I sometimes believe that this kind of sudo touch approval is a scam. Quite often when I update some app that comes with an installer (like nextcloud or Edge browser), I am offered to approve the installation / update via touch ID, but it almost never works, but instead I have to type in the admin account and password. So I wonder why they even offer this option, when it has no effect?!
This is great, but I’ve not run sudo on a Mac for daily DevOps duties for at least five years now. If sudo is part of your workflow, question your workflow.
I’m genuinely curious, what on a Mac do you routinely use root for? We use Jamf for device management, while I appreciate the scripts it runs almost certainly have superpowers, none of our end users do. Homebrew allows for full package management for CLI utilities without admin rights and Installomator handles GUI applications.
I use sudo on my Mac almost daily to edit my /etc/hosts file. My employer is a big user of Akamai, and this is the standard way of testing configuration changes on Akamai’s staging network prior to deploying them in production.
This is how we ensure that a seemingly trivial change, not to mention incredibly complex ones, don’t result in doing something like knocking an entire website offline.
