[HOWTO] - Enable Root Login to Mac OSX

Discussion in 'HOWTO & FAQs' started by alito, Dec 21, 2001.

  1. alito

    alito Mac fan

    Joined:
    May 13, 2001
    Messages:
    50
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Argentina
    Can someone tell me how can i login as a root administrator?
    thanxs
     
  2. simX

    simX Unofficial Mac Genius

    Joined:
    Sep 18, 2001
    Messages:
    2,187
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    Student of Stanford University
    Location:
    Bay Area, CA
    You need to enable it first, for obvious security reasons. I would recommend against this -- if you need to do something that can be done via the Terminal, you can get temporary root access by using the "sudo" command.

    But if you REALLY want to login as root, here's how to enable it and login as root:

    1. Open the NetInfo Manager application in the /Applications/Utilities folder.

    2. Go to the Domain menu, then drag down to the Security submenu, and choose "Authenticate...". Put in an administrator login and password and press return or the "OK" button.

    3. Go again to the Domain menu, again to the Security submenu, and then drag down to the "Enable Root User..." menu item.

    4. You probably won't have put in a root user password yet. It will prompt you to provide a root user password and verify it. Do so.

    5. Root user is now enabled. Now just logout from the Apple menu, and then at the login screen, use the login name "root" and provide the password you just set.

    This will log you in as the root user. Note that you can do ANYTHING when logged in as root, including deleting essential files. Proceed with caution.
     
  3. onan

    onan Prescriptivist

    Joined:
    Sep 22, 2000
    Messages:
    87
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    unix sysadmin
    Location:
    Behind you! Duck!
    Or, if you're into hot hot Terminal action, just:

    sudo passwd root

    Which basically ends up doing the same thing. Use whichever is more comfortable for you.
     
  4. simX

    simX Unofficial Mac Genius

    Joined:
    Sep 18, 2001
    Messages:
    2,187
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    Student of Stanford University
    Location:
    Bay Area, CA
    (See title -- 'nuf said. What's with the "passwd" entry, though? I thought you could just do "sudo whateveryouwanttodohere" and you could get temporary root access.)
     
  5. Captain Code

    Captain Code Moderator Staff Member

    Joined:
    Aug 29, 2001
    Messages:
    3,113
    Likes Received:
    1
    Trophy Points:
    0
    Occupation:
    Software Engineering Student
    Location:
    Ontario, Canada
    You can either do:
    sudo mycommand
    and it will prompt you for your password
    password:

    or you can do
    sudo mycommand password
     
  6. simX

    simX Unofficial Mac Genius

    Joined:
    Sep 18, 2001
    Messages:
    2,187
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    Student of Stanford University
    Location:
    Bay Area, CA
    I just tried the command format "sudo mycommand password" and it still asks for the password and interprets 'password' as the target or option for mycommand. I don't believe UNIX would allow the password to be shown in full text, anyway.
     
  7. Captain Code

    Captain Code Moderator Staff Member

    Joined:
    Aug 29, 2001
    Messages:
    3,113
    Likes Received:
    1
    Trophy Points:
    0
    Occupation:
    Software Engineering Student
    Location:
    Ontario, Canada
    Oh, well, maybe I was wrong, I thought that would work.
     
  8. alito

    alito Mac fan

    Joined:
    May 13, 2001
    Messages:
    50
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Argentina
    Thanxs to allllllll
     
  9. houchin

    houchin Registered

    Joined:
    Oct 24, 2001
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Rochester, NY
    Or just do what almost everyone, includding Apple, recommends: Don't enable the root password. sudo can do everything you need.

    use "sudo <cmd>" to just execute single commands, or "sudo -s" to start a new command line shell with root privledges.

    By enabling root, you open up a whole lot of security issues, especially for network connected systems (almost all of the sendmail and such hacks rely on the attacker having root access). If you don't enable root access, then all of these attacks are cut off.
     
  10. alito

    alito Mac fan

    Joined:
    May 13, 2001
    Messages:
    50
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Argentina
    what is sudo command?
    i have to type sudo?
     
  11. houchin

    houchin Registered

    Joined:
    Oct 24, 2001
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Rochester, NY
    sudo stands for "superuser do"

    It allows you to execute other commands as if you were logged in as root.
    You log into the system and open terminal as normal. Just put "sudo"
    before the command you want to execute as root (or superuser).
    For example, to edit the inet config file, you would enter:

    sudo vi /etc/inetd.conf

    It will then ask you for your password, and you give it your normal password
    (as long as you're an admin user). If you "sudo" another command within
    a few minutes, it remembers that you've already proved your an admin and you don't have to type your password.

