Previous 1 2 Next 20 Replies Latest reply: May 5, 2008 8:11 AM by fayjon99
fayjon99 Level 1 (0 points)
Hello all newbie here. I thought I would best post my own question instead of embedding it in another person's question.

I installed Leopard this weekend and now have a permissions problem. The folders of my hard drive are now set to 'custom access', and when I try to delete files, it now asks me for my admin password. This did not happen before in Tiger.

1) The computer normally logs in with my username (I am also the admin).

2) I checked info on the "Macintosh HD" icon, and the sharing and permissions information says "You can read and write", the users in the list below that are: "system" with privileges "read and write", "admin" with privileges "read and write", and "everyone" with priveliges "read only".

3) When I check the folders in the hard drive, eg my pictures, the sharing and permissions information says "You have custom access". The users in the list below that are: "my username (me)" with privilges "read and write", "unknown" with privileges "read only", and "everyone" with privileges "read only".

It seems that the computer does not recognize me as admin? I have run the repair permissions to no avail.

I read the topic: and ran the terminal suggested by joshz, but nothing changed.

Thank you for your attention.

imac core2duo 17inch 2ghz 2gb ram, Mac OS X (10.5.2)
  • kdb1 Level 3 (770 points)
  • fayjon99 Level 1 (0 points)
    Thank you for your suggestion. I tried it but to no avail.

    Some comments when I tried to follow the kb.
    When I was logged in as System Administrator (root):

    1) where the kb says to "Go to Accounts preferences and check (enable) "Allow user to administer this computer" for the affected user", when I did that, the selection was greyed out, but it was already ticked to allow to administer.

    2) I checked the permissions on the Macintosh HD, it says that I had "custom access", and the users listed below were:
    - "root (me)" with "Read and Write" privileges
    - "admin" with "read and write" privileges
    - "everyone" with "read" privileges.

    3) I then checked permissions from a file in the "all documents" list. It said that I had "custom access", and the users below were:
    - "everyone" with "custom" access
    - "my username (the one that is giving me problems)" with "read and write"
    - "unknown" with "read only" privileges
    - "everyone" with "read only" privileges --- (2 'everyones'???)

    I logged out and logged back in using my usual username but nothing was solved. Also, when I went to disable the root user (as suggested by the kb), the choice was to ENABLE the root. Even when I selected that, it would not change!

    Another comment: when I click on a folder "get info", and try to make my username as the owner, the choice is greyed out...

    Thanks for the assistance so far.
  • kdb1 Level 3 (770 points)
    It may be easier to back-up what you can and start again with a fresh install.
  • fayjon99 Level 1 (0 points)
    Is there something else I can try before doing that? Mainly because I would need to buy a hard drive, plus having to reinstall all the software?
  • joshz Level 4 (3,280 points)
    I read the topic: and ran the terminal suggested by joshz, but nothing changed.

    The steps I suggested were diagnostic, and only for your home folder.
    You should run: ls -aleO@ /

    Then you need to post the results of that command up, so we can take a look at them.

    If you used "Apply to enclosed items", however, the only thing you can do is re-install Leopard, or, if you backed up before using it, just restore from that backup.

    Good luck!

    Message was edited by: joshz
  • fayjon99 Level 1 (0 points)
    Thank you for your suggestion Joshz. I will do that right now. I don't understand what you meant by "Apply to enclosed items"?

    I have also tried your suggestion:
    1. Put in your install dvd, shut down, and boot holding 'C'
    2. Select a language.
    3. Click Utilities>Reset Password
    4. Click "Reset" at the bottom (it should say something about resetting ACLs and permissions to defaults), then select all affected accounts (DO NOT SELECT "System Administrator (Root)". That is very bad to do.)
    5. Quit all apps, select your macintosh HD, and click "Restart".

    but it did not work.
    I ran the verify permissions and the result was:
    2008-05-05 13:16:12 +0200: Verify permissions for “Macintosh HD”
    2008-05-05 13:21:28 +0200: ACL found but not expected on "private/var/root/Library/Preferences".
    2008-05-05 13:21:28 +0200: ACL found but not expected on "private/var/root/Library".
    2008-05-05 13:21:28 +0200: ACL found but not expected on "private/var/root".
    2008-05-05 13:27:44 +0200:
    2008-05-05 13:27:44 +0200: Permissions verification complete

    Another note: when I create a new folder and put things in it, all the permissions for that new folder are fine, and I can delete it without being prompted for my password.

