Default permissions / rights / ownership in /Applications

Discussion in 'Mac Programming' started by DennisBlah, Oct 30, 2014.

  1. DennisBlah macrumors 6502

    DennisBlah

    Joined:
    Dec 5, 2013
    Location:
    The Netherlands
    #1
    Hi all,

    as I'm developing applications for in-house, lately I made an autoUpdate tool.
    This autoUpdate tool will be installing and copying applications from a fileshare to /Applications.

    However the rights are not correct of the apps it's copying and of the app itself. For the current logged in user its fine.

    How can I fix these ownership and rights in /Applications manually ?
    I prefer with terminal
    chown root:wheel
    chmod ???

    Does anyone have a clue ? My applications now can only be opened by the user that was logged on when I copied the application to the mac.
     
  2. DennisBlah thread starter macrumors 6502

    DennisBlah

    Joined:
    Dec 5, 2013
    Location:
    The Netherlands
    #2
    Just to clarify my issue.

    The applications show up as 'Zero bytes' on other useraccounts.
     
  3. subsonix macrumors 68040

    Joined:
    Feb 2, 2008
    #3
    Looking in the Applications folder here it's a mixed bag of owner:admin and root:wheel. But for the mode it looks like this: rwxr-xr-x so for chmod that would be:

    Code:
    chmod ugo+rx /Applications/Target.app
    chmod u+w /Applications/Target.app
    
    Or in one go with the octal mask.

    Code:
    chmod 0755 /Applications/Target.app
    
    BTW, you can see the octal mask value with:

    Code:
    stat -x /Applications/Target.app
     
  4. DennisBlah, Oct 30, 2014
    Last edited: Oct 30, 2014

    DennisBlah thread starter macrumors 6502

    DennisBlah

    Joined:
    Dec 5, 2013
    Location:
    The Netherlands
    #4
    Thanks ! I'm gonna give it a try right now. The applications still show up as Zero bytes on other user accounts :( While on the 'original' user that got it installed through the updater, the apps work fine...
     
  5. DennisBlah, Oct 30, 2014
    Last edited: Oct 30, 2014

    DennisBlah thread starter macrumors 6502

    DennisBlah

    Joined:
    Dec 5, 2013
    Location:
    The Netherlands
    #5
    This is what stat -x shows up for lets say... FireFox.app

    Mode: (0775/drwxrwxr-x) Uid: ( 0/ root) Gid : ( 80/ admin)

    And this for one of my installed applications after using these commands you gave me.

    Mode (0775/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 2351234/MyDomain/Domain Users)

    Even after throwing chown root:admin over it, does not solve the problem
    However it dit changed gid to 80/admin
     
  6. subsonix macrumors 68040

    Joined:
    Feb 2, 2008
    #6
    Not sure what is going on, but perhaps you can confirm in some way that the copying works as expected, since the copy ends up as zero bytes in size.
     
  7. DennisBlah, Oct 30, 2014
    Last edited by a moderator: Oct 30, 2014

    DennisBlah thread starter macrumors 6502

    DennisBlah

    Joined:
    Dec 5, 2013
    Location:
    The Netherlands
    #7
    This is exactly whats going on:

    Running applescript:
    Code:
    set tFile to "/Users/myUsername/Public/.autoupdate/seaLion.app"
    do shell script "sudo rsync -ardv " & (quoted form of tFile) & " /Applications/" user name "admin" password "pass" with administrator privileges
    do shell script "sudo chmod 0775 " & (quoted form of tFile) & " /Applications/" user name "admin" password "pass" with administrator privileges
    do shell script "sudo chown root:admin " & (quoted form of tFile) & " /Applications/" user name "admin" password "pass" with administrator privileges

    This will end up with the file copied to /Applications
    Having the permissions and ownership fixed like your examples, and compared with FireFox.app in my Applications.

    seaLion.app working fine, however, I log out and login as a different user, it shows up as Zero bytes.

    When I go back to the previous user, it works fine.


