Create/Enable root user in Monterey 12.1

[jimoe]

I decided to install Suricata on our iMac27-2020, macOS 12.1. (Suricata is an intrusion detection/prevention app.) After building and installing it, I tried to run it; below is the result. The error indicates that being a System Administrator is not sufficiently sufficient.

I searched for how to become a root user. The only useful result was an Apple tech page for enabling the root user from 2017. Apparently that has changed since the last step is to "Edit/Enable root user." There is no Edit option.

Can someone point to a more recent tutorial for enabling the root?

bash-3.2$ 7/2/2022 -- 13:30:09 - <Notice> - This is Suricata version 6.0.4 RELEASE running in SYSTEM mode bash-3.2$ 7/2/2022 -- 13:30:19 - <Error> - [ERRCODE: SC_ERR_SYSCALL(50)] - Unable to set caps for iface "en0": Operation not permitted 7/2/2022 -- 13:30:19 - <Error> - [ERRCODE: SC_ERR_PCAP_ACTIVATE_HANDLE(27)] - could not activate the pcap handler, error (cannot open BPF device) /dev/bpf0: Permission denied 7/2/2022 -- 13:30:19 - <Error> - [ERRCODE: SC_ERR_THREAD_INIT(49)] - thread "RX#01-en0" failed to initialize: flags 0145 7/2/2022 -- 13:30:19 - <Error> - [ERRCODE: SC_ERR_FATAL(171)] - Engine initialization failed, aborting... [1]+ Exit 1 suricata -c /usr/local/etc/suricata/suricata.yaml -i en0 --init-errors-fatal

 

[Satcomer]

On a modern Mac you have to go into Recovery Mode to enable Root user! So look into going into Recovery Mode and turn of the Protection!

 

[DeltaMac]

You probably will be allowed to install if you first disable SIP.

Disabling and Enabling System Integrity Protection | Apple Developer Documentation

Disable system protections only temporarily during development to test drivers, kernel extensions, and other low-level code.

developer.apple.com

After that allows you to install your software, you should then re-enable SIP.

 

[jimoe]

Recovery mode. Sheesh.

Thank you for the replies.

 

[DeltaMac]

I looked at enabling the root user again.
Looks like you missed the correct menu in the Directory Utility. (looking at Monterey 12.3 beta on my intel MBAir, maybe different on an AS Mac, I don't know
The Edit menu in the Directory Utility does not show Enable Root User, until you click the padlock to unlock that Directory Utility.

But, disabling SIP is probably still needed for what you want to do - Enabling the Root user simply gives you access to the root user/superuser(?), but does not disable SIP, and you do not need to have the root user enabled to disable/enable SIP. They serve different functions, and are accessed differently.

 

[jimoe]

My unfamiliarity with OS/X got me this time regarding the "missing" Edit option. I forgot that OS/X re-uses the menu bar at the top of the screen for each app that has the focus. I finally noticed that. And there was no option to Enable the root user. :-(

 

[DeltaMac]

You have to unlock that Directory Utility,
When unlocked, you will see the line (in the Edit menu, under the Change Root Password line) now reads "Enable Root User"
(Fun fact - that utility re-locks automatically, even if you don't touch it in any way. Watched the padlock close on its own. I think it took about 10 minutes... )
But, I digress -- the root user, although useful for some things, likely won't give you permission to do the install that you want.
I'm fairly sure that disabling SIP should work. Let us know...