471,070 Members | 1,341 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes and contribute your articles to a community of 471,070 developers and data experts.

Fixing NetInfo Errors on the Command Line

5,821 Expert 4TB


Today, while performing routine maintenance, I noticed that I was no longer able to use sudo. And attempting to authenticate wasn't working; my computer kept complaining that I wasn't providing a valid administrator's Username.

"That's odd," I thought, since I'd always had an administrator account.

A quick trip into Netinfo Manager confirmed my suspicions: One of my groups had been mysteriously renamed to start with 'admin'.

Now, In Mac OS X, the 'admin' group defines the Users that have administrator privileges. And when there's two admin groups, the system gets confused and decides that there should be *no* administrators.

This is not good, especially because you need admin privileges to modify the NetInfo database!

Fortunately, there is hope. By booting into single User mode (hold down Cmd-S right after you hear the startup chime), you can execute commands with root permissions, even if your normal login account does not have admin privileges.

And wouldn't you know it, but there's a fantastic tool for working with your NetInfo database from the command line in Mac OS X. It's called nicl.

nicl is short for 'NetInfo Command Line'. Unfortunately, there's not a whole lot of documentation for it, but we'll go over the basics here.

Warning: You can screw things up pretty badly if you don't know what you're doing. Only modify your NetInfo database to fix problems, not to cause them.


Let's start with some simple stuff. Open up your terminal and type the following command:

Expand|Select|Wrap|Line Numbers
  1. nicl . -list /users
This will output a list of all User account short names on your system. Note the dot after 'nicl'. This means that we want to look at the local NetInfo database. The '-list' argument means that we want to list all nodes in the users 'directory'.

Note that the term 'directory' here does not actually mean a folder in the filesystem; we use the term because it's kind of like a directory because the NetInfo database is organized in a hierarchal fashion similar to your computer's filesystem.

If you wanted to get information about a specific User account, you could run this command:

Expand|Select|Wrap|Line Numbers
  1. nicl . -read /users/daemon
This command lists all variables for the 'daemon' node in the 'users' [pseudo-]directory.

Advanced Stuff

Now let's get into the interesting stuff. How do we change information in the NetInfo database? There are basically four commands that will do the bulk of what you'll need:
  • -create to create nodes (sudo nicl . -create /users/joe)
  • -append to add values to nodes (sudo nicl . -append /users/joe passwd "*")
  • -rename to, well, rename stuff (sudo nicl . -rename /users joe mark)
  • -delete to delete stuff (sudo nicl . -/users mark)

Note that to modify your NetInfo database, you need root permissions. This is where single-User booting comes in handy.

Fixing NetInfo

Considering the situation described at the start of this article, I needed to do something about the errant group entry. After looking at the duplicate 'admin' group (using nicl . -read /groups/admin), I realized that the new group would have to go, and I'd have to re-create the original group (it was www).

So I booted into single-User mode and executed the following commands:
Expand|Select|Wrap|Line Numbers
  1. sh /etc/rc  # finish startup sequence
  2. .
  3. .
  4. .
  5. nicl . -list /groups  # Since there's two admin groups, I don't want to delete the wrong one.
  6. .
  7. .
  8. .
  9. 60         mailman
  10. 61         appserverusr
  11. 62         admin                  <---  Here's the duplicate.  Note its ID number 62.
  12. 63         appserveradm
  13. .
  14. .
  15. .
  16. nicl . -delete 62  # You can also refer to nodes by their ID numbers to resolve duplicates.
  17. nicl . -create /groups/www  # Recreate the original group
  18. nicl . -append /groups/www users www
  19. nicl . -append /groups/www name www
  20. nicl . -append /groups/www passwd "*"
  22. shutdown -r now  # To restart the computer.
Once I logged back in, everything was back to normal!


nicl provides a very handy interface for viewing and modifying your NetInfo database information. You can -list and -read directories and nodes, -create, -rename and -delete directories, nodes and keys and -append keys and values to nodes.

You can use nicl in single-User mode to repair damaged NetInfo databases, even if you would otherwise be unable to use your computer.

For More Information
Check out Apple's man page for nicl for more information on how to use nicl.
For more information about NetInfo, what it does and how it works, check out Apple's man page for netinfo.
Jun 23 '07 #1
0 6935

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

2 posts views Thread by Mike Zupan | last post: by
reply views Thread by ChrisH | last post: by
reply views Thread by Wolfgang Kohnen | last post: by
10 posts views Thread by Douglas Buchanan | last post: by
7 posts views Thread by vadi | last post: by
reply views Thread by Stephen Cairns | last post: by
4 posts views Thread by wxforecaster | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.