Professional Web Applications Themes

Living with "Repair Permissions" nonsense - Mac Applications & Software

So we are all stuck with using permissions/privileges, whether we need them or not, sheesh! How best to get along with them? I did a Google search using "repair permissions" + "OS X" - - - trying to find out more about the subject. Most of the hits were "testimonials", something like: "This terrible thing that happened to my Mac and repairing permissions made everything work" A tiny few of the hits were more enlightening. I don't know how accurate the below points are that I picked up, but I will pass them along FWIW. 1) "Permissions" and "Privileges" are ...

  1. #1

    Default Living with "Repair Permissions" nonsense

    So we are all stuck with using permissions/privileges, whether we need
    them or not, sheesh!

    How best to get along with them?

    I did a Google search using "repair permissions" + "OS X" - - - trying
    to find out more about the subject.

    Most of the hits were "testimonials", something like:

    "This terrible thing that happened to my Mac and repairing permissions
    made everything work"

    A tiny few of the hits were more enlightening. I don't know how
    accurate the below points are that I picked up, but I will pass them
    along FWIW.

    1) "Permissions" and "Privileges" are different, privileges being
    the weaker subset. Apple confusingly uses the two terms
    interchangably in the First-Aid tab of Disk-Utility when we
    use the "Repair Disk Permissions" button, so it is unclear
    exactly what is going on. For example, when we "Repair
    Permissions", do the sticky-bits, SetUID-bits, and SetGID-bits,
    get reset to their proper values? This is unclear, the only way
    that I can find this out is with experimentation.

    2) Apple's "Repair Disk Permissions" only works for the installed
    software that comes with OS X, not for any additional applications
    that we install ourselves.

    3) "Disk First Aid" and also Terminal's "fsck -y" command have
    nothing to do with "permissions" or "privileges", neither one
    of them can reset permissions to their "proper" values.

    Don't know about anyone else, but the permissions on my Mac change if I
    scratch my chin, or sneeze, and need constant "repair" during the
    normal running of OSX.

    The proper setting of permissions are intended to keep the bad guys
    out, so when permission settings are this unreliable, it seems to me
    that the security of my Mac could be more easily compromised.

    I can achieve a "clean slate" after a "simple" OS X install when I run
    "Repair Disk Permissions" a second time.

    With a more involved install of OS 10.2.6 along with Apple's Developer
    package, I lose the ability to get a clean slate. Some very confusing
    and obviously buggy error message occurs:

    *******************************************
    ../usr/share/man/man3/DB.3
    s/b -rw-r--r--
    is -r--r--r--
    user and group corrected on above directory
    permissions corrected on above directory

    ../usr/share/man/man3/DB.3
    s/b -r--r--r--
    is -rw-r--r--
    user and group corrected on above directory
    permissions corrected on above directory
    *******************************************

    Notice the contradictory nature of the message, like OSX can't make up
    its mind what the "correct" setting of the permissions should be.

    I hope when Panther comes out that some of this stuff gets fixed, and
    permissions remain set where they should be, without the spontaneous
    self-destruction they undergo today.

    Mark-
    Mark Guest

  2. #2

    Default Re: Living with "Repair Permissions" nonsense

    In article <160920030328145832%com>,
    Mark Conrad <com> wrote:
     

    And have been since the days of the Mac Plus, yes.


    G
    Gregory Guest

  3. #3

    Default Re: Living with "Repair Permissions" nonsense

    Mark Conrad writes:
     

    I don't think so.
     

    In my computer one of those is actually spelled in lower case, but
    they are the same file, of course, and cannot have both permissions.
    This is merely annoying, though.

    It's a bug. I think I have, or had, one other file that had a similar
    conflict.
     

    I don't think this is happening even now.

    What I see is inappropriate permissions like rwxrwxrwx and owners like
    unknown:unknown for files that I install. Those need to be fixed once.

    A couple of programs want to write to files inside their folders in
    /Applications. Those files should be in ~/Library, or in /Library, or
    built during installation. Else they need to be writable by others or
    owned by "unknown", and then it may happen again that my kids damage
    then accidentally, which is not nice.

    (I would like to learn where the "unknown" user and group, id 99, are
    doented. All I've found is that they are used for unknown volumes,
    but that is not the whole truth. Experimenting, I've learned that
    whoever logs in at the console gets to play the unknown user.)
    --
    Jussi
    Jussi Guest

  4. #4

    Default Re: Living with "Repair Permissions" nonsense

    In article <160920030328145832%com>,
    Mark Conrad <com> wrote:
     

    Mark,

    You have asked this exact question before. I have answered it before.
    You can find it at Google:

    <http://groups.google.com/groups?selm=tph-866326.10385706012003%40localho
    st&output=gplain>

    You even responded to my message, so I know that you read it:

    <http://groups.google.com/groups?selm=060120031315087256%25nospam%40iam.i
    nvalid&output=gplain>

    Maybe you should keep a notebook or something with information you've
    learned online, so you don't need to keep asking the same questions over
    and over.

