The Mac OS X Root Account
An odd situation just cropped up; I've been working with an Apple TV unit and wanted to enable the root account. On most Macs that's not a problem; under Leopard you simply open up “Directory Utility” and select the Enable Root User item from the Edit menu. But I didn't have Directory Utility or even a graphical interface on the Apple TV; there had to be another way.
Normally, given a locked root account, I'd run the passwd command to unlock the account and set a password. Two problems cropped up — first, the passwd program wasn't installed on the Apple TV. That problem was quickly resolved. Unfortunately, the passwd program wouldn't change the password. Even more confusing, when I looked for the frontrow user in the /etc/passwd file, it wasn't there - even though I was able to log in as frontrow. Obviously the information I needed was in the mysterious NetInfo database.
nidump passwd . command
revealed the missing frontrow user; details were obtained with
niutil -read . /users/frontrow command:
-sh-2.05b# niutil -read . /users/frontrow
picture: /Library/User Pictures/Sports/Bowling.tif
The root user, on the other hand, had less information:
bash-2.05b# niutil -read . /users/root
realname: System Administrator
It appeared that two of those fields:
authentication_authority and passwd, were probably relevant. I
niutil -createprop . /users/root
authentication_authority \;basic\; to create the
authentication_authority entry and the
. /users/root passwd n5CAdSx90bkPs command to create an
initial password (since changed; that's the default
“frontrow” password for the frontrow account). Once
that was done, I was able to
su to root (after
copying over the su command, of course). I changed the password
passwd command), and that was that.