Repair permissions

Last updated

Repairing disk permissions is a troubleshooting activity commonly associated with the macOS operating system by Apple. The efficacy of repairing permissions to troubleshoot application errors has been debated. [1]

Contents

Overview

The BSD layer in macOS is responsible for file-system security, including the management of the Unix (POSIX) permissions model. Applications depend on the correct assignment and interpretation of permissions in order to function properly. [2]

Repairing permissions involves checking the permissions of a set of files and folders on a volume with macOS installed against a list of correct POSIX permissions and correcting any discrepancies. The list of correct permissions is compiled by consulting the various bill-of-materials (.bom) files. Typically, these files are stored within reduced-size Installer package (.pkg) files in the Receipts folder in the local Library directory (/Library/Receipts) on the volume being checked. Whenever a user installs software that uses the macOS Installer package format, a bill-of-materials file is created which can be consulted for future permission repair. [3]

Files whose permissions have been incorrectly altered by an administrator, an administrator operating with root privileges, or a poorly designed installer package (installed with similar privileges) can cause a wide array of problems ranging from application errors to the inability to boot macOS. Repairing permissions can become necessary, but has become increasingly less so for versions after Panther (10.3). [1]

In OS X El Capitan, Apple introduced a security feature called System Integrity Protection. With it enabled, root privileges are no longer able to change system files and folders, including their permissions. Permissions repairs are instead performed automatically upon system installs and updates. [4] To that end, Disk Utility as well as the corresponding diskutil command-line utility lost the ability to repair permissions. [5]

Usage

In systems prior to OS X El Capitan, a permissions repair can be performed by selecting a startup volume and clicking the "Repair Disk Permissions" button in the "First Aid" section of Disk Utility. The operation can also be performed by using the diskutil command-line utility. [6] In El Capitan, the user can instead use two command-line utilities: pkgutil to repair particular packages or /usr/libexec/repair_packages to repair a standard set of system packages. [7] [8] In both cases, the user has to disable System Integrity Protection to change permissions of system files and directories. In macOS Sierra, /usr/libexec/repair_packages is not available.

Permissions can also be repaired using third-party utilities such as The Apotek's AppleJack or Prosoft Engineering's Drive Genius.

Related Research Articles

Darwin is the core Unix-like operating system of macOS, iOS, watchOS, tvOS, iPadOS, audioOS, visionOS, and bridgeOS. It previously existed as an independent open-source operating system, first released by Apple Inc. in 2000. It is composed of code derived from NeXTSTEP, FreeBSD, other BSD operating systems, Mach, and other free software projects' code, as well as code developed by Apple.

AppleScript is a scripting language created by Apple Inc. that facilitates automated control over scriptable Mac applications. First introduced in System 7, it is currently included in all versions of macOS as part of a package of system automation tools. The term "AppleScript" may refer to the language itself, to an individual script written in the language, or, informally, to the macOS Open Scripting Architecture that underlies the language.

In computing, a symbolic link is a file whose purpose is to point to a file or directory by specifying a path thereto.

A home directory is a file system directory on a multi-user operating system containing files for a given user of the system. The specifics of the home directory are defined by the operating system involved; for example, Linux / BSD (FHS) systems use /home/⟨username⟩ or /usr/home/⟨username⟩ and Windows systems since Windows Vista use \Users\⟨username⟩.

In computing, a loadable kernel module (LKM) is an object file that contains code to extend the running kernel, or so-called base kernel, of an operating system. LKMs are typically used to add support for new hardware and/or filesystems, or for adding system calls. When the functionality provided by an LKM is no longer required, it can be unloaded in order to free memory and other resources.

The Apple Filing Protocol (AFP), formerly AppleTalk Filing Protocol, is a proprietary network protocol, and part of the Apple File Service (AFS), that offers file services for macOS, classic Mac OS, and Apple II computers. In OS X 10.8 Mountain Lion and earlier, AFP was the primary protocol for file services. Starting with OS X 10.9 Mavericks, Server Message Block (SMB) was made the primary file sharing protocol, with the ability to run an AFP server removed later in macOS 11 Big Sur. AFP supports Unicode file names, POSIX and access-control list permissions, resource forks, named extended attributes, and advanced file locking.

<span class="mw-page-title-main">XNU</span> Computer operating system kernel

XNU is the computer operating system (OS) kernel developed at Apple Inc. since December 1996 for use in the Mac OS X operating system and released as free and open-source software as part of the Darwin OS, which, in addition to being the basis for macOS, is also the basis for Apple TV Software, iOS, iPadOS, watchOS, visionOS, and tvOS.

Utility software is a program specifically designed to help manage and tune system or application software. It is used to support the computer infrastructure - in contrast to application software, which is aimed at directly performing tasks that benefit ordinary users. However, utilities often form part of the application systems. For example, a batch job may run user-written code to update a database and may then include a step that runs a utility to back up the database, or a job may run a utility to compress a disk before copying files.

