Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Enabling the root password (three ways) UNIX
Strong Warning: You should only enable root if you really really need it, really know what it's for, and realize the security implications of enabling root! You can do everything you need to do with "su do", so root is really not needed ... with that said, here's how to enable it - please understand what you're doing and why before you do this!

The "root" user (also known as the superuser) is the most powerful UNIX account. The root account can do anything to any file or folder, anywhere on the system. For that reason, it's considered quite dangerous, and only needs to be used (occasionally) by advanced users.

Because of the dangers of operating as root, Apple has chosen to hide the root account in OS X Final. However, there are a number of ways to enable it. The easiest is to boot off the install CD, and look under the Install menu for the "Password Reset" option. You can use this to change your own password if you forget it, and to enable the root account. This utility will not run if you copy it to your hard drive! It only works when booting from the CD.

Read the rest if you'd like to know how to do this from within OS X, and skip the CD-based reboot.

The second easiest way to enable root is to start a terminal session, and type:
sudo passwd root
You will be prompted for a new password to enable root access. Many find this easier than rebooting, but since it involves the command line, newcomers may find it a bit more intimidating.

The hardest way to enable root is to use the Netinfo Manager application (in Applications/Utilities). Here's what you do, courtesy of "anonymous":

1) Open NetInfo Manager
2) Select "Users" from the second list.
3) Select a user you created andnd know the password for!
4) Double-click on the value across from "passwd" and copy it. It is the encoded form of the password for that user.
5) Select "root" from the list of users. Find the "passwd" value (default is "*") and paste over it.
6) Exit Netinfo Manager.
7) Open the Terminal and type "su root".
8) Enter the password for the user chosen above.
    •    
  • Currently 2.80 / 5
  You rated: 5 / 5 (10 votes cast)
 
[258,130 views]  

Enabling the root password (three ways) | 23 comments | Create New Account
Click here to return to the 'Enabling the root password (three ways)' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Additional NetInfo way
Authored by: Anonymous on Mar 29, '01 01:23:51PM

There is an additional way to enable the root account (as well as disable it) in NetInfo Manager. Open the app, and select the Domain menu and then Security. Then select Authenticate. It will ask you for an administrator password. After that, you go back to the Domain menu and Security. From there, you can see that you can enable/disable root, or change the root password. This may be the longest way of all, but it is another option!



[ Reply to This | # ]
Additional NetInfo way
Authored by: kransta on Mar 28, '02 10:05:53PM

Hey, I opened a terminal windows with my main mac account typed sudo -s an I had root access, then i typed exit and took me back to the user. Does that guarantee i am not logged as root anymore?

Then I tried your tip by going to netinfo manager, security, authenticate, enable root access and assign a strong password to it, then I disabled root access and deauthenticated. Was that advisable or should I have left the password blank ? Apple advises that you assign a password to root, but it also says not to log in as root in the first place.

With all this confussion How do I really know I am mot logged in as root???

Another question, if somebody access you macosx box and logs in to your single account, they still can do the same damge as if they were logged in as root?

Sorry for the long post.

Thanks guys!

Kranta



[ Reply to This | # ]
enabling su
Authored by: ngb on Apr 12, '01 03:03:44PM

It's possible to su to root without enabling the root password and without having to type sudo before every command you want executed as root.

type 'sudo su'

You'll be given full access as root until you type exit, rather than for just one command.



[ Reply to This | # ]
enabling su
Authored by: UmarOMC on Jun 26, '01 11:38:50AM
There's also sudo tcsh which does pretty much the same thing, until you type exit.

[ Reply to This | # ]
enabling su
Authored by: ret on Oct 08, '01 02:15:18AM
...or indeed
sudo -s


[ Reply to This | # ]
enabling su
Authored by: clith on Nov 20, '03 02:39:21PM
.. or even "su -"

[ Reply to This | # ]
ROOT - ooh, I'm sooo scared.
Authored by: Anonymous on Nov 29, '01 11:07:15PM

I honestly don't see what the big deal is about the "root" user. We've been working for over 15 years as the "root" user of our Macs. You can screw up things just as bad in OS 9 as you can by logging in as "root" in OS X. Has everyone forgotten this?



[ Reply to This | # ]
ROOT - ooh, I'm sooo scared.
Authored by: cgull on Jan 10, '02 10:52:17AM

LonnieBear, you're just displaying your vast array of ignorance regarding this manner. Ask any UNIX administrator if they run root all the time, they'll look at your funny and answer "damn no!".

Just two days ago, our administrator ACCIDENTALLY typed in rm /* AS ROOT! If you have more than 5 minutes of experience working in the shell, you'll realize that this is a VERY bad thing... if he WASN'T root, nothing drastic would have happened. On the other hand, he completely fried the machine. He had to reinstall the system (after of course we all made fun of him).

