Home > Mac administration, macOS > Enabling root on a Mac which hasn’t gone through macOS Catalina’s Setup Assistant

Enabling root on a Mac which hasn’t gone through macOS Catalina’s Setup Assistant

On certain occasions, it may be necessary to configure settings on a Mac which has not yet gone through Apple’s Setup Assistant. This process usually involves enabling the root account and setting a password for it, since no user accounts with admin rights exist yet. For more details on how to do this on macOS Catalina, please see below the jump.

To enable the root account and set a password for it, use the procedure described below:

1. Start up the Mac into single-user mode.
2. Mount the boot drive’s writable volume using the following command:

/sbin/mount -uw /System/Volumes/Data

Screen Shot 2019 10 11 at 4 12 03 PM

3. Launch the opendirectoryd process using the following command:

launchctl load /System/Library/LaunchDaemons/com.apple.opendirectoryd.plist

Screen Shot 2019 10 11 at 4 12 46 PM

4. Enable the root account using the following command:

passwd root

Screen Shot 2019 10 11 at 4 13 10 PM

5. Set a password for the root account when prompted.

Screen Shot 2019 10 11 at 4 13 47 PM

6. Reboot the Mac using the following command:

reboot

Screen Shot 2019 10 11 at 4 13 58 PM

Once rebooted and back at Setup Assistant, you can open the Terminal by pressing the following keys on the keyboard:

CTL + OPTION + CMD + T

Magic keyboard ctl option command t

Screen Shot 2019 10 11 at 4 16 18 PM

Once Terminal opens, run the following command to switch to using the root user account:

su root

When prompted, enter the password you had earlier set for the root account.

Screen Shot 2019 10 11 at 4 16 33 PM

Once your need for using the root account has ended, I strongly recommend disabling the root user account. Apple has a KBase article which describes how to disable the root account, available via the link below:

https://support.apple.com/HT204012

Categories: Mac administration, macOS
  1. Joss
    October 11, 2019 at 10:09 pm

    How do you do that in single-user mode on a Retina Mac, where verbose output text is so small due to the high resolution? You actually need a real magnifying glass to read it. Is there maybe an NVRAM hack to reduce the resolution?

  2. Nauga
    October 13, 2019 at 2:15 am

    Macs with the T2 chip cannot boot into the classic single-user mode. Command-S results in the same outcome as Verbose mode. In macOS Recovery mode, both volumes are already mounted and the opendirectoryd service is already loaded.

    The passwd command cannot be used in this mode. Instead, the dscl command must be used.

    dscl -f /Volumes/Macintosh\ HD\ -\ Data/private/var/db/dslocal/nodes/Default localhost -passwd /Local/Default/Users/root

    • Joss
      October 15, 2019 at 2:01 pm

      I have once successfully booted into single-user mode on my 2018 MBP which has a T2. But (as far as I recall) you need to disable all startup security, and also the firmware password. I might have booted into SUM when I hadn’t yet set up my FileVault password yet, so it’s possible you also need to disable FileVault first, if you need to boot in SUM.

  3. Marcos Garcia
    October 18, 2019 at 9:27 pm

    Thank you, I had the exact same problem on Catalina and now everything is well! 😀

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: