Merge pull request #2 from artginzburg/develop

Develop

README.md

@@ -1,15 +1,14 @@
-<div align="center">
+<img height="128" src="res/icon.png" alt="Icon" align="left" />
+
+# sudo-touchid
 
-<img height="80" src="res/icon.png" />
+[![Downloads](https://img.shields.io/github/downloads/artginzburg/sudo-touchid/total?color=teal)](https://github.com/artginzburg/sudo-touchid/releases)
+[![Donate](https://img.shields.io/badge/buy%20me%20a%20coffee-donate-white)](https://github.com/artginzburg/sudo-touchid?sponsor=1)
 
-### sudo-touchid
+<div align="right">
 
 Permanent [**TouchID**](https://support.apple.com/en-gb/guide/mac-help/mchl16fbf90a/mac) support for `sudo`
-
-![Preview](res/preview.png)
 
-<sub>Just type <a href="https://git.io/sudotouchid"><code>git.io/sudotouchid</code></a> to go here.</sub>
-
 </div>
 
 ## Try it out <sub> &nbsp; <sup> &nbsp; without installing</sup></sub>
@@ -18,19 +17,30 @@ Permanent [**TouchID**](https://support.apple.com/en-gb/guide/mac-help/mchl16fbf
 curl -sL git.io/sudo-touch-id | sh
 ```
 
-> Now entering sudo mode is easier than ever, just like on GitHub — with TouchID in Terminal or whatever you're on. <sup>Don't worry, you can also [reverse](#reverse-without-installation) it without installing</sup>
+Now sudo is great, just like Safari — with your fingerprint in Terminal or whatever you're on.
 
-### Why?
+> <sup>Don't worry, you can also [reverse](#usage) it without installing</sup>
 
-Productivity · reliability — macOS _updates_ do _reset_ `/etc/pam.d/sudo`, so previously users had to _manually_ edit the file after each upgrade.
+<div align="center">
 
-This tool was born to automate the process, allowing for TouchID sudo auth to be **quickly enabled** on a new/clean system.
+<sub><sub>Result:</sub></sub>
 
-<br />
+<img alt="Preview" src="./res/preview.png" width="500vmin" />
 
-## Install <a href="https://github.com/artginzburg/sudo-touchid/releases"><img align="right" src="https://img.shields.io/github/downloads/artginzburg/sudo-touchid/total?color=teal" /></a>
+<sub>Just type <a href="https://git.io/sudotouchid"><code>git.io/sudotouchid</code></a> to go here.</sub>
 
-### Via [🍺 Homebrew](https://brew.sh/)
+</div>
+
+## Features
+
+- Fast
+- Reliable
+- Written in Bash — no dependencies!
+- Include it to your automated system build — always working, always up to date with major macOS upgrades!
+
+## Install
+
+### Via [🍺 Homebrew](https://brew.sh/) (Recommended)
 
