Restoring lost group permissions on mac

Using mac's terrible file sharing prefs, I managed to goof up permissions on my Documents directory. My non-Documents directories have permissions like this:

drwx------+ for .
drwxr-xr-x+ for ..
-rw-------@ for .DS_Store

drwxr-xr-x  for most folders
drwxr-xr-x@ for some folders

-rw-r--r--  for some files
-rw-r--r--@ for some files

My Documents directories have permissions like this:

drwx---r-x+ for .
drwx---r-x+ for ..
-rw----r--@ for .DS_Store

drwx---r-x+ for (all?) folders

-rw----r--@ for some files
-rw----r--+ for some files

It looks like everything that should have group read access is missing it. I realize that chmod can help, and that it has a -R recursive option, but I'm reluctant to start experimenting and mess things up more. In particular, I don't want to set group read in places where it shouldn't be there. Also, I want to change just some bits, leaving the others alone.

Can anyone provide advice about getting this fixed?

Not sure if it's relevant, but I got into this by trying to allow another user on the same machine read/write access to my main user's Documents. In sharing prefs, I tried adding the Documents folder to the list of shared folders and setting everyone to read (or at least read), but in the process, I think I deleted the "staff" group, whatever that is.

danh

Posted 2013-02-15T20:06:12.963

Reputation: 143

Ignore the @, that's just extended attributes. Run ls -lae to get the ACL information (indicated by +) that might override regular Unix permissions (they probably shouldn't be there except maybe on the Documents folder itself). Default permissions are 700 for the Documents folder, 755 for all contained folders, and 644 for all contained files (and we can probably ignore execute permissions). staff is the main group of all actual user accounts (as opposed to system internal users). – Daniel Beck – 2013-02-15T20:12:57.897

Answers

In a pinch, you can add group read/write permissions by entering your Documents directory and issuing:

chmod -R g+rw *

If you need to fix the ownership you can do:

chown -R user.group *

[Obviously you replace user and group with actual an user and group name]

Now you just need to fix the directories.

find . -type d | replace ' ' '\ ' | xargs chmod g+x

The above call finds all directories, then escapes spaces with a backslash (required for passing to xargs), then adds group execute permissions to each. The replace command is part of mysql. If you don't have that you can use sed 's/ /\\ /g'

Disclaimer that my Linux distro is Slackware. I would expect this to work on Mac, but I can't test. You can replace xargs chmod g+x with echo | more if you want to do a sanity check.

Note that you can pipe the output to file first:

find . -type d | replace ' ' '\ ' > dirs.txt

Then you can review that file and use a text editor to remove any directories you don't want to change. Then instead of the recursive calls to chmod, you can do:

cat dirs.txt | sed 's/$/\/*/' | xargs chmod g+rw
cat dirs.txt | xargs chmod +x

The sed call just replaces the end of each line with '/*' to mean all files in directory.

paddy

Posted 2013-02-15T20:06:12.963

Reputation: 1 119

If I recall, the + attribute after the standard ls rwxrwxrwx signals ACLs. I'd be careful because your group read access might be a part of the ACL scheme.

mdpc

Posted 2013-02-15T20:06:12.963

Reputation: 4 176