Cannot access root from Terminal
 

My system was showing signs of slowing down so I ran Norton First Aid and then Speed Disk to defragment the drive (actually I did this on all my five partitions, including my "System10" partition). I finished up by rebuilding all desktops with DiskWarrior.

However, when I rebooted into Mac OS 10.1.3 it began the whole Apple configure process, which I went through and then found that I had lost ALL my preferences and had to rebuild everything from scratch, including the dock, re-enter codes to some software etc. I then noticed there were two users to my name (I am a single user on an iMac, so am SysOp and single user only). I deleted one user - which turned out to be the wrong one - so I tried reconstituting it by going to root and changing the name from "Jfwoods deleted" to "jfwoods". I did recapture my dock (that i had earlier rebuilt).

O.K. So I thought I'd just check that my tcsh config files were still O.K. by looking for the "aliases.mine" file. This is what happened:

[localhost:~] jfwoods% sudo find / -name aliases.mine
Password:
jfwoods is not in the sudoers file. This incident will be reported.
[localhost:~] jfwoods% /etc/mail/sendmail.cf: line 81: fileclass: cannot open /etc/mail/local-host-names: Group writable directory

So then I looked locally as follows:

[localhost:~] jfwoods% find / -name aliases.mine
find: /.Trashes: Permission denied

find: /private/etc/X11/xdm/authdir: Permission denied
find: /private/ ## many other files Permission denied

find: /System/Library/UserTemplate/Dutch.lproj/Desktop: Permission denied
find: /System/Library/UserTemplate/ ## many other files Permission denied

/Users/jfwoods/Library/init/tcsh/aliases.mine

find: /Users/julianwo/Desktop/.DS_Store: Permission denied
find: /Users/julianwo/ ## many other files Permission denied

Since I didn't have the requisite permissions here I thought I'd try a "su" and see what happened: O.K.

[localhost:~] jfwoods% su
su: you are not listed in the correct secondary group (wheel) to su root.

SO ? now what? What does this mean, and how do I recover my "su" and "sudo" commands (and generally recover from this debacle)? I suspect DiskWarrior to be the culprit, but what do you think?

All and any help would be much appreciated. Thanks

i don't suspect disk warrior, but you didn't enumerate any problems encountered in your disk maintenance. were there any?

i do suspect that you added new user 'jfwoods' during the 'apple welcome' process (which you could have quit) and that 'jfwoods' has a new user id and perhaps has no admin privs.

then you deleted the wrong user, the admin 'jfwoods' ? how did you accomplish that?

there would have to be something different about the two names. capital J vs. lowercase j ?

are you at all familiar with Netinfo Manager?

I would stop deleting things right away. Your user 'jfwoods deleted' may be your original account. Leave it.

How did you deleted the admin 'jwoods' account ?

Cheers...

I agree with merv. You've created another user w/o admin privileges. Worse, by deleting your primary user as root you've most likely fried your netinfo database (my assumption is that you deleted as root as it would be impossible to delete the only admin user otherwise.)

Nuclear Method to rebuild:

1. Login as root.
2. Rename the folder containing your real user account: username (use your user name). It sounds like you already did this. NOTE: a user short name is 8 lowercase letters or numbers and I believe it must start with a letter.
3. Rename the folder containing the dummy account username.dummy or something to that effect.
4. Boot into single user mode (<Command> s at startup).
5. Run fsck -y until no changes are made.
6. Mount the filesystem read/write with mount -uw /.
7. cd /private/var/db - change directory
8. rm .AppleSetupDone - remove this file and Apple Setup will run again. This will rebuild your netinfo database when you login again if it does not exist (and it won't after step 10).
9. cd netinfo - change directory
10. rm -rf local.nidb - deletes your netinfo database
11. exit or reboot
12. At the Apple setup screen re-enter your data. Be sure to use the same data (especially the shortname) as the original user.
13. Logout
14. Login

You should now have your account back. Please note that this will destroy any fink or other special system created users. There is probably a way to get your netinfo db back to normal using the root user. If for some reason you don't want to go nuclear please wait for someone to post on that method.

See this link for my similar experience.

Good luck,
Hugh

Thanks all, and especially to hschickel. Your advice was a goldmine. I now seem to have my original home directory back, except of course that I will have to re-stock my Dock (and no doubt a few other things). I now have my "sudo" thing back again too.

My "username.dummy" folder is still in Users. Should I (can I) now dump it to save space or is it best just left alone?

The only mystery is that my Internet Explorer cannot access the Web (I am using Netscape for this). I keep getting a dialogue saying "The specified server cannot be found." Is there anything I can do about this (I have checked the Prefs already)? Or should I just dump it and re-install (as you see I am getting mighty nervous at doing anything hasty these days).

And mervTormel, yes I ditched the original folder from root.

And hschickel you seem to suggest I might have trouble with fink. Haven't tried it yet, nor booted up X Darwin/window manager. I am holding my breath until tomorrow (I may be back ;-)

In the meantime thanks again

I'm glad it worked out. I'm sorry you had to go with the big guns. The fact that you still had access to the root account meant there were options. I was hoping to learn a better way myself :) .

