Our monthly Troubleshooting Tools column, penned by MacFixIt Contributing Editor Dan Frakes, covers products that can help you maintain and fix your Mac.
There are times when you, as a troubleshooter, may need to modify files that aren't owned by you -- most frequently when the files you want to work with are owned by the OS itself ("system" or the "root" user). For example, perhaps you've found, by reading a site such as MacFixIt or by being told by someone a bit more savvy than you, that editing a configuration file in /etc fixes a problem you're experiencing. Since such files are owned by the system, you're prevented by the files' permissions from making changes.
One way to access and edit these files is by enabling the root user account (via the NetInfo Manager utility) and actually logging in as the root user -- all files are accessible, and editable, by root. However, most experienced users will advise against using the root account in this manner, because the power you're granted by logging in as root also makes it possible for you to accidentally cause problems -- you can modify not only the files you mean to, but also ones you don't mean to. For example, you can drag vital system files to the Trash, rendering your Mac unbootable. Logging in as root also means that any application or process you launch -- knowingly or unknowingly -- has full access to every file on your Mac. In other words, by running your Mac as root, you render much of your Mac's vaunted security useless.
But another reason not to enable and log in as the root user is that you simply don't need to. Nearly anything you might need root-level privileges to do can be done from within your own user account...provided you use the right tools. For example, if you need to edit a system-level configuration file, you can launch just the application needed to make such changes with root privileges; that particular application will then behave as if it was launched by the root user, including a lack of any permissions restrictions, while all other applications will function normally with your user account's standard restrictions. So to edit the printing configuration file /etc/cups/cupsd.conf, for example, you would want to launch a text editor (such as Text Edit) as root and then use it to edit the file.
- Warning: Just as logging in as the root user can be dangerous, so, too, does running an application as root entail risks. Since that application is not restricted by OS X's permissions, you can accidentally change files you didn't mean to change. For this reason, I recommend that after finishing whatever task you need to do with root privileges, you quit the root-privileged application. If you need that application for normal use, you should relaunch it normally.
Tip: Here's a trick to help you keep track of which applications are running as root. Using Pseudo, launch the System Preferences application as root. In the Appearance pane, change the Appearance setting to the opposite of your standard setting, and change the Highlight Color setting to something very different from your normal setting. (I normally use Blue for Appearance and Gold for Highlight Color; I've changed the "root" settings to Graphite and Red, respectively.) Then quit System Preferences. After doing this, whenever you launch an application as root, that application will use the "root" settings instead of your normal ones: For example, the Apple Menu icon will change colors when you switch to an application that is being run as root, and if you select text in such an application, it will use a very different highlight color than the one you're used to seeing. These visual cues are quick ways to figure out which applications are being run as root -- and to remind you to quit such applications and relaunch them normally when you're done with your root-requiring tasks.
Pseudo is basically a one-trick pony, but it does have a couple useful options. If you enable Pseudo's Recent Apps menu, whenever Pseudo is running a new menu will appear in the menu bar that lists applications recently launched via Pseudo; by choosing one from the menu, it will be launched as if you'd dragged the application icon onto Pseudo. You'll still need to provide your username and password each time you launch an app, but the menu provides a bit of convenience, especially if you frequently launch the same app or two as root. Alternatively, you can create Pseudo Launch Documents that, when opened, each launch a particular application as root -- you just provide your username and password. I've got a folder of such Launch Documents, one for each of the applications I frequently launch as root.
When used wisely, launching applications as root can help you perform troubleshooting tasks that would otherwise require either significantly more effort or significant security risks. By providing an easy way to do this, Pseudo is a useful troubleshooting tool.
Contributing Editor Dan Frakes is a former MacFixIt Editor, and is currently Senior Writer for Macworld and Reviews Editor for Playlist. To provide feedback on this column, or to suggest utilities for future columns, drop Dan an email at his @MacFixIt.com address: dfrakes.Resources