By Nic Lindh on Thursday, 22 January 2004
Just spent an incredibly frustrating hour or so. Looks like there’s some strange interaction between Mac OS X and AppleShare IP Server, where permissions get bungled. So I end up with my folder containing grades and things going back five years being readable by all my students. Is that good? No, it is not. As a matter of fact, it’s really really bad. Granted, I doubt any of my previous students are happening to be on campus rooting through my class folder, but it could happen.
You can try to reset the permissions on a folder so group members don’t have access to the folder, but haha! surprise! the permissions don’t stick. Gotcha! The only one who can reset the permissions is the server admin, who in this case is not me, and who has to be chased down.
While trying to get a hold of the admin, I decide to just throw away all the files–I have backups of everything, so let’s just chuck that copy. Well, it’s five years of work, and for some reason a lot of the files are locked. Don’t ask. Something to do with the files being created on Windows machines, then brought over to the Mac. Highly erratic and annoying. To make things even better, some of the locked files are invisible, so the Finder chokes and tells me that “the file blahblah can’t be deleted because it’s locked.” Awesome. Where is that file? Nowhere. Can’t be found.
Here are a couple of Finder improvement ideas for Apple: 1) When you encounter a locked file during file deletion, let me delete all files that aren’t locked. Don’t just throw up an error and stop the entire file delete. There’s another 12,000 files in there I would like to have deleted, please; and 2) When you tell me that the file blahblah is locked, give me an option to reveal that file.
In theory, you can hold down the option key when emptying the trash to get rid of locked files. But on a remote volume the files are deleted immediately–they never go to the trash, so you can’t override the locked file behavior. Argh.
So here I am. 12,000 files to throw away, some of them very sensitive, and a completely uncooperative Finder. Sod it. Let’s drop into the Terminal and nuke ‘em all. Nope. The filesystem is mounted as read-only in the Terminal. Okay, deep cleansing breaths, deep cleansing breaths.
At this point the sys admin appears and is able to reset the permissions. Phew. Everything is safe now, but this little exercise was certainly not good for my heart.
To summarize: If you use AppleShare IP with an OS X client, you are in for a nasty time. Upgrade your server to Mac OS X Server. According to the sys admin, that’s the “solution” Apple gave him when he called in a trouble ticket.