Unable to enable "Root User"

Discussion in 'macOS' started by drambuie, May 14, 2011.

  1. drambuie macrumors 6502a

    Feb 16, 2010
    I have no plans to actually use the root user, but I came across the document HT1528, "Enabling and using the 'root' user in Mac OS X", and followed the instructions for "Mac OS X v10.6 and later" to see if it was available through the GUI. I have a mid-2010 15" MBP with OS X v10.6.6. As the only user, I am the Admin.

    Following the procedure, steps 1 to 8 work, but in step 9 there is no Edit menu in the Directory Utility window. There is only a pencil icon for editing the listed services, which does work. The four services listed and default settings are:

    Active Directory - not enabled
    BSD Flat File and NIS - enabled
    LDAPv3 - enabled
    Local - enabled

    I tried the Directory Utility help, but that just repeated the steps in the HT1528 document for accessing the root user.

    Is there someting else that could be preventing access to root user, in the Directory Utility?
  2. r0k macrumors 68040


    Mar 3, 2008
    Allow me to translate your post...

    I have no plans to actually use this nuke, but I want to arm the thing and leave it lying around my system.

    If you want to do anything as root, simply use the sudo command and enter your password when prompted. Enabling the root user is a very dangerous thing to do, especially when you "have no plans to actually use the root user." The root user gets a special prompt in terminal #. When you see #, watch out. You can type something stupid and it will simply happen. You are root and the OS isn't going to ask you if you are sure you want to wipe the filesystem or disable the kernel extensions you need to get on the internet. You could wipe the filesystem, delete your account or find some other random way to disable your Mac. This is a very good reason to avoid enabling the root user until you have a legit reason for enabling it. The risk is somebody comes along and sits at your keyboard and guesses the root password and they become your worst nightmare by doing something like rm -rf * from /. When I type while (1) fork, my system slows down but a force quit might save me. When root types while (1) fork, I have to hold the power button to get my system back.

    Perhaps a better use of your time would be to become familiar with the bash shell and all the things you can do with it without becoming root. I worked as a Unix sysadmin for a number of years. In those days, if I spent 40 hours a week doing system admin, I spent only 90 seconds of it doing things as root. The root user is a brute force account that is only wielded in cases of extreme emergency like checking and repairing a corrupted filesystem on a system that won't otherwise boot or creating a new account and copying files from a user who just left the company to a new user's account and changing ownership and permissions so the new guy can get his work done.

    Enabling the root account used to be the first thing I did whenever I got a new Mac. Now I simply don't bother. Sudo handles the few occasions where I want to do something as root and I haven't typed sudo in almost a year.

    If you choose to ignore my opinion and enable root, there are further instructions here. Your Mac won't immediately catch on fire if you enable root but I'll say again that enabling root is really something that you should avoid unless you know why you need to do it and fully understand the risks.

Share This Page