diff --git a/README.md b/README.md
index c5392e9..095958a 100644
--- a/README.md
+++ b/README.md
@@ -1,15 +1,14 @@
-
+
+
+# sudo-touchid
-
+[![Downloads](https://img.shields.io/github/downloads/artginzburg/sudo-touchid/total?color=teal)](https://github.com/artginzburg/sudo-touchid/releases)
+[![Donate](https://img.shields.io/badge/buy%20me%20a%20coffee-donate-white)](https://github.com/artginzburg/sudo-touchid?sponsor=1)
-### sudo-touchid
+
Permanent [**TouchID**](https://support.apple.com/en-gb/guide/mac-help/mchl16fbf90a/mac) support for `sudo`
-
-![Preview](res/preview.png)
-
Just type git.io/sudotouchid
to go here.
-
## Try it out
without installing
@@ -18,19 +17,30 @@ Permanent [**TouchID**](https://support.apple.com/en-gb/guide/mac-help/mchl16fbf
curl -sL git.io/sudo-touch-id | sh
```
-> Now entering sudo mode is easier than ever, just like on GitHub โ with TouchID in Terminal or whatever you're on.
Don't worry, you can also [reverse](#reverse-without-installation) it without installing
+Now sudo is great, just like Safari โ with your fingerprint in Terminal or whatever you're on.
-### Why?
+>
Don't worry, you can also [reverse](#usage) it without installing
-Productivity ยท reliability โ macOS _updates_ do _reset_ `/etc/pam.d/sudo`, so previously users had to _manually_ edit the file after each upgrade.
+
-This tool was born to automate the process, allowing for TouchID sudo auth to be **quickly enabled** on a new/clean system.
+
Result:
-
+
-## Install
+
Just type git.io/sudotouchid
to go here.
-### Via [๐บ Homebrew](https://brew.sh/)
+
+
+## Features
+
+- Fast
+- Reliable
+- Written in Bash โ no dependencies!
+- Include it to your automated system build โ always working, always up to date with major macOS upgrades!
+
+## Install
+
+### Via [๐บ Homebrew](https://brew.sh/) (Recommended)
```powershell
brew install artginzburg/tap/sudo-touchid
@@ -45,11 +55,55 @@ sudo brew services start sudo-touchid
curl -sL git.io/sudo-touchid | sh
```
-> Performs automated "manual" installation. But `brew install` is still the recommended way.
+> Performs automated "manual" installation.
+
+## Usage
+
+```ps1
+sudo-touchid [options]
+ # Running without options adds TouchID parameter to sudo configuration
+ [-v, --version] # Output installed version
+ # Commands:
+ [-d, --disable] # Removes TouchID from sudo config
+```
+
+if not installed, can be used via `curl`
+
+```ps1
+sh <( curl -sL git.io/sudo-touch-id ) [options]
+ # Reliability โ check :)
+ [-d, --disable] # Removes TouchID from sudo config
+```
-## What does it do?
+### Why?
+
+1. Productivity
+
+ macOS _updates_ do _reset_ `/etc/pam.d/sudo`, so previously users had to _manually_ edit the file after each upgrade.
+
+ > This tool was born to automate the process, allowing for TouchID sudo auth to be **quickly enabled** on a new/clean system.
+
+2. Spreading the technology.
+
+ I bet half of you didn't know.
+
+ > It was there for a long time.
+
+3. Lightness
+
+ The script is small, doesn't need any builds, doesn't need XCode.
+
+ ##### Code size comparison โ previously favoured solution VS. the one you're currently reading:
+
+ [![](https://img.shields.io/github/languages/code-size/mattrajca/sudo-touchid?color=brown&label=mattrajca/sudo-touchid%20โ%20code%20size)](https://github.com/mattrajca/sudo-touchid)
+
+ ![](https://img.shields.io/github/languages/code-size/artginzburg/sudo-touchid?color=teal&label=artginzburg/sudo-touchid%20โ%20code%20size)
+
+
+
+## How does it work?
#### `sudo-touchid.sh` โ the script:
@@ -57,7 +111,7 @@ curl -sL git.io/sudo-touchid | sh
- Creates a backup file named `sudo.bak`.
-- Has a `--disable` (`-D`) option that performs the opposite of the steps above.
+- Has a `--disable` (`-d`) option that performs the opposite of the steps above.
Non-Homebrew files:
@@ -87,38 +141,16 @@ curl -sL git.io/sudo-touchid | sh
-### Why this?
-
-Fast ยท [Reversible](#reverse-without-installation) ยท Reliable
-
-> Unlike other solutions, this can be included to your automated system build with `brew install artginzburg/tap/sudo-touchid && sudo brew services start sudo-touchid`. Always working, always up to date with major macOS upgrades!
-
-Also, the script is small, doesn't need any builds, doesn't need XCode.
-
-Take a look at code size comparison of the previously favoured solution to the one you're currently reading:
+## Contributing
-[![](https://img.shields.io/github/languages/code-size/mattrajca/sudo-touchid?color=critical&label=mattrajca/sudo-touchid%20code%20size)](https://github.com/mattrajca/sudo-touchid)
-![](https://img.shields.io/github/languages/code-size/artginzburg/sudo-touchid?color=success&label=artginzburg/sudo-touchid%20code%20size)
-
-that is about 6718 times difference.