    --
    Tom "Tom" Harrington
    Macaroni, Automated System Maintenance for Mac OS X.
    Version 1.4: Best cleanup yet, gets files other tools miss.
    See http://www.atomicbird.com/
    Tom Guest

  5. #5

    Default Re: Living with "Repair Permissions" nonsense

    Tom Harrington wrote:
     

    Tom, your links might work better like this: 
    http://groups.google.com/groups?selm=tph-866326.10385706012003%40localhost&output=gplain
    <
    You had the brackets reversed.
    George Guest

  6. #6

    Default Re: Living with "Repair Permissions" nonsense

    In article <attbi.com>,
    Gregory Weston <com> wrote:
     
    >
    > And have been since the days of the Mac Plus, yes.[/ref]


    Yes, but not to any extreme extent, as in OS X.

    I used the earlier OS's for years, and indeed in OS 8.6 for example one
    could create their own "users" and "groups" for file sharing
    purposes.

    This never interfered much with the normal everyday operation of
    OS-8.6, especially if one did not use file sharing.

    OS X is entirely different.

    Users, groups, owners, permission to use applications, read, write,
    execute, open, move, view, etc., etc. are enforced whether we use file
    sharing or not.

    Often this heavy-handed approach interferes with what we are attempting
    to do at the moment, and it is sometimes very difficult to find a way
    to overcome this interference and get on with what we are trying to
    accomplish with our computer.

    It all has a very noble purpose, security against the bad guys.

    My objection to all this is that Apple's present system of managing all
    this very complex stuff does not work very well.

    For example, my normal everyday running of OS X results in the
    necessity of periodically "Repairing Disk Permissions", because they go
    out-of-whack for no apparent reason.

    This should not be necessary. Once the permissions are "set", they
    should _stay_ "set".

    This inexplicable degrading of permissions could conceivably allow the
    bad guys to break into OS X.


    When OS X becomes more mature, a lot of the present problems should be
    fixed, effectively closing the "temporary" security loopholes that
    might exist in OSX at the present time.

    Mark-
    Mark Guest

  7. #7

    Default Re: Living with "Repair Permissions" nonsense

    In article <ling.helsinki.fi>, Jussi Piitulainen
    <helsinki.fi> wrote:
     
    >
    > In my computer one of those is actually spelled in lower case, but
    > they are the same file, of course, and cannot have both permissions.
    > This is merely annoying, though.[/ref]

    FWIW, that bug is somehow associated with Apple's Developer Tools, it
    does not show up if Developer Tools is not installed.

    Like you, I have learned to ignore the bug.



    Apple has some confusing terminology in the "Disk First Aid" tab of
    Disk Utility:

    "You may only repair permissions on a Mac OS X boot volume."

    That wording strongly implies that permissions can only be repaired on
    the volume I am presently booted from.

    I, and others, find that is not the case. For example, I can boot from
    an external disk volume of OS X, and _still_ "Repair Disk
    Permissions" on my internal (non-boot) drive's OS X volume.

    I think Apple could avoid this confusion by omitting the entire
    confusing statement, because that statement serves no useful purpose.


     

    Same here, perhaps a l-o-o-n-g Google search might turn up something.

    Mark-
    Mark Guest

  8. #8

    Default Re: Living with "Repair Permissions" nonsense

    In article <160920031212599735%com>,
    Mark Conrad <com> wrote:
     
    > >
    > > In my computer one of those is actually spelled in lower case, but
    > > they are the same file, of course, and cannot have both permissions.
    > > This is merely annoying, though.[/ref]
    >
    > FWIW, that bug is somehow associated with Apple's Developer Tools, it
    > does not show up if Developer Tools is not installed.
    >
    > Like you, I have learned to ignore the bug.
    >
    >
    >
    > Apple has some confusing terminology in the "Disk First Aid" tab of
    > Disk Utility:
    >
    > "You may only repair permissions on a Mac OS X boot volume."
    >
    > That wording strongly implies that permissions can only be repaired on
    > the volume I am presently booted from.[/ref]

    No; if it said that permissions could only be repaired on *the* boot
    volume, your interpretation might be valid. The phrase "a Mac OS X boot
    volume" implies any volume which contains a bootable Mac OS X system,
    specifically, the volume must contain the directory /Library/Receipts/. 

