Originally posted by Footy:
Thanks Jay,
So I can do this without starting up from the Jag disk. OK.
So what will this do for me? I seem to have a lot of permissions that need fixing.
Mac OS X: Troubleshooting Permissions Issues
Article ID:
Created:
Modified:
106712
2/4/02
10/31/02
Here is a explanation from Apple Knowledge Base........
TOPIC
This document discusses the concept of permissions (or "privileges") in Mac OS X, issues that can arise due to incorrect permissions settings, and how to troubleshoot them.
DISCUSSION
Using the Repair Privileges Utility
Most users of Mac OS X have not intentionally modified privileges and simply need a utility to reset system privileges to their correct default values. For Mac OS X 10.2 and later this utility is included in the operating system. Users of Mac OS X 10.1 must download it.
For versions 10.0 to 10.1.4, you must update to version 10.1.5 first. Then use the Repair Privileges Utility. For information and software download, see technical document 106900, "Mac OS X: About the Repair Privileges Utility".
For Mac OS X 10.2 or later, open Disk Utility (/Applications/Utilities/). Select your Mac OS X startup volume in the left-hand column of the Disk Utility window, then click the First Aid tab. Click the Repair Disk Permissions button. You may encounter an erroneous message, as documented in 107230,"Mac OS X 10.2: Repair Disk Permissions Finds Issue With /private/var/run/utmp".
The remainder of this document contains more advanced information.
Warning: This document describes how you may modify permission settings by entering commands in the Terminal application. Users unfamiliar with Terminal and UNIX-like environments should proceed with caution. The entry of incorrect commands may result in data loss and/or unusable system software. Improper alteration of permissions can result in reduced system security and/or exposure of private data.
Permissions Defined
Mac OS X incorporates a subsystem based on a UNIX-style operating system that uses permissions in the file system. Every file and folder on your hard disk has an associated set of permissions that determines who can read, write to, or execute it. Using the AppleWorks application and one of its documents as an example, this is what the permissions mean:
Read (r--)
You can open an AppleWorks document if you have the read permission for it.
Write (-w-)
You can save changes to an AppleWorks document if you have the write permission for it.
Execute (--x)
You may open the AppleWorks application if you have the execute permission for it. This permission is only relevant for applications and other types of executable files.
When you can do all three, you have "rwx" permission. Permissions for a folder behave similarly. With read-only permission to a folder containing documents, you can open and read documents but not save changes or add new documents to the folder. Read-only (r--) permission is common for sharing files with guest access, for example.
Owner, Group, Others
Abbreviations like "rwx" and "r-x" describe the permission for one user or entity. The permissions set for each file or folder defines access for three entities: owner, group, and others.
Owner - The owner is most often the user who created the file. Almost all files and folders in your Home directory will have your user name listed as the owner.
Group - Admin users are members of the groups called "staff" and "admin". The super user "root" is a member of these and several other groups. Non-admin users are members of "staff" only. Typically, all files and folders are assigned to either "staff," "admin," or "wheel".
Others - Others refers to all other users that are not the owner or part of the group for a file or folder.
Since each entity has its own permission, an example of a complete permission set could look like "-rwxrw-r--". The leading hyphen designates that the item is a file and not a folder. Folder privileges appear with leading "d," such as "drwxrw-r--". The "d" stands for directory, which is what a folder represents. Figure 2, below, depicts how this looks in the Terminal application.
Example: Creating a TextEdit document
Suppose you create a TextEdit document and save it in the Documents folder of your Home directory. The document has privileges of "-rw-r--r--", so you can read and write to the file; but the assigned group and any other users can only read it. Because you saved the file in your Documents folder (drwx------), the group and other users cannot even see your file. The enclosing folder's permissions effectively supersede the file's own permissions. This is how the Home directory structure of Mac OS X provides privacy. If you drag the file to your Public folder (drwxr-xr-x) and then log out, another user could log in to the computer and read your public file.
Root: The "Super User"
In Mac OS X, a super user named "root" is created at time of system installation. The root user has complete access to all files and folders on the computer, as well as additional administrative access that a normal user does not have. In normal day-to-day usage of your computer, you do not need to log in as the root user. In fact, the root user is disabled by default. For more information about the root user and how to enable it, see technical document 106290 : "Mac OS X: About The root User and How To Enable It".
Issues Related to Permissions
Incorrect permission settings may cause unexpected behavior. Here are several examples with troubleshooting suggestions:
Application installers, Applications folder
A third-party application installer incorrectly sets permissions on the files it installs, or even the entire Applications folder. Symptoms of the Application folder's permissions being set incorrectly include applications appearing in the dock as question marks, and/or not being able to connect to the Internet. It is also possible that software installed while logged in as one user will be inaccessible when logged in as another. To avoid this, make sure you are logged in with your normal user account when installing software that you wish to use with that account.
Files created in Mac OS 9
Files created in Mac OS 9 may appear in Mac OS X with root ownership. When you start up in Mac OS 9 on a computer that also has Mac OS X installed, you can see, move, and delete all files, giving you the equivalent of root access. For this reason it's a good idea not to move or open unfamiliar files or folders when started up in Mac OS 9.
Power interruption
The file system may be affected by a power interruption (improper shutdown) or when it stops responding (a "hang" or "freeze"). This could affect permissions. To troubleshoot this issue, see technical document 106214: "Mac OS X: Why, When, and How to Run fsck for File System Maintenance".
Software access=user access
Most applications executed by a user only have access to the files that the user has access to. Backup software, for example, may not back up Mac OS X system files that have root ownership.
Emptying the Trash
In some circumstances, folders for which you do not have write permission can end up in the Trash; and you will not be able to delete them or the files contained in them. Remember that in Mac OS X there is not a single Trash folder. Instead, each user has a Trash folder in the Home directory. There is also a Trash folder for the startup volume, and Trash folders for other volumes or disks. The folder in a user's Home is named ".Trash". When a user throws away a file on a local non-startup volume, the name of the folder is named "/.Trashes/UID", where UID is the user ID number of the user (which may be seen in NetInfo Manager). In either case, all Trash folders are hidden from the user in the Finder. In these situations you can either start up into Mac OS 9 to locate the files and delete them, or you can use the Terminal application. Issues with emptying the Trash are much less likely to occur in Mac OS X 10.2 or later, since the Finder empties the Trash as the root user. However, issues may still occur with files on remote volumes for which your local root user has no special privileges.