NFS Default Permissions

I was looking into a problem we're having using an NFS shared volume for several users.
I want to find a way to change the default permissions when we leave files on this mounted volume so that files we leave (or create) on the volume default to having group r/w permission. As it is, the default is for the group to be read-only.
I found a separate archived thread on this:
http://discussions.apple.com/thread.jspa?messageID=1625782
There it was suggested that changing the global umask setting would change all default behaviors to read & write for group:
defaults write -g NSUmask 2
This does seem to change the new file defaults for all files written on one's hard drive, but that didn't seem to fix everything.
- If the file is already group "read-only" then it stays that way when copied to the NFS volume
- If the file is already group "read & write" then it stays that way when copied [good]
- If you create a new folder
- If you create a new folder either locally or on the remote volume USING THE FINDER GUI, then it's read-only.
- If you create a new folder either locally or on the remote volume USING THE COMMAND LINE, then it's "read & write" [good]
So the question I have, should anyone have any deep insights into permissions are:
1) Can you change the default folder permissions created through the Finder GUI?
2) Is there any way to make copied files default to new permissions, or will they always retain their base permissions.
It's obviously much easier for several people using the same folder to have compatible permissions use than to have to remember to manually change them every time a file/folder is copied/created!

"1) Can you change the default folder permissions created through the Finder GUI?"
Hmm, the answer should be "yes", but it also shouldn't be necessary - the "Finder" by default would be expected to use the 'NSUmask' value set in the NSGlobal domain so it is odd that in your case, "If you create a new folder either locally or on the remote volume USING THE FINDER GUI, then it's read-only." But anyway, to independently set the 'umask' for "Finder", try:<pre>defaults write com.apple.finder umask 2</pre>This setting (and it is 'umask', not 'NSUmask' in this case) takes effect after the "Finder" is restarted and does not require a logout.
"2) Is there any way to make copied files default to new permissions, or will they always retain their base permissions."
This one, I don't know. I could have swore that in early versions of "Panther" that copied items were considered "new" and the global umask value applied, but the behaviour had changed by later versions to preserve permissions, and it looks like 10.4 behaves the same way.
I don't know anything about NFS - does it have any sort of "inherit permissions" setting like AFP? AFP shares can be configured so that copied items will inherit the permissions (and or ownership) of the parent folder... actually it seems to follow some strange rules so that in practice, both options often need to be set, but that's beside the point. It might be worth looking into to see if something like that is available...

Similar Messages

  • Set default permissions for new files?

    We have a small LAN where different users often need to open and resave each others' files. No server, just a bunch of client computers on ethernet sharing an internet router.
    Each time a user creates a file, that file's permissions default to read only for anyone but that user. How can I set up the default permissions so that any newly-created files default to Read & Write for "groups" and "others".
    I anticipate I will have to make this change for each user on each workstation.
    Any help would be greatly appreciated.
    Thanks

    If you want users to share files then have them place the file in the /Users/Shared/ folder. Files placed in that folder can be accessed by any user.
    Why reward points?(Quoted from Discussions Terms of Use.)
    The reward system helps to increase community participation. When a community member gives you (or another member) a reward for providing helpful advice or a solution to their question, your accumulated points will increase your status level within the community.
    Members may reward you with 5 points if they deem that your reply is helpful and 10 points if you post a solution to their issue. Likewise, when you mark a reply as Helpful or Solved in your own created topic, you will be awarding the respondent with the same point values.

  • What should default permissions be of the Groups folder be?

    While trying to sort out our Group shared folders permissions problems I might have changed the permissions of the Group folder (/Volumes/Server/Groups) in Server Admin.
    Can anyone tell me what the default permissions for that folder should be?

    I had a similar problem:
    <http://discussions.apple.com/thread.jspa?messageID=5876784#5876784>
    and Gerrit came to the rescue! Wonder if you migrated from Tiger and if so then the above thread might have some answers for you. Seems like the standard Group ID (gid) changed from Tiger to Leopard and has wreaked havoc on file sharing. I was able to remedy my situation (so far - still not thoroughly tested) by changing the gid of all files back to 20...which matches "staff" on the clients. This is still confusing and Apple's documentation is half-baked regarding this as far as I'm concerned.

  • Default permissions issue

    I recently tried upgrading our server from 10.4 to 10.5 and we're having trouble with default permissions. We have a small mixed AFP/SMB workgroup and we want items created in sharepoints to be readable and writable by other members of the group. In 10.4 the setting under AFP for default permissions for new files and folders didn't seem to work (but I got round it by manually changing a umask setting). After we upgraded and were having probIems with restricted permissions, I looked for that setting in 10.5. The manual, under "Changing AFP Settings for a Share Point", says:
    *If you are using only POSIX permissions, choose a method for assigning default access*
    *privileges for new files and folders in the share point:*
    *To have new items use default POSIX permissions, select “Use standard POSIX*
    behavior.”
    *To have new items adopt the privileges of the enclosing item, select “Inherit*
    *permissions from parent.”*
    However the setting does not seem to be there in Server Admin. I thought maybe it was because ACLs were enabled, so I followed the procedure described in the manual for disabling them, but after restart, they were still enabled, and still no AFP default permissions setting. Again, the manual says
    *You can unnecessarily complicate file access management if you’re not careful. Keep it*
    *simple. If standard POSIX permissions do the job, use those, but if you must use ACLs,*
    *avoid customizing permissions unless you need to.*
    But it seems I am being forced into using ACLs to do something which surely should be straighforward. Or am I missing something?

    Okay, I think I got where I wanted to get to using ACLs, but it would have been nice if the manual hadn't been a little misleading...

  • [Device Auto-mounting] HAL,KDE4.4 and default permissions

    Hello,
    I have a small problem with default permissions of Automounted
    Removable Devices. Whenever I mount it via KDE4.4's Auto-mounter. it
    sets all files to be owned by root.
    > ls -la /media/Backup/
    total 28
    drwxr-xr-x 4 root root 4096 Feb 11 14:46 .
    drwxr-xr-x 6 root root 4096 Feb 11 14:44 ..
    drwxr-xr-x 3 root root 4096 Feb 11 14:46 Gaurish_data
    drwx------ 2 root root 16384 Feb 10 16:07 lost+found
    I know KDE does not mount anything, it asks HAL. nothing is in
    /etc/fstab but in /etc/mtab and in /proc/mount I got
    $ cat /etc/mtab
    /dev/sdb1 /media/Backup ext4 rw,nosuid,nodev,uhelper=hal 0 0
    $ cat /proc/mounts
    /dev/sdb1 /media/Backup ext4
    rw,nosuid,nodev,relatime,barrier=1,data=ordered 0 0
    I like all my files and folders to be owner by me and NOT by root.
    any help?

    Are you using [testing]? Partially updated system?
    The error looks like you have a different version of gcc-libs / glibc than the app was built against.
    Last edited by Mr.Elendig (2011-06-20 19:16:33)

  • Default Permissions and Settings in Windows 7

    A Few qustions - 
    What is the default permissions in windows 7 for:
    1. c: - do authenticated users have special permissions by default?
    2. Desktop Icons
    And for remote assistance - max time invitation can be left open?
    Thanks - 

    Hi,
    1. Yes, the Authenticated Users have the special permission on the system root. What’s the goal you want to achieve? You may
    refer to the following similar thread to remove the Authenticated Users’ special permission on the system root.
    Reference:
    Authenticated Users have Create / Append permission on Root of C - can I remove them?
    2. What’s your meaning of “the default permission of Desktop Icons”? The permission to modify or delete the Desktop
    Icons? If so, please see the following similar thread:
    Permission
    to change / delete Desktop items
    3. By default, an invitation automatically expires after six hours. To cancel an invitation sooner than that, close the Windows Remote
    Assistance session that is waiting for an incoming connection.
    But you may also set the maximum invitation time.
    On the computer that you want someone to connect to, follow these steps:
    a)   
    Open System by clicking the
    Start button, clicking
    Control Panel, clicking
    System.
    b)   
    Click
    Remote settings and choose Remote tab.
    If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
    c)   
    Select the
    Allow Remote Assistance connections to this computer check box.
    d)   
    Click
    Advanced, and then, under Invitations, select the time from the two lists.
    Regards,
    Sabrina
    TechNet Subscriber Support
    in forum
    If you have any feedback on our support, please contact
     [email protected]
    This posting is provided "AS IS" with no warranties or guarantees, and confers no rights. |Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question.
    This can be beneficial to other community members reading the thread.

