Although Apple has always discouraged it, users were able to create accounts without passwords until OS X 10.7. Starting with OS X 10.5, Apple prevented these types of accounts from being able to use ‘sudo’ via the command line.

Why might this be a problem? In my case, I built a diagnostic OS (accessible via NetBoot) that sometimes needed this kind of access. MacPorts was a common issue, but the original reason was a program called CopyCatX. If your user account did not have a password set, CopyCatX would refuse to run.

Anyway, the fix is pretty easy – you’ll need to edit the file /etc/sudoers. Although it’s recommended that you use visudo (as it does sanity checks on the file), I tend to use TextWrangler. Carefully.

Change the line that reads:

%admin ALL=(ALL) ALL

to say this instead:


(I’d recommend against copying and pasting – Bad Things can happen if this file is damaged. Type it out.)

Save. You may need to reboot, as well.

Tested with: 10.5, 10.6, 10.7, 10.8, 10.9