Permissions issue with applications

I just upgraded to Snow Leopard and found that I was unable to change any of the icons of any of the pre-installed applications. Running 'ls -l /Applications' gave me this for every application:
drwxr-xr-x+ 3 root wheel 102 Jun 27 02:06 TextEdit.app
I took a look at the permissions for the Applications folder on a different hard drive that has Leopard installed, and here's what I got for every application there:
drwxrwxr-x@ 4 root admin 136 May 18 16:55 TextEdit.app
So I figured I'd just change the permissions on all my applications. After running 'sudo chown -R root:admin /Applications' and 'sudo chmod -R g+w /Applications/*', I was able to edit my icons again, so it looked like the problem was solved. However, repairing permissions in Disk Utility set everything back the way it was, and I was unable to change the icons of my apps again. From what I understand, wheel is the default group for root in OS X, and determines who can gain root access with su.
The only benefit I can see in having all the pre-installed applications only accessible to the root user is that it's harder to accidentally delete one of them, since you'll get a prompt asking for your user name and password if you try. Even that doesn't make much sense, though, since you can just put an application back if you do accidentally delete it. Can anyone else using Snow Leopard check if they have the same permissions for their Applications folder? Also, if these are the correct permissions, does anyone have any idea why this was changed in Snow Leopard?

V.K.: I tried your method, but Disk Utility set the ACLs back to normal as well. After I run the command, if I repair permissions I get this:
Repairing permissions for “10.6 Boot Disk”
ACL differs on "Applications".
Repaired "Applications".
ACL differs on "Applications/Utilities".
Repaired "Applications/Utilities".
ACL found but not expected on "Applications/Utilities/QuickTime Player 7.app".
Repaired "Applications/Utilities/QuickTime Player 7.app".
ACL found but not expected on "Applications/Utilities/QuickTime Player 7.app/Contents".
Repaired "Applications/Utilities/QuickTime Player 7.app/Contents".
When it's done I'm back to not being able to change my icons.

Similar Messages

  • Permissions issue with OSX 10.5.8

    This is likely a newbie question. I am new to OS X, but I am familiar with Linux/Unix Terminal usage.
    I have a permissions issue with OSX 10.5.8.
    I cannot use basic commands on the Terminal, such as mkdir, on my own home directory. I get an error message saying the operation is not permitted.
    I have traced the probable culprit down to default ACL permissions settings.
    So after hours of research on Google, I found out that ACL are turned on by default in OSX 10.5.8.
    But I don't know how to safely use it yet, so I need help.
    I'm not quite familiar with ACL, so I need to know how to add myself safely and securely to modify my home directory.
    The command is with chmod. Can this also be done via the GUI?
    What is the option for chmod to modify my home directory?
    Is it:
    *$ cd ~*
    *$ chmod +a "user:john allow write" .*
    *$ chmod +a "user:john allow delete" .*
    Alternatively, if I use the "chmod -N ." command on the home directory, will that safely remove all ACL? Or is that recipe for a major security hole in my machine?
    Thanks!

    There are many people on this board that know way more than I do. Sometimes there is the tendency to copy/paste some kind of boilerplate response though, especially if there isn't quite enough information about a particular problem, so just keep trying.
    You should be able to add anything you want to your user directory without the use of any ACL entries. The purpose for the *deny delete* entries on the system created folders would probably be to reduce customer service calls about "accidentally" deleting some of the folders that the system expects to be there - it does not affect creating items.
    To verify that there aren't other attributes getting in the way, open the /Applications/Utilities/Terminal application, copy/paste the following command(s) into the window (there is a trailing space), drag the problem folder(s) from a Finder window to the Terminal window (this will paste the path), press return and post back with the results:
    /usr/bin/who am i; /bin/ls -leO@d
    These commands will display the ownership and permissions, including any ACL entries and extended attributes.
    On my Leopard user folder the permissions are drwxr-xr-x+ with an ACL entry *group:everyone deny delete*. These permissions allow read/write for me, read for everyone else, and an administrator authentication will be needed to delete the folder. These are similar to what you posted earlier, so maybe there is something else going on in there.

  • Error creating custom reports. Permissions issue with custom reports

    I am having permission issues with reports. I am building a new Configuration Manager  2012 infrastructure and I have configured the Site server on Server1 and the DB is on Server2. Server2 also hosts the Reporting Point and SSRS roles/features. If
    I look in Monitoring at the Site Status and Component Status are all green no issues with the setup.
    Running SQL 2008 SP2 (no CUs). I have a service account that I used to install Configuration Manager and SQL. This service account is running the SQL service on Server2 and i am using the same account as the Reporting Services Point Account.
    I log into the SCCM console with a different user account, lets call it Admin1. This account is a member of the Full Administrator role. I can run any built in report.
    When I open the SSRS website and try to create a custom report I connect the DataSource using Windows Authentication. So the Datasource is connecting using the logged in users account. In this case Admin1. I test the connection and it connects fine.
    I test this query. (Select * from v_R_System) I only have about 10 workstations discovered so the report shouldn’t be very big. I get an error “The Select permission was denied on the object ‘v_R_System’, Database ‘CM_XXX’, schema ‘dbo’. (Microsoft sql server,
    Error: 229)”
    I have fixed the SELECT permission error by going into the database (using SQL Management studio) and granting Admin1 Select rights to the Configuration Manager database. I can now run the above query and make custom reports.
    My 2<sup>nd</sup> problem is that other members of the Full Administrator role cannot run these custom reports unless I go into the database and grant them the SELECT permission.
    Question:
    Should I have to manually go into the database to add SELECT permissions(i could use a group)? shouldnt Configuration Manager take care of this for me?
    Maybe the built in reports use the SQL service account rights and the custom ones do not? Am I doing something wrong with the Datasource when I create these custom reports?
    What is the correct process for creating custom reports?

    I think i am getting closer to a solution. After the Custom report is created. i can go back into the report. Delete the DataSource. Then browse for a dataSource. there is a datasource located in http://server2/reportserver/ConfigMgr_XXX/
    That datasource is used by all builtin reports. if you view the properties on the Credentials tab it is set to "do not use credentials" and the option is greyed out / cannot be changed.
    it looks like i still need the SELECT permissions on the database to create the report initially but at least i have solved the problem with viewing these reports.
    Can anyone confirm that what i did is correct?

  • Issue with Applications, file paths, mobile accounts in snow Leopard OD

    Hello Everyone,
    The Facts:
    2 x Xserves running Snow Leopard 10.6.2 Server
    (1 is a Open Directory Master, the other a backup/slave)
    About 20 end-users running 10.5.8 Leopard and 10 end-users running 10.6.2 Snow Leopard on MacBook Pro laptops.
    All laptops are Managed Mobile clients with full administrative privileges/rights for the local drive.
    The Issue(s):
    Having an odd issue with many applications like Microsoft Word, Adobe Photoshop etc. not remembering the last used file path and the default network home path showing up instead of the local one.
    This issue ONLY appears with the Snow Leopard clients and the Snow Leopard Server. No matter what, the default path will be the enduser's network home path. This leads to endusers constantly having to sync their home folders to get the copy or losing files altogether.
    The Leopard clients are unaffected, can save to the local hard drive by default and have no issue "remembering" the last accessed file's path (whether local or on the network).
    What gives? What changed? Any thoughts, workarounds, fixes most appreciated.

    Okay, I'll rephrase the issue
    When the Snow Leopard clients are connected to the network and can connect to the OD Master etc, the default path for saving files to the desktop changes to their network accounts e.g. afp://Server/Users/Enduser/Desktop. If they save a file, it will copy here and then the enduser has to synch to get a copy of the file on their local desktop.
    If the client is not connected to the network, no issue. Enduser can save files to the local desktop like normal.
    How do we change this such that the enduser can save to the local harddrive first regardless of being connected?
    All Snow Leopard Clients are mobile accounts which synch hourly the full profile.
    Any further thoughts or similar experiences gang?
    Something we could possibly change in the mcx settings perhaps or am a I missing the point?

  • Permissions issues with multiple volumes

    I'm currently running one boot volume with Snow Leopard and one with Mountain Lion on my Mac Pro.  Due to current software compatibility-related issues, I need to be able to use both volumes regularly as part of my workflow for now, though I plan to transition fully to 10.8 in the next couple months.  Right now, I'm running into a permissions issue that is impeding my workflow.  When I first set up the 10.8 volume, I had access to all the folders in my main user account on the 10.6 volume.  However, yesterday I used the process described in the link below to change name of my home folder, which includes creating a new user account.  With this new user account, I find that I do not have access to user content on my 10.6 volume.
    http://support.apple.com/kb/HT1428
    I know how to change permissions in the "Get Info" window, but I'm wondering if there's a way to globally give this account the same permissions the original one had.  (Actually, I thought that was what the process in that support article was supposed to do, so perhaps I've done something wrong...)  As it is right now, if I've granted myself read and write permissions to the Documents folder, but those permissions seem to have "cascaded" inconsistently--some files and folders are still blocked, others are accessible.  Can anyone help me out with this?  For now, I'm just going to copy the files I need over, but I need a better solution.

    Anyone have any ideas?

  • Permissions issues with Lion

    I just suddenly started having issues with my permissions with folders on external drives. Many of my folders (which appear to be random) no longer allow me to read or write them, and a dialog box appears saying I do not have permssion to access the folders. I only have one user which is the admin user.... what could have caused this? I have some drives with duplicate data on them, and different folders appear with the loss of access then others on other drives. I thought this was specific to my newest MBP (10.7.2) but notice both my older MBP and my really old G4 do the same thing, but with different folders each time. I have repaired permissions twice on the newest MBP to no avail. When I get info on a restricted folder, I notice that under 'permissions' my username does not appear, just a 'fetching....' but no username ever appears. If I unlock the folder using my admin password, I can change access for 'everyone' to read and write, and then I can access it. But what is going on here? All drives have been verified under disc utility, and as I mentioned, I have repaired permissions on the MBP which seem to be fine. This is weird..... (and a little alarming)

    Select the icon of the volume in the Finder and open the Info window. Click the lock icon in the lower right corner and authenticate. Then do either of the following:
    Check the box to Ignore ownership on this volume.
    In the Sharing & Permissions section, give yourself read & write privileges, then select Apply to enclosed items from the menu with the gear icon.

  • Permissions issue with Entourage after upgrading to Leopard

    I upgraded my system to Leopard and in doing so, did a "clean" install. I copied my backup Database file to the Identity folder and now i get "you do not have sufficient permissions to view contents of this folder" when trying to launch. If i let Entourage create a new database file, it works fine....

    Maciej Samsel wrote:
    GIMP 2.2 crashes on start and the details explain some versioning problem of X11 native libraries. It might be issue on GIMP side that expects differen binaries to be installed (and perhaps removed by Apple due to compatibility issue). I just wanted to point this to be expected.
    GIMP 2.4 for Mac OS X is not official release yet. It is only realease candidate and it should come soon hopefully with X11 issue being resolved in Leopard.
    I believe that there are some known issues with X11 and BSD "under the hood" with Leopard. Fink is also broken and my old Darwin X11 attempts to run but nothing happens.

  • Disk Utilities/Permissions Issues with Leopard

    What is wrong with Leopard's permissions? I have had numerous permissions issues, and had to reformat my two disk drives and Archive & Install Leopard on my startup disk after a Tiger to Leopard Upgrade.
    Now when I run Disk Utilities and Repair Permissions (which I do routinely), what used to take a minute or two in Tiger now takes a half hour (or longer) in Leopard?
    I ran Disk Utilities on my MacPro and it has taken nearly 25 minutes and is still going. My MacBook Pro is estimating the time at 1-minute remaining (where it started), and it has also been going for 25 minutes plus. I would like to go to bed, and don't want to leave my MBP running over night if I don't have to.
    This is a major issue and one which Apple needs to address immediately. I trust I am not the only User having this issue, is this the case?

    No your not the only one. It's been reported throughout the discussions. Appears that some of the errors reported in disk utility will not effect performance. Still, I expect that something is being observed and worked on as an update..

  • Popup Issue with Application using SSL

    Hi
    I am having an issue with one of our apex applications using SSL.
    I have a few popups in my application and for that I am using the Popup2 function that is built into APEX.
    When I run the app without a secure layer (directly from the server) I am able to get the popups and everything works fine.
    but when I run the app using the regular url https: the popup(s) does not work. When I checked the source code on the web page the error I got is as shown below. I found that the following apex_legacy_4_0.js file was truncated in the source code. It was not retrieved fully.
    Message: Expected '}'
    Line: 1
    Char: 3769
    Code: 0
    URI: https://xxx/i/javascript/apex_legacy_4_0.js
    Can somebody please let me know how I can fix this issue.
    Please Note: This was an application that was working without any issues for more than 2years. All of a sudden (since last month) we are getting this error. According to Our Network and DBA's we have not made any changes/patches to our servers.
    Thanks
    knut
    Edited by: knut on Dec 16, 2011 11:18 AM

    Ok. I figured it out. The url rewrite was missing in the config. Put it there and its working now.

  • Permissions issue with Time Machine backup store

    I am struggling with a Time Machine permissions issue on an iMac running OS X 10.10.2 + OS X Server 4.0.3, and backing itself up to an external USB disk.
    Backups complete successfully, but I am unable to carry out any user-level operations such as accessing the "time travel" interface via Enter Time Machine from the menu bar. Invoking Enter Time Machine fails with the error Can't connect to a current Time Machine backup disk. Likewise, although tmutil will correctly list the backup destination, tmutil listbackups produces an error:
    $ tmutil listbackups
    2015-02-05 16:53:19.413 tmutil[29181:2324148] Error enumerating (null): The file “Backups.backupdb” couldn’t be opened because you don’t have permission to view it.
    No machine directory found for host.
    My system logs are full of similar error messages from Finder.
    On the back volume, the permisisons to the store are set to owner root and group wheel, and there is an access control list applied to the directory and Backups.backupdb:
    $ ls -lae
    total 2688
    drwxrwxr-x  12 root  wheel      476 Feb  4 22:29 .
    drwxrwxrwt@  9 root  admin      306 Feb  4 11:57 ..
    0: group:everyone deny add_file,add_subdirectory,directory_inherit,only_inherit
    drwxrwx---+  6 root  wheel      204 Jan 30 13:49 Backups.backupdb
    0: group:everyone deny add_file,delete,add_subdirectory,delete_child,writeattr,writeextattr,chown
    -rwxr-xr-x@  1 root  wheel   115716 Nov 13 02:43 tmbootpicker.ef
    The problem is clearly the drwxrwx--- permissions applied to the store. I can temporarily revert these with chmod, after which all the user-level operations described above work correctly. But on the next backup, backupd will revert the permissions to give wheel write access and remove rx privileges for everyone else. It doesn't leave anything in the system log to suggest why it is making this change.
    I have a MacBook also running OS X 10.10.2, without the Server pack. This also backs up to a (different) external volume. On this volume the owner, group and access control list for the store are set as above, but the permissions are (and remain) what I would have expected, drwxr-xr-x.
    Is there any obvious reason why backupd should be modifying the permissions in this way — and is there any way to stop it?