    (I used rsync because it would take over all rights and stuff, done the same thing with cp -r and ends up the same)
     
  8. DennisBlah, Oct 30, 2014
    Last edited: Oct 30, 2014

    DennisBlah thread starter macrumors 6502

    DennisBlah

    Joined:
    Dec 5, 2013
    Location:
    The Netherlands
    #8
    It seems like that the file is an hardcopy on another users account
    When I copy the Zero bytes application to the users desktop it works from desktop

    I remember reading something about 'hard link' a few days ago when I started facing this problem
     
  9. DennisBlah thread starter macrumors 6502

    DennisBlah

    Joined:
    Dec 5, 2013
    Location:
    The Netherlands
    #9
    Best proper way to copy applications to /Applications

    Hi all,

    in addition to this topic, I thought maybe I should post this in the programming topic as well.

    I'm working on a 'autoUpdate' tool, that will mount an hidden folder (located in the public folder of every user, if not it will be created) to one of our internal windows fileshares.

    Then based on the type of file, .app, .pkg, or any other
    it determines if it needs to be copied to /Applications, installed, or just copied to the users desktop. Meanwhile an little check to compare last edited datetime with the small .plist 'database' to see if it needs to be updated or not.

    Something is going wrong at the moment of copying files to /Applications.

    For the current user where the autoupdater copied applications to the /Applications folder, the apps work fine. However when an different user logs in (LDAP), these applications, are marked as 'Zero bytes' and can't be opened. However when the user copies the application to its desktop, its working fine.
    (Looks like an 'hardcopy')

    I think I can change the rsync command for cp. (I thought rsync takes over permissions and owner), but this still does not fixes my problem.

    Down here a stripped down snippet of my code.

    Code:
    for(int a=0; a<[appFiles count]; a++) {
       NSString *curApp = [NSString stringWithFormat: @"%@.%@", [appFiles objectAtIndex: a], [appTypes objectAtIndex: a]]];
    
    //Some checks if current file already is in 'db'
    
       if([[appTypes objectAtIndex: a] isEqualToString: @"app") {
          //Check if app is running, if so, kill process (If its not this tool)
          [self killRunningApp: [appFiles objectAtIndex: a]];
          NSString *theScript = runApplescript([NSString stringWithFormat: @"set tFile to \"/Users/%@/Public/.autoupdate/%@/%@\"\n\
             do shell script \"sudo rsync -ardv \" & (quoted form of tFile) & \" /Applications/\" user name \"adminUser\" password \"adminPass\" with administrator privileges", NSUserName(), [appFolders objectAtIndex: a], curApp]);
          //[appFolders objectAtIndex: a] ? Whats that? That's the subfolder determined by IP of current user, which department, which apps needed
          if(theScript == nil) {
             //If succeed, set permissions
             runApplescript([NSString stringWithFormat: @"set tFile to \"/Applications/%@\"\n\
                                            do shell script \"sudo chmod 0775 \" & (quoted form of tFile) user name \"adminUser\" password \"adminPass\" with administrator privileges", curApp]);
             runApplescript([NSString stringWithFormat: @"set tFile to \"/Applications/%@\"\n\
                                            do shell script \"sudo chown root:admin \" & (quoted form of tFile) user name \"adminUser\" password \"adminPass\" with administrator privileges", curApp]);
             //Mark in tableview as installed.
          } else {
             //Mark in tableview as failed.
          }
       } else if([[appTypes objectAtIndex: a] isEqualToString: @"pkg") {
          //Copy to public folder, and install,remove install file from public folder
       } else {
          //Copy to current user desktop
       }
    }
    
    Hopefully someone can help me out here, this is an pain for more than a week now
     
  10. chown33 macrumors 604

    Joined:
    Aug 9, 2009
    #10
    "Hardcopy" doesn't make sense. That would be a printout onto paper or other physical medium.

    Maybe you mean "hard link":
    http://en.wikipedia.org/wiki/Hard_link

    Accuracy is important in programming.
     
