PDA

View Full Version : Permissions and groups trouble!!!



icesplice
11th August 2009, 05:00 PM
Hey Guys,

Thought I would run this past you all, as I have not dealt with this kind of issue before.

I few months ago, I turned on my macbook pro, and found that my user account was corrupted. After some google work, I realized that I had to create another account, and transfer all the files over.

Taking the advice from the post I found on the net, I created another user name, and then changed over all the permissions using BatChmod.

Or so I thought....

Every now and again, I find a application or a directory that was not touched, and I have to do it manually. No problems, give it enough time, ad it all would be sweet.

But I just pulled a Firewire hard drive out of storage to work on a multimedia project, and found that I am locked out! When starting up Final Cut Pro, the scratch disk permissions I had configured for the project screamed at me that the media was locked, or the media was unwritable.

No problems, I thought. Out came BatChmod, and off I go... But this time no such luck.

Using terminal, I found that BatChmod had made my group "STAFF" on the firewire drive, and a quick check at my Macintosh HD showed my group to be 501.

Quick look, and thats not an option in BatChmod. OK, hit google again, and come up with chown -R username:group /absolute path/

Run the command, runs for a good hour, but by the time it finishes, it comes back with a long list of : Operation not permitted

So Im kinda lost. I'll be the first one to say I have no previous experiences with permissions and groups, and Aqua seems to have done a good job till my user account melted down. Anyone got any ideas, or can they point me in the right direction?

Thanks in advance,

-Icesplice

JimWOz
12th August 2009, 09:03 AM
You need to use the chown command with super user privileges.
Sudo chown... Otherwise you will only be able to change files that you are already the owner of.

Assuming you are using Leopard:
The default group no. is 20 = staff, and all users are a member of this group.
The user accounts are numbered from 501 onwards.

When you created a new account it would have been 502 or higher. Your old account 501 has now been deleted.

The files on the external are reporting the owner as 501, which now doesn't have a corresponding user name in the running OS's database. You are able to read them because of the group membership. (you could probably read them anyway because the everyone permission defaults to read also)

Another way to fix the problem would be to copy the files off the external to your machine, and copy them back. Then delete the old ones using sudo rm -r /external/folder. The copy process will make your current user account the new owner.

It is interesting that any first user = 501 account on any other OSX installation would be seen as the owner of the files on the external. This is because the permissions are stored as account and group numbers in the files, which are translated into user and group names by the running OS's database. - Not as secure as you might have thought !

I hope this helps.