    I will post the results of your suggestion next.

    Thanks for your assistance!
  • fayjon99 Level 1 (0 points)
    Here is the result of the terminal command you suggested I run:
    Last login: Mon May 5 13:11:22 on console
    Macintosh:~ my-username$ ls -aleO@ /
    total 44245
    drwxrwxr-t 36 root admin - 1292 May 3 17:20 .
    drwxrwxr-t 36 root admin - 1292 May 3 17:20 ..
    -rw-rw-r--@ 1 root admin hidden 12292 May 5 13:11 .DS_Store 32
    drw------- 3 root admin hidden 102 May 2 21:45 .Spotlight-V100
    d-wx-wx-wt 2 root admin hidden 68 Aug 11 2006 .Trashes
    -rw-r--r-- 1 root admin - 0 May 2 20:44
    drwx------ 4 root admin - 136 May 5 13:11 .fseventsd
    -rw------- 1 root wheel hidden 851968 Aug 11 2007 .hotfiles.btree
    -rw-r--r-- 1 my-username admin - 3104 May 5 08:08 .vbt4
    drwxr-xr-x@ 2 root wheel hidden 68 Jul 2 2006 .vol 32
    drwxrwxr-x+ 64 root admin - 2176 May 3 20:21 Applications
    0: group:everyone deny delete
    -rw-r--r--@ 1 root admin hidden 98816 May 4 18:32 Desktop DB 32
    -rw-r--r--@ 1 root admin hidden 45746 Mar 14 2007 Desktop DF 32
    drwxrwxr-x 3 root admin - 102 May 2 22:14 Developer
    drwxrwxr-t+ 56 root admin - 1904 May 3 19:57 Library
    0: group:everyone deny delete
    drwxr-xr-x@ 2 root wheel hidden 68 May 2 21:13 Network 32
    drwxr-xr-x 4 root wheel - 136 May 2 22:06 System
    lrwxr-xr-x 1 root admin - 60 Jan 17 2007 User Guides And Information -> /Library/Documentation/User Guides and Information.localized
    drwxr-xr-x 6 root admin - 204 May 4 19:08 Users
    drwxrwxrwt@ 3 root admin hidden 102 May 5 13:11 Volumes 32
    drwxr-xr-x@ 40 root wheel hidden 1360 May 2 22:01 bin 32
    drwxrwxr-t@ 2 root admin hidden 68 Jul 1 2006 cores 32
    dr-xr-xr-x 2 root wheel - 512 May 5 13:10 dev
    lrwxr-xr-x@ 1 root admin hidden 11 May 2 21:12 etc -> private/etc 32
    dr-xr-xr-x 2 root wheel - 1 May 5 13:11 home
    -r--r--r--@ 1 root admin hidden 616052 May 2 20:22 mach.sym 32
    -rw-r--r--@ 1 root wheel hidden 10276952 Mar 5 06:25 mach_kernel 32
    -rw-r--r--@ 1 root wheel hidden 10709097 Nov 1 2007 mach_kernel.ctfsys 32
    dr-xr-xr-x 2 root wheel - 1 May 5 13:11 net
    drwxr-xr-x@ 6 root wheel hidden 204 May 2 20:22 private 32
    drwxr-xr-x@ 66 root wheel hidden 2244 May 2 22:01 sbin 32
    lrwxr-xr-x@ 1 root admin hidden 11 May 2 21:12 tmp -> private/tmp 32
    drwxr-xr-x@ 11 root wheel hidden 374 May 2 21:41 usr 32
    lrwxr-xr-x@ 1 root admin hidden 11 May 2 21:12 var -> private/var 32
    Macintosh:~ my-username$
  • RodneyW Level 4 (3,030 points)

    As a fellow Tiger upgrader - I have experienced this. There are probably two issues:

    1. The "password to delete" issue is probably because you have inadvertently changed permissions in one of your Home folders, and then pushed the changes into the subfolder through the finder. To fix this, follow the directions at:

    2, The "unknown" user stems from the fact that Tiger (10.4) used to assign each user to a group that has the same name as the username (i.e. a user "fred" would belong to a group "fred"). Leopard defaults to putting all users into a "staff" group.

    However, when you upgraded, Leopard preserved your group identity... which now means that it is a "custom" permission from the perspective of Leopard.

