't wish to know that.
sudo: 3 incorrect password attempts
The files may be overwritten after a system update/upgrade!
Recompiling sudo with insults also works in older systems - you have to choose the respective tarball though (e.g. sudo-73.tar.gz should work with 10.9 and 10.10).
By modifying the ins_*.h in the src folder you should be able to include more insults. You can also add additional ins_*.h files but then you have to include them in insults.h like the other four already are. You may also include non-english insults of course!