By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
457,723 Members | 850 Online
Bytes IT Community
Submit an Article
Got Smarts?
Share your bits of IT knowledge by writing an article on Bytes.

Fixing NetInfo Errors on the Command Line

pbmods
Expert 5K+
P: 5,821
FIXING NETINFO ERRORS ON THE COMMAND LINE
LEVEL: ADVANCED
PREREQS: TERMINAL / COMMAND LINE, USERS AND GROUPS

Intro

Today, while performing routine maintenance, I noticed that I was no longer able to use sudo. And attempting to authenticate wasn't working; my computer kept complaining that I wasn't providing a valid administrator's Username.

"That's odd," I thought, since I'd always had an administrator account.

A quick trip into Netinfo Manager confirmed my suspicions: One of my groups had been mysteriously renamed to start with 'admin'.

Now, In Mac OS X, the 'admin' group defines the Users that have administrator privileges. And when there's two admin groups, the system gets confused and decides that there should be *no* administrators.

This is not good, especially because you need admin privileges to modify the NetInfo database!

Fortunately, there is hope. By booting into single User mode (hold down Cmd-S right after you hear the startup chime), you can execute commands with root permissions, even if your normal login account does not have admin privileges.

And wouldn't you know it, but there's a fantastic tool for working with your NetInfo database from the command line in Mac OS X. It's called nicl.

nicl is short for 'NetInfo Command Line'. Unfortunately, there's not a whole lot of documentation for it, but we'll go over the basics here.

Warning: You can screw things up pretty badly if you don't know what you're doing. Only modify your NetInfo database to fix problems, not to cause them.

Basics

Let's start with some simple stuff. Open up your terminal and type the following command:

Expand|Select|Wrap|Line Numbers
  1. nicl . -list /users
  2.  
This will output a list of all User account short names on your system. Note the dot after 'nicl'. This means that we want to look at the local NetInfo database. The '-list' argument means that we want to list all nodes in the users 'directory'.

Note that the term 'directory' here does not actually mean a folder in the filesystem; we use the term because it's kind of like a directory because the NetInfo database is organized in a hierarchal fashion similar to your computer's filesystem.

If you wanted to get information about a specific User account, you could run this command:

Expand|Select|Wrap|Line Numbers
  1. nicl . -read /users/daemon
  2.  
This command lists all variables for the 'daemon' node in the 'users' [pseudo-]directory.

Advanced Stuff

Now let's get into the interesting stuff. How do we change information in the NetInfo database? There are basically four commands that will do the bulk of what you'll need:
  • -create to create nodes (sudo nicl . -create /users/joe)
  • -append to add values to nodes (sudo nicl . -append /users/joe passwd "*")
  • -rename to, well, rename stuff (sudo nicl . -rename /users joe mark)
  • -delete to delete stuff (sudo nicl . -/users mark)

Note that to modify your NetInfo database, you need root permissions. This is where single-User booting comes in handy.

Fixing NetInfo

Considering the situation described at the start of this article, I needed to do something about the errant group entry. After looking at the duplicate 'admin' group (using nicl . -read /groups/admin), I realized that the new group would have to go, and I'd have to re-create the original group (it was www).

So I booted into single-User mode and executed the following commands:
Expand|Select|Wrap|Line Numbers
  1. sh /etc/rc  # finish startup sequence
  2. .
  3. .
  4. .
  5. nicl . -list /groups  # Since there's two admin groups, I don't want to delete the wrong one.
  6. .
  7. .
  8. .
  9. 60         mailman
  10. 61         appserverusr
  11. 62         admin                  <---  Here's the duplicate.  Note its ID number 62.
  12. 63         appserveradm
  13. .
  14. .
  15. .
  16. nicl . -delete 62  # You can also refer to nodes by their ID numbers to resolve duplicates.
  17. nicl . -create /groups/www  # Recreate the original group
  18. nicl . -append /groups/www users www
  19. nicl . -append /groups/www name www
  20. nicl . -append /groups/www passwd "*"
  21.  
  22. shutdown -r now  # To restart the computer.
  23.  
Once I logged back in, everything was back to normal!

Summary

nicl provides a very handy interface for viewing and modifying your NetInfo database information. You can -list and -read directories and nodes, -create, -rename and -delete directories, nodes and keys and -append keys and values to nodes.

You can use nicl in single-User mode to repair damaged NetInfo databases, even if you would otherwise be unable to use your computer.

For More Information
Check out Apple's man page for nicl for more information on how to use nicl.
For more information about NetInfo, what it does and how it works, check out Apple's man page for netinfo.
Jun 23 '07 #1
Share this Article
Share on Google+