  • Default permissions on /usr/share/ and its subdirectories?

    I think I've goofed up my permissions on /usr/share and its subdirectories? Can someone tell me the default permissions, please?
    Also, is there a place in the docs where default permissions on various directories are listed?
    Thanks.

    (Pretty much) all directories are 755 and files are 644.
    These files are executable too if it helps (if you can't reinstall your packages via cache):
    apr-1/build/mkdir.sh
    apr-1/build/libtool
    automake-1.10/elisp-comp
    automake-1.10/compile
    automake-1.10/config.guess
    automake-1.10/config.sub
    automake-1.10/symlink-tree
    automake-1.10/ylwrap
    automake-1.10/mdate-sh
    automake-1.10/acinstall
    automake-1.10/install-sh
    automake-1.10/missing
    automake-1.10/mkinstalldirs
    automake-1.10/py-compile
    automake-1.10/depcomp
    config/kdm/Xstartup
    config/kdm/Xsetup
    config/kdm/Xreset
    config/kdm/Xwilling
    config/kdm/Xsession
    doc/gettext/examples/hello-librep/autoclean.sh
    doc/gettext/examples/hello-librep/autogen.sh
    doc/gettext/examples/hello-objc-gnustep/autoclean.sh
    doc/gettext/examples/hello-objc-gnustep/autogen.sh
    doc/gettext/examples/hello-c-gnome/autoclean.sh
    doc/gettext/examples/hello-c-gnome/autogen.sh
    doc/gettext/examples/hello-csharp-forms/autoclean.sh
    doc/gettext/examples/hello-csharp-forms/autogen.sh
    doc/gettext/examples/hello-c++-wxwidgets/autoclean.sh
    doc/gettext/examples/hello-c++-wxwidgets/autogen.sh
    doc/gettext/examples/hello-php/autoclean.sh
    doc/gettext/examples/hello-php/autogen.sh
    doc/gettext/examples/hello-java-swing/autoclean.sh
    doc/gettext/examples/hello-java-swing/autogen.sh
    doc/gettext/examples/hello-guile/autoclean.sh
    doc/gettext/examples/hello-guile/autogen.sh
    doc/gettext/examples/hello-java-awt/autoclean.sh
    doc/gettext/examples/hello-java-awt/autogen.sh
    doc/gettext/examples/hello-ycp/autoclean.sh
    doc/gettext/examples/hello-ycp/autogen.sh
    doc/gettext/examples/hello-c/autoclean.sh
    doc/gettext/examples/hello-c/autogen.sh
    doc/gettext/examples/hello-objc-gnome/autoclean.sh
    doc/gettext/examples/hello-objc-gnome/autogen.sh
    doc/gettext/examples/hello-perl/autoclean.sh
    doc/gettext/examples/hello-perl/autogen.sh
    doc/gettext/examples/hello-clisp/autoclean.sh
    doc/gettext/examples/hello-clisp/autogen.sh
    doc/gettext/examples/hello-csharp/autoclean.sh
    doc/gettext/examples/hello-csharp/autogen.sh
    doc/gettext/examples/hello-gawk/autoclean.sh
    doc/gettext/examples/hello-gawk/autogen.sh
    doc/gettext/examples/hello-python/autoclean.sh
    doc/gettext/examples/hello-python/autogen.sh
    doc/gettext/examples/hello-tcl-tk/autoclean.sh
    doc/gettext/examples/hello-tcl-tk/autogen.sh
    doc/gettext/examples/hello-c++-gnome/autoclean.sh
    doc/gettext/examples/hello-c++-gnome/autogen.sh
    doc/gettext/examples/hello-tcl/autoclean.sh
    doc/gettext/examples/hello-tcl/autogen.sh
    doc/gettext/examples/hello-objc/autoclean.sh
    doc/gettext/examples/hello-objc/autogen.sh
    doc/gettext/examples/hello-c++-kde/autoclean.sh
    doc/gettext/examples/hello-c++-kde/autogen.sh
    doc/gettext/examples/hello-java/autoclean.sh
    doc/gettext/examples/hello-java/autogen.sh
    doc/gettext/examples/hello-smalltalk/autoclean.sh
    doc/gettext/examples/hello-smalltalk/autogen.sh
    doc/gettext/examples/hello-pascal/autoclean.sh
    doc/gettext/examples/hello-pascal/autogen.sh
    doc/gettext/examples/hello-sh/autoclean.sh
    doc/gettext/examples/hello-sh/autogen.sh
    doc/gettext/examples/hello-c++-qt/autoclean.sh
    doc/gettext/examples/hello-c++-qt/autogen.sh
    doc/gettext/examples/hello-c++/autoclean.sh
    doc/gettext/examples/hello-c++/autogen.sh
    doc/gettext/examples/hello-java-qtjambi/autoclean.sh
    doc/gettext/examples/hello-java-qtjambi/autogen.sh
    getopt/getopt-parse.tcsh
    getopt/getopt-test.tcsh
    getopt/getopt-parse.bash
    getopt/getopt-test.bash
    gettext/projects/team-address
    gettext/projects/TP/team-address
    gettext/projects/TP/trigger
    gettext/projects/KDE/team-address
    gettext/projects/KDE/trigger
    gettext/projects/GNOME/team-address
