 |
 |
10.5.5 permissions issue
|
|
|
|
|
Mac Enthusiast
Join Date: Apr 2003
Location: Seattle
Status:
Offline
|
|
I just updated from 10.5.4 to 10.5.5 via Software Update. Booted twice, as expected, and everything seems OK. I repaired permissions and got the following:
Warning: SUID file "System/Library/CoreServices/Finder.app/Contents/Resources/OwnerGroupTool" has been modified and will not be repaired.
Warning: SUID file "usr/bin/lppasswd" has been modified and will not be repaired.
Is this something serious? How do I fix this? Should I be worried?
Thanks.
|
|
|
| |
|
|
|
|
|
|
|
Grizzled Veteran
Join Date: Mar 2004
Status:
Offline
|
|
Originally Posted by Douglashh 
I just updated from 10.5.4 to 10.5.5 via Software Update. Booted twice, as expected, and everything seems OK. I repaired permissions and got the following:
Warning: SUID file "System/Library/CoreServices/Finder.app/Contents/Resources/OwnerGroupTool" has been modified and will not be repaired.
Warning: SUID file "usr/bin/lppasswd" has been modified and will not be repaired.
Is this something serious? How do I fix this? Should I be worried?
Hard to say if it's serious, since the message doesn't indicate how it "has been modified".
For security reasons (it would seem), Disk Utility now refuses to do anything with the file.
Anyway, run these two blue commands and compare their output to mine:
ls -lOeT /usr/bin/lppasswd
-rwsr-xr-x 1 root wheel - 47472 Sep 3 21:24:06 /usr/bin/lppasswd
openssl sha1 /usr/bin/lppasswd
SHA1(/usr/bin/lppasswd)= 3a81c34ddaef4863960f7cf5aa32c1b5bb1d1ea8
Post your output, and maybe someone can recommend a solution.
--
According to...
pkgutil --file-info /usr/bin/lppasswd
volume: /
path: usr/bin/lppasswd
pkgid: com.apple.pkg.BSD
pkg-version: 10.5.0.1.1.1192168948
install-time: 1196363433
uid: 0
gid: 0
mode: 100755
pkgid: com.apple.pkg.update.os.10.5.2.combo
pkg-version: 1.0.1.1191932192
install-time: 1202790807
uid: 0
gid: 26
mode: 104755
sha1: <6f2f1387 246a69c0 fc54701d f4daef44 89a7f7f9>
pkgid: com.apple.pkg.update.os.10.5.3.combo
pkg-version: 1.0.1.1191932192
install-time: 1212023877
uid: 0
gid: 0
mode: 104755
sha1: <b8de2db3 f8e0a555 27742da7 3d8f9121 bf474047>
pkgid: com.apple.pkg.update.os.10.5.4.combo
pkg-version: 1.0.1.1191932192
install-time: 1220481452
uid: 0
gid: 0
mode: 104755
sha1: <b8de2db3 f8e0a555 27742da7 3d8f9121 bf474047>
pkgid: com.apple.pkg.update.os.10.5.5.combo
pkg-version: 1.0.1.1191932192
install-time: 1221531856
uid: 0
gid: 0
mode: 104755
sha1: <3a81c34d daef4863 960f7cf5 aa32c1b5 bb1d1ea8>
...we can see the file came from the BSD package originally, without any suid bit.
Then the 10.5.2 (combo update) set the suid bit, but changed the group to 26 (_lp). 
Remaining combo updates retained the suid bit, but restored the group to 0 (wheel).
At the end there (10.5.5) you can see the sha1 digest matches what i got from command #2.
