Remove a User, Keep the Applications

Sept. 1, 2019: This article was updated due to an error. Thank you to Graham Pugh for catching it.

Over the course of my career working on Macs, I have come across many different situations. Some happen repeatedly, and some are one-and-done’s.

One reoccurring issue was when someone would go through me to pick up a new computer and alongside it, purchase some security software from me at the same time. Because of this, I would need to set up a user to install the security applications. I did, however, want the users to be able to set up their own accounts, with their own preferences and password of choice. The less passwords I know, the better. Not because I'd give them away, but I believe that passwords are personal, and they shouldn't be shared with anybody.

Because of this, I wanted to be able to install software, then allow the customers to set up their information. That’s where "usernuke" comes in.

This script allows users or Apple Technicians to reset their user account without losing root information (Applications, System, /Library).

To run this script, there are a few, relatively-simple instructions.

If you have a new Mac with a T2 Security Chip, follow these instructions from HT201573:

1. Start your Mac up in macOS Recovery, by holding Cmd + R when turning on your Mac

2. Select Disk Utility for the Utilities window

3. Select which volume you’re using, click File > Mount from the menu bar. Enter your administrator password if prompted

4. Quit Disk Utility

5. Click Terminal from the Utilities menu in the toolbar

6. Follow the instructions below beginning at 3a

If you have an earlier Mac, follow these:

1. Copy this script ( to the root of the Startup disk hard drive. In that same area, you should see other folders like (Users, Library, System, Applications).

2. You then reboot your computer. The caveat is that before the machine powers on, hold “Cmd + S” keys to boot into Single-User mode. There will be a bunch of text that shows up on the display. Give it a moment to finish loading.

3. Then, you will type three commands. Each will take a moment or two to run, so be patient.

a. First, type:

  •  /sbin/fsck -fy
  • This checks the filesystem to make sure that the disk is verified

b. Once the filesystem check is complete, type:

  • /sbin/mount -uw /
  • This mounts your hard drive and allows you to access it the "User Nuke" from Single-User mode

c. Last, fire off the script by typing

  • sh /usernuke
  • You will be prompted to verify that you want to delete the users, then the machine will reboot at the end.

You can download the script here

The source code for the bash script is as follows:


/sbin/mount -uw /

echo "Found the following users:"
ls -1 /Users/ | grep -v "Shared" | grep -v "Deleted Users" | grep -v "\."
declare -a userarray
userarray=( `ls /Users/ | grep -v "Shared" | grep -v "Deleted Users" | grep -v "\."` )
for (( i = 0 ; i < $ ; i++ ));
       echo -n "Delete user $ (Y/N)?: "
           read -n 1 answer
           case "$answer" in
           rm -Rf "/Users/$/"
           echo ""
                   echo "$ deleted."
            echo ""
                    echo "$ NOT deleted."
            echo ""
                    echo "$answer unknown. Please answer Y or N." 
            let i=(i-1)
   echo ""
rm -Rf "/Users/Deleted Users/"
if [ -d /var/db/dslocal ]; then
     rm -Rf /var/db/dslocal
     mkdir -p /var/db/dslocal/nodes
     cp -Rp /System/Library/DirectoryServices/DefaultLocalDB/Default /var/db/dslocal/nodes/
     cp -Rp /System/Library/DirectoryServices/DefaultLocalDB/dsmappings /var/db/dslocal/
rm -rf /private/var/db/netinfo
rm -rf /private/var/db/openldap
rm -rf /private/var/db/samba
rm -rf /private/var/db/dhcpclient
mv /var/db/.AppleSetupDone /var/db/.RunLanguageChooserToo
rm -rf /Library/Caches
rm -rf /Library/Logs
rm -rf /Library/Preferences.
rm /usernuke

echo "User Nuke successfully removed user databases."
echo ""
echo "Press any key to shutdown."
read -n 1 nothing
/sbin/fsck -fy
shutdown -h now

macOS Annual Update Is Planned Obsolescence

Welcome to my battle with Apple and their operating systems.

