Pick of the Week - Nov 10 [Show all picks]
Path Finder 5 - A feature-laden Finder replacement
Submit Hint Search The Forums LinksStatsPollsFAQHeadlinesRSS
12,000 hints and counting!

Enabling the root password (three ways) UNIX
Sat, Mar 24 2001 at 9:58AM PST • Contributed by: robg
Strong Warning: You should only enable root if you really really need it, really know what it's for, and realize the security implications of enabling root! You can do everything you need to do with "su do", so root is really not needed ... with that said, here's how to enable it - please understand what you're doing and why before you do this!

The "root" user (also known as the superuser) is the most powerful UNIX account. The root account can do anything to any file or folder, anywhere on the system. For that reason, it's considered quite dangerous, and only needs to be used (occasionally) by advanced users.

Because of the dangers of operating as root, Apple has chosen to hide the root account in OS X Final. However, there are a number of ways to enable it. The easiest is to boot off the install CD, and look under the Install menu for the "Password Reset" option. You can use this to change your own password if you forget it, and to enable the root account. This utility will not run if you copy it to your hard drive! It only works when booting from the CD.

Read the rest if you'd like to know how to do this from within OS X, and skip the CD-based reboot.

The second easiest way to enable root is to start a terminal session, and type:
sudo passwd root
You will be prompted for a new password to enable root access. Many find this easier than rebooting, but since it involves the command line, newcomers may find it a bit more intimidating.

The hardest way to enable root is to use the Netinfo Manager application (in Applications/Utilities). Here's what you do, courtesy of "anonymous":

1) Open NetInfo Manager
2) Select "Users" from the second list.
3) Select a user you created andnd know the password for!
4) Double-click on the value across from "passwd" and copy it. It is the encoded form of the password for that user.
5) Select "root" from the list of users. Find the "passwd" value (default is "*") and paste over it.
6) Exit Netinfo Manager.
7) Open the Terminal and type "su root".
8) Enter the password for the user chosen above.
    •    
  • Currently 0.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (0 votes cast)  
[149,201 views]  

Hint Options


Enabling the root password (three ways) | 23 comments | Create New Account
Click here to return to the 'Enabling the root password (three ways)' hint
The following comments are owned by whomever posted them. This site is not responsible for what they say.
Additional NetInfo way
Authored by: President Gas on Thu, Mar 29 2001 at 1:23PM PST
There is an additional way to enable the root account (as well as disable it) in NetInfo Manager. Open the app, and select the Domain menu and then Security. Then select Authenticate. It will ask you for an administrator password. After that, you go back to the Domain menu and Security. From there, you can see that you can enable/disable root, or change the root password. This may be the longest way of all, but it is another option!

[ Reply to This | # ]
Additional NetInfo way
Authored by: kransta on Thu, Mar 28 2002 at 10:05PM PST
Hey, I opened a terminal windows with my main mac account typed sudo -s an I had root access, then i typed exit and took me back to the user. Does that guarantee i am not logged as root anymore?

Then I tried your tip by going to netinfo manager, security, authenticate, enable root access and assign a strong password to it, then I disabled root access and deauthenticated. Was that advisable or should I have left the password blank ? Apple advises that you assign a password to root, but it also says not to log in as root in the first place.

With all this confussion How do I really know I am mot logged in as root???

Another question, if somebody access you macosx box and logs in to your single account, they still can do the same damge as if they were logged in as root?

Sorry for the long post.

Thanks guys!

Kranta

[ Reply to This | # ]
enabling su
Authored by: ngb on Thu, Apr 12 2001 at 3:03PM PDT
It's possible to su to root without enabling the root password and without having to type sudo before every command you want executed as root.

type 'sudo su'

You'll be given full access as root until you type exit, rather than for just one command.

[ Reply to This | # ]
enabling su
Authored by: UmarOMC on Tue, Jun 26 2001 at 11:38AM PDT
There's also sudo tcsh which does pretty much the same thing, until you type exit.