FWIW,
-HI-
EDIT: ooops, i forgot about the other file there
ls -lOeT /System/Library/CoreServices/Finder.app/Contents/Resources/OwnerGroupTool
-rwsr-xr-x 1 root wheel - 38432 Aug 22 00:12:13 2008 /System/Library/CoreServices/Finder.app/Contents/Resources/OwnerGroupTool
openssl sha1 /System/Library/CoreServices/Finder.app/Contents/Resources/OwnerGroupTool
SHA1(/System/Library/CoreServices/Finder.app/Contents/Resources/OwnerGroupTool)= f57684d10ac1cf817ade56be7d822025e57d6c74
[are you on an intel or ppc Mac?]
(
Last edited by Hal Itosis; Sep 16, 2008 at 07:02 PM.
)
|
|
-HI-
|
| |
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Apr 2003
Location: Seattle
Status:
Offline
|
|
I have an intel MacMini. According to Apple this is a known issue and not a problem and can be ignored.
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: May 2001
Location: Brisbane, Australia
Status:
Offline
|
|
…as with most "errors" during permissions repair.
|
|
|
| |
|
|
|
|
|
|
|
Grizzled Veteran
Join Date: Mar 2004
Status:
Offline
|
|
Originally Posted by Douglashh
According to Apple this is a known issue and not a problem and can be ignored.
Nonsense. Until we see a listing of those files, neither you nor I nor Apple have the slightest idea what's up with them. As I indicated: D.U. refuses to touch any suid file if it appears "modified" (even if it's not supposed to be suid in the first place!!!). One case at MacFixIt (and another at macosxhints) had the suid bit set on /sbin/launchd -- and that caused every program the user launched to be run as root. People there also looked at the Disk Utility report and quoted that same Apple article saying: "this is a known issue and not a problem and can be ignored."
Horse*censored*
I'll concede that in this particular case it might be harmless. And -- if you're not even curious enough to see exactly what's what (by doing a simple ls command) -- then I won't waste any time on it either. Just be aware: all suid errors are not created equal... and some are potentially quite problematic.
(
Last edited by Hal Itosis; Sep 17, 2008 at 07:41 AM.
Reason: added linkages)
|
|
-HI-
|
| |
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Apr 2003
Location: Seattle
Status:
Offline
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Moderator  Join Date: Jan 2001
Location: Polwaristan
Status:
Offline
|
|
If you want to try something else to make it go away, download the 10.5.5 combo updater and run it. Sometimes it will fix issues that the regular updater created or avoided.
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
Are you still able to use the "Authenticate" button in the Finder? If so, relax.
The thing I hate about Repair Permissions is how it's placed in the same context as the regular disk repair tool, causing people to run around like headless chickens if it ever logs anything. Is your system working properly? Then you don't need to worry about Repair Permissions.
|
|
|
| |
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Apr 2003
Location: Seattle
Status:
Offline
|
|
"Authenticate" button in the Finder? What is that?
System is running just fine.
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
When you try to do something that requires authentication, like trying to add something to a folder that's owned by root or trying to change a file's permissions in the Get Info window. I think the OwnerGroupTool binary is in charge of that.
|
|
|
| |
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Apr 2003
Location: Seattle
Status:
Offline
|
|
OK, thanks. No problem with the "Authenticate" button at all i've used it a number of times since the upgrade. No problem logging in or out of my account either.
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
Then I wouldn't worry about it. 
|
|
|
| |
|
|
|
|
|
|
|
Grizzled Veteran
Join Date: Mar 2004
Status:
Offline
|
|
I agree, no need to worry.
Also... no need to wonder, or guess, or assume, or speculate.
There's no need for any mystery whatsoever.
The simple commands posted above will reveal EVERYTHING about those
items anyone would ever need to know (in this thread's context).
The thing I hate about Repair Permissions is how it's placed in the same context as the regular disk repair tool,
Agreed again.
|
|
-HI-
|
| |
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Oct 2008
Status:
Offline
|
|
Funny how things happen,
I did my usual repair permissions this AM and got the same message, tried a few more times and still got the same SUID warning. I then "Updated" from the single to the combo updater and behold, the SUID's are gone. End result, the upgrade does fix it.... for now.
Mike
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
Top