With the advent of OS X 10.11 El Capitan, the hardships of rootless mode became real. This new mode is a security feature by blocking the writing to any system controlled areas of your Mac. That means, you can only edit and change things in the home directory.
For many of us, that poses a real problem. I love Homebrew, but it puts everything in the
/usr/local directory. On a fresh install of El Capitan, that directory doesn’t exist and you can’t normally create it.
On an upgraded system that already has that directory, the owner becomes root (and everything in it!). This totally breaks Homebrew with an Operation not permitted error message. Worst of all, if you fix it, the next update breaks it again. My system has updated El Capitan twice and each time I have had to fix it to properly use Homebrew.
If you are not familiar with using the command line and the most commonly used commands, please read The Command Line is Your Best Friend tutorial first. This tutorial does a great job of explaining the basics of using the command line.
If you are unfamiliar with Homebrew, please read the tutorial Homebrew Demystified: OS X’s Ultimate Package Manager.
The Sudo Command
sudo command stands for Super User DO. It allows you to run any other terminal command as the superuser or more commonly referred to as the root user. The superuser is the top boss of the computer. The superuser can do anything on the computer both to fix and to destroy.
The use of this command can be very dangerous.
This command is in the
/usr/bin directory. You first need to ensure you have that directory in your path. Therefore, run this command in the terminal:
env | grep "PATH"
In the line that starts with
PATH=, check for the path
/usr/bin in the colon separated list. If it isn’t there, add this to the
~/.bashrc file for the bash shell or the
~/.zshrc file zsh for the zsh shell:
Now, you can use the sudo command. Some might be thinking that this is the default, but I have found some systems missing this configuration. I debug computer problems for many people and have seen the
/usr/bin directory missing from many peoples login scripts.
To use the
sudo command, you type the command line you want to perform after
sudo with a space.
For the example of fixing Homebrew, you need to change the ownership of the directory structure to the login name. If you are not sure what the system is using for the login name, open the Terminal.app in the home directory and type:
ls -ld .
ls command will LiSt the contents of a directory. The flags
ls to show the long view with file attributes (l), and only the directory (d). The
. means the current directory. This should produce an output similar to this:
drwxr-xr-x 132 raguay staff 884 Nov 6 14:11 .
raguay is the login name on my system. It will be different for you and is the name to which you need to change the
Now, to fix ownership of the
/usr/local/ directory, you need to use the
chown command. The
chown command stands for CHange OWNer and that is what it does. On my system, the command is:
sudo chown -R raguay /usr/local
-R flag tells
chown to change the ownership recursively. That means, every file and directory in
/usr/local will have their owner changed to
raguay. You have to change the user name to reflect your system.
Above, you can see the error message when trying to change the
/usr/local directory ownership without using
sudo. I didn’t use the
-R flag as it would of generated an error for every file and directory. The next command line uses the
sudo command. The command will ask for your password and then perform the action without errors.
As I have said, this gives you a lot of power over the system. Be very careful, you can cause the system to be unusable using the
sudo command. For example, the command line to delete a file is
rm for ReMove a file. If you type:
sudo rm -R /
You will erase everything on the hard drive. That would mean you would have to totally reinstall your operating system, any programs you had, and all your data files from a backup. If you do not have a backup, well, it is just all gone.
chown command can make things unusable. If you change the owner of all the files in the
/Applicatons directory to a name that doesn’t exist, then you will not be able to run any of your applications in that directory.
Therefore, be very careful how you use the
Now that you now how to fix ownership problems on your Mac, you have the knowledge to fix similar problems you might have in the future. Just remember to use the command very carefully and check the command you type before giving your password.
Once executed, undoing it can be hard to nearly impossible without a complete reinstall of the operating system.