hdiutil Requires sudo for Read/Write

Another unwelcome surprise from Apple: in some recent OS X update (I don’t know exactly which one as I ran into the problem this morning) they changed how hdiutil behaves when mounting sparsebundles in read/write mode (it is used in my build scripts as a step toward generating the final setup DMG): it now requires sudo-ing when you use the -readwrite flag.

The problem is that sudo by default prompts for a password and silently fails when used from a script. The solution is to remove that password requirement. This is carried out by adding a line to the /etc/sudoers file:

%admin ALL=(ALL) NOPASSWD: /usr/bin/hdiutil

This innocent one-line edit requires lots of command-line gymnastics, however. Permissions on the sudoers file is 440 by default, and the sudo command fails to work with anything other that that.

So you have to boot your Mac in single user mode to do the edit (by holding down Command+S at startup). Then you have to mount the root file system in read-write mode and change the permissions on the file:

mount -o update /
cd /etc
chmod 640 sudoers
vim sudoers

Add the line to the end of the file, save it and restore the file’s permissions:

chmod 440 sudoers

You can now reboot, and sudo hdiutil will not ask for a password any more! So it can be safely used from within build scripts.

This site is made possible by the people downloading my apps - thank you all! I neither beg you to purchase goods through my site nor display advertisements, but if you find my writings useful or entertaining, I would encourage you to check out my tools that may make your life as a photographer or cinematographer easier and more productive.


  1. Franklin Abodo says:

    For the benefit of yourself and any knowledge-seeking visitors, FYI: https://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man8/visudo.8.html

Speak Your Mind


Prove that you are human * Time limit is exhausted. Please reload CAPTCHA.