    Thanks - I was seeing exact same problem on one of my client's machines (10.10.2 with OS X Server). I could see wrong group of "wheel" but wasn't certain that just changing to "staff" would be enough - but seems to have sorted things out

  • Migration Assistant and permissions issues with new Mac Pro

    Hi There,
    I've not had any significant issues with Migration Assistant in the past but I can't create a reliable system with my new Mac Pro.
    After using Migration Assistant during the initial setup, my user account wasn't even transferred. I tried restarting but in the end, I followed these instructions to reset and run the assitant again: http://stationinthemetro.com/2013/11/10/make-mavericks-re-run-the-setup-assistan t
    I've just finished running it for a second time, and while the user account is now on my new system, there are so many permissions issues that the system is unusable (I can't even run Safari). Creative cloud, 1Password, safari, Dropbox are all apps that give me Disk i/o or permissions errors.
    If I look in the user folder, many directories within it have a red minus icon. I've tried fixing permissions using Disk Utility but something is not right.
    In the past, the new system just boots like the old one but this time round, it asked me to create an account after Migration Assistant had finished - is this normal? I used the same username and password as before but I'm not sure Migration Assistantis working properly.
    Does anyone know a full-proof way of fixing and transferring my account without having to spend hours downloading OSX for a full erase and install?
    Any help would be much appreciated.
    Cheers
    Ben

    Thanks for the reply,
    I didn't understand exactly what to put into AppleScript sorry (never used it before) - so I just ran the following from the Terminal:
    $ echo $UID
    $ sudo chown -R 503 ~
    And restarted - everything works now - thanks heaps.
    What had happened and is this something I did or did Migration Assistant just get confused?
    I have 3 new Mc Pros to setup on Monday so just want to ensure those are hassle free.
    Cheers
    Ben

  • Privileges/permissions issue with drop box/archive folder

    Hi there,
    I'm having an issue with the permissions on a folder on my iMac. I'm running Leopard. Here at our office, I have my computer set up just like everyone else; within my drop box I have an folder titled "Archive", and within the archive folder I have a folder named after the boss' external hard drive. When the files are on her hard drive, she moves them into this folder so that we know they're completed and can be burned to disc.
    For some reason though, she can no longer access this folder in my drop to drag anything into it. One day I found something online that told me to set something through my system preferences. It worked, but I can't remember what I did! The folder seems to have "relapsed" and once again, she can't access it. "Get Info" doesn't work, no matter how many times I change the permissions- it always says everyone should be able to read and write. I've also tried changing permissions and shared folders in the "Sharing" section of system preferences. It just doesn't seem to want to go. I think she might be running Tiger; is there a possibility that that's the issue?
    Any thoughts? Any help is greatly appreciated! Thanks!

    I would check the system preferences / sharing / file sharing .. highlight file sharing (leftside) and setting to edit changes will be on right side for 10.6.x S Leopard. I would look for a somewhat similar setup in Tiger for its file sharing settings.

  • Permanent solution to permissions issue with ML and iPhoto?

    Hi, since upgrading my late-2011 Imac to ML, I have had issues with iPhoto. (All updates have been applied as they become available.) I am using a shared iphoto library across two user accounts. Both users are Admin accounts. When user A loads pictures, user B cannot see them til we have run the 'repair permissions' option. Same happens in reverse ie user B loads photos and we need to repair permissions for them to be visible to user A. (Thumbnails are available but when clicking through to the actual photo we get the 'exclamation mark / point of death'.) Any ideas on a permanent fix for this, as the need to do this every time is a pain tbh.

    Hi, since upgrading my late-2011 Imac to ML, I have had issues with iPhoto. (All updates have been applied as they become available.) I am using a shared iphoto library across two user accounts. Both users are Admin accounts. When user A loads pictures, user B cannot see them til we have run the 'repair permissions' option. Same happens in reverse ie user B loads photos and we need to repair permissions for them to be visible to user A. (Thumbnails are available but when clicking through to the actual photo we get the 'exclamation mark / point of death'.) Any ideas on a permanent fix for this, as the need to do this every time is a pain tbh.

