What’s up with Mac OS X 10.7 (Lion) file moving, deleting, using TextEdit and Preview??


Since installing Mac OS X 10.7, then 10.7.1 and now 10.7.2 on my multiple computers at work, I’ve seen some strange things. All these were updates to working systems full of data and applications, not “clean install”s.
I noticed some problems: The dumb OS would ask for my password whenever I moved or deleted files that I owned. I couldn’t open TextEdit, which I used because I can copy and paste html into it and it stays “live”; and even worse, I couldn’t open Preview to organize new pictures for my desktop!

So I did some research on the interTubes and was pointed to

1) sudo chown your_user_name ~/.Trash

Apparently, Lion shipped with the ownership of  ~/.Trash set to root (!) So own your own trash and be surprised at how easy it is to delete things again….

2) the permissions stuff available under “Get Info”.

This is Mac OS and I have, dare I say it, always found “Get Info” to be counter intuitive as a way of setting things. Absolutely, *get* info. Tell me what I need to know. But don’t make me go there, far into the system-y end of the menu bar, to SET fundamental properties I care about.

So when beset by things I didn’t understand, I was all to willing to go apply a tool I didn’t like to solve them, and a pox on all their houses. As if. I COULD fix the problem for one user by manipulating the Get Info users and groups permissions- the ACL. But if I fixed it for one login, it wouldn’t work for another on the same system. The Get Info fixes were strictly single-user-computing solutions. So I read more and found this on the Apple Support Communities:

——————————————————–
ckujau adds:
——————————————————–
Same (similar?) problem here: Finder asks for a password when I try to move any file in my $HOME to the Trash. Turns out that I had some weird ACLs set, dunno where this came from:

$ ls -le .DS_Store
 -rw-------+ 1 bob staff 24580 Aug 7 01:04 .DS_Store
 0: group:everyone deny delete
$ chmod -a "group:everyone deny delete" .DS_Store

After the chmod, deleting foo.txt succeeded. Running with -R on $HOME will remove this ACL from all objects in $HOME.
—————————————————————-

To which I can only say:

https://discussions.apple.com/thread/3195797?start=30&tstart=0

“This is the real magic. I have several logins on my system and going through the GetInfo display allowed me to enable the primary login’s account, but left the error for other logins. Grrrrrr.

I did see the password required to delete things problem but the big deal was that neither TextEdit or Preview would work, because of the error:

------------------------------------------- Error below!--------------------------------------
 Exception Type: EXC_BAD_INSTRUCTION (SIGILL)
 Exception Codes: 0x0000000000000001, 0x0000000000000000
Application Specific Information:
 dyld: launch, running initializers
 /usr/lib/libSystem.B.dylib
 xpchelper reply message validation: sandbox creation failed: 1002
 Saving after update for container (~/Library/Containers/com.apple.TextEdit/Data) failed: NSCocoaErrorDomain:513 You don’t have permission to save the file “Container.plist” in the folder “com.apple.TextEdit”.
 ------------------------------------------ Error above!----------------------------------------

So I tried ls -le and of course I saw  (NOTE: ls -le!!!)

 drwxrwxrwx@ 46 tester staff 1564 Oct 14 16:17 Library
 0: group:everyone deny delete
 1: user:babbott allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextat tr,writeextattr,readsecurity
 2: group:admin allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextat tr,writeextattr,readsecurity
 drwxrwxrwx+ 5 tester staff 170 Sep 15 16:02 Movies
 0: group:everyone deny delete
 drwxrwxrwx+ 6 tester staff 204 Sep 15 16:02 Musi

And, it turns out, I had zillions of useless files with this sort of thing

-rw-rw-rw-+ 1 tester staff 4433 Aug 25 20:05 7e4edc06e818c9f05aeed8ec1a1cfbd030136168.xml
 0: user:babbott allow read,write,append,readattr,writeattr,readextattr,writeextattr,readsecurity
 1: group:admin allow read,write,append,readattr,writeattr,readextattr,writeextattr,readsecurity
 -rw-rw-rw-+ 1 tester staff 4518 Aug 31 18:39 7e5e9b963704d7174fd4b3af2988310385d17957.xml
 0: user:babbott allow read,write,append,readattr,writeattr,readextattr,writeextattr,readsecurity
 1: group:admin allow read,write,append,readattr,writeattr,readextattr,writeextattr,readsecurity
 -rw-rw-rw-+ 1 tester staff 4701 Aug 12 16:43 7e64fe4487a73cabb37de30e411b8ed5872c74fe.xml
 0: user:babbott allow read,write,append,readattr,writeattr,readextattr,writeextattr,readsecurity
 1: group:admin allow read,write,append,readattr,writeattr,readextattr,writeextattr,readsecurity

which I’d probably created by “Apply to enclosed items” from the Get Info panel. Live and learn.

So here we were:

prome-1n-dhcp171:~ tester$ ls -le /
 total 30445
drwxrwxr-x+ 38 root admin 1292 Sep 30 13:59 Applications
 0: group:everyone deny delete
 drwxrwxr-x@ 16 root admin 544 Jul 8 13:18 Developer
 drwxrwxrwx 2 root wheel 68 Jul 13 10:39 ISO-Images
 drwxr-xr-x+ 60 root wheel 2040 Sep 30 16:12 Library 0: group:everyone deny delete
 drwxr-xr-x@ 2 root wheel 68 Jun 18 12:44 Network
 drwxr-xr-x+ 4 root wheel 136 Oct 5 13:08 System
 0: group:everyone deny delete
 drwxr-xr-x 8 root admin 272 Jul 27 19:18 Users
 drwxrwxrwt@ 5 root admin 170 Oct 14 17:56 Volumes
 0: group:everyone deny add_file,add_subdirectory,directory_inherit,only_inherit
etc...

etc:

And here’s the solution, in my case:

prome-1n-dhcp171:~ tester$ chmod -a "group:everyone deny delete" /Library
 chmod: Failed to set ACL on file '/Library': Operation not permitted

Ok… use sudo:

prome-1n-dhcp171:~ tester$ sudo chmod -a "group:everyone deny delete" /Library

Ah… happy happy joy joy!

prome-1n-dhcp171:~ tester$ ls -le /
 total 30445
 drwxrwxr-x+ 38 root admin 1292 Sep 30 13:59 Applications
 0: group:everyone deny delete
 drwxrwxr-x@ 16 root admin 544 Jul 8 13:18 Developer
 drwxrwxrwx 2 root wheel 68 Jul 13 10:39 ISO-Images
 drwxr-xr-x 60 root wheel 2040 Sep 30 16:12 Library private/etc  dr-xr-xr-x 2 root wheel 1 Oct 14 18:01 home
 -rw-r--r--@ 1 root wheel 15565404 Aug 9 20:58 mach_kernel

and now, Ta Da! I can use TextEdit and Preview from this login. AND delete stuff!  Nice!!

Bill

Working so far, and better than what I had done…

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s