HFS Plus or HFS+ is a journaling file system developed by Apple Inc. It replaced the Hierarchical File System (HFS) as the primary file system of Apple computers with the 1998 release of Mac OS 8.1. HFS+ continued as the primary Mac OS X file system until it was itself replaced with the Apple File System (APFS), released with macOS High Sierra in 2017. HFS+ is also one of the formats supported by the iPod digital music player.

launchd is an init and operating system service management daemon created by Apple Inc. as part of macOS to replace its BSD-style init and SystemStarter. There have been efforts to port launchd to FreeBSD and derived systems.

<span class="mw-page-title-main">Disk Utility</span> Software for Apple macOS

Disk Utility is a system utility for performing disk and disk volume-related tasks on the macOS operating system by Apple Inc.

In the macOS, iOS, NeXTSTEP, and GNUstep programming frameworks, property list files are files that store serialized objects. Property list files use the filename extension .plist, and thus are often referred to as p-list files.

<span class="mw-page-title-main">Hackintosh</span> Non-Apple computer running macOS

A Hackintosh is a computer that runs Apple's Macintosh operating system macOS on computer hardware that is not authorized for the purpose by Apple. This can also include running Macintosh software on hardware it is not originally authorized for. Benefits of "Hackintoshing" can include cost, ease of repair and piecemeal upgrade, and freedom to use customized choices of components that are not available in the branded Apple products. macOS can also be run on several non-Apple virtualization platforms, although such systems are not usually described as Hackintoshes. Hackintosh laptops are sometimes referred to as "Hackbooks".

Extended file attributes are file system features that enable users to associate computer files with metadata not interpreted by the filesystem, whereas regular attributes have a purpose strictly defined by the filesystem. Unlike forks, which can usually be as large as the maximum file size, extended attributes are usually limited in size to a value significantly smaller than the maximum file size. Typical uses include storing the author of a document, the character encoding of a plain-text document, or a checksum, cryptographic hash or digital certificate, and discretionary access control information.

<span class="mw-page-title-main">Portable application</span> Type of computer program

A portable application, sometimes also called standalone software, is a computer program designed to operate without changing other files or requiring other software to be installed. In this way, it can be easily added to, run, and removed from any compatible computer without setup or side-effects.

<span class="mw-page-title-main">Apple Disk Image</span> File format developed by Apple and used by macOS

AppleDisk Image is a disk image format commonly used by the macOS operating system. When opened, an Apple Disk Image is mounted as a volume within the Finder.

<span class="mw-page-title-main">Gatekeeper (macOS)</span> Security feature of macOS

Gatekeeper is a security feature of the macOS operating system by Apple. It enforces code signing and verifies downloaded applications before allowing them to run, thereby reducing the likelihood of inadvertently executing malware. Gatekeeper builds upon File Quarantine, which was introduced in Mac OS X Leopard (10.5) and expanded in Mac OS X Snow Leopard (10.6). The feature originated in version 10.7.3 of Mac OS X Lion as the command-line utility spctl. A graphical user interface was originally added in OS X Mountain Lion (10.8) but was backported to Lion with the 10.7.5 update.

<span class="mw-page-title-main">System Integrity Protection</span> Security feature by Apple

System Integrity Protection is a security feature of Apple's macOS operating system introduced in OS X El Capitan (2015). It comprises a number of mechanisms that are enforced by the kernel. A centerpiece is the protection of system-owned files and directories against modifications by processes without a specific "entitlement", even when executed by the root user or a user with root privileges (sudo).

macOS Sierra Thirteenth major release of macOS

macOS Sierra is the thirteenth major release of macOS, Apple Inc.'s desktop and server operating system for Macintosh computers. The name "macOS" stems from the intention to unify the operating system's name with that of iOS, watchOS and tvOS. Sierra is named after the Sierra Nevada mountain range in California and Nevada. Specifically, Mount Whitney is the location for macOS Sierra's default wallpaper. Its major new features concern Continuity, iCloud, and windowing, as well as support for Apple Pay and Siri.

References

  1. 1 2 Gruber, John. "Seriously, 'Repair Permissions' Is Voodoo". Daring Fireball. John Gruber. Retrieved March 13, 2009.
  2. "Security Overview: Permissions". Apple Developer . Archived from the original on June 26, 2004. Retrieved April 4, 2007.
  3. "About Disk Utility's Repair Disk Permissions feature". Apple Support. Archived from the original on November 13, 2014. Retrieved April 4, 2007.
  4. "OS X v10.11". Mac Developer Library. Apple Inc. June 8, 2015. Retrieved June 11, 2015.
  5. "OS X v10.11 Developer Beta 1 Release Notes". Mac Developer Library. Apple Inc. June 8, 2015. Retrieved June 11, 2015.
  6. diskutil(8)    Darwin and macOS System Manager's Manual
  7. pkgutil(1)    Darwin and macOS General Commands Manual
  8. repair_packages(8)    Darwin and macOS System Manager's Manual