  • Permissions issues with WebServer

    We host our own website on our Xserver (v. 10.4.something). There are two of us who add folders and files to the website, but we often run into permissions issues. If a file is created on the server itself, logged in as Admin, we're fine. But if one of us FTPs in (often easier than physically walking over to said server to move the files manually), then whatever directories we create and files we place are defaulted to read-only for every other user.
    Is there a way to set our user account permissions or WebServer permissions to automatically be read-write for the groups we belong to?
    Thanks
    -Rita

    You could probably use inherited ACL's for this? If you enable ACL's (requires reboot in 10.4.x server, 10.5.x has ACL enabled by default) then you can use server admin and specify ACL's as desired (Including inheritance or otherwise). This way you could set it as such that specific groups / users or even everyone has whatever access you need for directories and files based on the settings you specify.
    HTH.

  • Permissions Issue with Infopath Data Connection

    I'm not really sure how else to title this....
    Issue - InfoPath Form on SharePoint 2010 gives 'You do not have permissions to access a SharePoint list that contains data required for this form to function correctly."
    It gives a correlation ID
    Log file shows
    "Exception Message: The form cannot run the specified query. The list could not be found."
    Note the look-up is to a SharePoint list on the same content database.
    We have two Web-Front End servers with a load balancer.  We've had a number of other permissions type issues when the 'token' gets switched from one server to another, so we have the HOSTs file on each server pointing back to itself, so that once a
    server is 'grabbed' it stays on the same one.
    The error we are having currently, only seems to be occurring on the first Web Front End Server.
    Also we have sharepoint setup with an address of
    http://sharepoint.domain.com as well as an alias. http://sharepoint.
    The error we are having currently, only occurs if I use the fully qualified domain
    " http://sharepoint.domain.com" on the InfoPath data connection.  If I use the shortened alias, the error does not occur.  That is the current/easy solution, but I would like
    to fix it 'correctly' if possible.
    So, it appears to me that only on one of the Web Front End servers, it isn't liking the fully qualified path when doing a data connection.

    Hi ,
    Is the above issue fixed . if not please check below option
    Check the List / Library  [Source for dataconnection ] permission setting .
    If the permission is unique [ restricted from root site].  we  will the above type error message
    Velu K

Maybe you are looking for

  • How to print " Duplicate " in FORM ( either Sap Script or Smart Forms )

    hi,    How to print  " Duplicate " in FORM ( either Sap Script or Smart Forms ) if trying to take second Print Out and the FORM is already Printed. Please let me know the condition that we should go for.If possible let me know the SAMPLE code since t

  • Error when building ESS components within NWDI for NW2004s

    Hi I am trying to import thr ESS version 100 source code into the JDI. I get the following errors An internal server error occurred. Please refer to SAP note 774339 for more details on how to analyse the error condition. Unclosed Statement detected w

  • Help with phonezoo on my Galaxy S3

    I had tons of ring tones on my droid x from zedge and phonezoo now they are on my sd card and I can see them and hear them but I cannot assign them as a ringtone or notification tone.  Also when I have have new ones sent from phone zoo I see them but

  • How to use variable in rule script in HFM

    I'm now writing VB script for HFM rule, and have something to ask about the use of variables in rule. The script below generates the following error. -Error description- Line: 4, Error: Invalid Expression HS.Exp "S#Actual.A#77300.I#[ICP None] = cur"

  • Photoshop 7 will not open - Windows 8.1

    This issue began in Windows 8. One day Photoshop 7 just stopped opening. It would start to load things and I would get some sort of error, which was pretty generic when I looked it up. ImageReady works ok, but does not have the features I need. I com