    The statement defines a sufficient requirement for a volume to be a
    valid target of the repair operation. It is unambiguous. 
    >
    > Same here, perhaps a l-o-o-n-g Google search might turn up something.
    >
    > Mark-[/ref]

    --
    Tom Stiller

    PGP fingerprint = 5108 DDB2 9761 EDE5 E7E3
    7BDA 71ED 6496 99C0 C7CF
    Tom Guest

  9. #9

    Default Re: Living with "Repair Permissions" nonsense

    In article <com>,
    George Williams <com> wrote:
     
    >
    > Tom, your links might work better like this: 
    > http://groups.google.com/groups?selm=tph-866326.10385706012003%40localhost&out
    > put=gplain
    > <
    > You had the brackets reversed.[/ref]

    No; he didn't. You have it ed up and the link above is broken.

    --
    Tom Stiller

    PGP fingerprint = 5108 DDB2 9761 EDE5 E7E3
    7BDA 71ED 6496 99C0 C7CF
    Tom Guest

  10. #10

    Default Re: Living with "Repair Permissions" nonsense

    In article <160920031212509201%com>,
    Mark Conrad <com> wrote:
     
    The operative phrase here is "no apparent reason". Since most of us do
    not have this problem, perhaps you should take a closer look at just
    which files have their permissions altered and what you might be doing
    to produce that effect.

    --
    Tom Stiller

    PGP fingerprint = 5108 DDB2 9761 EDE5 E7E3
    7BDA 71ED 6496 99C0 C7CF
    Tom Guest

  11. #11

    Default Re: Living with "Repair Permissions" nonsense

    In article <160920031212509201%com>,
    Mark Conrad <com> wrote:
     

    Blah blah blah. This has all been explained to you before. I could
    explain all this to you (again), but why bother, when I've already done
    it and you apparently didn't bother paying attention?

    --
    Tom "Tom" Harrington
    Macaroni, Automated System Maintenance for Mac OS X.
    Version 1.4: Best cleanup yet, gets files other tools miss.
    See http://www.atomicbird.com/
    Tom Guest

  12. #12

    Default Re: Living with "Repair Permissions" nonsense

    On Tue, 16 Sep 2003 19:13:31 GMT,
    Mark Conrad (com) wrote:
     

    That wording implies that you can repair permissions on a volume
    that OS X may be booted from. Not from the volume that OS X is
    currently booted from.

    As you have done in other cases, here too you have jumped to an
    erroneous conclusion.

    Bev
    --
    Bev A. Kupf
    "The lyfe so short, the craft so long to lerne" -- Chaucer
    Bev Guest

  13. #13

    Default Re: Living with "Repair Permissions" nonsense

    Mark Conrad <com> wrote:
     

    I think you need to look more deeply into *why* this is happening. I've
    done the "repair permissions" thing only once that I can recall, and that
    was because I messed them up myself.

    --
    Jeremy | com
    Jeremy Guest

  14. #14

    Default Re: Living with "Repair Permissions" nonsense

    On Wed, 17 Sep 2003 00:30:36 -0000, Jeremy <com> wrote: [/ref]
     

    Agreed. I use mine for some very heavy-duty unixy stuff, and have never
    had an issue. Mark may have installed or done something odd in his
    quest to do whatever he's trying to do; perhaps if he'd ask how to
    fix that problem rather than complaining that it's doing something he
    apparently asked it to do, he'd have more luck.

    Dave Hinz

    Dave Guest

  15. #15

    Default Re: Living with "Repair Permissions" nonsense

    Mark Conrad <com> wrote:
     

    No, you _inferred_ this from the wording. It says "a Mac OS X boot
    volume," not "the current Mac OS X boot volume." And since you can
    repair permissions on your hard drive from Disk Utility while booted
    from the OS X installer disc, it couldn't possibly be referring only to
    the current boot volume.

    --
    Mike Rosenberg

    <http://www.macconsult.com> Macintosh consulting services for NE Florida
    <http://bogart-tribute.net> Tribute to Humphrey Bogart
    Mike Guest

  16. #16

    Default Re: Living with "Repair Permissions" nonsense

    In article <160920031212599735%com>,
    Mark Conrad <com> wrote:
     

    It does not imply that to me.

    FWIW, permissions can only be repaired on a volume that has
    /Library/Receipts and /System/Library/Receipts on it. The system looks
    in that directory to find out what the file permissions of all files
    installed by Apple installers should be.

    These directories are created on all MacOS X boot volumes, and not on
    others.

    Thus - if you do not have these folders, then repair permissions cannot
    be performed.
     

    I presume your internal drive is a drive on which you installed a MacOS
    X system folder at some point. Thus, you _could_ boot from it. You
    may not have at this time, but you could change your mind.
     

    Yes, it does. I cannot repair permissions on an OS9-only volume, nor on
    pure data volumes.

    They might be able to improve it with different wording, such as "a
    volume on which you have at some point installed MacOS X", but boot
    volume is terminology they have used elsewhere in the docs. Not
    transparent, but meaningful.

