This may be obvious to some but I think it's worth noting for those that may not be aware of it. If you have an external portable HD such as a FireWire HD and create a number of HFS+ partitions and filesystems on it using Apple's Disk Utility, you should be aware of what happens to owner and group settings when you move that drive to another machine. For example, on my iMac, executing
ls -la /Volumes/iBook_RootB/usr/bin/sudoReturns a listing showing that owner=root and group=wheel.
The ownership change is related to the fact that the file system(s) created (in the above example 'iBook_RootB') on the FireWire drive were done so on the iMac. Somewhere in the HFS+ file system structure, the iMac's serial number or some analogous piece of information is stored.
This means that OS X will, by default, uncheck the "Ignore privileges on this volume" in the Show Info dialog box for the mounted drives Desktop icon when the drive is connected to the original iMac. However, when connected to the iBook the "Ignore privileges on this volume" box is checked. It's this feature that causes the owner=XXX and group=unknown to be displayed. If (on the iBook) you uncheck this box, you will see that owner=root and group=wheel for the 'ls -la' command.
This makes me speculate that Apple is associating an HFS+ file system with the computer it was built with. This allows X to determine if the file system is 'foreign' and defaults to "Ignore privileges..." to override security issues with file permissions etc. This is so, because the UNIX file UIDs and GIDs are the file attributes that control whether a user has certain access rights (permissions) when opening a file. In my example, it's possible that user A on the iMac has a UID=500 and user B on the iBook also has a UID=500. User B does not own the file -- user A does. So X sets the "Ignore privileges..." box whenever the file system is mounted on any X system computer that didn't create the file system.
Anyway -- I thought that this 'hint' might help others in understanding this aspect of exporting file systems to other Macs. When I first came across this I thought my file system was royally messed up!
[Begin editor's note]
barrysharp has a good point - permissions change on portable drives, as they must in order to prevent conflicts and allow the user to see what they think they should see: move a drive from one place to another and access everything on it. There's a brief description of this feature in an Apple Developer PDF titled Inside OS X: System Overview [that's a 250 page, 2.9mb PDF download link!]:
The file-system component of Darwin is based on extensions to BSD and an enhanced Virtual File System (VFS) design. VFS enables a layered architecture in which file systems are stackable. The file-system component introduces several new general features:I can imagine they spent quite a bit of time trying to figure out the "right" way to handle a removable drive and UNIX permissions. I'm not positive everyone will agree this is the right way to do it, but as an end user, it makes sense to me.
- Permissions on removable media. This feature is based on a globally unique ID registered in a system for each connected removable device (including USB and FireWire devices).
- URL-based volume mount...etc.
Mac OS X Hints
http://hints.macworld.com/article.php?story=20020418091450891