Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Install Interarchy without an Admin password Apps
Some people can't install Interarchy because their network admin won't give them the admin password for their machine. Interarchy needs the root access to install so it can bless the Ping, Traceroute and WatchTraffic commands (although WatchTraffic will ask for the root password every time for security reasons anyway and this hint won't help that).

Download and launch Interarchy 6, cancel the second dialog (the authorization dialog) when asked for the admin password and Interarchy will quit (after setting up most of the files). Reboot into single user mode (hold Command and S keys during boot), and then remount the root volume with write permissions by typing:
 % /sbin/mount -wu /
Note: If you have more than one volume, you might have to find the right one. Now type:
 % cd '/Library/Application Support/Interarchy/'
% cd 'Interarchy Support.bundle/Contents/Resources/'
% chmod a+x Bless
% ./Bless Ping Traceroute WatchTraffic
(The 'cd' command is shown as two separate commands to narrow the display width; it can obviously be entered as one long command). Type control-D to logout and continue booting in to multiuser mode, and Interarchy should work as expected.

[Editor's note: I have not tested this hint myself, but believe that it should work as expected.]
    •    
  • Currently 0.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (0 votes cast)
 
[2,688 views]  

Install Interarchy without an Admin password | 5 comments | Create New Account
Click here to return to the 'Install Interarchy without an Admin password' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
permissions
Authored by: englabenny on Nov 07, '02 12:09:48PM

well, if you are going to cheat on your permissions this way, why not change the root password at the same time? Then, you'll have no worries at all.. :D



[ Reply to This | # ]
re: bypassing admin challenges?
Authored by: j!mmy on Nov 07, '02 12:12:21PM
"Some people can't install Interarchy because their network admin won't give them the admin password for their machine. "

Um. I really don't advocate censorship, but it'd sure be nice to see more responsibility taken in information dissemination. Is "how to dupe your company's tech support" really the way Mac OS X Hints should be headed? This is, effectively, a tutorial on how to break into a system you don't own.

I speak as a systems administrator. Part of my job is to give and not give admin/root access to our staff. When the attitude of the original post becomes prevalent and widespread enough, systems will have to be more and more inaccessible to the people trying to use them just to maintain some semblance of administrative control and oversight. That's why there are admins.

If you don't have admin/root at work, you don't need it and shouldn't try for it.

Discussion welcome. Sorry for ranting. --j!m

[ Reply to This | # ]
re: bypassing admin challenges?
Authored by: ssevenup on Nov 07, '02 12:57:41PM

I agree 100%. It seems to me this is not a direction this site wants to be going. As a fellow admin I can assure you that the last thing I want is a building full of folks who single user boot every time they feel they need to do my job for me. Although let me also mention that Norton Antivirus is a requirement here. Since the geniuses at Symantec designed it in a way that requires the Admin password, we have no choice but to make every user an Admin. Unless we want to visit every Mac, every time LiveUpdate wants to install an update.

A better tip would be how to prevent Interarchie from requiring the password by disabling the features that need it. We are getting ready to site license it again and those features could easily be withheld without troubling most users. -IMHO



[ Reply to This | # ]
OS X is not truly multi-user secure...
Authored by: robg on Nov 07, '02 01:07:30PM
Rebooting in single user mode has been covered here as a standalone hint before (try this search to find 15 articles that discuss single user mode, including recovering a lost root password!). It's also documented in Apple's own Knowledge Base articles under a number of topics (disk repair being the one that comes to mind), and is mentioned extensively on other Mac websites and online forums. As such, knowing how to get into single user mode is not a great secret. Nothing was revealed in this hint that was not already public knowledge regarding "getting around" the lack of an Admin password. If Apple wants to make OS X truly secure in a multi-user environment, they need to figure out how to prevent people from booting in single-user mode who do not have permission to do so. Off the top of my head, requiring the Admin password to boot single-user seems like the easiest solution, although I don't know how difficult it would be to implment such a solution. After all, if someone's in an environment with a Systems Admin, they shouldn't ever have a valid reason to use single user mode, right? I draw the line on macosxhints.com at publicizing anything that discusses how to break the law ... but a hint that helps someone get the most out of their system will always be considered fair game, regardless of where they may be using that system. It's up to Apple, not the user, to make sure that the system has the necessary controls in place to prevent undesired actions. -rob.

[ Reply to This | # ]
OS X IS truly multi-user secure...
Authored by: MasterUltan on Nov 07, '02 01:44:17PM

Apple has a utility call Open Firmware Password Protect which allows you to block single-user mode and anything that accesses or alters Open Firmware at boot time. You can find it at their support site by searching for Open Firmware Password Protect.



[ Reply to This | # ]