    Scott
    Scott Guest

  17. #17

    Default Re: Living with "Repair Permissions" nonsense

    Mark Conrad writes:
     

    It means, "On Mac OS X boot volume, you may only repair permissions".

    On other volumes, Disk Utility can repair other things. On your boot
    volume, the repair buttons to the right of the panel are dimmed out.
    --
    Jussi
    Jussi Guest

  18. #18

    Default Re: Living with "Repair Permissions" nonsense

    In article <160920031212509201%com>, Mark Conrad
    <com> wrote:

    Uh, now that we have broken Apple's secret code by finding out that
    their terminology "book disk" really doesn't mean the disk one is
    booting from, but rather:

    "A disk with OSX on it that _might_ be used to boot from."

    Now why couldn't they say that in the first place.

    Anyhow, onwards and upwards trying to untangle the non-sensensical
    Permissions mess that Apple has dumped me into.

    To see if Apple's "Repair Disk Permissions" will really do its job and
    repair a ed-up setting, I decided to put it to the test by
    manually messing around with stuff associated with "Permissions"

    I set the immutable-bit on the chess game file, located:

    /Applications/Chess.app/Contents/Resources/gnuchess.book

    Working from true root, my group permission for that file is
    "Administrator", and the "owner" of the file is "root" - - - where I am
    working from, i.e. temporarily being "root" myself.

    OSX let me change the immutable flag, turning it "On" with the
    following Terminal command:

    chflags schg gnuchess.book

    Okay, now that the permissions are ed up, I will try to "repair"
    them by running "Repair Disk Permissions".

    No luck, a curt message came up "Operation Not Permitted".

    I _know_ the immutable-bit was set because when I repeated the
    "chflags" command from Terminal, it would not allow me to "set" the
    immutable-bit a second time, which is characteristic of the way the
    immutable-bit acts once it is "set". (turned on)

    ....it came up with the message "Operation Not Permitted", even though
    it had let me get away with setting the immutable-bit initially.

    BTW, the chess game ran okay even with the ed-up permissions.


    After my failure at "repairing" the permissions on the chess game, I
    decided to try the same thing on this innocent little file :

    /System/Library/CoreServices/System

    Now I really didn't think that I would have any success with the
    "System" file, because it belonged to group "Wheel" - - - which I think
    that root is not even allowed to mess around with.

    Anyhow, after apparently getting away with turning "on" the
    immutable-bit on this file with the Terminal command:

    chflags schg System

    ....again the "Repair Disk Permissions" refused to fix it, same results
    as with the chess file.

    Checked the operation of several applications in OSX, they ran okay
    despite my fiddling with flags, which are a part of "Permissions".

    Gave up for the night, spent 5 minutes restoring my OSX partition to
    its original condition, then ran "Repair Disk Permissions" on OSX to
    verify that everything was back to normal - - - it was.

    Tomorrow I will mess around with "setUID" and "setGID".

    My knee- reaction is that "Repair Disk Permissions" is crippled, as
    regards to what it can fix.

    It will probably work on the very simple stuff, like read/write access.

    Mark-
    Mark Guest

  19. #19

    Default Re: Living with "Repair Permissions" nonsense


    Mark Conrad wrote in message <180920030753172058%com>... 

    From watching repair permissions you may be right. Mostly it catches R/W
    permission errors. Disk Warrior catches flag errors.


    Jeff Guest

  20. #20

    Default Re: Living with "Repair Permissions" nonsense

    Mark Conrad <com> writes:

    [...] 
    Why do you think flags are a part of permissions? They set attributes.
    I'm also not sure why you set a flag that says "don't change the
    permissions on this file", and then expect "Repair Disk Permissions" to
    change it.

    [...] 
    My knee- reaction is that "Repair Disk Permissions" does exactly what
    it's supposed to.
     
    Or in other words -- permissions! It would be nice if they fixed the
    incompatible receipts for that man page, though.
    --
    Dale J. Stephenson
    com
    3/27/87 -- Ed Hearn for David Cone. 12/20/02 -- Millwood for Estrada
    Schuerholz has finally topped himself.
    Dale Guest

Page 1 of 11 123 ... LastLast

Similar Threads

  1. "Contribute changes file permissions" Tech Note tn_19176
    By John Waller in forum Macromedia Contribute General Discussion
    Replies: 0
    Last Post: May 26th, 09:48 AM
  2. NTFS Permissions & "Failed to Start Monitoring File Changes"
    By Alex Maghen in forum ASP.NET Security
    Replies: 0
    Last Post: February 3rd, 02:21 AM
  3. Weird Permissions Thing (rw-r--r--, but vi says "read only")
    By Weston C in forum Mac Applications & Software
    Replies: 1
    Last Post: July 8th, 10:55 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139