sudo used when not required resulting in an error for non-admin users

[davidbpirie]

When running dockutil 3.0.2 on macOS 12.4 as a non-admin user with --add or --remove, an error of:

<username> is not in the sudoers file. This incident will be reported.

To aid in troubleshooting, adding a relatively-harmless temporary sudoers entry of:

<username> ALL=() NOPASSWD: /bin/ls

and then re-running dockutil as <username> provides greater insight:

Sorry, user <username> is not allowed to execute '/usr/bin/defaults import /Users/<username>/Library/Preferences/com.apple.dock.plist -' as <username> on <hostname>.local.

My conclusion is that sudo is being used when not required ie when a user is trying to edit their own com.apple.dock.plist file.

As a temporary work-around, adding a sudoers file eg /private/etc/sudoers.d/dockutil as:

ALL ALL=() NOPASSWD: /usr/bin/defaults

allows dockutil to operate as expected, however I believe this work-around should not be required.

[kylejericson]

You can run this command to fix this. echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee "/private/etc/sudoers.d/dockutil"

[kylejericson]

Could we get this issue fixed the workaround is not a good thing to do. @kcrawford

[mvught]

Use a script to do this admin is not needed

[kcrawford]

This should be fixed in 3.1.1. Please test and confirm here if you can. Thanks for reporting the issue.