-
-
-
-### Reverse without installation
+##### [PRs](https://github.com/artginzburg/sudo-touchid/pulls) and [Issues](https://github.com/artginzburg/sudo-touchid/issues/new/choose) are much welcome!
-```ps1
-sh <( curl -sL git.io/sudo-touch-id ) -D
-```
+If you don't like something โ change it or inform the ones willing to help.
-### Contributing
-
-##### [PRs](https://github.com/artginzburg/sudo-touchid/pulls) and [Issues](https://github.com/artginzburg/sudo-touchid/issues/new/choose) are much welcome!
-If you don't like something โ change it or inform the ones willing to help.
-
-### Related
+## Related
-#### Disabling password prompt for `sudo`
+### Disabling password prompt for `sudo`
- Change `%admin ALL=(ALL) ALL` to `%admin ALL=(ALL) NOPASSWD: ALL` in `/etc/sudoers`
diff --git a/sudo-touchid.sh b/sudo-touchid.sh
index 83fa426..aab5659 100755
--- a/sudo-touchid.sh
+++ b/sudo-touchid.sh
@@ -1,45 +1,102 @@
-#!/bin/sh
+#!/bin/bash
-VERSION=0.2
+VERSION=0.3
+readable_name='[TouchID for sudo]'
+backup_ext='.bak'
-sudo_touchid_disable() {
- local touch_pam='auth sufficient pam_tid.so'
- local sudo_path='/etc/pam.d/sudo'
+touch_pam='auth sufficient pam_tid.so'
+sudo_path='/etc/pam.d/sudo'
- if grep -e "^$touch_pam$" "$sudo_path" &> /dev/null; then
- echo "The following will be your $sudo_path after disabling:\n"
- grep -v "^$touch_pam$" "$sudo_path"
- echo
- read -p "Are you sure? [y] to confirm " -n 1 -r
+# Source: https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh
+getc() {
+ local save_state
+ save_state="$(/bin/stty -g)"
+ /bin/stty raw -echo
+ IFS='' read -r -n 1 -d '' "$@"
+ /bin/stty "${save_state}"
+}
+wait_for_user() {
+ local c
+ echo
+ echo "Press RETURN to continue or any other key to abort"
+ getc c
+ # we test for \r and \n because some stuff does \r instead
+ if ! [[ "${c}" == $'\r' || "${c}" == $'\n' ]]; then
+ exit 1
+ fi
+}
+# Source end.
+
+display_backup_info() {
+ echo "Created a backup file at $sudo_path$backup_ext"
+ echo
+}
+
+display_sudo_without_touch_pam() {
+ grep -v "^$touch_pam$" "$sudo_path"
+}
+
+touch_pam_at_sudo_path_check_exists() {
+ grep -q -e "^$touch_pam$" "$sudo_path"
+}
+
+touch_pam_at_sudo_path_insert() {
+ sudo sed -E -i "$backup_ext" "1s/^(#.*)$/\1\n$touch_pam/" "$sudo_path"
+}
+
+touch_pam_at_sudo_path_remove() {
+ sudo sed -i "$backup_ext" -e "/^$touch_pam$/d" "$sudo_path"
+}
+
+sudo_touchid_disable() {
+ if touch_pam_at_sudo_path_check_exists; then
+ echo "The following will be your $sudo_path after disabling:"
echo
- if [[ $REPLY =~ ^[Yy]$ ]]; then
- sudo sed -i '.bak' -e "/^$touch_pam$/d" "$sudo_path"
+ display_sudo_without_touch_pam
+ wait_for_user
+ if touch_pam_at_sudo_path_remove; then
+ display_backup_info
+ echo "$readable_name has been disabled."
+ else
+ echo "$readable_name failed to disable"
fi
- else
- echo "TouchID for sudo seems not to be enabled"
+ else
+ echo "$readable_name seems to be already disabled"
fi
}
-sudo_touchid() {
- local touch_pam='auth sufficient pam_tid.so'
- local sudo_path='/etc/pam.d/sudo'
+sudo_touchid_enable() {
+ if touch_pam_at_sudo_path_check_exists; then
+ echo "$readable_name seems to be enabled already"
+ else
+ if touch_pam_at_sudo_path_insert; then
+ display_backup_info
+ echo "$readable_name enabled successfully."
+ else
+ echo "$readable_name failed to execute"
+ fi
+ fi
+}
+sudo_touchid() {
for opt in "${@}"; do
case "$opt" in
- -V|--version)
- echo "$VERSION"
- return 0
+ -v | --version)
+ echo "v$VERSION"
+ return 0
;;
- -D|--disable)
- sudo_touchid_disable
- return 0
+ -d | --disable)
+ sudo_touchid_disable
+ return 0
+ ;;
+ *)
+ echo "$readable_name Unknown option: $opt"
+ return 0
;;
esac
done
- grep -e "^$touch_pam$" "$sudo_path" &> /dev/null
- if [ $? -ne 0 ]; then
- sudo sed -E -i '.bak' "1s/^(#.*)$/\1\n$touch_pam/" "$sudo_path"
- fi
+ sudo_touchid_enable
}
+
sudo_touchid "${@}"