dscl create user doesn't work on el capitan - macos

I am trying to create user on OS X El Capitan with admin priviliges from super-user mode.
After running /sbin/fsck -fy and /sbin/mount -uw / and launchctl load /System/Library/LaunchDaemons/com.apple.opendirectoryd.plist everything works. But after dscl . -create/Users/USERNAME i got error no such file or directory. I tried it even with SIP disabled but it doesn't work too. Thanks for the help.

In El Capitan, the mounts have been changed so that
not even root can edit files in some mounts...ACL changes.
The feature is called SIP and is explained in other
stack exchange posts:
https://apple.stackexchange.com/questions/208478/how-do-i-disable-system-integrity-protection-sip-aka-rootless-on-os-x-10-11
essentially, can boot into recovery mode, type csrutil disable,
boot back into default user mode, make changes,
then presumably, you might want to re-enable csrutil similarly.

Thanks for the reply, but SIP had no effect.
I finally solved it. The problem was /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist that was used in 10.6 and earlier, I was using /System/Library/LaunchDaemons/com.apple.opendirectoryd.plist
The dscl commands were executed despite the error with plist and user got created.

Related

Read-only file system" with SIP disabled in macOS Catalina

I am trying to copy some files from a path to my libs path (/usr/lib), I am trying with sudo cp {my file}/usr/lib/
bit I got this error.
/usr/lib/{my_file} Read-only file system
I have validated and indeed System Integrity Protection is disabled (SIP) I am using macOs Catalina 10.15.4
I Hope you can help me thanks.
You just should try with
sudo mount -uw /
it should work
I just recently joined stack overflow so I am not able to up-vote the above answer. Using sudo mount -uw / definitely works. In my case I needed to add a small script to /sbin to overcome an issue with VMware Tools. Starting with macOS Catalina, disabling SIP and then executing this command as root was the answer.
I'm also new to stack exchange, but want to add that
"sudo mount -uw /" worked. Thank you #Juanse
In my case, was suffering from the problem of Kernel_Task using more than 500% of CPU on my Mid-2012 15 MacBookPro aka (MacBookPro9,1 ) with quad-code Intel Core i7.
After multiple solutions did not work, I went on to try a solution posted at: https://discussions.apple.com/thread/8461404?answerId=33657338022#33657338022
Which instructed me to:
Reboot into recovery mode.
Select Utilities/Terminal, csrutil disable , reboot.
cd:
/System/Library/Extensions/IOPlatformPluginFamily.kext/Contents/PlugIns/X86PlatformPlugin.kext/Contents/Resources
move or delete a file based on my version of Mac as listed in the thread. For my MacBookPro9,1 the file 4B7AC7E43945597E.plist
Reboot into recovery mode
Select Utilities/Terminal, csrutil enable , reboot.
The problem with the solution, is that when I tried to "mv 4B7AC7E43945597E.plist ~", or even "sudo mv 4B7AC7E43945597E.plist ~", I got a read-only file system message. Running "sudo mount -uw /" made the file system writeable. Note that the steps of booting into recovery mode and disabling / enabling csrutil turned off, and then back on the apple System Integrity Protection (SIP), which is necessary if you wish to change certain key system or configuration files.

How to copy intl.so to /usr/lib/php/extensions

I wanted to try Moodle (LMS) on my computer. It requires intl extension.
I used sudo port install php71-intl and successfully installed php71-intl. But it also installed php71 and other dependencies on /opt/local/.
I am using Mac built-in php. Its directories are
/usr/lib/php/extensions/no-debug-non-zts-20160303
/usr/bin/php
I intended to copy the /opt/local/lib/php71/extensions/no-debug-non-zts-20160303/intl.so to /usr/lib/php/extensions/no-debug-non-zts-20160303. But terminal said Operation not permitted.
I tried sudo pecl install intl but failed with make error.
This method sudo port install php71-intl can install the intl.so successfully but in its own direcotry.
So how I can copy the intl.so? Thank you!
You have to disable SIP to do that. First, restart your Mac and before OS starts up, hold down Command-R and keep it held down until you see an Apple icon and a progress bar. Release. This boots you into Recovery. From the Utilities menu, select Terminal and at the prompt type exactly the following and then press Return: csrutil disable
Terminal should display a message that SIP was disabled. From the menu, select Restart. You can re-enable SIP by following the above steps, but using csrutil enable instead.
Find this file "environment.xml" and comment all lines that have "intl" and reload the page. Continue button appears and installation completes without any error. My instance started working like charm, I use it to test out and create courses with SCORM packages, no errors yet.
environment.xml file is located in "admin" folder of moodle directory

