The underlying BSD subsystem of Mac OS X, Darwin, uses a unix-style permissions system to determine who can see, access, search and execute files, folders and devices.

Installer packages (.pkg and .mpgk) install software and puts files in various locations throughout your filesystem. The Installer also keeps receipts of these installations to facilitate keeping permissions up to date.

Many, many, many seeminlgy random problems in OS X can be caused by permissions problems; repairing permissions is usually the first step recommended in troubleshooting a problem in OS X.

Instead of waiting for a problem to crop up, why not set up your Mac to automatically repair permissions every night ? Here's how (you'll need administrator access) :

1. Open Terminal.app and type sudo pico -w /etc/crontab and enter your password.

2. You should see a file that has contents similar to this:

# /etc/crontab
SHELL=/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin
HOME=/var/log
#
#minute hour mday month wday who command
#
#*/5 * * * * root /usr/libexec/atrun
#
# Run daily/weekly/monthly jobs.
15 3 * * * root periodic daily
30 4 * * 6 root periodic weekly
30 5 1 * * root periodic monthly
10 * * * * root /sw/sbin/anacron -s

Go to the bottom of the file and add the following line (note: the spaces are tabs!)

# /etc/crontab
SHELL=/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin
HOME=/var/log
#
#minute hour mday month wday who command
#
#*/5 * * * * root /usr/libexec/atrun
#
# Run daily/weekly/monthly jobs.
15 3 * * * root periodic daily
30 4 * * 6 root periodic weekly
30 5 1 * * root periodic monthly
10 * * * * root /sw/sbin/anacron -s

# Repair Permissions, added by me.
0 1 * * * root /usr/sbin/diskutil repairPermissions /
This will, every day at 01h00, repair permissions on the startup volume. Change the frequency to whatever you want, to a different time, once a week, whatever.

Alternatively you can use an application like CronniX (http://www.versiontracker.com/dyn/moreinfo/macosx/9478), instead of the Terminal, to add the line to the system crontab.

Thank you for the quick UNIX crontab primer. My next question would be, does changing the time values for the pre-defined daily/weekly/montly tasks here make them run at better times? I know there are lots of utilities to force run those tasks "now" but I wonder why no one has made such a utility to simply change when they are run automatically. I would think if it was as simple as editing the crontab file, it would have been integrated into Cocktail, etc. by now.

Don

hmm you may be able to enhance performace by also putting in a line to use the command 'update_prebinding'

You might actually want to let anacron handle that - I notice you have anacron in your crontab. The point of anacron is that it can make sure scripts that run with a frequency of days or weeks (not multiple times a day) will be run, even if the computer is not on 24/7 - unlike cron, where if the computer isn't on at 1AM, the job is missed.

Might even want to put periodic daily/weekly/monthly under anacron...

see http://anacron.sourceforge.net/

Hmm interesting...I love free software

One problem with this is that _if_ permissions are hosed, fixing them might not be enough to fix the problems one can have when they're 'unfixed': A reboot is often necessary... So: The cron (or anacron) job does its job, but you don't know whether there actually _were_ problems with permissions. I rather fix permissions once a week by hand - and if I see something weird come up in the process, I also reboot.

Ceterum censeo that Apple should try and fix the problem of always having to fix permissions... *sigh*

Fryke, WeeZer51402 and Apple should have a meeting :)

WeeZer51402, you don't have to update prebinding in OS X 10.3 because fix_prebinding is called every time you launch an application and updates it if necessary.

Fryke is right, Apple should fix this, maybe even in the style of fix_prebinding !

Adding it to the anaccrontab is a better idea, if you have a system that's not always on (like mine is).

So I've heard about the prebindings, has this changed since 10.2 or has it always been this way?

Actually, it was changed in 10.3.4 afaik. But it wasn't entirely solved. What they did was speed up non-prebound applications' start-times in some way, but the prebinding is still 'good' and should be done from time to time (and is done with basically every Apple software update...).

_I've_ been told "you should never need to update prebindings in Panther" by several people.

But I suppose doing it can't hurt.