[ Reply to This | # ]
enabling su
Authored by: ret on Mon, Oct 8 2001 at 2:15AM PDT
...or indeed 
sudo -s


[ Reply to This | # ]
enabling su
Authored by: clith on Thu, Nov 20 2003 at 2:39PM PST
.. or even "su -"

[ Reply to This | # ]
ROOT - ooh, I'm sooo scared.
Authored by: LonnieBear on Thu, Nov 29 2001 at 11:07PM PST
I honestly don't see what the big deal is about the "root" user. We've been working for over 15 years as the "root" user of our Macs. You can screw up things just as bad in OS 9 as you can by logging in as "root" in OS X. Has everyone forgotten this?

[ Reply to This | # ]
ROOT - ooh, I'm sooo scared.
Authored by: cgull on Thu, Jan 10 2002 at 10:52AM PST
LonnieBear, you're just displaying your vast array of ignorance regarding this manner. Ask any UNIX administrator if they run root all the time, they'll look at your funny and answer "damn no!".

Just two days ago, our administrator ACCIDENTALLY typed in rm /* AS ROOT! If you have more than 5 minutes of experience working in the shell, you'll realize that this is a VERY bad thing... if he WASN'T root, nothing drastic would have happened. On the other hand, he completely fried the machine. He had to reinstall the system (after of course we all made fun of him).

If you really want to be "macho" and wear your black leather pants and jacket with spiked wrist bands and run as root all the time, go right ahead, but your fate is set from that point on.





[ Reply to This | # ]
Boo!
Authored by: Timecode on Fri, Jan 18 2002 at 1:23PM PST
Your right, 15 years is a long time, but why even take the chance... Just create the other account!

e!

[ Reply to This | # ]
And how to disable it again?
Authored by: Mi And on Wed, Jan 2 2002 at 7:08PM PST
Dumb as I am :-) I enabled the root passwd because I didn't know I could have root privileges by using the SUDO command.

Is there a way to disable it again, sorta "back to the factory settings" without having to reinstall Mac OS X (i kinda hope) ?!

I am a little scared because it seems that the root password isn't shadowed as the regular user passwords. With all those daemons running within Mac OS X I kinda don't want to be vulnerable if it isn't needed.

[ Reply to This | # ]
And how to disable it again?
Authored by: eagle_eyes on Thu, Jan 3 2002 at 6:24PM PST
Fire up netinfo and go to the domain menu. Mouse down to security and a little popup will open to the right, one of the options should be to disable root.

[ Reply to This | # ]
Still not quite disabled?
Authored by: reu1000 on Sat, Jan 26 2002 at 10:09PM PST
I unfortunately did the same thing and followed the tip from eagle_eyes, but it still does not seem quite right. If I start up terminal and try to edit a file such as crontab in pico without typing sudo, it does nothing to stop me. Typing: "cd /private/etc", then "pico crontab" it goes directly into the editor. What can I do to fix this and protect me from my own stupidity?

[ Reply to This | # ]
Still not quite disabled?
Authored by: geohar on Mon, Feb 18 2002 at 10:35AM PST
I think you'll find that you won't be able to write out to /etc/crontab using ^o... try cd /var/cron. That you won't be able to do without root permissions

George

[ Reply to This | # ]
Enabling root password
Authored by: res on Fri, Jan 18 2002 at 4:58AM PST
Ehh... why not just boot from the OS X installer CD...?
When OS X is installed, you have an option (booting from the CD) to reset existing user passwords, including the 'System Administrator' = 'root' password !

Simple and safe... ,-)

[ Reply to This | # ]
Another way to enable root
Authored by: phildobbin on Sat, Feb 2 2002 at 6:05PM PST
This requires BBEdit. If you choose "Open Hidden" from the File menu in BBEdit, you can gain access to all the system files and the like. To edit them, you need to be logged in as root. When you open them via Open Hidden in BBEdit, you'll see a pencil icon with a line through it in the leftmost end of the status bar. If you click on the Pencil icon, you'll be prompted for your Admin. password and upon entering it, you can edit the chosen files with full root priveliges. Of course, if you save the changes you've altered whichever file you were working on, so be careful out there. (Thanks to John Gruber of Bare Bones Software for this tip).

