Lost permission for sudo in OSX El Capitan - macos

I'm new to using OSX (using El Capitan 10.11.3) and while trying to change permissions on a file using sudo, I accidentally corrupted it. Now whenever, I try to use sudo to install anything globally, I'm getting the following error message.
sudo: unable to stat /etc/sudoers: Permission denied
sudo: no valid sudoers sources found, quitting
Is there any way to solve it?
I'm also unable to even view the /etc folder
bash: cd: /etc: Permission denied
When I checked permissions on /etc folder, they are as follows
lrwxr-xr-x# 1 root wheel etc -> private/etc

I had the same issue and in my case the permissions of the root folder got corrupted. What people overlook is that / is in fact also a real, normal directory and just like every directory it has ownership and permissions. Ownership should be root:wheel and permission should be 755 (that's rwxr-xr-x).
The easiest way to restore both was starting Script Editor and then typing and running that script:
do shell script "/usr/sbin/chown root:wheel /" with administrator privileges
do shell script "/bin/chmod 755 /" with administrator privileges
You are prompted for amdin password and then chown and chmod come to the rescue. After that sudo was working again.

Disable System Integrity Protection (rootless)
Reboot the Mac and hold down Command + R keys simultaneously after you hear the startup chime, this will boot OS X into Recovery Mode
When the “OS X Utilities” screen appears, pull down the ‘Utilities’ menu at the top of the screen instead, and choose “Terminal”
Type the following command into the terminal then hit return:
csrutil disable; reboot
You’ll see a message saying that System Integrity Protection has been disabled and the Mac needs to restart for changes to take effect, and the Mac will then reboot itself automatically, just let it boot up as normal

Related

cd: permission denied: Downloads on Mac OS terminal

I was trying to connect to an EC2 instance on AWS using chmod and ssh and some how lost permission to cd into my Downloads
Apparently must have messed something up while attempting to do it since it is my first time.
I forgot to cd into the location of my Key and instead and tried a bunch of things that did not work including
chmod 400 /Users/chistopherholder/Downloads
and
chmod 400 /Users/chistopherholder/Downloads/Key-name.pem
when I realized I needed to cd into the location (by looking air a different tutorial on YouTube) I tried and con the permission denied.
How do I revert what I have done? So that I can cd into Downloads like before.
There is a way to reset the permissions on a Mac terminal with by running
diskutil resetUserPermissions / `id -u`
This worked for me and allowed me to cd back into the Download file
What worked for me is resetting the permissions for "Files and Folders" of the Terminal app:
System Preferences -> Security & Privacy -> Privacy tab -> Files and Folders -> find the Terminal.app and check all the boxes next to:
Downloads folder
Documents folder
Desktop folder

MAC: Root User Not Getting Edit Permissions

I have authenticated root user as per this tutorial https://support.apple.com/en-us/HT204012
and edit menu shows Disable Root User option confirming it is enabled.
I am still getting EACCES errors and have to use sudo. Additionally, even with sudo, I am getting an EACCES error about mkdir in an npm package from a terminal script even though I have universal read and write permissions for the whole folder.
Does anybody know what's going on or how I can give myself universal use of the terminal without sudo?
To block malware, resent releases of macOS include System Integrity Protection, which makes the following directories unwritable except as part of an OS upgrade:
/System
/bin
/sbin
/usr (except /usr/local, that's writable)
"many" applications in /Applications
This feature can't be disabled while the system is booted up – it can only be disabled by rebooting off the "recovery" partition using the csrutil command:
Boot your mac holding Command + R before the Apple logo appears
Launch Terminal from the Utilities menu
Run csrutil status to check the status, and csrutil disable or csrutil enable to change it.
Reboot to exit the recovery partition
For more details:
https://developer.apple.com/library/mac/documentation/Security/Conceptual/System_Integrity_Protection_Guide/ConfiguringSystemIntegrityProtection/ConfiguringSystemIntegrityProtection.html

Getting permission denied error when running cf command on mac os x

I have installed Cloud Foundry CLI package on my Mac OS X Yosemite. From the terminal interface when I type cf command, I get the following error
FAILED
Error read/writing config: open /Users/viyer/.cf/config.json: permission denied
How do I fix this? I can't find the file config.json.
I found that removing the .cf directory then running the cf cli fixed it
sudo rm -r ~/.cf
cf -h
That was a bit weird, but I solved it by assigning 777 permission to the folder and config.json.
So, sudo chmod 777 .cf/config.json resolved the problem in my case.
Give it a try!
Cheers!
By default, the cf CLI will try to create and write to a directory named .cf in the user's home directory (i.e. ~/.cf). For some reason the user on your machine doesn't have permissions to create and/or write to that directory.
You can work around this problem by setting the CF_HOME environment variable to another directory that the user does have permissions in.
Unfortunately, no amount of changing permissions on my El Capitan would enable cf to access the config.json file in the .cf folder. I created a new folder in my home space ("CLI") and ensured it had the right permissions and set CF_HOME to point to "~/CLI/" . Just creating the new CF_HOME folder and setting CF_HOME in my .bash.profile was insufficient. I then copied the contents of the .cf folder into my new CLI folder. Finally! cf is working!
Oh, this is interesting. CF on this version of OSX will only run from the home directory, it won't run (it won't find config.json) from anything other than root.
Try this command: sudo chmod -R 777 /Users/{username}/.cf
It worked for me on OS X El Capitan.
The config.json need to have read and write permissions, in my case the .cf folder has root as owner and staff as group, my user on my Mac Yosemite is part of the group staff, but still the config.json file has permission set to 600
to fix this problem you should do:
sudo chmod 666 /User/YourUser/.cf/config.json
Also check the permissions of the .cf folder and check if you can read and write. Do something like this: sudo chmod 755 /User/YourUser/.cf
Delete all the .cf folders from your system and try again. This is something which #broomyocymru has already mentioned above. But still felt this might help users who might not be familiar with shell commands

