1
I've upgraded from El Capitan to High Sierra (beta 9). On El Capitan, running the command chmod -R -r <path to dir>
works fine (revoking read permissions recursively). On High Sierra I get the non-sense error message chmod: <path to dir>: Permission denied
.
Note that additive commands like chmod -R +r <path to dir>
do work fine on High Sierra.
I tested this on the main system volume of my internal MPB disk (APFS file system, because the installer converts HFS+ volumes automatically on SSDs) and on a HFS+ RAM-disk. The behavior was the same.
Is this worthy of a bug report to Apple? Am I missing something?
1Any folder, or specific? I'm thinking SIP... – Tetsujin – 2017-09-24T09:01:27.450
1Is it possible that High Sierra starts doing the permission changes at the TOP folder first? Meaning, maybe it actually removed the read permissions at the top folder, and that prevented chmod from descending any further? – jimtut – 2017-09-25T13:38:52.087
Hm, after a few more tests I found that the issue is also there with El Capitan. I'm addressing a normal empty folder I have created, on which I (by default) have the permissions drwxr-xr-x (so, 755 essentially). Let's say that folder is located at
/tmp/somefolder
, thenchmod -R -r /tmp/somedir
always fails (regardless whether it has child objects or not), whilesudo chmod -R -r /tmp/somedir
succeeds. Why do I need sudo/admin-permissions to recursively remove read permissions from a dir?!? – NameZero912 – 2017-09-26T07:23:27.050After some more experimentation I can say that, even though
chmod -R -r /tmp/somedir
fails, the read-permissions are revoked for/tmp/somedir
, but not for any sub-directories (in case there are any) -sudo
is required to really perform the permission-change recursively. It makes no sense at all, and suggests that chmod is implemented very poorly (and that was never discovered for some reason... it just can't be true!). It seems to me that chmod first applies the operation to the very highest-level directory and then fails to apply it to sub-dirs (and even fails if there aren't any). – NameZero912 – 2017-09-26T07:41:07.577find <path> -d -exec chmod -r {} ";"
is the way to go. – NameZero912 – 2017-09-26T10:29:24.917