  11. DennisBlah thread starter macrumors 6502

    DennisBlah

    Joined:
    Dec 5, 2013
    Location:
    The Netherlands
    #11
    Sorry Chown,

    indeed I mean 'hard link'

    its been a while ago I readed something about this.

    Any idea how to prevent this and keeps it working from /Applications folder?
     
  12. subsonix macrumors 68040

    Joined:
    Feb 2, 2008
    #12
    Your snippet uses Obj-C, which calls AppleScript, which calls shell script.

    Perhaps you could start with only shell script copying one file, or even do it manually to have a simple test case, then expand from there. It's just less things that can go wrong.
     
  13. DennisBlah, Oct 30, 2014
    Last edited: Oct 31, 2014

    DennisBlah thread starter macrumors 6502

    DennisBlah

    Joined:
    Dec 5, 2013
    Location:
    The Netherlands
    #13
    Also when I do it manually, drag & drop from share to Applications, authenticate as admin, the apps show as Zero bytes on the other users.

    Even after chmod 0775, chown root:admin and touch it still shows as Zero bytes.

    But with stat -x it appears the same as FireFox, which works on all users.
    Except that FireFox has an @ and my application a + in ls -l

    Firefox: drwxrwxr-x@
    my app: drwxrwxr-x+

    I runned diskrepair before copying, and after copying, after setting the permissions and owership again, and still showing as Zero bytes, I can copy the file to a users desktop with Authenticating and then it still works.
     
  14. subsonix macrumors 68040

    Joined:
    Feb 2, 2008
    #14
    I was thinking of using rsync manually from the terminal, but you managed to find an even simpler test. At this point, it seems to not be related to your program at all. Perhaps the issue is on the Windows machine and related to what can be copied where and by whom.
     
  15. DennisBlah thread starter macrumors 6502

    DennisBlah

    Joined:
    Dec 5, 2013
    Location:
    The Netherlands
    #15
    Dear subsonix,

    I found the following tool from 'ohanaware' : Permission Reset.
    This tool, wil reset the permissions and works like a charm.

    However, I believe the problem is in the way my tool copies the application.
    I also tried almost everything manually.

    cp -rp
    rsync -axog

    I first runned the Permission Reset on my mac, and throwed the files with correct permissions on the share.

    On clients, manually looking up permissions from the share, it looks fine. (With right-click, file info, sharing & permissions)
    Once being copied, with either 1 of the two commands I just mentioned.

    The permissions and owners are not being kept. They change to current user, and 'everyone' has 'no access'

    Afterwards using chmod and/or chown, still ends up with the same issue for other users.

    If I afterwards use this 'Permission Reset' on the apps, its all fine.
    I already contacted the developers of this apps, for any advice.

    Maybe you have any clue ?
     
  16. subsonix macrumors 68040

    Joined:
    Feb 2, 2008
    #16
    Why, if you had the same issue when performing a drag and drop manually? You have then left out your tool completely from the equation, but the issue still persist.

    I don't know, but just looking for Windows share permissions came up with this.

    http://serverfault.com/questions/45...m-creating-copying-moving-anything-except-exe
    http://serverfault.com/questions/4706/preventing-folders-from-being-deleted-moved-on-a-share?rq=1
    http://technet.microsoft.com/en-us/library/cc772675(v=ws.10).aspx
     
  17. DennisBlah thread starter macrumors 6502

    DennisBlah

    Joined:
    Dec 5, 2013
    Location:
    The Netherlands
    #17
    The account we use to set the files to the share is an Administrator account with all access and permissions. The account which my tool uses to get there, is an read only account.
    After I put my apps on the share, and I manually connect there without the app and I look into the File info of the applications on the share, its full with permissions etc. Just right when its being copied form share to lets say desktop, or Applications, the permissions changes, even when I use --preserve permissions and groups in the commands

    btw. ALL shares in our network are being used only with iMac's and Macbooks.
    The reason we are not on a xserver is because Apple stopped producing and supporting these servers.
     

Share This Page