MAC: Root User Not Getting Edit Permissions

I have authenticated root user as per this tutorial https://support.apple.com/en-us/HT204012
and edit menu shows Disable Root User option confirming it is enabled.
I am still getting EACCES errors and have to use sudo. Additionally, even with sudo, I am getting an EACCES error about mkdir in an npm package from a terminal script even though I have universal read and write permissions for the whole folder.
Does anybody know what's going on or how I can give myself universal use of the terminal without sudo?
To block malware, resent releases of macOS include System Integrity Protection, which makes the following directories unwritable except as part of an OS upgrade:
/System
/bin
/sbin
/usr (except /usr/local, that's writable)
"many" applications in /Applications
This feature can't be disabled while the system is booted up – it can only be disabled by rebooting off the "recovery" partition using the csrutil command:
Boot your mac holding Command + R before the Apple logo appears
Launch Terminal from the Utilities menu
Run csrutil status to check the status, and csrutil disable or csrutil enable to change it.
Reboot to exit the recovery partition
For more details:
https://developer.apple.com/library/mac/documentation/Security/Conceptual/System_Integrity_Protection_Guide/ConfiguringSystemIntegrityProtection/ConfiguringSystemIntegrityProtection.html

/etc/sudoers is owned by uid 503, should be 0 - El Capitan

Whenever I try any Sudo commands in terminal, I get the following error message:
sudo: /etc/sudoers is owned by uid 503, should be 0
sudo: no valid sudoers sources found, quitting
I have tried logging into single user mode and typing in the following commands:
mount -uw
chown /private/etc/sudoers 0
After typing in the chown ownership line, I get an error message saying
“illegal username”.
Other things I have tried:
Reinstalling the os (El Capitan)
Disabling System Integrity Protection (SIP).
Calling Apple Care who say that Sudo commands have been disabled in El Capitan.
Logging in under Single User mode and typing in the following code:
chown root:wheel /private/etc/sudoers
This produced the error message “Operation Not Permitted” in my Standard, Admin, and Root accounts.
The error message “Read-Only File System” came up when I logged tried the code in Single User Mode.
FYI
When I run ls -la /private/etc/sudoers in Terminal, I get the following:
-rw-r-----# 1 MY-ADMIN-USERNAME staff 67 18 Feb 14:03 /private/etc/sudoers
Note I’ve replaced my actual admin username with “MY-ADMIN-USERNAME” just so you know what’s showing.
I need Sudo commands to work for a range of reasons, one of which is to get CrashPlan to work.
My hardware is a 2010 iMac, 3.2GHZ, 16GB Ram and 500GB SSD which was installed about a year ago.
These problems have only come up with El Capitan. I didn’t have them in the past with Yosemite. Downgrading is likely to be a problem as Migration Assistant gives problems when trying to port the data across by telling you that Time Machine is working off a later version of OsX.
Looking around online, I can see that many people have had similar issues but the resolutions that have worked for them unfortunately have not worked for me.
Any suggestions would be greatly appreciated.
The correct chown syntax is
chown 0 /private/etc/sudoers
try running the command from another operating system, so for example from a mac os x 10.9, or 10.10 partition:
sudo chown 0 /Volumes/NAME_OF_VOLUME/private/etc/sudoers
This is what worked for me. you might also be able to do this from a 10.9, or 10.10 recovery usb environment.

How do I force-delete a file on my computer?

I am using Mac OS X El Capitan Public Beta 2.
There is somehow a permission problem with my Desktop (and only this directory) because I can not delete any file.
The classic delete to bin does not work, even though I am prompted a window asking for my password and permission. (I am the administrator).
I also tried a few command lines like sudo rm - R *file* and it tells me that the operation is not permitted even after I enter my password.
Going without the rootless feature of El Capitan did not help either :
sudo nvram boot-args="rootless=0"
sudo reboot
Should I change the permissions of the Desktop directory? If so what are the original ones?
Thank you!
This could be caused by the "rootless" feature introduced in El Capitan... You can find more information about it here .
To disable "rootless", type this in the terminal (you'll have to reboot for the change to apply):
sudo nvram boot-args="rootless=0"
sudo reboot
After numerous try the answer was dead-easy : there is a "lock" option on files and directories in OS X and it was active for my desktop (right click -> information). Interesting is the fact that no command line could break it.

Resources