From what I've read, it is good security approach to have two accounts, one admin and one standard.
I am trying to run the following command in terminal on my standard account
sudo mv /System/Library/CoreServices/Search.bundle /System/Library/CoreServices/Search.bundle.bak killall SystemUIServer
It asks for a password at which point the process fails because the current user "is not in the sudoers file."
Is it asking for my admin account password or root password? Do I have a root account/password if I haven't explicitly set one up? How do I temporarily elevate my access to execute the command without necessarily enabling root?
Best Answer
The system is asking for the password of your account and then verifies whether you are allowed to run sudo based on the content of
/etc/sudoers
. By default only Administrators (which have the option ticket in Preferences) are allowed to do this.In case you want to run shell commands with sudo without having to switch users all the time you have several options:
ssh <any-admin-user>@localhost
to log in as an admin user and run sudo then/etc/sudoers
by logging in as an admin user, executingsudo visudo
in Terminal, duplicating the%admin ALL=(ALL) ALL
line and replacing%admin
with your username. This will allow you to use sudo in Terminal without giving you full admin access. Usingvisudo
instead of editing the file directly will ensure that the file gets checked for syntactical correctness on save (an error in/etc/sudoers
might lock you out of your system completely)