主页 / unix / 问题 / 507063
Accepted
nneonneo
Asked: 2019-03-19 13:47:33 +0800 CST

即使以root身份也无法列出目录?

  • 772

我在我的 Mac (macOS 10.14.3) 上遇到了一个奇怪的问题。我跑去sudo du -xk /获取有关磁盘使用情况的详细数据,但遇到了几个错误:

du: /Users/brx/Library/Application Support/MobileSync: Operation not permitted
du: /Users/brx/Library/Application Support/CallHistoryTransactions: Operation not permitted
du: /Users/brx/Library/Application Support/com.apple.TCC: Operation not permitted
du: /Users/brx/Library/Application Support/CallHistoryDB: Operation not permitted
du: /Users/brx/Library/IdentityServices: Operation not permitted
du: /Users/brx/Library/Messages: Operation not permitted
du: /Users/brx/Library/HomeKit: Operation not permitted
du: /Users/brx/Library/Mail: Operation not permitted
du: /Users/brx/Library/Safari: Operation not permitted
du: /Users/brx/Library/Suggestions: Operation not permitted
du: /Users/brx/Library/Containers/com.apple.VoiceMemos: Operation not permitted
du: /Users/brx/Library/Containers/com.apple.Home: Operation not permitted
du: /Users/brx/Library/Containers/com.apple.Safari: Operation not permitted
du: /Users/brx/Library/Containers/com.apple.iChat: Operation not permitted
du: /Users/brx/Library/Containers/com.apple.mail: Operation not permitted
du: /Users/brx/Library/Containers/com.apple.news: Operation not permitted
du: /Users/brx/Library/Containers/com.apple.stocks: Operation not permitted
du: /Users/brx/Library/PersonalizationPortrait: Operation not permitted
du: /Users/brx/Library/Metadata/CoreSpotlight: Operation not permitted
du: /Users/brx/Library/Metadata/com.apple.IntelligentSuggestions: Operation not permitted
du: /Users/brx/Library/Cookies: Operation not permitted
du: /Users/brx/Library/Caches/com.apple.safaridavclient: Operation not permitted
du: /Users/brx/Library/Caches/com.apple.HomeKit.configurations: Operation not permitted
du: /Users/brx/Library/Caches/CloudKit/com.apple.Safari: Operation not permitted
du: /Users/brx/Library/Caches/com.apple.Safari: Operation not permitted
du: /Users/brx/Library/Caches/com.apple.homed: Operation not permitted

这很奇怪,因为即使没有sudo. 如果我在 Finder 中打开它们,我可以看到内容很好,但在终端中:

~/Library/Caches$ ls -la com.apple.homed/
ls: : Operation not permitted
~/Library/Caches$ sudo ls -la com.apple.homed/
ls: : Operation not permitted
~/Library/Caches$ ls -lade@ com.apple.homed/
drwxr-xr-x  7 brx  staff  224 Mar 18 14:36 com.apple.homed/

所以没有 ACL 也没有扩展属性。我拥有该目录,所以我应该能够列出它!

但是,如果我这样做open /Users/brx/Library/Caches/com.apple.homed/,会弹出一个 Finder 窗口,其中包含内容(三个文件Cache.db{,-shm,-wal}和一个名为 的目录fsCachedData)。

这里发生了什么?

permissions osx

1 个回答

  1. Best Answer

    我相信是 macOS 的 SIP(​​系统完整性保护)阻止duls进程访问文件/目录,即使以 root 身份运行也是如此。自 macOS Mojave 以来,SIP 似乎在 下的许多位置都处于活动状态~/Library,这意味着只有受信任的应用程序才能访问它们。

    我将终端应用程序 (iTerm2) 添加到应授予“全盘访问”权限的应用程序列表中,并在“隐私”选项卡下的“安全和隐私”系统偏好设置中执行此操作。这似乎已经为我解决了。我说“似乎”是因为我不是 macOS 专家,但我相信这就是让我能够访问~/Library.

    出于显而易见的原因, Apple 建议不要在系统上全局关闭 SIP,我也没有看到这样做的真正理由。

    • 6

相关问题