Breaking Into My Mac

Phil Windley // Mon Nov 13 07:27:00 2006 //

Over the weekend, I somehow unclicked the "Allow use to administer computer" box on my Mac for my own account. I was playing around with some account stuff, trying to set up a role account for SVN and didn't notice my mistake until I'd quit System Preferences. At that point, I was using an account that was a system administrator, so I couldn't correct my mistake.

I had another administrator account on the computer that I'd set up some time ago when the computer was in the shop and they needed access, but I couldn't remember the password. I tried everything I could think of and it didn't work. What to do?

OS X has a "master password" feature, but I'd forgotten to set it. Root is available unless you enable it and I'd never had occasion to. OS X is pretty thorough and removes you from /etc/sudoers when you're no longer an administrator, so I couldn't sudo either. Argh.

I got in after a little searching on the 'Net. Here's what I did:

  • Reboot into single user mode. (Hold down Apple-S while you reboot until you see the text-mode boot messages.)
  • Mount the file system with this command 
    • /sbin/mount -uaw
  • Remove the hidden file that OS X creates when you do the initial setup. It's in /var/db and it's called .AppleSetupDone (note the beginning period). 
    • rm /var/db/.AppleSetupDone
  • Reboot by typing "reboot" at the prompt.

When you Mac comes up, create new account--it will automatically have system administrator privilege. Create an account that doesn't already exist on your machine to avoid overwriting anything else in your existing accounts. I named mine bozo for obvious reasons.

Log into the new account, reset the system admin privileges on your real account, and you're in. You can delete the new account if you like, but you might want to keep it around--with a password you can remember--for emergencies. I also recommend setting the master password. You can use it to log into accounts that you've forgotten the password to.

Doing the set up has one affect that I've been able to discern--it changed the name of my machine to "Bozo's Computer." Appropriate, but I went back to the Sharing preferences pane and reset it.

One note of warning here--never assume that you're machine is safe if someone has physical access to it. Breaking in to any machine that you have access to and can get into single user more is trivial. You can do all of this in 5-10 minutes.

Please leave comments using the Hypothes.is sidebar.

Last modified: Thu Oct 10 12:47:18 2019.

Share This Article

Explore Technometria

From the Home Page

My Books


My Amazon Author Page