Because of a very faulty script my root's PrimaryGroupID is 101 and UniqueID is 101. I have still an access to root, I can run sudo from my admin account, but the sudo and root do not have all the necessary rights obviously.
I can read dscl output, for instance:
dscl . -read /Users/root PrimaryGroupID
PrimaryGroupID: 101
dscl . -list /Users UniqueID
root 101
dscl . -list /Groups PrimaryGroupID
wheel 0
But I cannot change anything with dscl:
sudo dscl . -change /Users/root UniqueID 101 0
<main> attribute status: eDSPermissionError
<dscl_cmd> DS Error: -14120 (eDSPermissionError)
What is interesting, when I run:
dscl . -read /Groups/wheel GroupMembership
GroupMembership: root
How can I reset the UniqueID and PrimaryGroupID of the root to 0. I logged in Terminal through Mac OS X Installation DVD, I have a superuser with all the necessary rights there, but I did not figure out how to access the records of Directory Service from there.
Best Answer
First, make a backup of the user & group data; it's stored in the /Volumes/yourbootvolume/var/db/dslocal/nodes/Default, so just copy that entire directory to someplace safe in case anything else goes wrong. Once that's done, there are a couple of different ways to reset root's uid back to 0:
It's probably simplest to use a text editor: edit /Volumes/yourbootvolume/var/db/dslocal/nodes/Default/users/root.plist, look for a section like this:
and change the "101" to "0". Warning: if you mess up the format of this file, you can render your system even more unusable than it is now.
The other option would be to use
dscl -f
to open the regular system's user files even though you're booted from the DVD instead. Check to make sure you can access them with:It should print out the various properties of the root account, including "UniqueID: 101". If that worked, you should be able to set it back with: