Smc and smuser both put wrong home directory in /etc/passwd

Similar Messages

• Wrong home directory permissions for new users

  Hi everyone.
  I reinstalled my laptop the other day and ran into a rather strange problem: after a system update new users had their permissions totally screwed. It took me 3-4 reinstalls to notice, as i was also playing with lvm2 &co. Anyway, on fresh installations from either 2008.06 or 2009.02, everything works fine. As soon as i update to the latest package versions (including 2.6.29 kernel) and create a new user, permissions on the new home directory are screwed up to the point where the user can't access it.
  Old directory permissions:
  drwx------ 33 jasn users 4,0K 17. Apr 13:21 jasn
  drwx------ 2 root root 16K 17. Apr 12:15 lost+found
  New directory permissions:
  drw-rw--w- 2 jasm users 4,0K 17. Apr 13:43 jasm
  drwx------ 33 jasn users 4,0K 17. Apr 13:21 jasn
  drwx------ 2 root root 16K 17. Apr 12:15 lost+found
  Logging in to "jasm" results in
  No directory, logging in with HOME=/
  [jasm@host /]$
  The whole mess can be fixed by changing the permissions on the home directory, but all that can't be on purpose, can it? I also don't know which package update (if it even was caused by one) causes this behaviour and if this only happens to me, so i didn't file a bug report.
  Has anyone already seen this? I solved it after 1.5 days of puzzled (and strangely unsuccessful) googling and reinstalling, so perhaps someone who runs into the same problem can use this to fix it.
  Last edited by JASN (2009-04-17 17:09:34)

  umask is not really the correct thing to do in this case, as this resets the permissions for every file the user creates. Afaik, the umask setting has to be installed on every machine via the launchd-user.conf file (to contain simply: umask 002) (or whatever is appropriate for your facility), as umask is a property of the process, not the connection.
  What might work better for your problem is make the homedirs world and group non-readable. That way the user creates files within their homedirs and anywhere below, but everyone else can't read them regardless of the files' permissions because the directory itself is unreadable.

• Can I and should I move my home directory to my new Thunderbolt RAID drive?

  I have just purchased a Thunderbolt Promoise Pegasus Raid set to Raid5.  I have never owned a RAID device before so i apologise if these questions seem strange or rudimentary.
  I am running an internal 7200 RPM 1TB disc but I have heard that the Thunderbolt throughput is faster than even my internal drive.  Is that the case?
  If so...
  Would it be possible/wise for me to move my home directory to the RAID? 
  Would it be possible/wise for me run the entire system from the RAID?
  Finally, if I keep the system/home directory on the RAID, can I/shoud I  use the RAID for Time Machine Backups?
  Thanks in advance for any thoughts

  Here's what I did:
  Copied my home directory to the RAID (not NAS incidentally, but RAID via thunderbolt)
  System Prefernces -> accounts
  Unlock to make changes and control-click on the account you want to move.
  In there you will see a home directory location.  Change it to where your new home directory location is.
  Restart.
  You know it has worked if the new location icon is the familiar picture of a house.
  Probably a good idea to have a fallback account you can log into in case something happens.
  No issues with any software, plenty of room now on the internal drive ad everything works nice and snappy

• When a cd is not recognised by gracenote data base, how do you ensure that it dowloads all together in recently added. I am trying to download a nn 8 disk compilation and itunes is putting all track 1/track2 etc together

  i am trying to download a compilation of 8 cds which are not recognised by gracenote database. how do I ensure that the disks download seorately. My last try had all track 1/2/3 together rather than 1 - X in each cd

  Perhaps it would be helpful for you to view the page source code of this page
  http://www.alanwork.com/
  As you can see, the submenu code links are immediately below the top level code, and are
  wrapped in their own  <UL> </UL> tag pairs.
  Hope that helps

• Best way to put system and apps (home directory?) on new SSD?

  I just installed a new 115 GB SSD in slot 2 of my MacPro (early 2008). I have not initialized yet.  I want to make that my Boot Drive.  I have Carbon Cloner and have cloned my entire old HD onto an external so far.  What is the best way to get my system and apps onto the SSD. I'm guessing Carbon Cloner will let me clone parts of my HD and not make me clone all of it but I don't yet know how to do that.  Do I just clone my apps folder and then my system folder one at a time?   What do I do with the Library? I cannot clone my entire HD onto the SSD first because it will not fit and I do not want my data on there anyway.  I have read that I should also put my home directory on the boot but this is now confusing me.  I plan on partioning the erased HD into fast and slow, then putting my User folder from the external back on there.  I am the only one using the computer so I do not have issues with Users and all my apps are in the main hard drive app folder but I have noticed that I have things in both my Library folders (main HD and my home).  Should I put all items in one of them, main or home? before I do this?  I never understood why I have items in both folders since I am the only user and all the apps are on main. Thanks.

  Misfit138 wrote:
  Gen2ly wrote:
  I just did this and took notes so it might be your lucky day because I created a wiki page for it:
  Restore from Configurations
  Terrific job.
  I would suggest changing the name to "System Restore from Configuration".
  Thank you.
  Done.

• Is there a file in which OSX stores the home directory path, where to find it and how to edit it in Windows 7?

  Hi everyone,
  I have a SSD with the System and Apps on it, and another HDD containing the home directory.
  I made the mistake to rename the Volume the home directory is on whilst being logged in, the system reacted accordingly and prompted some Password requests,
  and I then tried to choose the newly named Volume in the Advanced options dialogue in Users & Groups (example seen below).
  I tried to change the name back to what it was in the hope of it all being back to normal again, but instead it's completely messed up now and I cannot login anymore (prompt: "You are unable to log in to the user account "xxxx" at this time. Logging in to the account failed because an error occurred")
  All I can do now is boot my Windows 7 and try to fix this from there, I can read/write the OSX Volumes thanks to MacDrive.
  So now the big question is:
  IS THERE A FILE containing the path to the home directory (red arrow)?
  IF SO, WHERE can I find it?
  And is there a way to edit it in Windows?
  My guess is that if I rename the Volume, AND change this path to something identical again, it might solve the issue.
  Thanks!

  Download THIS
   Cheers, Tom

• Unable to create directories in automounted home directory

  The subject pretty much says it all.
  I'm able to create, update, and delete files in my home directory, but as soon as I try mkdir, I get a permission denied error.
  I've ensured that NFSMAPID_DOMAIN is set on both machines. Cat'ing
  /var/run/nsf4_domain show the same values on both machines.
  I'm not sure what else to check at this point.
  Any ideas?

  Strange, did you tried patch 118376-02 (intel) or 118375-02 (SPARC)? It claims to fixe the mkdir in different-NFS-domain problem, maybe it fixes more than that..
  //Magnus

• Problems With FTP Users home directory

  Hello Everyone,
  I recently ran into a problem when setting the home directory of an ftp user. What I want to be able to do is for example I have two users, one user is User1, and the other is FTPUser. Now when people ftp into the user FTPUser I want to set the home directory to be a certain path in User1. Now I was able to successfully do this on one box when creating the FTPUser I just set the home directory to be the path in User1. And when people ftped into FTPUser they were in the right directory under User1.
  I tried to do this same procedure on another box, and after creating the FTPUser and setting its home directory to a path under User1. Now when they ftped into FTPUser it was showing that the home directory was "/". I examined /etc/passwd and it presents the right home directory that I want, yet when people ftp into FTPUser its showing the home directory to be "/". Any help would be appreciated. Thanks in advance.
  -Kevin

  Sorry for such a late reply, but I figured out my problem and will put it on here in case other people run into the same problem. You must make the FTPUser be in the same group of the normal users directory path you wish to FTP into. For example the command will look like this when making the FTP user:
  useradd -g "users group number" -d /path/to/file -s /bin/sh ftpusername
  so if user1 group id was 110 you would put 110 after -g and set the home dir of the ftpusername to be some path in user1. Thanks all for the help.
  -Kevin
  Edited by: kratkinson on Jun 22, 2009 6:46 AM

• Shifting of home directory possible ?

  i went through a lot of reading before i ventured into installation of arch. i installed from the august release and have successfully upgraded to current september 7 release.
  mistakes i commited....
  i wanted to install home on a seperate partition and i had mounted so in usb as instructed. but some how my home directory is residing in the same root partition and the /dev/sda7 which i allocated for /home is empty. further more, i am unable to access that partition from my home as it say i dont have permissions....
  how to make the partition accessible. and is it possible to shift the home directory from current / partition to /home ? [ in my case it is /dev/sda5 for / and /dev/sda7 for home.
  finally, i wish to access the widnows partition in read/write mode. i am able to just open files as read only and i cant save any file there. the other ntfs partion which is empty is also not accesible from arch. how to make that accesible ? both in read/write modes.

  cfr wrote:
  If you *just* edit fstab, your current home directory will be masked by the home partition when you reboot.
  One easy way to avoid this would be:
  1) edit fstab appropriately
  2) boot the live install media
  3) mount / and /home but mount home somewhere different. For example:
  mkdir /mnt/root
  mount /dev/sdaX /mnt/root
  mkdir /mnt/home
  mount /dev/sdaY /mnt/home
  4) move /mnt/root/home/<username> to /mnt/home/<username>
  5) reboot
  That way, the ownership and permissions on your home directory will just be moved along with the directory itself and you shouldn't find anything mysteriously disappearing.
  followed the rules and edited the fstab successfully.... i rebooted and i am able to even access the ntfs partition, thanks to ntfs-3g.
  observations:
  i find /home in root file system as well as the newly shifted partition for /home (sda7)
  i could also boot easily without any problem
  i find that the user exists in both places and the file manager dolphin shows the default first left pane content as Home (which i presume is the root file system /home/USER) i click on the partition 24 GB filesystem (/dev/sda7) and that also shows my user folder.
  to double check on whats happening, i created a dummy-test file using nano and saved it to my home directory. then i opened the Home as well as 24 gb filesystem home. both folders contained the test file !
  it sort of created mirror? is it ok if i delete the /home foler from the root file system ?
  i wanted a seperate home partition but dont think i need a mirror !
  CORRECTIONS:
  i noticed its not a mirror, double checked with right clicking and checking out with properties and amount of space available / used. it will be less confusing if these 2 lists (24 gb and 29 gb is not displayed in the bottom part of the left pane in dolphin !
  Last edited by rvc (2012-09-11 03:39:01)

• Home Directory for AD on remote machine

  Hi,
  Requirement is like this:-
  As user is provisioned to AD a home directory for user is created on remote computer with name of user. I had wrriten a VB script to create a folder in users folder(folder already shared) on remote machine. I am able to sucessfully create the folder when i run script through command prompt. Now i write a java code to run the script with following command in java code.
  Process process = Runtime.getRuntime().exec("cmd /c cscript d:/users "+userid + " " + action);
  I am able to run the java code from eclispe and folder is created in users folder on remote machine.
  Now i had added a process task in AD process form and attached the adapter in which this java code is executed to run the script and i called this on response code (sucessfully provisioned) of AD .now when i provisoned user to AD process is called but error is their as cmd is not a command on linux... how can i run the script on linux.
  2) If folder users folder is not shared i have to give permissions on folder to particular user with userid and password to create its home directory in it how can i achieve this using vbscript??

  I assume you are creating folders in a file server and its a windows machine , is it ?
  You can install a remote manager on file server or on any other machine in network and execute your scripts remotely using remote manager
  Also you can execute your script like wscript c:\CreateFolder.vbs
  Thanks
  Suren
  Edited by: Suren.Singh on Aug 10, 2010 3:20 PM

• Create home directory using powershell

  Hi Experts -
  Currently AD 11.1.1.5 is deployed. The home directory is been prepopulated at the time of creation of AD account, and there is a custom task called updatehomedir which gets triggered on success response of create user.
  The problem is, the customer has 40 domain controllers and if I use the OOTB process tasks, it fails to find the user and gives me an invalid structure error, meaning it is not able to find the user. So when the first request goes for creating the user, it picks up a random domain controller and if the home directory parameter is been sent in the creation request it fails. so, the post user creation task works fine.
  The Ad connector creates the home directory with the full permissions to the user on that folder, and also it clears out all the existing permissions. By that, it does not inherits the container permissions. SR said, that it is an ER.
  How do I implement it.
  The approach that looks feasible is
  1. Change the provision attribute mapping for homeDirectory to say customHomeDirectory
  2. Disable the home directory update task
  3. Call a powershell after creation action
  4. In that powershell get the process form value, and run the creation of home directory with appropirate permissions.
  And I cannot test it, as the only environment where i have folders is production...
  -Thanks
  Kunal Jain

  After some decompilation I found this
  DirectorySecurity dirSecurity = new DirectorySecurity();
  PropertyValueCollection pvc = directoryEntry.Properties[ActiveDirectoryConnector.ATT_OBJECT_SID];
  SecurityIdentifier sid = new SecurityIdentifier((byte[])pvc[0], 0);
  dirSecurity.AddAccessRule(new FileSystemAccessRule(sid, FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow));
  Directory.CreateDirectory(directoryName, dirSecurity);
  Does this strip of the permissions of the file admins on the container. that is inheriting is not done????

• How to change Home Directory name

  I'm giving my daughter my old MacBook (OS 10.6.3) and want to change the home directory to her name, so that it looks like it's her computer and not mine.
  Do I have to wipe the laptop and reinstall system and other software, or can I delete my old account and make hers the "My Account" or Home or however it is called. Would that have potentially devastating consequences for Privileges, for example?
  Changing the Home User name to hers in the Accounts Preferences window had no effect on the Users directory (in the Finder).
  The problem my be nothing more than cosmetic, but I'd like her to see her name as a user and not mine (she is a teenager, after all)
  Thank you.

  Hi
  The simplest solution is to add a new Admin account for her, log out from your user, log in as her user, and delete your old user in System Preferences. When you delete your account you'll have the option to save the files in an archive file or delete immediately (which will irrevocably delete all files) - so make sure you have backed up or moved any files you want to keep (music, pictures, etc).
  Matt

• AES-256 user home directory sparse image bundle in Lion?

  Snow Leopard and previous had file vault to protect users' home directories as, I believe, AES-128-encrypted sparse image bundles. As I understand it now, under Lion, the options are to enable AES-128 whole disk encryption, or, if upgrading an existing snow leopard machine with a legacy file vault user account, to maintain that legacy file vault user home directory. However, under this second approach, additional users' home directories cannot be individually "file-vaulted" and instead, would require that legacy file vault  be decrytped and then the entire disk be encrypted.
  I am thinking that it would be advantageous from a security standpoint if an individual user home directory could remain encrypted, if that user were not actively logged in. Then, all contents would be inaccessible to other users, including administratively privileged users, and also that user's home directory would remain encrypted when the computer was turned on and booted up because as I understand it, file vault 2's real strength lies in protecting "data at rest" versus "data on a powered up and mounted file vault 2 volume".
  To that end, I am wondering, regardless of whether file vault 2 is enabled or not, whether an existing user home directory and all of its contents be converted to an AES-256-encrypted sparse image bundle, using Disk Utility, and exist at the /Users directory space, mounting and decrypting "on the fly" from the login window at user login just like how a legacy file vault home directory is treated under snow leopard, independently of whether file vault 2 was enabled on the whole disk or not. This would also permit later addition/conversion of another "file vaulted" user account whether fle vault 2 were enabled or not.
  To recap, an AES-256-encrypted sparse image bundle that would mount upon user login just like a legacy file vault user home directory does. Does anyone know if something like that is doable, and has that road already been travelled successfully? If so, I'd love to read a step-by-step, play-by-play, set of instructions on how to do just that.

  I think I got a solution worked out.  I don't mind if things get installed in /opt as long as pacman tracks it, and I found ruby-enterprise-rmagick in the AUR as an orphan.  I adopted it, updated it, installed it, and it's working great with my code.

• Home Directory not mounted in Active Directory environment

  I am trying to integrate a PowerMac G5 with Leopard 10.5.2 into an Active Directory. The Mac is bound to the AD without any problems. I can authenticate with my AD account and I also see the printers. However, I have problems using the network home directories.
  If I activate "Force local home directory on startup disk" everything works as expected: The user logs in and gets a local home directory under /Users and can mount its network home directory with the finder without the need to authenticate again, so the single-sign-on works.
  However, that's not what I want - I want the user to work solely in his networked home directory, not on the local disk. So I deactivate the button "Force local home directory on startup disk", but now the mount of the home directory fails. In the system.log I see the following:
  /usr/libexec/mount_url[123]: smb_mount: open session failed!: syserr = Broken pipe
  This is printed several times. If I try to access to automounted home directory under /Network/Servers/SERVER/USER in the terminal I also get "Broken pipe".
  The strange thing: I can access the home directory with smbclient, I can also mount it with mount_smbfs, but if I try it with /usr/libexec/mount_url it fails although I use the exact same server and user directory.
  Any ideas are greatly appreciated.

  We have a similar issue here. Only the first AD User after reboot can login and the second one gets the same error as you. (see also: http://discussions.apple.com/thread.jspa?messageID=6418268)
  It looks like there is a problem with the automounter. I set the AUTOMOUNT_TIMEOUT to 60 seconds in /etc/autofs.conf, then after logout of the first user and waiting for 1 minute, the second user can log in.

• Auditing Portable Home Directory Syncing

  We are investigating rolling out portable home directories for all of our users. In doing so we've ran into a show stopper level problem. Background syncing stops for some users silently. While a reset fixes the problem we are looking for a way to audit syncing on our clients. Currently we have two options:
  1. Checking the homesync.plist key. However this appears to show the last login/log out sync time not the last background sync time.
  2. Have all syncing clients create an indicator file at startup and test the server side home directory for the most change of this file. This approach is a tad kludgey.
  Does any one have any other methods they have been using to audit and monitor status of the portable home directories?
  Does anyone know of where the home sync menu item gets it's status from, ideally we'd like to pull that information directly rather than inferring it through monitoring a file created for that purpose.
  Thanks,
  Warren

  There's a plist for each user at ~/.FileSync/PHD******-<usershortname>.FileSyncHistory
  There's all sorts of great gems in there, included separate timestamps for background/preference first sync, last successful sync, etc.
  However, I've found that with 10.6.3 there's a bug that prevents the equivalent file from being update on the server side. It shows like this in the mobile FileSyncAgent-verbose.log
  0:: [10/05/18 21:55:57.625] EXCEPTION: [data writeToFile:'/Volumes/Users/jay/.FileSync/HomeSyncMirrorPeer-EQB2x69LJS1-jay.FileSyncHistory'
  options:0 error:&error] (Cocoa error 512) <-[SStoreFileOperator_FS writeFileData:] (StoreFileOperator-FS.m:1091)
  "(Error Domain=NSCocoaErrorDomain Code=512 UserInfo=0x10492c4b0 "The file “HomeSyncMirrorPeer-EQB2x69LJS1-jay.FileSyncHistory”
  couldn’t be saved in the folder “.FileSync”." Underlying Error=(Error Domain=NSPOSIXErrorDomain Code=35 "The operation couldn’t be completed.
  Resource temporarily unavailable"))">
  So as long as you're reading the data from the mobile home as opposed to the network home you should be fine.