[Thin Lizzy]

Is it really necessary? Everyone tells me you must repair permissions after installing a new program or do an update, or you will experience problems. Well honestly, I havent repaired permissions since October of 04' and havent experienced any kind of problems.

Should I do it regularly just to be on the safe side?

[Chuckit]

It's not really that important. Repair permissions if you're having problems; there's a chance it might fix them. Not repairing permissions regularly isn't particularly "unsafe" in any way. Botched permissions can just lead to funky performance.

[Thin Lizzy]

Thanks for your reply. Just the answer I was looking for.

[CharlesS]

It won't hurt anything to run it once in a while, but it's largely a waste of time. Repair Permissions is a tool to be used when you have some problem related to permissions, or when you've been mucking around in the Terminal and fear you may have messed some files' permissions up. All it does is compare the permissions of the files on your disk with the permissions of the files in the packages in /Library/Receipts. It basically reverts the permissions of your various files to the way they were when you first installed the OS. Again, if you're having some problem related to permissions, this is useful, but if things are working properly, it's largely a waste of time.

Unfortunately, there has formed a sort of cargo cult around Repair Permissions. I think that the main reason for this is because when you run Repair Permissions after an update, it just about always finds a few files with permissions that differ from those specified in the packages, and to people that don't really have a clue about what permissions are or what they do, this looks like "Oh no! It found problems with my hard drive!" I think that this is partially Apple's fault for putting the function in Disk Utility, where if you did a verify on your hard disk and it found directory damage, that would be something you'd want to fix right away. But with permissions, it's not necessarily, because the thing about permissions is that there isn't really One True Way that each file must be. Sometimes there's more than one possible set of permissions for a given file that would work. For example, I ran Verify Permissions after the 10.3.8 upgrade just for the sake of argument, to see what it'd find, and basically it was this one file:

/private/etc/slpsa.conf

What were this file's permissions set to? -rw-r--r--. Verify Permissions wanted to set them back to -rwxr-xr-x, because that is the way the file came when it was first installed in the original 10.3.0 installation. But really, why would the executable bit on this file need to be set? It's a configuration file. It stores settings. That's it. There's no reason that the executable bit needed to be set, and I'm willing to bet that the reason it's different in the 10.3.8 update is because some engineer looked at it, said "hmm, this is wrong," and changed it! But Repair Permissions will change it back to the way it was, because that's how Repair Permissions works. However, I'll bet that if you got a 10.3.8 full install disk and installed from that rather than installing 10.3.0 and updating to 10.3.8, it would set the permissions to -rw-r--r--, and if you ran Repair Permissions in the future, it would set the permissions back to those settings.

Now, I can (kind of, sort of) understand if people were running Repair Permissions after a badly designed third-party update from a crappy developer that came in a .pkg package. But for a system update from Apple, really, they know what they are doing. And if you don't trust Apple to set the right permissions on the files in the OS that they develop, then you can't trust the Repair Permissions mechanism either, for this reason: Running Repair Permissions on a fresh OS that came bundled on a Mac today would probably set the permissions to exactly those permissions that were set on the file before you ran Repair Permissions on your older Mac. So running Repair Permissions after an Apple-supplied update is pretty much a waste of time. And running it after a drag-and-drop install is a complete waste of time, since by dragging and dropping you're not going to have altered the permissions of any OS files at all.

Oh, and one more thing - sometimes there are people who even suggest running Repair Permissions before every update. I would like to point out that this is also a complete waste of time, and will accomplish exactly nothing, because Software Update runs as root. Root does what root wants, and it doesn't give a damn what the permissions of any files on your hard drive are. So running Repair Permissions before an update is not going to get you anything except for a feeling of having performed a voodoo ritual you don't understand, in order to get better crops this year.

The reason I find this advice harmful, and the reason it gets my ire up so much is when I hear people parroting it is that by telling newbies that they have to perform this voodoo ritual of running Repair Permissions twice every software update, you've turned a nice, convenient feature into a confusing, time-consuming process. While Software Update is a quick, easy, and painless thing to do when you can just get it started and then go have a cup of coffee and let it finish whenever it's ready, if you have to mess with Repair Permissions it becomes a chore. This is going to breed a generation of users who just don't bother with Software Update because it's a pain in the ass. So you'll end up with unapplied security updates, machines still running 10.3.1, and if someone ever finds a really nasty security hole, all these users will be wide open. You'll also generate a lot of bad press about Apple ("Mac OS X is so retarded, you have to repair permissions every time you do a simple Software Update!"), as we all know the effect these rumors have, whether informed or no.

[Thin Lizzy]

Whoa, nice post! I can really tell you know a lot about this stuff!

I hang around the Apple Discussions from time to time. I always see someone post "repair permissions before and after an update." Also, if you look at many of the posts there, when someone is having a problem with something, someone will say "repair permissions" and say it may solve their problem. They think repairing permissions is a universal fix to every problem you may experience!

As for Terminal, I use it sometimes. I began using it less when I did something very very stupid. I made a new folder, dragged it to the trash, and used the sudo command to delete it. Well, it deleted it. But when I restarted, I lost a lot of my data. Also, many of the preferences must have been deleted because I had to resetup every app, i.e iTunes, Safari, etc. I then read that using the sudo command to delete aliases can cause loss of data, which is exactly what happened. I learned my lesson.

[CharlesS]

Originally posted by Thin Lizzy:
I hang around the Apple Discussions from time to time. I always see someone post "repair permissions before and after an update." Also, if you look at many of the posts there, when someone is having a problem with something, someone will say "repair permissions" and say it may solve their problem. They think repairing permissions is a universal fix to every problem you may experience!

Yeah, I especially love when people say "Did you repair permissions before and after the last update you installed? If not, it's YOUR FAULT!!!" in response to some problem, even when you recognize the problem and know what the reason is... and it's something other than permissions...

As for Terminal, I use it sometimes. I began using it less when I did something very very stupid. I made a new folder, dragged it to the trash, and used the sudo command to delete it. Well, it deleted it. But when I restarted, I lost a lot of my data. Also, many of the preferences must have been deleted because I had to resetup every app, i.e iTunes, Safari, etc. I then read that using the sudo command to delete aliases can cause loss of data, which is exactly what happened. I learned my lesson.

Generally, when you're using rm it's a good idea not to use the -r command unless you actually need it. And if you're deleting an empty folder, it's safer to use -d instead of -r. And in general, I like to avoid ever using slashes in an rm command, so instead of doing this:

rm -r /path/to/something

I usually do this instead:

cd /path/to
rm -r something

This way, you have less likelihood of accidentally adding a space or a carriage return after one of those slashes, and deleting a whole lot more than you meant to...

[Thin Lizzy]

Thanks for the tip!

I am a real "n00b" when it comes to Terminal. But I boomarked this page, just in case I may have to refer to it!

Thanks a lot!