    gettext/projects/GNOME/trigger
    gettext/intl/config.charset
    gettext/config.rpath
    git-core/templates/hooks/pre-rebase.sample
    git-core/templates/hooks/prepare-commit-msg.sample
    git-core/templates/hooks/pre-commit.sample
    git-core/templates/hooks/applypatch-msg.sample
    git-core/templates/hooks/update.sample
    git-core/templates/hooks/pre-applypatch.sample
    git-core/templates/hooks/post-receive.sample
    git-core/templates/hooks/post-commit.sample
    git-core/templates/hooks/commit-msg.sample
    git-core/templates/hooks/post-update.sample
    gitweb/gitweb.cgi
    gitweb/gitweb.perl
    glib-2.0/gettext/mkinstalldirs
    groff/1.20.1/font/devdvi/generate/CompileFonts
    groff/1.20.1/font/devps/generate/afmname
    groff/1.20.1/font/devps/generate/symbol.sed
    icu/4.0/install-sh
    icu/4.0/mkinstalldirs
    idl/xulrunner-1.9.0.7/stable/nsIPrefBranch2.idl
    idl/xulrunner-1.9.0.7/stable/nsIProfileChangeStatus.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMLSSerializer.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMLSOutput.idl
    idl/xulrunner-1.9.0.7/unstable/nsIXPointer.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMLSException.idl
    idl/xulrunner-1.9.0.7/unstable/nsIChromeRegistry.idl
    idl/xulrunner-1.9.0.7/unstable/nsIAccessibleEvent.idl
    idl/xulrunner-1.9.0.7/unstable/nsIVersionComparator.idl
    idl/xulrunner-1.9.0.7/unstable/nsIAccessibleRelation.idl
    idl/xulrunner-1.9.0.7/unstable/nsIHandlerService.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMClientInformation.idl
    idl/xulrunner-1.9.0.7/unstable/nsIXULSortService.idl
    idl/xulrunner-1.9.0.7/unstable/nsIFrameLoader.idl
    idl/xulrunner-1.9.0.7/unstable/imgIEncoder.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMLSResourceResolver.idl
    idl/xulrunner-1.9.0.7/unstable/nsIFIXptr.idl
    idl/xulrunner-1.9.0.7/unstable/nsIPrefBranch2.idl
    idl/xulrunner-1.9.0.7/unstable/nsICryptoHash.idl
    idl/xulrunner-1.9.0.7/unstable/nsIAccessibleTypes.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMLSParserFilter.idl
    idl/xulrunner-1.9.0.7/unstable/nsIAccessibleStates.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMXULContainerElement.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMSVGAElement.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDocCharset.idl
    idl/xulrunner-1.9.0.7/unstable/nsIContentPrefService.idl
    idl/xulrunner-1.9.0.7/unstable/nsIXULTemplateRuleFilter.idl
    idl/xulrunner-1.9.0.7/unstable/nsIContentURIGrouper.idl
    idl/xulrunner-1.9.0.7/unstable/nsIModifyableXPointer.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMLSParser.idl
    idl/xulrunner-1.9.0.7/unstable/nsIWebContentHandlerRegistrar.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMSVGEvent.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMSVGZoomEvent.idl
    idl/xulrunner-1.9.0.7/unstable/nsIXULRuntime.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMLSSerializerFilter.idl
    idl/xulrunner-1.9.0.7/unstable/nsIAccessibleRole.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMXULTextboxElement.idl
    idl/xulrunner-1.9.0.7/unstable/nsITypeAheadFind.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMPageTransitionEvent.idl
    idl/xulrunner-1.9.0.7/unstable/nsIProfileUnlocker.idl
    idl/xulrunner-1.9.0.7/unstable/nsIXSLTProcessorPrivate.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMGetSVGDocument.idl
    idl/xulrunner-1.9.0.7/unstable/nsIAutoCompleteResultTypes.idl
    idl/xulrunner-1.9.0.7/unstable/nsIXULTemplateResult.idl
    idl/xulrunner-1.9.0.7/unstable/xpcIJSWeakReference.idl
    idl/xulrunner-1.9.0.7/unstable/nsIDOMLSInput.idl
    idl/xulrunner-1.9.0.7/unstable/nsPIAccessNode.idl
    idl/xulrunner-1.9.0.7/unstable/nsIXULTemplateQueryProcessor.idl
    idl/xulrunner-1.9.0.7/unstable/nsIProfileChangeStatus.idl
    libtool/config/compile
    libtool/config/ltmain.sh
    libtool/config/config.guess
    libtool/config/config.sub
    libtool/config/install-sh
    libtool/config/missing
    libtool/config/depcomp
    libtool/libltdl/configure
    licenses/zlib/license.txt
    qt/mkspecs/macx-xcode/Info.plist.app
    qt/mkspecs/macx-pbuilder/Info.plist.app
    Last edited by dyscoria (2009-03-28 10:47:42)

