Can you get a list of sudoers without supplying a password?

This script will get the users in the admin group:

set admin_users to (do shell script "/usr/bin/niutil -readprop . /groups/admin users")

tell (a reference to AppleScript's text item delimiters)
	set {old_atid, contents} to {contents, " "}
	set {admin_users, contents} to {text items of admin_users, old_atid}
end tell

return admin_users

And this will get the sudoers from the sudoers file:

set sudoers_all to paragraphs of (do shell script "cat /etc/sudoers" with administrator privileges)

set sudoers to {}
repeat with this_para in sudoers_all
	set this_para to (contents of this_para)
	try
		if ((character 1 of this_para) is not in {"#", "%", "+"}) then set end of sudoers to word 1 of this_para
	end try
end repeat

return sudoers

Is there a way to get the sudoers using niutil without having to enter a password?

Jon

niutil -read . /groups/admin

Um, thanks, but that just returns the members of the admin group and is essentially the same as the first code I posted above.

If you run the second code, you’ll see the sudoers file is different. If you haven’t modified it, it will include root and then the entire admin group (not the individual users, just the group and the second bit of code will not return groups, just enumerated users). It is possible for an admin to modify the sudoers file to add a user to the sudoers file who is not a member of the admin group. I’m looking to get the list of users from the sudoers file (“/etc/sudoers”), not the list of members of the admin group.

Jon