You may delete username.dummy now. We kept that just in case it was somehow the original. sudo rm -r /Users/username.dummy from the terminal to remove the account (Use your own path and username.)

I'm not sure about IE. Try this:
1. Quit IE
2. Move ~/Library/Preferences/Explorer to the desktop
3. Relaunch IE.
If it works you have a preferences problem. Either trash the folder outright or add back the individual pieces until the problem resurfaces. This is the preference that should be trashed.

On Fink; Fink per se will give you no problems. Certain packages create their own users in Netinfo though. With the new db these users will no longer exist. I'm not sure what will happen to the apps in those cases. This will be a problem if you ever gave fink permission to create new users. MySQL for one does this. I don't believe just vanilla fink with a window manager has extra users (it does not on my install but I tinker a lot and my systems are not indicative of anything.)

All of this shows why its a good idea to back up netinfo. There is a command to do it in NetInfo Manager but it bombs on every machine I have. I've never tried to run it as root though... perhaps thats the answer. In any case I back it up this way:
1. cd /var/db/netinfo - change directory to the netinfo directory
2. sudo cp -R local.nidb local.nibak - copies the netinfo directory to a backup as root.

***Please note: I've never restored from this so I really don't know if its doing me any good or not. You can also use nidump and niload to backup and restore individual directories in netinfo. I can personally attest that this method works fine. See the man pages. I would suggest enabling root and creating another admin user before going down this road. You may find (as I did - see the earlier link) that you no longer have access to your system with your main user if things don't go right.

Hugh

If you want to backup the netinfo database you can run the command:

sudo gnutar czf netinfo_backup.tgz /var/db/netinfo/local.nidb

that will back it up into a file called netinfo_backup.tgz.

If you installed a package with fink which has a dependency on the 'passwd' package, then 'passwd' sets up a couple of extra users on your system in the event that you someday decide to install packages that require these extra users.

News Server
MySQL Database Server
PostgreSQL Database
Game Files Owner
Canna Japanese Input
Postfix Mail Transfer Agent

Fink will only give you problems if you install the packages listed above with fink and you don't have the extra users, all other packages it will work fine.

In case you need them, don't panic, you can always install the extra users again.

Cheers...

Sao,

Could you do an nidump on those users and post it somewhere? Or would it be easier to simply reinstall the password package?

Thanks,
Hugh

I would reinstall the passwd package and accept the installation of the new users. If it works, then, that will be the easy way.

I will test it now, wait for a while.

Cheers...

Next a.m.

Hugh - tried your suggestion with Explorer but it didn't work. Still getting the same result.

Also, I note I am getting funny results on other programs. My Mail program has inherited three more boxes entitled "Delivered" "Delivered 3592" and "Deleted". and my delete button is grayed out (can't delete anything). It also asked me whether I wanted to import other mail boxes but then went into a spinning cursor loop until I force quit.

Also my Word 2001 program can only save as documents as Word 97-98 and then opens them as "read only". Something fishy here. It also seems to take longer to boot up.

Any ideas?

hschickel,

It works with 'fink rebuild passwd'

The package will ask again about adding the new users:

-----------------------------
The following user entries will be added to your NetInfo database:

news:*:250:250::0:0:News Server:/:/dev/null
mysql:*:251:251::0:0:MySQL Database Server:/:/dev/null
pgsql:*:252:252::0:0:PostgreSQL Database Server:/:/dev/null
games:*:253:253::0:0:Game Files Owner:/:/dev/null
canna:*:254:254::0:0:Canna Japanese Input Server:/:/dev/null
postfix:*:255:255::0:0:Postfix Mail Transfer Agent:/sw/var/spool/postfix:/dev/null

The following group entries will be added to your NetInfo database:
news:*:250:
mysql:*:251:
pgsql:*:252:
games:*:253:
canna:*:254:
postfix:*:255:
maildrop:*:256:

Existing entries with these names or numbers will be overwritten or
otherwise affected by this. On the other hand, some Fink packages will
not work unless these entries are in the NetInfo database. You can make
adjustments to the files /sw/etc/passwd-fink and
/sw/etc/group-fink now (from another window), then say yes here. Or
you can say no here and add the users and groups manually (e.g. on your
central NetInfo server). If you don't know what all of this is about,
just say yes.
Do you want to continue? [Y/n]
------------------------------

Cheers...

Sao - thanks.

B1 - you seems to have done damage to more than just the netinfo db. The Office problem can most likely be fixed by booting into 9, trashing the office prefs and rebuilding the desktop with techtool lite (free from version tracker). That's an old bug that I have not seen in a while. The explorer issue leads me again to believe you have deeper problems. Will it run as root? If you create another admin user will it run for him? If you create a staff user will it run for him?

Hugh

i love the smell of toast in the morning.

not to make light of your predicament, b1, but, you could be patching this up for a long time, and some problems may be very hard to diagnose. your install may no longer have much integrity. i wouldn't trust it with my data.

at this point you are our whipping boy, and we're using your predicament as a play box, and further tooling around could make more grevious holes in your rig, frustrate you and give you a bad (worse) experience.

what say you save your user data, clean install, and start again, with a slower approach to root activities?

i think several hours of reinstall, recovering data, etc would be well spent over what you may have to look forward to in continuing fractures.

