< Day Day Up > |
17.2. Enabling the Root AccountOnly one person is allowed to clomp through any Mac OS X directory, unfettered and unrestricted: whoever holds the root (superuser) account. There are two ways to turn on this usually hidden account: the NetInfo way (see Section 12.10) and the Unix way. To enable the root account in Terminal, all you have to do is make up a password for the dormant account using the passwd command. Normal account holders can use passwd to change their own passwords (although the Accounts pane of System Preferences strikes most people as a more direct way to do so). To change your own password, for example, just type passwd and press Enter. You're asked to type your old password, and then the new one twice. Note: As you type your old and new password, no typing appears onscreen. That's a safeguard against people peeking over your shoulder as you type. The superuser, on the other hand, can change anyone 's password ”including the root account's password (doing so using the command line, however, does not also change that user 's Keychain password, as happens when you use System Preferences). Fortunately, so can an administrator using sudo , like this: sudo passwd root At this point, sudo prompts you for your password to confirm that you're actually an administrator. After you've entered it, the passwd utility prompts you to enter a new password for the root account. Make it a good one: no spaces, at least four characters long. Once the root account has a password, you can use it to log in with the user name root , exactly as though it's a normal account. When you do, you'll find that the root account's Home folder isn't in the Users folder like everyone else's; instead, it's in the private var folder. You'll also find, of course, that you have complete freedom to modify, move, or change access privileges for any file and folder on your system. Note: Not only is your system at risk of inadvertent damage when you log in as root, but some applications may behave oddly when run by the root account. Therefore, you should log into Mac OS X as the superuser only when you have a specific job to do, and log out as soon as you've completed the task. |
< Day Day Up > |