[ Reply to This | # ]
quickest way
Authored by: brainer on Tue, Feb 19 2002 at 4:42AM PST
surely quickest is
[localhost:~] user% sudo -s Password: [localhost:~] root#
and to leave root
[localhost:~] root# exit exit [localhost:~] user%


[ Reply to This | # ]
Quickest Root
Authored by: mdean77 on Mon, Jun 10 2002 at 9:45PM PDT
sudo tcsh

When you exit from the root level you will return to your user level.

[ Reply to This | # ]
there's gotta be a way...
Authored by: jman on Mon, Jun 24 2002 at 12:19PM PDT
Does anybody know if there is a way to enable root privleges in the Finder without logging out and back in? I suppose it's nice and everything to have root priviliges in Terminal, but it'd be nice to use the finder with root privileges.....

[ Reply to This | # ]
there's gotta be a way...
Authored by: wkunz on Tue, Jul 30 2002 at 6:18AM PDT
A legitimate question. It took me a long time to find out that only the root user can arrange the icons in the top folder (and some others) permanently. Since I learnt that you can alternatively delete the invisible file ".Ds_Store" in the directory representing the folder, using the Finder as root isn't that important anymore. But still I wonder if it's possible at all.

[ Reply to This | # ]
there's gotta be a way...
Authored by: vashremix on Sat, Aug 17 2002 at 6:20PM PDT
I believe that you can, using an application called "pseudo".

you should be able to find info about it here : http://www.versiontracker.com/moreinfo.fcgi?id=9608&db=mac

I'm pretty sure that if you drop the finder onto it you'll get access to absolutely everything.

Good Luck,
Vash

[ Reply to This | # ]
trying to enable root password
Authored by: bernmart on Thu, Oct 3 2002 at 9:07PM PDT
Hmm. When I try to enable it via the Netinfo manager, I find no "security" to click on. What opens is called "local"

How do I proceed?

[ Reply to This | # ]
Enabling the root password (three ways)
Authored by: zangetsu on Wed, Jun 20 2007 at 9:45AM PDT
Hi thanks for this nice root guide but now when i type [ sudo -s ]
it switches to root immediately but when i type [ su - ]it asks for a pass how do i make it that when i put [sudo -s] it asks me for root before it goes there and thanks.

[ Reply to This | # ]

Search

Advanced

From our Sponsor...

User Functions





Don't have an account yet? Sign up as a New User
Lost your password?

What's New:

Hints

3 new Hints in the last 24 hours

Comments last 2 days


Links last 2 weeks

No recent new links

What's New in the Forums?

The Editor's Corner...

Here are some of my (robg) other projects...

•  The Robservatory
My blog - Macs, tech, etc.
•  Mac OS X Power Hound
The best of Hints in print
•  Inside iWork
An iWork training DVD
•  Macworld
Column, features, online...

Hints by Topic

 

News from Macworld

The macosxhints Poll

iPad_poll_#1

Which, if any, model of iPad will you be buying?

  •  None of them
  •  16GB: Wifi [$499]
  •  16GB: Wifi + 3G [$629]
  •  32GB: Wifi [$599]
  •  32GB: Wifi + 3G [$729]
  •  64GB: Wifi [$699]
  •  64GB: Wifi + 3G [$829]
  •  Waiting for next generation
This poll has 0 more questions.
Results
Other polls | 7,001 votes | 76 comments
Copyright © 2010 Mac Publishing LLC (Privacy PolicyContact Us
All trademarks and copyrights on this page are owned by their respective owners.

Visit other IDG sites:


Powered by Geeklog Created this page in 0.07 seconds