 ```powershell
 brew install artginzburg/tap/sudo-touchid
@@ -45,19 +55,63 @@ sudo brew services start sudo-touchid
 curl -sL git.io/sudo-touchid | sh
 ```
 
-> Performs automated "manual" installation. But `brew install` is still the recommended way.
+> Performs automated "manual" installation.
+
+## Usage
+
+```ps1
+sudo-touchid [options]
+           # Running without options adds TouchID parameter to sudo configuration
+             [-v,  --version]   # Output installed version
+           # Commands:
+             [-d,  --disable]   # Removes TouchID from sudo config
+```
+
+if not installed, can be used via `curl`
+
+```ps1
+sh <( curl -sL git.io/sudo-touch-id ) [options]
+                                    # Reliability — check :)
+                                      [-d,  --disable]   # Removes TouchID from sudo config
+```
 
 <br />
 
-## What does it do?
+### Why?
+
+1. Productivity
+
+   macOS _updates_ do _reset_ `/etc/pam.d/sudo`, so previously users had to _manually_ edit the file after each upgrade.
+
+   > This tool was born to automate the process, allowing for TouchID sudo auth to be **quickly enabled** on a new/clean system.
+
+2. Spreading the technology.
+
+   I bet half of you didn't know.
+
+   > It was there for a long time.
+
+3. Lightness
+
+   The script is small, doesn't need any builds, doesn't need XCode.
+
+   ##### Code size comparison — previously favoured solution VS. the one you're currently reading:
+
+   [![](https://img.shields.io/github/languages/code-size/mattrajca/sudo-touchid?color=brown&label=mattrajca/sudo-touchid%20—%20code%20size)](https://github.com/mattrajca/sudo-touchid)
+
+   ![](https://img.shields.io/github/languages/code-size/artginzburg/sudo-touchid?color=teal&label=artginzburg/sudo-touchid%20—%20code%20size)
+
+<br />
+
+## How does it work?
 
 #### `sudo-touchid.sh` — the script:
 
 - Adds `auth sufficient pam_tid.so` to the top of `/etc/pam.d/sudo` file <sup>following [@cabel's advice](https://twitter.com/cabel/status/931292107372838912)</sup>
 
 - Creates a backup file named `sudo.bak`.
 
-- Has a `--disable` (`-D`) option that performs the opposite of the steps above.
+- Has a `--disable` (`-d`) option that performs the opposite of the steps above.
 
 <details>
   <summary align="right"><sub>Non-Homebrew files:</sub></summary>
@@ -87,38 +141,16 @@ curl -sL git.io/sudo-touchid | sh
 
 <br />
 
-### Why this?
-
-Fast · [Reversible](#reverse-without-installation) · Reliable
-
-> Unlike other solutions, this can be included to your automated system build with `brew install artginzburg/tap/sudo-touchid && sudo brew services start sudo-touchid`. Always working, always up to date with major macOS upgrades!
-
-Also, the script is small, doesn't need any builds, doesn't need XCode.
-
-Take a look at code size comparison of the previously favoured solution to the one you're currently reading:
+## Contributing
 
-[![](https://img.shields.io/github/languages/code-size/mattrajca/sudo-touchid?color=critical&label=mattrajca/sudo-touchid%20code%20size)](https://github.com/mattrajca/sudo-touchid)
-![](https://img.shields.io/github/languages/code-size/artginzburg/sudo-touchid?color=success&label=artginzburg/sudo-touchid%20code%20size)
-
-that is about 6718 times difference.
-
-<br />
-
-### Reverse without installation
+##### [PRs](https://github.com/artginzburg/sudo-touchid/pulls) and [Issues](https://github.com/artginzburg/sudo-touchid/issues/new/choose) are much welcome!
 
-```ps1
-sh <( curl -sL git.io/sudo-touch-id ) -D
-```
+If you don't like something — change it or inform the ones willing to help.
 
 <br />
 
-### Contributing
-
-##### [PRs](https://github.com/artginzburg/sudo-touchid/pulls) and [Issues](https://github.com/artginzburg/sudo-touchid/issues/new/choose) are much welcome!
-If you don't like something — change it or inform the ones willing to help.
-
-### Related
+## Related
 
-#### Disabling password prompt for `sudo`
+### Disabling password prompt for `sudo`
 
 - Change `%admin ALL=(ALL) ALL` to `%admin ALL=(ALL) NOPASSWD: ALL` in `/etc/sudoers`

sudo-touchid.sh

@@ -1,45 +1,102 @@
-#!/bin/sh
+#!/bin/bash
 
-VERSION=0.2
+VERSION=0.3
+readable_name='[TouchID for sudo]'
+backup_ext='.bak'
 
-sudo_touchid_disable() {
-  local touch_pam='auth       sufficient     pam_tid.so'
-  local sudo_path='/etc/pam.d/sudo'
+touch_pam='auth       sufficient     pam_tid.so'
+sudo_path='/etc/pam.d/sudo'
 
-  if grep -e "^$touch_pam$" "$sudo_path" &> /dev/null; then
-    echo "The following will be your $sudo_path after disabling:\n"
-    grep -v "^$touch_pam$" "$sudo_path"
-    echo
-    read -p "Are you sure? [y] to confirm " -n 1 -r
+# Source: https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh
+getc() {
+  local save_state
+  save_state="$(/bin/stty -g)"
+  /bin/stty raw -echo
+  IFS='' read -r -n 1 -d '' "$@"
+  /bin/stty "${save_state}"
+}
+wait_for_user() {
+  local c
+  echo
+  echo "Press RETURN to continue or any other key to abort"
+  getc c
+  # we test for \r and \n because some stuff does \r instead
+  if ! [[ "${c}" == $'\r' || "${c}" == $'\n' ]]; then
+    exit 1
+  fi
+}
+# Source end.
+
+display_backup_info() {
+  echo "Created a backup file at $sudo_path$backup_ext"
+  echo
+}
+
+display_sudo_without_touch_pam() {
+  grep -v "^$touch_pam$" "$sudo_path"
+}
+
+touch_pam_at_sudo_path_check_exists() {
+  grep -q -e "^$touch_pam$" "$sudo_path"
+}
+
+touch_pam_at_sudo_path_insert() {
+  sudo sed -E -i "$backup_ext" "1s/^(#.*)$/\1\n$touch_pam/" "$sudo_path"
+}
+
+touch_pam_at_sudo_path_remove() {
+  sudo sed -i "$backup_ext" -e "/^$touch_pam$/d" "$sudo_path"
+}
+
+sudo_touchid_disable() {
+  if touch_pam_at_sudo_path_check_exists; then
+    echo "The following will be your $sudo_path after disabling:"
     echo
-    if [[ $REPLY =~ ^[Yy]$ ]]; then
-      sudo sed -i '.bak' -e "/^$touch_pam$/d" "$sudo_path"
+    display_sudo_without_touch_pam
+    wait_for_user
+    if touch_pam_at_sudo_path_remove; then
+      display_backup_info
+      echo "$readable_name has been disabled."
+    else
+      echo "$readable_name failed to disable"
     fi
-  else 
-    echo "TouchID for sudo seems not to be enabled"
+  else
+    echo "$readable_name seems to be already disabled"
   fi
 }
 
-sudo_touchid() {
-  local touch_pam='auth       sufficient     pam_tid.so'
-  local sudo_path='/etc/pam.d/sudo'
+sudo_touchid_enable() {
+  if touch_pam_at_sudo_path_check_exists; then
+    echo "$readable_name seems to be enabled already"
+  else
+    if touch_pam_at_sudo_path_insert; then
+      display_backup_info
+      echo "$readable_name enabled successfully."
+    else
+      echo "$readable_name failed to execute"
+    fi
+  fi
+}
 
+sudo_touchid() {
   for opt in "${@}"; do
     case "$opt" in
-      -V|--version)
-        echo "$VERSION"
-        return 0
+    -v | --version)
+      echo "v$VERSION"
+      return 0
       ;;
-      -D|--disable)
-        sudo_touchid_disable
-        return 0
+    -d | --disable)
+      sudo_touchid_disable
+      return 0
+      ;;
+    *)
+      echo "$readable_name Unknown option: $opt"
+      return 0
       ;;
     esac
   done
 
-  grep -e "^$touch_pam$" "$sudo_path" &> /dev/null
-  if [ $? -ne 0 ]; then
-    sudo sed -E -i '.bak' "1s/^(#.*)$/\1\n$touch_pam/" "$sudo_path"
-  fi
+  sudo_touchid_enable
 }
+
 sudo_touchid "${@}"