    If you have a lot of stuff to do as root, type "sudo -s" as a command all by itself and it starts a new shell as root. Type "exit" when you're done to return to non-root status.

    You do not want to enable the root password, because thsi will prevent a lot of security problems which rely on someone logging on as root (like through sendmail)
     
  12. ZeroAltitude

    ZeroAltitude Registered

    Joined:
    Dec 21, 2001
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    Programmer/PhD Student
    Location:
    Massachusetts
    Hi,

    The thing I have not yet figured out (just 3 weeks in, forgive me!) is how you'd launch GUI apps from the command line with sudo <command>. I enabled root partly because there were some apps that 'won't run in console mode' but needed to be root to do some of the things I wanted.

    I know how to tell X apps how to launch in a running X display, but how do you run Aqua apps from the command line in mac OSX?

    -ZeroAltitude
     
  13. houchin

    houchin Registered

    Joined:
    Oct 24, 2001
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Rochester, NY
    You can try:

    sudo open -a <app>

    For example, to launch BBEdit 6.5 as root, you could enter

    sudo open -a "BBEdit 6.5"

    (The quotes are only required if there's a space in the application name)

    This is the equivalent of double clicking on a file in the finder.

    You can also get the shareware app "Pseudo" which does it with a GUI
    interface.
     
  14. xoot

    xoot Got xoot?

    Joined:
    Mar 7, 2002
    Messages:
    1,679
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    /Users/xoot
    2 steps to make enabling root EASIER (via Terminal)

    1) Type "sudo passwd root" and type in the root password

    2) Root user is enabled! Now you can just select the "other user" checkbox in System Preferences and logout. Then, click on other user and type in:

    "root" for the login field

    Your password for the password field

    ;)
     
  15. rezba

    rezba simpleutilisateurpuissant

    Joined:
    Oct 10, 2001
    Messages:
    156
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    france
    yes, but you're log as root for the all session. sudo allows you to temporarily act as root, just for what you need. wich is more secure.
     
  16. xoot

    xoot Got xoot?

    Joined:
    Mar 7, 2002
    Messages:
    1,679
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    /Users/xoot
    I meant logging into the GUI, not into Terminal.
     
  17. Gwailo

    Gwailo B.A. Economics (Hon)

    Joined:
    Mar 13, 2002
    Messages:
    330
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    Economics B.A. (Hon) at Carleton University
    Location:
    Ottawa, Ontario
    Once you're logged into the terminal as yourself, on the command line just type

    su root

    it will then prompt for root password. This way you can login as root remotely (or lcoally) without enabling root. Also unlike sudo you can perform commands at the shell, without just passing commands as argument (which is my understanding of sudo).
     
  18. Gwailo

    Gwailo B.A. Economics (Hon)

    Joined:
    Mar 13, 2002
    Messages:
    330
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    Economics B.A. (Hon) at Carleton University
    Location:
    Ottawa, Ontario
  19. 96.9

    96.9 Registered

    Joined:
    Mar 16, 2002
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    0
    sudo passwd root

    Then there is a prompt for a new password . The root account is setup at factory install without a password so all you have to do is type one in to enable it .

    su root

    Then enter the password you choose .

    You can check your commands if you forget them , just type :

    history

    You can add new users from the terminal .

    Check out the darwinfo faq

    http://www.darwinfo.org/faq.shtml

    Scroll down to User Management on the faq .

    You just have to use 000 for uid and gid to make the new user have root privilages.
     
  20. MDLarson

    MDLarson Registered

    Joined:
    Feb 13, 2002
    Messages:
    1,194
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    Systems Designer
    Location:
    Minneapolis, MN
    OK, totally new Mac OS X guy here;

    I created two users initially, and now I just want to have one user. So I deleted the second user and assigned it to "Administrator", not "Matt Larson". So the user is deleted, but the folder is now labeled "username Deleted", and the root is the owner.

    As a total newbie, could somebody post very explicit instructions for getting rid of this folder? Sounds like messing with the root access is a little dangerous.

    -Matt
    edit: red text added!
     

Share This Page