Apple has dramatically changed the file sharing preferences pane in Leopard. Much of what has changed is just in the GUI but for many who only use this layer some features are very new. At issue is the Users window inside the preference pane (see pict below). This area gives you the ability to set user permissions on a shared folder. By default the Everyone group shows up in this list with read only access to the public folder of the user who is currently logged on. Pretty standard and not anything new for most. Apple has disabled the ability to remove the Everyone group from this pane by greying out the '-' option in the field. While the exact mapping of the "Everyone group" to a standard Unix group like Wheel is not clear it would appear that Everyone is very important and really is something integral to the system function (post if you are aware what group it maps to). Now comes the area where it gets tricky. If you select the Everyone group and hit the DELETE key on your keyboard, you can remove the Everyone group from the share entirely. Logic would follow that this would action should simply remove the permissions from that folder as it would in any POSIX system but the results of doing this actually have a much bigger impact. The result of this action is the actual removal of this "Everyone" group from the root of the drive thus rendering the system unable to boot. While several have reported this as a bug, and it may be, the behavior seems to be something that was missed in user acceptance testing more than a bug (save the fact that the root of the drive is involved).
Several posts claim to have a fix, that will save the system. Our testing was able to reproduce the problem consistently but recovery efforts, while successful, were not as consistent.
In the end the message here is "DON'T REMOVE THE EVERYONE GROUP" from your shares here in Leopard's preferences pane.
CHMOD is still a great way to control access to folders and files in your system and one that gives you the control over the details group assignments more detailed fashion.
-ZuCom
No comments:
Post a Comment