Ever since OS X 10.7 Lion, which was released on July 20, 2011, Apple has released one operating system each year, leading us to 2017, when Apple released their most recent operating system, macOS 10.13 High Sierra on September 25, 2017.

Release date of each operating system located in far right column

Release date of each operating system located in far right column

One thing that has been nice is the fact that we've seen something new every year, with new features, new functionality designed to make your experience better, and everything in between. 

This idea, however, does have many downfalls, and it is not discussed nearly enough. It seems to be that only people interested in Apple's security see the flaws.

See, the entire reason behind new operating systems is not just to have cool, new features. It should be largely in part to making the operating system, and its fundamentals, better. Better by being more secure, harder to exploit flaws, more testing prior to release, etc., etc. 

This is not how we've seen Apple react in the past seven years, with the rushing out of operating systems. Because of this, we've seen horrifying flaws in the operating system that allow unauthorized root (administrative) access simply by clicking an empty box three times. Even worse, Apple's macOS doesn't provide a bug bounty program, which the majority of high-end companies due. This means that if you are a security penetration tester or researcher, and you find a flaw in a system, you disclose it to said company following the proper disclosure guidelines, and they pay you for finding an issue. Apple doesn't have that program, which means that if you've spent time finding a bug in Apple's operating system, there is very little incentive to go through the proper disclosure methods. This is why some of Apple's serious flaws have just been exposed via social media.

Again, these are very fixable problems for Apple. Provide a bug bounty program, and focus more on the quality of the new operating systems instead of quantity. Quality over quantity every time!

Let's take a look at Windows, whose operating systems seem to be much more exploitable than Apple's operating systems. They released, arguably, their most stable operating system, Windows 7, in October of 2009. Many, many companies and end-users still use this operating system today. Windows 10 was released in July 2015, closing in on three years ago. Microsoft, although issues with operating systems, partially due to how hard they are targeted by malicious content, only releases operating systems, roughly every three years.

Apple is always striving to "raise the bar," according to CEO Tim Cook. However, what they are doing instead, is rushing out incomplete, hastily thrown-together operating systems that are loaded with issues.

So why does Apple do this? Is it simply because they are trying to "raise the bar?" No, I don't think that for one minute.

I'm sure many people, who own iPhones especially, have heard the phrase "planned obsolescence." It's a frightening term when you think about it. The idea is, in this case, that Apple rolls out new products and operating system each year with the idea that your device, which may be only two years old, is approaching obsolescence. In Apple's eyes, and this is 100% accurate, hardware, whether it be an iPhone, iPad, MacBook, iMac, or anything else, is considered obsolete after five years passed the release date. An example is that computer constructed in 2011 are now considered obsolete. Now that may not be a big deal, except when it comes to getting your device serviced by Apple. Obsolete machines no longer have parts created by Apple, which means Apple will no longer service them. It's sad, depressing, and surprising for a Fortune 500 company. You don't see this in any other company, that comes to mind, that does this.

Screen Shot 2018-02-11 at 6.04.53 PM.png

In an anonymous poll conducted, consisting both of end-users and people employed in the information security sector, over 75% of people surveyed believe that the quick, almost unreasonably fast production of Apple products is due to this idea of planned obsolescence. Whether this is true or not, Apple should at least respond to that accusation, as I am definitely not the first person to propose this.

I used to think that Apple just wanted to continue to roll out products, and because of their enormous product line, they had to quit production of certain pieces of hardware. The more I look at it, and the more I study the Mac operating system, the more I believe that planned-obsolescence is actually a large reason for this bizarre reasoning behind releasing operating systems and Apple hardware each year. What they should do instead, is try to be certain that users can't unlock App Store preferences without administrative privileges. This is what happens when products aren't properly tested and ran through extreme vetting processes before their release. Yes, they release a public beta, but I don't think that's enough when the engineers only had a year to make it.

I worry that Apple's planned obsolescence may one day be its downfall. It's operating system is still, in my opinion, the most complex and stable operating system, when compared to different Unix operating systems like Linux, or when compared to the Windows platforms. If you've had issues with your computer, please let me know. I'd be happy to speak with you about it!