If you really want to be "macho" and wear your black leather pants and jacket with spiked wrist bands and run as root all the time, go right ahead, but your fate is set from that point on.





[ Reply to This | # ]
Boo!
Authored by: Timecode on Jan 18, '02 01:23:11PM

Your right, 15 years is a long time, but why even take the chance... Just create the other account!

e!



[ Reply to This | # ]
And how to disable it again?
Authored by: Mi And on Jan 02, '02 07:08:34PM

Dumb as I am :-) I enabled the root passwd because I didn't know I could have root privileges by using the SUDO command.

Is there a way to disable it again, sorta "back to the factory settings" without having to reinstall Mac OS X (i kinda hope) ?!

I am a little scared because it seems that the root password isn't shadowed as the regular user passwords. With all those daemons running within Mac OS X I kinda don't want to be vulnerable if it isn't needed.



[ Reply to This | # ]
And how to disable it again?
Authored by: eagle_eyes on Jan 03, '02 06:24:20PM

Fire up netinfo and go to the domain menu. Mouse down to security and a little popup will open to the right, one of the options should be to disable root.



[ Reply to This | # ]
Still not quite disabled?
Authored by: reu1000 on Jan 26, '02 10:09:47PM

I unfortunately did the same thing and followed the tip from eagle_eyes, but it still does not seem quite right. If I start up terminal and try to edit a file such as crontab in pico without typing sudo, it does nothing to stop me. Typing: "cd /private/etc", then "pico crontab" it goes directly into the editor. What can I do to fix this and protect me from my own stupidity?



[ Reply to This | # ]
Still not quite disabled?
Authored by: geohar on Feb 18, '02 10:35:29AM

I think you'll find that you won't be able to write out to /etc/crontab using ^o... try cd /var/cron. That you won't be able to do without root permissions

George



[ Reply to This | # ]
Enabling root password
Authored by: res on Jan 18, '02 04:58:32AM

Ehh... why not just boot from the OS X installer CD...?
When OS X is installed, you have an option (booting from the CD) to reset existing user passwords, including the 'System Administrator' = 'root' password !

Simple and safe... ,-)



[ Reply to This | # ]
Another way to enable root
Authored by: phildobbin on Feb 02, '02 06:05:33PM

This requires BBEdit. If you choose "Open Hidden" from the File menu in BBEdit, you can gain access to all the system files and the like. To edit them, you need to be logged in as root. When you open them via Open Hidden in BBEdit, you'll see a pencil icon with a line through it in the leftmost end of the status bar. If you click on the Pencil icon, you'll be prompted for your Admin. password and upon entering it, you can edit the chosen files with full root priveliges. Of course, if you save the changes you've altered whichever file you were working on, so be careful out there. (Thanks to John Gruber of Bare Bones Software for this tip).



[ Reply to This | # ]
quickest way
Authored by: brainer on Feb 19, '02 04:42:45AM
surely quickest is
[localhost:~] user% sudo -s Password: [localhost:~] root#
and to leave root
[localhost:~] root# exit exit [localhost:~] user%


[ Reply to This | # ]
Quickest Root
Authored by: mdean77 on Jun 10, '02 09:45:23PM

sudo tcsh

When you exit from the root level you will return to your user level.



[ Reply to This | # ]
there's gotta be a way...
Authored by: jman on Jun 24, '02 12:19:11PM

Does anybody know if there is a way to enable root privleges in the Finder without logging out and back in? I suppose it's nice and everything to have root priviliges in Terminal, but it'd be nice to use the finder with root privileges.....



[ Reply to This | # ]
there's gotta be a way...
Authored by: wkunz on Jul 30, '02 06:18:17AM

A legitimate question. It took me a long time to find out that only the root user can arrange the icons in the top folder (and some others) permanently. Since I learnt that you can alternatively delete the invisible file ".Ds_Store" in the directory representing the folder, using the Finder as root isn't that important anymore. But still I wonder if it's possible at all.



[ Reply to This | # ]
there's gotta be a way...
Authored by: vashremix on Aug 17, '02 06:20:40PM

I believe that you can, using an application called "pseudo".

you should be able to find info about it here : http://www.versiontracker.com/moreinfo.fcgi?id=9608&db=mac

I'm pretty sure that if you drop the finder onto it you'll get access to absolutely everything.

Good Luck,
Vash



[ Reply to This | # ]
trying to enable root password
Authored by: bernmart on Oct 03, '02 09:07:46PM

Hmm. When I try to enable it via the Netinfo manager, I find no "security" to click on. What opens is called "local"

How do I proceed?



[ Reply to This | # ]
Enabling the root password (three ways)
Authored by: zangetsu on Jun 20, '07 09:45:20AM

Hi thanks for this nice root guide but now when i type [ sudo -s ]
it switches to root immediately but when i type [ su - ]it asks for a pass how do i make it that when i put [sudo -s] it asks me for root before it goes there and thanks.



[ Reply to This | # ]