searching system as root

[chateau_x]

I have an OS X box that has a few accounts on it, how would I search all accounts for a file?

Would I need to be root? How would I do this?

Would I have to search from / after I am root?

Thanks in advance.

[Mikey-San]

You don't need to be root; you can use the "sudo" command to run "find" once with privileges to search other people's folders. It is far more secure to use sudo rather than becoming root.

Code:

sudo find /Users -name "insert_filename_here"

When prompted, enter your adminstrator password. On a default Mac OS X install, you must be an admin user to use sudo.

[ThreeDee]

Maybe he wants to use Spotlight?

[Mikey-San]

Well, since he didn't say that, there's nothing wrong with what I posted.

What's your point?

[Squirtypoo]

Run the following command as root:
/usr/libexec/locate.updatedb

It takes a while so be patient. When it finishes any user can search the whole filesystem instantly using the locate command, eg.
locate filename

[Mikey-San]

Quote: Originally Posted by Squirtypoo Run the following command as root: /usr/libexec/locate.updatedb It takes a while so be patient. When it finishes any user can search the whole filesystem instantly using the locate command, eg. locate filename

I strongly recommend against this.

Exposing the entire file system to all users, without authorization, is probably not a good idea. Use find with sudo or Spotlight from the command-line with sudo.

[chateau_x]

thanks guys, sudo worked perfectly.

Locate is not an option as I don't want to expose the entire harddrive ...

If I was logged in as root (how do i do that exactly?) could I then run SPOTLIGHT and see the entire machine across profiles?

[trevor]

Quote: If I was logged in as root (how do i do that exactly?)

Apple disables the root user as a separate login by default. This adds a layer of security that you should be hesitant to disable.

However, if you want to temporarily enable the root login, it can be done in NetInfo Manager. I would highly recommend that after you test it, you then disable the root user (also in NetInfo Manager) again.

NetInfo Manager > Security > Enable/Disable Root User

Trevor

[chateau_x]

Is there a way that I can say:

Jump onto my terminal, login as root there, then proceed as root in the GUI until I no longer need that priveledge, jumping back onto terminal and logging out.

Thanks again for the schoolin'.

[Mikey-San]

Quote: Originally Posted by chateau_x Is there a way that I can say: Jump onto my terminal, login as root there, then proceed as root in the GUI until I no longer need that priveledge, jumping back onto terminal and logging out. Thanks again for the schoolin'.

This is a bad idea.

What do you need to accomplish that you need to be logged in as root in the GUI? (This is a rhetorical question. Just use sudo.)

[Squirtypoo]

Quote: Originally Posted by Mikey-San I strongly recommend against this. Exposing the entire file system to all users, without authorization, is probably not a good idea. Use find with sudo or Spotlight from the command-line with sudo.

How can you say that locate is insecure (in huge red letters no less!) and recommend Spotlight in the same post? The locate db contains filenames, the spotlight db contains, well, everything and has several know security issues to boot. If I had some super-secret hidden folders, or if I didn't want users on my system to be able to find the location my .htaccess files I would just lock down the locate database with a chmod 600 and the locate command with a 500.

If you know of any credible security threats from using locate please post them as I update my database nightly.

[Daniel_C]

You can use an application such as Pseudo to run things as root. If you need to run finder as root open /System/Library/CoreServices/Finder.app with Pseudo.

http://personalpages.tds.net/~brian_hill/pseudo.html

[Mikey-San]

Quote: Originally Posted by Squirtypoo How can you say that locate is insecure (in huge red letters no less!) and recommend Spotlight in the same post? The locate db contains filenames, the spotlight db contains, well, everything and has several know security issues to boot. If I had some super-secret hidden folders, or if I didn't want users on my system to be able to find the location my .htaccess files I would just lock down the locate database with a chmod 600 and the locate command with a 500. If you know of any credible security threats from using locate please post them as I update my database nightly.

I did not say locate was insecure; I said locate with sudo was insecure. When you run the locate database update as root, all users will have access to the updated locate database entries for all users, without authentication, from that point on. (At least, this has been the case in the past.)

If you use sudo with find or mdfind, it's one-shot. No one gets permanent, password-free access to find and mdfind results across user domains.