  • Default permissions on /Library folder?

    I'm having a permissions problem here. I'm trying to reinstall a couple of games from Gamehouse and when they first run they (apparently) need to write a file to the /Library/Application_support folder. Now they all generate an error saying I need to be an admin user (I am) or repair permissions (I have several times, including booting from the 10.5 dvd and running repair from that).
    I checked the settings and on TWO different macs both with a recent format/install of 10.5 the permissions are as follows:
    /Library
    system (r/w), admin (r/w), everyone (r only)
    /Library/Application Support
    system (r/w), admin (r only), everyone (r only)
    ALL of the folders inside the main Library folder are set with the admin user being read only.
    On a Tiger machine here, all of the folders in the main Library folder are set with admin user being read/write.
    So... has the default permissions changed in 10.5 or do I somehow have an exactly the same wierd issue on 2 different macs?
    Thanks if anyone can shed light on this.

    after running DU, the permissions on /Library/Application Support are still:
    system r/w, admin r-only, everyone r-only
    Is this what they are supposed to be? If so, it creates a problem for some installers apparently. If not, I need to find out what changed them incorrectly on mine and fix it. Again, on a Tiger system the admin user has r/w privs on the app support folder... on Leopard its read-only.

  • Default permissions?

    Is there a way to modify my system's default permissions? For example, when I create a new file/directory it will automatically have my preferred permissions. I've tinkered with umask, but haven't found it to work for me... am I missing something?

    Did you try setting your umask in th specific users .bashrc file. any changes you make here will be saved. Just entering the Umask command from the bash shell will change the permissions just for that session it will go back to default after you log out.  All you should have to use is a text editor and be in the users home that you wanna change and type nano  .bashrc (i use nano) or vi .bashrc etc...... then all you should have to type is the umask value. Im pretty sure that the umask is subtracted from the the current directory permissons a umask of 022 give us the 755 that is the default. so you would type "umask  022" then save and exit . Then test it
    hope this helps
    Last edited by Ronin15 (2010-06-12 04:35:54)

  • How do you change the default permissions for files?

