I am using MacOS Catelina and i often have to run my terminal stuff with sudo otherwise they fail. like when i use Visual Studio and IONIC to add stuff to global or when it tries to create dir etc.
Is there a way to change the logged in user to run elevated commands in terminal without sudo ?
You either continue using sudo or switch current user to root (it's not a recommended way)
The user account named ”root” is a superuser with read and write
privileges to more areas of the system, including files in other macOS
user accounts. The root user is disabled by default. If you can log in
to your Mac with an administrator account, you can enable the root
user, then log in as the root user to complete your task.
The root user account is not intended for routine use. Its privileges
allow changes to files that are required by your Mac. To undo such
changes, you might need to reinstall your system software. You should
disable the root user after completing your task.
It's safer to use the sudo command in Terminal instead of enabling the
root user. To learn about sudo, open the Terminal app and enter man
sudo.
Taken from https://support.apple.com/en-us/HT204012
Related
While running bundle install on windows I get the following error unless I run from an elevated prompt.
Bundler::PermissionError There was an error while trying to write to < path > It is likely that you need to grant write permissions for that path
While running the install from an elevated prompt works around the issue, it sounds like a huge security risk for the OS and I'd like to be able to install projects without running into the error.
While there are similar posts, they are all targeting linux or mac as far as I can tell.
Granting Modify and Write permissions to the following paths for the MachineName\Users group solved the issue. Alternatively you could change the owner from the administrators group to your current user or only grant that permission to your current user.
C:\Ruby32-x64\lib\ruby\gems\ruby-version\cache
C:\Ruby32-x64\lib\ruby\gems\ruby-version\extensions
C:\Ruby32-x64\lib\ruby\gems\ruby-version\specifications
C:\Ruby32-x64\lib\ruby\gems\ruby-version\gems
C:\Ruby32-x64\bin
I have authenticated root user as per this tutorial https://support.apple.com/en-us/HT204012
and edit menu shows Disable Root User option confirming it is enabled.
I am still getting EACCES errors and have to use sudo. Additionally, even with sudo, I am getting an EACCES error about mkdir in an npm package from a terminal script even though I have universal read and write permissions for the whole folder.
Does anybody know what's going on or how I can give myself universal use of the terminal without sudo?
To block malware, resent releases of macOS include System Integrity Protection, which makes the following directories unwritable except as part of an OS upgrade:
/System
/bin
/sbin
/usr (except /usr/local, that's writable)
"many" applications in /Applications
This feature can't be disabled while the system is booted up – it can only be disabled by rebooting off the "recovery" partition using the csrutil command:
Boot your mac holding Command + R before the Apple logo appears
Launch Terminal from the Utilities menu
Run csrutil status to check the status, and csrutil disable or csrutil enable to change it.
Reboot to exit the recovery partition
For more details:
https://developer.apple.com/library/mac/documentation/Security/Conceptual/System_Integrity_Protection_Guide/ConfiguringSystemIntegrityProtection/ConfiguringSystemIntegrityProtection.html
I'm new to using OSX (using El Capitan 10.11.3) and while trying to change permissions on a file using sudo, I accidentally corrupted it. Now whenever, I try to use sudo to install anything globally, I'm getting the following error message.
sudo: unable to stat /etc/sudoers: Permission denied
sudo: no valid sudoers sources found, quitting
Is there any way to solve it?
I'm also unable to even view the /etc folder
bash: cd: /etc: Permission denied
When I checked permissions on /etc folder, they are as follows
lrwxr-xr-x# 1 root wheel etc -> private/etc
I had the same issue and in my case the permissions of the root folder got corrupted. What people overlook is that / is in fact also a real, normal directory and just like every directory it has ownership and permissions. Ownership should be root:wheel and permission should be 755 (that's rwxr-xr-x).
The easiest way to restore both was starting Script Editor and then typing and running that script:
do shell script "/usr/sbin/chown root:wheel /" with administrator privileges
do shell script "/bin/chmod 755 /" with administrator privileges
You are prompted for amdin password and then chown and chmod come to the rescue. After that sudo was working again.
Disable System Integrity Protection (rootless)
Reboot the Mac and hold down Command + R keys simultaneously after you hear the startup chime, this will boot OS X into Recovery Mode
When the “OS X Utilities” screen appears, pull down the ‘Utilities’ menu at the top of the screen instead, and choose “Terminal”
Type the following command into the terminal then hit return:
csrutil disable; reboot
You’ll see a message saying that System Integrity Protection has been disabled and the Mac needs to restart for changes to take effect, and the Mac will then reboot itself automatically, just let it boot up as normal
On mac mavericks, i want to install few files without prompting user for sudo password. (Folder where i am trying to install require root access because it is present at / location). I can do this by modifying "sudoer" file and disable sudo password but this is unsafe and open up security risk. Is there any way i can provide sudo access only a particular folder? So when i try to write to this folder, sudo password prompt is not visible to user.
(All above task are done through command line)
Thanks for your help.
I am running redmine on Ubuntu, and I am running it using sudo.
If I try to run as my redmine user, I get permission errors on the log file.
Is this safe? Should I be concerned?
You should be careful when running any sort of web application as root. Personally, I would not recommend it.
If permissions problems on the logfile are your only problems, the better solution would be to alter the permissions of the log files/folders. Make sure the log files belong to the user account that Redmine is running as (or have group write permissions and belong to the same group). You might have to use sudo to change those permissions, but it is much safer than running a web application as root.
Any time you run a script using sudo you should be concerned since in effect you are running the script as root. Therefore, to give an extreme example, if the script executes a command similar to rm -rf / you will wipe out the entire system....it's best not to use sudo to execute scripts unless you are completely aware of what the script is doing and any potentially tainted data that is consumed by it!