Proper Mac OS X Permissions

I just spent a bunch of time trying to figure out why my Time Machine would not restore data. The restored folders were empty, but the data was on the Time Capsule.

I tried to copy the folder via the Finder and that failed silently as well. Even more oddly, I could open some folders on the Time Capsule and even open the contents of the folder, but if I tried to copy the folder, it said I didn’t have enough permissions.

So after some google searches, I got pointed in the direction of my user’s group setting.

Opening System Preferences, I selected Accounts. I entered my admin password by clicking the padlock, and then I right-clicked my user in the list and chose “Advanced Settings…”

Sure enough, my user’s group value was 501, the same as my user. This means that the operating system stuck me in a group of myself only.

Apparently the proper group should be “staff” or value 20. I changed my group to 20, saved my changes, and now I could restore via Time Machine.

Warning: Changing values in this Advanced Options dialog can be dangerous. Be very careful to only change the group ID if you need to.

Following this, I checked my wife’s Mac. On that machine, my user had a proper group of 20. A user I had created for the Apple Store geniuses to use also had a group of 20. But her user had a group of 502 (her user ID). So we changed it to 20 also.

Older versions of OS X had a default group that was the same as the user. This has changed at some point, but if you have used Panther/Tiger and migrated forward, you might want to check your group ID.

I have suggested to Apple that they check this when updating/installing the OS and offer a fix if they see a bad value here, because it is a very geeky, very unixy, very hidden value that can directly affect a user’s ability to use their Macintosh properly.

Posted in Uncategorized and tagged . Bookmark the permalink.