    I have all my users saving (via AFP) to an Xserve RAID, I am using ACL to control who has access to certain area.
    This is fine when moving files in the finder, all ACL are respected, however when saving files from Photoshop it ignores the ACL's.
    So if user A saves a file they become the owner- which is fine, but the group and everyone permissions are read only, so when user B ammends the file they get a permission warning when they try to save, the work round I'm using is to trash the file just before you try to save- not ideal cos if the save fails you've lost the work.
    What I would like is for the default permission to be group "design" Read and Write and leave everyone as read only
    So when any designer goes to oversave a file in photoshop they can do.
    I needf to leave ACL's on as they are working well in every other situation, i.e I have certain folders set so once images have been added they cannot be deleted or renamed by certain users.
    It only seems to be Photoshop that gives us this problem, Quark files and other docs are able to be saved according to the ACL

    Hi
    There are some important distinctions and points to be made here.
    POSIX Permissions are always set for every file and folder. ACLs are optional for any file, folder or share point and work IN ADDITION to POSIX Permissions. SACLs (Service Access Control Lists) are optional for specific services such as AFP, FTP, SMB, Mail etc and are independent of files and folder as well of standard POSIX Permissions and file system ACLs. Allow access is cumulative and Deny access is first match.
    ACLs supersede but don’t necessarily override Standard UNIX permissions.
    The best way to use ACLs is to enable Access Control Lists on the desired volume, create the share point folder from within Workgroup Manager, define the Users and Groups and then drop the relevant User and/or Group into the ACL window and define access privileges from there. Don’t be tempted to use the Standard UNIX permissions in addition to ACLs as all sorts of problems can ensue.
    Privileges and access can quickly get confused and share points can be broken. Deny settings defined in ACL take precedence over all other privileges settings. Deny settings defined using Standard UNIX as well as ACLs can, in some cases, mean share points becoming inaccessible to all users even those with administrative privileges.
    Wherever possible try not to set access privileges using the Finder.
    For a much fuller explanation and a method for calculating umask values consult Gerrit de Witt’s series of articles:
    http://discussions.apple.com/thread.jspa?messageID=648307&#648307

  • When create a new user into AD by default permissions also added for share point site

    HI
    i have a sharepoint farm.
    when i create new  user in AD, by default below permissions are added to that user,
    how its happen ?
    site permissions:
    View Web Analytics Data  
    Browse Directories  -  Enumerate files and folders in a Web site using SharePoint Designer 
    and Web DAV interfaces. 
    View Pages  -  View pages in a Web site. 
    Enumerate Permissions  -  Enumerate permissions on the Web site, list, folder, document, or 
    list item. 
    List permissions:
    View Items  -  View items in lists and documents in document libraries. 
    Open Items 
    View Versions  -  View past versions of a list item or document.  
    View Application Pages  -  View forms, views, and application pages. Enumerate lists. 
    Use Remote Interfaces
    adil

    Hi
    yes i dont know how these permissions are added in sharepoint?
    how its happen? , even i did not added this user in any sharepoint group or sitepermission
    adil

  • Code for restoring default permissions to etc/hosts?

    Could someone help me with the proper code for setting the permissions on etc/hosts to their proper default setting?

    sudo chmod 644 /etc/hosts
    sudo chown root:wheel /etc/hosts
    Those are the settings on my iMac.
    If you use an editor such as
    sudo nano /etc/hosts
    you will most likely not have these problems.
    If you are a more experienced Unix user, then vim or emacs are good choices as well, but both of those editors have steep learning curves.
    Message was edited by: BobHarris

  • What r the default permissions for rooted folders (/Applications & etc.)?

    Hi.
    i've got corrupted attributes for /Applications folder (no user/no group owner), which were not corrected with disk utility Repair permissions.
    So i'd like to correct them manually.
    Could anyone tell me about default attributes for rooted folders? (/Applications, /Library, /System and etc.)
    Or may be a link to some manual where i could find that out?
    Thank you in advance!

    from my notes:
    The sticky bit should be set on the root "/" folder of the drive.
    The correct permissions for the root drive are
    owner:root, group:admin, chmod:1775
    #these must be set in single user mode, you cannot set these while booted#
    Boot into single user mode:
    mount -uw /
    chown root:admin /
    chmod 1775 /
    reboot
    After rebooting Set the following Directory permissions:
    /Applications; root:admin, chmod 0775
    /Developer; root:admin, chmod 0775
    /Library; root:admin, chmod 1775
    /System; root:wheel, chmod 0755
    /Users; root:admin, chmod 0755
    Run the following commands on the /Applications directory:
    sudo chmod -R -N /Applications
    #clears out any ACL's, there should be no ACL's on your apps#
    sudo chown -R :admin /Applications/*
    #Sets group to admin on all your apps note: do NOT change owner.#
    Kj