    The "unknown" part stems from a bug in Leopard permission management that causes groups to be "unknown" unless they have a full name. This can be easily rectified using one of the OS X Server tools (called Workgroup Manager). To fix:

    1) Download and install OS X Server tools from

    2) Run Software update (to make sure that you have the right version of the tools).

    3) Open "Workgroup Manager" (Be careful with this tool! It enables you to directly edit users and groups on your computer)

    4) At the login prompt enter:

    Address: localhost
    User Name: your admin username
    Password: your password

    5) Press connect, and then press ok when WorkGroup Manager warns you that you are on a directory node that is not visible to the network.

    6) You should now see a list of users on the left hand side. There are four buttons. The first button, has a single head, the next has multiple heads, the third is a single rectangle, and the fourth is two rectangles. Click on the multiple heads (representing groups).

    7) Click on the group name that corresponds to your user.

    8) Enter a "Name:" above the short name, and press save.

    9) Exit Workgroup Manager

    10) Do a "get info" on one of the folders. You will now see that the shortname for the group is displayed in place of the "unknown". (If this does not work immediately, it might be necessary to logout and then back in to get the changes to take effect).
  • fayjon99 Level 1 (0 points)
    Thanks for the suggestions Rodney! I will try them out. A few questions though:

    1) in your point 1 where you linked to a discussion: the suggestion by user v.k. I would like to know if this is separate lines (after pressing enter) or is it one line?
    *chmod +a "`id -un` allow list,addfile,search,delete,add_subdirectory,delete_child,readattr,writeattr,readextattr, writeextattr,readsecurity,writesecurity,chown,file_inherit,directoryinherit" ~/Public/Drop\ Box*

    2) the "unknown" user I only found whilst logged in as the "System Administrator (root)". Will your suggestion of using the OSX server tools remedy the situation I have (while logged in under my usual admin username), and get back my usual permission (, so that I can rename folders, etc?
  • RodneyW Level 4 (3,030 points)
    1) Yes it is 1 big line.

    2) The first command (removing ACLs from sub-directories) should restore your ability to rename/delete etc. The renaming of Groups is only really necessary if you are annoyed by having "unknown" in your permissions... (I am a bit obsessive about such things).
  • fayjon99 Level 1 (0 points)
    Thanks again!
    One more thing though.. is there a space between "allow" and "list" which was on the second line?

    So in total there are three commands to run on terminal:
    1) *chmod -R -N ~*

    2) *chmod +a "everyone deny delete" ~/ ~/Desktop ~/Documents ~/Downloads ~/Library ~/Movies ~/Music ~/Pictures ~/Public ~/Sites*

    3 *chmod +a "`id -un` allow list,addfile,search,delete,add_subdirectory,delete_child,readattr,writeattr,readextattr, writeextattr,readsecurity,writesecurity,chown,file_inherit,directoryinherit" ~/Public/Drop\ Box*

    And this will fix the permissions?

    btw, I went to school for a few years in the country above yours, PNG.
  • RodneyW Level 4 (3,030 points)
    Yes... there is a space between allow (the verb) and list (one of the permission). The third command is simply resetting the permissions for your Public Drop box (to allow you to perform the various actions listed).

    I've never been to PNG.... although I have friends who do some mission work there. Fascinating, beautiful, wild, (occasionally) scary place! It must have been a good experience.
  • fayjon99 Level 1 (0 points)
    Hi Rodney,

    I tried the first command and what I got was:

    *Last login: Mon May 5 13:43:46 on ttys000*
    *Macintosh:~ my-usrname$ chmod -R -N ~*
    *chmod: Failed to clear ACL on file Commands: Invalid argument*
    *chmod: Failed to clear ACL on file Notification: Invalid argument*
    *Macintosh:~ my-username$*

    PNG is indeed all that.. studied there for half of primary and all of highschool. Scary yes! My parents have many Catholic missionary friends there.
  • V.K. Level 9 (56,110 points)
    I've seen this one a few times. Some Adobe app creates some files in your home directory which are owned by the system instead of you. This should really never happen but it seems to be benign. the command chmod runs as you and not root which is why it fails on those files. You can run

    sudo chmod -R -N ~

    and then you shouldn't see those messages.
    You'll have to enter your admin password (which you won't see). that's normal.
Previous 1 2 Next