Unable to save file without password prompt - Sublime Text 3

I'm having an issue all of sudden where I am being prompted on save for the password whilst in Sublime Text 3. I am working locally with Mamp Pro. The prompt message I get on save is:
Sublime Text.app wants to make changes. Type your password to allow this.
If I don't enter the password I get this:
Unable to save ~/Sites/mywebsite/templates/fl_sidebar/index.php
Error: administrator_copy_file(/tmp/.sublba2.tmp,
/Users/myusername/Sites/mywebsite/templates/fl_sidebar/index.php)
failed: AuthorizationExecuteWithPrivileges failed: ffff159a
I've never encountered this error before at all when using Sublime Text so I don't know how to fix it. I had a look at this (How to give Sublime Text 3 write permission to files in web server's DocumentRoot?) and tried the non-command line options, but it did not alter anything.
I stopped running MAMP, checked all permissions on the folder by Get Info, which stated I have read & write privilege. I restarted the Mac and opened up my local development again in sublime, made a change and was instantly asked for the password again.
I'm on OSX El Capitan Version 10.11.2
It appears you do not have write permission to that folder for your user. You can change the ownership of the folder with the following command: -
sudo chown -R INSERT_YOUR_USERNAME_HERE ~/Sites
This will recursively change the ownership of all the files in the ~/Sites folder to your user. Once you have ownership sublime should work correctly again.
In my case I didn't have ownership to the htdocs directory so I did sudo chown -R INSERT_USERNAME /Applications/XAMPP/htdocs

Changing Ownership of a directory in OS X

I've installed homebrew, and am trying to change the write permissisons for the /usr/local/include directory.
When I run 'brew doctor', I get this error message:
Error: The /usr/local directory is not writable. Even if this
directory was writable when you installed Homebrew, other software may
change permissions on this directory. Some versions of the "InstantOn"
component of Airfoil are known to do this.
You should probably change the ownership and permissions of /usr/local
back to your user account.
I tried doing that with chown, but I'm pretty new at this and don't think I was running it correctly. I ran:
chown myusername /usr/local/include
I didn't get any error message, but when I run brew doctor it says I still lack permission to write to /usr/local/include.
Any help would be greatly appreciated!
Edit:
I'm getting an "operation not permitted" error.
cd /usr
chown myusername local
chown: local: Operation not permitted
Simple solution that worked for me:
click on your background to go to finder
click on go and go to folder /usr
right click on local and do get info
unlock the lock at the bottom
click + sign and add your user to the list and give read/write privileges
click on the gear sign at the bottom and choose apply to enclosed items to recurse under that directory and assign privileges too all directories beneath it.
type brew doctor from command prompt to test. My result:
Your system is ready to brew.
On my system, /usr/local is owned by root:admin and is rwxrwxr-x. My user is a member of the admin group, thus has write permissions. I haven't messed with ownership and permissions there, and my Homebrew installation is not complaining, so I assume my setup fits its requirements.
Check the ownership of your /usr/local; if it is owned by group admin, check if your non-adminsitrator account is a member of that group.
You should use: sudo chown username folder
Be careful with the change of ownership
Do not try to change ownership for /usr/ or recursively for /usr/local/
if you are not getting the same error posted in the original question.
You could screw up your system or weakness its security.
Some users can receive with homebrew permission errors that could be solved without changing the ownership of the whole /usr/ or /usr/local/ directories.
According to my experience, in most cases, it is just enough to restore the ownership for /usr/local/Cellar:
sudo chown -R "$USER" /usr/local/Cellar/
Alternatively, if you have a not standard installation
sudo chown -R "$USER" "$(brew --prefix)/Cellar"
You can try use command ls -l. With this command you will see list of files in current directory with some useful information, like who is owner of this file. So you will see if chown worked out. I believe that chown is a right command for changing ownership.
Exactly this problem has just started occuring on my MacBook.
The owner of /usr/local is:
drwxr-xr-x 24 root wheel 768 Apr 9 17:25 local
I am unable to change the permissions and add myself via Finder - I get a "you don't have the necessary permission" error.
Is this maybe due to security changes in mac os? (I have 10.13.6)

Resources