  • Leopard install default permissions: Custom access

    Hello,
    I am a very new mac user. Only bought my first iMac 1 month ago. I really liked the experience so far.
    I recently upgraded to Leopard, and i had no problems at all (no blue screens, or locked users).
    The problem i am going through right now, is about user permissions.
    If i do 'Get Info' of my primary hard drive (the one Leopard is installed on), i get 'You have custom access'. I was expecting 'You can read & write'.
    I've read a lot about these permissions. I tried a lot of things but nothing worked for me.
    To be exact: i am using a leopard installation now, which has been installed from an empty hard drive (before the installation started, i erased everything. Just to make sure there is no conflict with the previous version, tiger).
    I've upgraded from tiger, clean installs, and fresh installs (like the one i am using now) all to get the same situation. I really hope this is not intended.
    Seen as I am a administrator, i really like to control where i want to write.
    I've tried the following:
    -i used Tinkertool System to change ACL's. Finally i got the '/' to show me 'read and write' but i had to change the ACL for every file manually, and at a certain moment i couldn't start my system preferences.
    -i tried the 'chown -R -N'. Didn't change a thing.
    -i tried the 'chown -a# 0 username' (username is babyCreative). Got a message telling me 'No ACL present'...
    Now i am working on a fresh format (so the permissions are still the ones, set by default). I can actually do the work i need to do, but i don't feel very 'okay' with this permissions-situation.
    PS: what really bothers me is the following: when launching leopard for the first time, and checking those permissions IMMEDIATELY, it tells me 'Read and write'. Only later on, all of a sudden, it changes into 'Custom access'. (right now it already is 'read only, yet i am copying files on it)...
    Is there somebody that can help me out with this?
    Any help is much appreciated.
    (excuse my bad english ;))
    Message was edited by: babyCreative

    This might be me turning crazy... but right now... My permissions on the primary drive have changed again... Permissions are now 'Read and write'.
    when i check out the owner of the drive, i see 'root' is the owner of the primary drive.
    I suspected to see my username there...
    Anyway: right now my permissions seem to be okay... Will evaluate this during a few days, and post the outcome here...
    (i feel pretty bad now: been wasting days to this... Only now realizing the following: patience is a virtue... (so far))
    thx for you reply though

  • Modifying default permissions? (Answered)

    A little while back, I discovered a way for the system to automatically make the permissions of files I create 0640. I've changed my mind about that now (since a permissions problem gave me hell with sqlite all day), and I've forgotten what I can do to restore it to the default 0666. Any advice? I've checked /etc/profile and /etc/fstab for any clues, and found nothing. Nothing was mounted with a umask, since I can chmod said files to 0666 after creating them.
    [Edit] Nevermind; My default was 644 after all.. Google says using 'umask' in .bash_profile will do the trick, though.
    Last edited by xelados (2008-03-01 01:38:38)

    Run "umask 0022".  That give the default 644 permissions...

Maybe you are looking for

  • Turned off Genius, how do I restore Genius playlists from ipod to my iTunes

    Hi, I turned off Genius in iTunes by accident and my Genius playlists have been deleted. They are still on my iPod. I'd like to know if they will automatically sync back to iTunes when I connect my iPod or have I lost them for good? Many thanks

  • Do All Zens Not Work Properly With AudioBooks?

    Do all Zens have the same issues with audiobooks? I bought two and they both have the same issues. I bought the second one because the first one wasn't working right. To wit: 1. Regardless of how many bookmarks are made at different locations, recall

  • Approver field addition in Test Plan

    Hi All, We need to maintain approver, test manager in the Test plan. Is there any user exit or BADI through which we can add fields in Test Plan where we can maintain the approvers. Thanks, Bharat

  • Iec 61000 magnetic sensor

    Not really a LabVIEW question, but I'm trying to quote a project that calls for a "magnetic sensor", that appears, from the requirement document to be used in testing the UUT per IEC 61000-4-3. I'm reluctant to download the mentioned document, as it

  • How to create a column link to a SQL update

    Hello all, it's me again! I'm trying to make a column link execute a update in that line and refresh the report. How can I do this? Just to be more explicit, this is the page http://tinypic.com/jsboeg.jpg when the user clicks Pause or Resume I want t