Logging In As Root

Because Mac OS X is based on Unix, there is a user account on every Mac OS X machine called root. The root account has permission to do everything that is possible; the root account permissions go way beyond even the Administrator account permissions. Because of this, logging in under this root account is very powerful, and it is also dangerous because it isn't that hard to mess up your system, delete directories (whether you intend to or not), and so on. However, because you will sometimes need to log in under the root account to accomplish specific tasks, you should understand and become comfortable with it.

You should be logged in under the root account only for the minimum time necessary to accomplish specific tasks. Log in, do what you need to, and then log out of root again. This will minimize the chance of doing something you didn't intend to do because you forgot that you were logged in under root.


Be careful when you are working in your Mac under the root account. You can cause serious damage to the system as well as to data you have stored on your machine.

The root account is a very special user account, but it is still a user account. The full name of the root account is System Administrator and its short name is root. One difference between the root accounts and other accounts is that the root account exists without your having to create it. However, you have to activate the account and assign a password to it before you can begin using it.

You can activate the root account and create a password for it by following these steps:

  1. Log in to the Mac.

  2. Open the NetInfo Manager application (Applications/Utilities).

    NetInfo Manager is a very powerful system administration application; to learn more about it, see "Using NetInfo Manager to Administer Your Network," p. 746.

  3. Authenticate yourself as an administrator by clicking the Lock icon and entering user account information for an administrator account.

  4. Scroll in the center pane of the window until you see users and select it. In the right pane of the window, you will see the user accounts configured on your machine, one of which will be the root account.

  5. Select the root account. The root account's information will be shown in the bottom pane of the window (see Figure 8.10).

    Figure 8.10. You can use the NetInfo Manager to configure user accounts, including the root account.


  6. Double-click the asterisk in the Value(s) column for the root account and when it becomes highlighted, press Delete and then Return to remove it. This clears the password for the root account so that you can access it.

  7. Choose Domain, Save Changes.

  8. Click Update this copy.

  9. Quit the NetInfo Manager application.

  10. Log out.


    In order to do the next step, you must have the Login window set to show name and password entry fields rather than the list of users with accounts on your machine so that you can type in the user account name. Use the Login Options tab of the Accounts pane of the System Preferences utility to set this.

  11. In the Login window, type root for the Name, leave the password blank, and press Return. You will be logged in under the root account.

  12. Open the Accounts pane of the System Preferences utility.

  13. Select the System Administrator account and click Edit User.

  14. Click in the New Password field and then enter the new root password in the New Password and Verify fields. (By the way, you can't have a password hint for the root account.)

  15. Click Save.

  16. If you see a dialog box about changing your Keychain, click OK.

  17. Log out.

After you have activated the root account and created the root password, you can log in under the root account by performing the following steps:

  1. Log out of the current account.

  2. Log in using root as the username and the password that you created as the root password.

  3. Confirm that you are logged in as root by opening the Home directory; you will see root as the username (see Figure 8.11).

    Figure 8.11. When you can see the Home directory for the root user, you are logged in as root.



The root account does not appear in the list of user accounts on your machine. If you configure the Login window to display this list instead of the Name and Password fields, you won't be able to log in under the root account because you can't see the account on the list.

The Home directory for the root account is stored in the location Mac OS X/Private/ var/root, where Mac OS X is the name of your Mac OS X startup volume. If you open this directory, you will see that it contains only two standard directories: Desktop and Library.

Because the root account has unlimited permissions, you can add or remove files to any directory on your Mac, including those for other user accounts. You can also make changes to any system file, which is where the root account's power and danger come from.

Use the root account only when you really need to. Make sure that other people who use your Mac do not know the root password, or you might find yourself with all sorts of problems.


You can also log in to the root account directly in the Terminal window to enter Unix commands using the command line. This can be a faster way to enter a few commands if you are comfortable with command-line interface.

    Part I: Mac OS X: Exploring the Core
    Part III: Mac OS X: Living the Digital Lifestyle