Boot into a Boot Camp partition as a user without administrator privileges
By Morgan Rowe | 29 Aug 2013
During April 2006, Apple introduced a new piece of software called Boot Camp. The software guides you through the process of downloading drivers, creating a Boot Camp driver installer, partitioning the disk, and booting you into the Windows installer. Once Windows had been installed, there're a few ways to boot between operating systems. The most convenient, in my opinion, is holding down the option key as your Mac turns on, and choosing which operating system to boot into.
However, if you're trying to boot into a Boot Camp partition as a user you may have a problem. Assuming you want your users to boot from OSX to Windows, without pestering you for an administrator password, you may want to consider using this method. It requires a little bit of work to mass deploy the necessary files, but it's certainly worth it as it gives the users a simple way of booting into Windows when they're logged in, and it still allows you to set a firmware password.
This guide assumes you've dual booted your Macs with OSX Mountain Lion and Windows 7. We'll be using AppleScript Editor and Terminal, which are both located within /Applications/Utilities.
We'll create an application that will give our users the option of booting into Windows, and then we'll be editing our sudoers file to allow the application to run without being prompted for a password.
Create the application
We'll be using a modified version of Randy Walker's AppleScript code, thanks Randy! Open AppleScript Editor and copy and paste the following code into the editor:
tell application "Finder"
set iconPath to (get name of startup disk) & ":Applications:Utilities:Boot Camp Assistant.app:Contents:Resources:DA.icns" as alias
end tell
set askRestart to display dialog "Are you sure you want to boot into Windows?" buttons {"Cancel", "Restart"} default button 1 with icon iconPath
set doRestart to button returned of askRestart
if doRestart is equal to "Cancel" then
quit
end if
if doRestart is equal to "Restart" then
do shell script "sudo bless -mount /Volumes/BOOTCAMP/ -legacy -setBoot -nextonly;sudo shutdown -r now"
end ifThe script basically starts by fetching a nice icon for the dialog box. It continues by creating a message, buttons, and declaring a variable that will store the result of which ever button the user clicks on. At the end, two if statements are created to determine what the application does when buttons are clicked. If the "Cancel" button is chosen, the application quits, and if the "Restart" button is chosen, it boots the user into the Boot Camp partition.
To ensure the application works, click on the "Run" button in the toolbar to see if any errors are produced. If there are none you should see a nice dialog box. Click on the Cancel button to get back to the editor. If you want to test the "Restart" button make sure you've saved all your work before doing so.
Convert the script into an application
To export the script as an application, go to File > Export. Name the application "Boot into Windows". This will allow us to easily change the icon later. You can rename it at the end of the guide. Further down, there are some additional options. Choose "Application" from the drop down menu and enable the "Run-only" option. Save the application to the Applications folder.
Add an icon to the application
Seeing as we haven't used Terminal yet, let's use it to give our application a nice icon. We'll be using the Boot Camp Assistant's icon as it has the Windows logo on it, which should help our users understand what it does.
Make sure your application is called "Boot into Windows" - all applications have a hidden, by default, ".app" extension to them, so there's no need to manually name it "Boot into Windows.app". Also make sure it's located in the Applications folder. If it is, enter the following command into Terminal.
cp /Applications/Utilities/Boot\ Camp\ Assistant.app/Contents/Resources/DA.icns /Applications/Boot\ Into\ Windows.app/Contents/Resources/;rm /Applications/Boot\ Into\ Windows.app/Contents/Resources/applet.icns;mv /Applications/Boot\ Into\ Windows.app/Contents/Resources/DA.icns /Applications/Boot\ Into\ Windows.app/Contents/Resources/applet.icns
The command basically replaces the Boot Into Windows application's icon with the one from Boot Camp Assistant. I noticed whilst testing this that icon didn't update in my Applications folder until I logged out and back in, so you may have to do the same.
Editing sudoers
Before going on, I should mention that you must be careful when editing this file. Any mistakes at all may result in rendering your computer useless. We'll be using visudo as it performs syntax checking before exiting.
Open Terminal and type the following command followed by enter. You'll be required to authenticate.
sudo visudo
Using the arrow keys, navigate down to the "User privilege specification" section. Under the "%admin ALL=(ALL) ALL", create a new line and type the following. Note that there's a tab after the first "ALL".
ALL ALL=NOPASSWD: /sbin/shutdown,/sbin/reboot,/usr/sbin/bless
If you think you've made a mistake, press esc. You'll be taken out of editing mode. This allows you to give the editor commands. The command to exit without saving is ":q!".
To save and exit, or write and quit, press esc, followed by ":wq".
Type the following command into Terminal followed by return. After doing so, it'll be safe to quit Terminal.
exit
Conclusion
You should now be able to run the application we created as a user without being prompted for an administrator password. I've only tested the application on Mountain Lion, but I'm confident it'll work on Lion as well. Not sure about earlier operating systems, though.