"Charlie don't surf."
--Lt. Colonel Bill Kilgore

Thanks again for the suggestions. You may be right Merv that I should re-install. For example, I see that my X Darwin boots O.K. but not with Window Maker (although I seem to have all the WM files). I have a _xinitrc file in my home directory, but no .xinitrc file. Maybe that's part of this problem? Shouldn't I have a .xinitrc file somewhere? My _xinitrc file reads:

# Window Maker default X session startup script

PATH="$PATH:/sw/bin"

# If you login from xdm, uncomment this to make error messages appear
# in the console window.
#
# tail -f /Users/jfwoods/.xsession-errors > /dev/console &

exec wmaker


Don't mind being the wipping boy as long as it wips me into shape ;-)

Sao - Now I'm really getting discouraged (newcomer that I am!). Couldn't check whether Explorer will run as root. I tried logging in as root but "root" doesn't take my password anymore (simply gives me the "shudders"!!). How can I log in as root then?

I note that when I check my Users pane only one user is listed there as follows:

Name: Julian F. Woods
Kind: Admin

This seems to suggest that I myself am 'root'. But when I do a find in the Terminal I still have to give my password to get into "root" (which works fine).

Cannot figure this out at all.

sudo and su in shell take _your_ user password, not the root password.

you users pane will not list the root user.

are you using the same root password as was assigned to the first user created in your very first 'apple welcome' setup? the very first user and root share the same password. is that right?

anyone know of a good way to change the root password? i think it has to flow back into the netinfodb, so chpass may not be the key, here.

This is getting weirder and weirder. I find that, although typing a "sudo" command I can use my password O.K., when I type a "su" command it will not accept my password.

Could you please give me some pointers about re-installing. I have your advice merv about backing up my Users directory, but I'm really wondering whether my Users director is also part of the problem.

Anyway (since I'm a newbie at this), I presume I can just take my Mac OS 10.1 CD and re-install over my existing stuff (I seem to have read you can do this somewhere). Then I would have to re-install XFree86. fink, window maker and other apps that seem to need to be close to the system. Is that more or less how I proceed from here?

Thanks

Merv thanks - just seen your post.

Well if sudo and su take the User's pw how come su does NOT accept my user's pw in the shell?

As I said - gets weirder and weirder

hang on tight
 

yeah, that's a weirdo. su does some kerberos authorization first, i think, and if that fails, tries to get pw from /etc/passwd, which fails (?). so, more evidence that a reinstall is the ticket, perhaps.

a downgrade/reinstall is a walk in the park, provided you have one user, the original user you setup. i will outline that case first...

what i did in the distant, foggy past, when i needed to downgrade the OS rev to start again, was to delete every last mother-loving thing in the root dir, except the
/Users directory.

then, i installed OSX 10.1 and setup 'apple welcome' with the one user i knew i had to, the original defined user, the precious first admin. i tested that i had the same user id (501) after login and kicked things around a little (sudo, su), then i started up the software update whoopee machine until no more updates needed applying.

now, in your case, you have to take care of the user accounts you've created (?) you may need to cleanup and consolidate your user's data (?), and get user id and group info with the following commands. This may help you map user id's and groups back together. In other words, you'll have a bucket of users remaining in /Users/ (that already have uid and gid properties in their files) and a new netinfo database without those users. You'll want to re-marry users/groups to directories and their files.

As your main user admin account (of course, yer output may look different):
I realize there may be more questions, but digest that first so you can decide how to proceed. then, come up with a good plan for going forward tiny steps at a time, and test test test.

sanity check from anybody here, please?

does any of that post install netinfo noodling float back into such things as users control panel?

Yikes! Carrrrrramba!!!!

In the land of the blind the one-eyed man is KING. Oh yes!!

Here is the blind man's attempt at doing what you did:

[localhost:~] jfwoods% su
Password:
Sorry

(This is what I got when I tried the "su"

Now for your stuff:

[localhost:~] jfwoods% id
uid=501(jfwoods) gid=20(staff) groups=20(staff), 0(wheel), 80(admin)
[localhost:~] jfwoods% nidump passwd
usage: nidump [-r] [-T timeout] {directory | format} [-t] domain
known formats:
aliases
bootptab
bootparams
ethers
exports
fstab
group
hosts
networks
passwd
printcap
protocols
resolv.conf
rpc
services
mountmaps
[localhost:~] jfwoods% nidump group
usage: nidump [-r] [-T timeout] {directory | format} [-t] domain
known formats:
aliases
bootptab
bootparams
ethers
exports
fstab
group
hosts
networks
passwd
printcap
protocols
resolv.conf
rpc
services
mountmaps
[localhost:~] jfwoods% cd
[localhost:~] jfwoods% nidump passwd . > mynipasswds
[localhost:~] jfwoods% nidump group . > mynigroups
[localhost:~] jfwoods%

This looks a lot different from yours, but can't say (as a blind man) that I have digested it yet.

What does it look like to you? (don't like the look of that "timeout" thing)