Do I need to restore directory permissions to their state prior to a reverted homebrew installation?

2

1

I'm trying to back out of a homebrew installation on OS 10.8.2 and am not sure I understand what I need to do to (or whether I need to bother to) restore permissions to what they were before the installation. I've performed all the other suggested steps and want to make sure about the final step of restoring permissions on certain directories to their pre-installation state.

What exactly did homebrew do to my permissions on these directories? Is it safe to leave them changed, or does leaving them changed pose a security risk? Is it perhaps advantageous to leave them changed, so that so that other package managers work more smoothly?

orome

Posted 2012-12-26T15:44:18.540

Reputation: 205

Answers

2

What exactly did homebrew do to my permissions on these directories?

As far as I can tell, Homebrew lets your user own /usr/local, with the group set to admin (or staff). This applies to all subdirectories created through Homebrew within that directory. By default, I believe /usr/localis owned by the wheel group.

The other directories in /usr/local (i.e. non-Homebrew) will probably be owned by your user but might have other group ownerships (e.g. staff, wheel). See: What is the difference between default groups on Mac OS X?

Finally, to see what permissions Homebrew works best with (or ships with?), check out this Gist: Fix permissions on /usr/local for Homebrew.

Is it safe to leave them changed, or does leaving them changed pose a security risk?

By default, /usr/local isn't used for anything on OS X.

You can safely leave it owned by your user and the admin group. When other installers put files and directories there, you'd be prompted for root access if they needed it, but this is unlikely to happen and would somewhat defeat the purpose of having a user-owned directory.

It's definitely not a security risk.

Is it perhaps advantageous to leave them changed, so that so that other package managers work more smoothly?

If a package manager needed to change permissions to be installed or work smoothly, it'd prompt you to. Even Homebrew checks the permissions and should warn you if they don't match certain criteria. You can confirm this by calling brew doctor.

MacPorts for example won't even use /usr/local, but will install everything under /opt/local by default. Of course you can put it in /usr/local as well, but the MacPorts installer should take care of the permissions here. I'm fairly certain it would change ownership to root here, whereas Homebrew works without elevated privileges.

Oh, and running MacPorts alongside a package manager that lives in /usr/local is not a terribly good idea. See the MacPorts FAQ.

Fink again uses /sw instead of any of the former directories and violates the Filesystem Hierarchy Standard in some way. It can also be installed to /usr/local, and the same things as for MacPorts apply here as well.

slhck

Posted 2012-12-26T15:44:18.540

Reputation: 182 472

Asked: 2012-12-26T15:44:18.540

Viewed: 424 times

Active: 2012-12-26T16:35:59.657