I am getting the following warnings when I run homebrew or any of the ruby web servers locally.
Does anyone know how to get them to go away?
larson:local larson$ brew doctor
/usr/local/Library/Homebrew/global.rb:65: warning: Insecure world writable dir /Users/larson in PATH, mode 040757
/usr/local/bin/brew:74: warning: Insecure world writable dir /Users/larson in PATH, mode 040757
/usr/local/Library/Homebrew/global.rb:65: warning: Insecure world writable dir /Users/larson in PATH, mode 040757
/usr/local/bin/brew:74: warning: Insecure world writable dir /Users/larson in PATH, mode 040757
Your system is raring to brew.
Just remove world write permissions from the directory. As it's your home directory, it really shouldn't have them
chmod o-w /Users/larson
Make the directory not world-writable.
chmod o-w /Users/larson
Change the permissions on the indicated directories to remove the world-writable bit.
as in
chmod 750 ${directory}
Edit: This isn't just your home directory, ruby will gripe if any part of the path contains a world writable permission, since the ability to write to a directory means you can delete any file in that directory, even if you don't own it. Then you can recreate the directory structure and put your own files in place, potentially substituting malicious code.
In other words, if the Users directory is also world writable, it will also cause the error to pop up.
To get them all in one whack:
sudo chmod -R 750 /Users
Related
I was looking at this article.
It recommends allow the usage of dtrace without root for current user, so I run:
$ sudo chmod u+s /usr/sbin/dtrace
Password: # I enter in my password
chmod: Unable to change file mode on /usr/sbin/dtrace: Operation not permitted
Does anyone know if I should, and how I should, allow dtrace to run without root permissions?
I'm not sure what article you were reading, but its advice is unsafe and incorrect. You should never change permissions on files stored in system locations, like /usr/bin and /usr/sbin. (Indeed, System Integrity Protection makes this impossible.)
If you need to use dtrace, run it using sudo.
My /home directory is having very less memory. But some of my programs which are running in production will create dynamic files in '/home' directory.
The problem is if it reaches to 100% then my program doesn't work. So I have to manually go and delete the files or copy the files.
So rather than doing that I want to redirect the files from '/home' to '/tmp' directory in unix by default.
Please give me some thoughts.
You have at least two ways to do:
if you can config your program to export files to other dir, do this.
if you cannot do anything on the program, you can create a cron job, remove/cp those files automatically
If the program creates files under it's own directory, you can create a symlink:
# Create directory in /tmp
mkdir /tmp/myprog
# Set permissions
chown "${USER}:${USER}" /tmp/myprog
chmod -R o-x /tmp/myprog
# Create symlink at /home/myprog
ln -s /tmp/myprog "${HOME}/myprog"
I'm running Fedora on a laptop with a small SSD and large HDD. I've got the OS installed on the SSD and my data on the HDD.
All my files are located at /run/media/kennedy/data/Kennedy
What I had before (and want again) is a symlink from /home/kennedy to that location. That way I'm not messing with actual /home, but when I am in /home as normal user, all my things are easily accessed and stored with plenty of space. Right now /home/kennedy has the standard directories; desktop, documents, downloads, and so forth. No files worth worrying about.
So I opened a shell, logged in as su, and entered
ln -s /home/kennedy /run/media/kennedy/data/Kennedy
expecting that when I cd /home/kennedy and ls, I would see all my lovelies. Instead, I see that standard folders and nothing more. Whisky Tango Foxtrot, over.
edit to add: I'm pretty sure the permissions are right, but only pretty sure. How do I check and correct that (if off)?
You have to reverse the arguments:
ln -s /run/media/kennedy/data/Kennedy /home/kennedy
This will:
run successfully if /home/kennedy doesn't exist (kennedy would be the new symlink)
fail if /home/kennedy exists and it is not a directory (symlink or a regular file); need add -f flag in such a case - ls -sf ...
if /home/kennedy is a directory, then the symlink will be created as /home/kennedy/kennedy
See this related post: How to symlink a file in Linux?
You have the command backwards, it should be:
ln -s /run/media/kennedy/data/Kennedy kennedy
Invoke the command while you are in your /home directory, then you should be set.
I have a file I downloaded from the Internet. When I run it in the osx terminal, one of the automated things it does is make a new directory in my /usr/local/bin, but this fails as terminal says that permission is denied. How do I give this file permission to execute the mkdir command? I know how to give myself permission with sudo, but not how to give this file permission to do the same on its own.
You can give your user permission to that folder by running sudo chown -R $(whoami) /usr/local/bin/. Once you make sure you own the directory and sub-directories (ls -l /usr/local and ls -l /usr/local/bin) your script should be able to write to those directories as well.
As a general rule of thumb, sudoing to work around permission errors just makes the problem worse. Fixing the underlying permissions take a few extra minutes but is better in the long run.
i'm trying to make a file removable just by root user In mac 10.10.
i was try this :
chown root <fileName>
but other user can remove it;
any idea?
As an alternative to changing the permissions on the containing directory, you can set the uimmutable flag on the file:
sudo chown root foo
sudo chflags uimmutable foo
Now only root will be able to delete foo. Note, though, that nobody will be able to modify the file, either. Root could remove the uimmutable flag and then modify it, of course, but that opens a window for others to delete it.
The act of removing an entry in a directory modifies the directory, but not the file. (When you remove a file, you are unlinking the name from the file and the link count on the file is decremented. The file itself may not be deleted, but will no longer be accessible by the name that was removed.) In order to ensure that only some process with root privilege can unlink a file, you need to modify the permissions on the directory. So to ensure that no-one but root can delete the file /p/a/t/h/file:
sudo chown root /p/a/t/h # make root the owner of the directory
sudo chmod og-w /p/a/t/h # remove write permissions from other and group
Note that this is less fine grained that you might like and will prevent non-root users from removing or creating any files in /p/a/t/h.