Hi Community,
Is there a function in applescript or if not, an xml file that could be read with bash that will let me check if the root account has been enabled? Thank you.
I would think that "dscl" would let you do this somehow, although I'm not sure of the syntax.
Yes, that's what I would use, I just have no idea where the xml file would be...
I think if the AuthenticationAuthority key is not set then root is disabled. You'll have to test. Try-->
dscl . read /Users/root AuthenticationAuthorityDon't you need to run that as sudo to access Authentication Authority? Also, do you know how I would test something in bash? I know how to output an error message into /dev/null, but how would you test?
have you considered using the 'last' command? last root should produce the last time root logged in, which should be empty if root has never been enabled.
"Don't you need to run that as sudo to access Authentication Authority? "
Well, from an admin account I don't have to preface the command with sudo.
"... how would you test?"
Enable the root user account and check if the AuthenticationAuthority key is set in Directory Service with the command I provided.
If you are an admin user you could produce a root shell and check /var/db/shadow/ for root's shadow password file. If the file exist then the root account is enabled.
twtwtw:
thank you so much, this is just the kind of creative solution I was looking for. The only problem here is that i'm not sure how to use last. I tested it out on my different accounts doing "last -1 the_user" and for some accounts it will give me something like:
the_user ttys001 Mon Sep 26 15:00 - 15:01 (00:00)
which I assume to be the right thing, but other accounts will give me this:
wtmp begins Wed Sep 21 16:39
What would it look like if the account had never been logged into?
Mark:
Firstly, /var/db/shadow/hash only exists in the operating systems before lion, and i am going to be using this in Lion, so that is not going to work for me. Also, this script is meant to be run from any account, not just admin or root, so i'm not sure about reading root. Lastly, wouldn't it be:
dscl . read /var/root AuthenticationAuthority
I don't have root enabled, so I can't be sure what it looks like under those conditions, but I'm thinking that if you just toss it through grep you should get what you want:
last | grep -c root
if that returns 0 then root has never logged in. however, the command takes a ridiculously long time to run (almost 4 seconds on my machine) so I'd see this as a last resort. There must be a better way.
Thank you so much all. I ended up using twtwtw's method with last (it turns out the computer I was testing it on before had a corrupt library file and when I tried it on another computer it started working perfectly). For other users, here's the final snippet:
set rootTest to (do shell script "last root")
set rootTest to paragraphs of rootTest
set rootTest to item 1 of rootTest
if rootTest is not equal to "" then
display dialog "Root is Enabled!"
end if
Applescript/Bash: Check if root is enabled
