The permissions on OS X Server home directories can get screwed up during reinstalls, hard drive swapping, or by users who know enough to be dangerous. This shell script goes through and corrects the permissions and owners on all user folders so you don't have to do it manually. Just put this in a text file (without any extension), name it something like "resetusers," and drop it in a command folder like
/sbin. Then type
sudo resetusers to run it.
#! /bin/csh
cd /Users
set full=`nireport -t my_server/network /users name | egrep -v '(root|user1|user2)'`
chmod -R 700 $full
foreach current ($full)
chmod 755 $current
chmod -R 755 $current/Public
chmod -R 755 $current/Sites
chown -R $current $current
end
The way this works is:
- Switch to the Users folder.
- Use nireport -t my_server/network /users name to get a list of the users on the server. If you are not running a NetInfo domain, use nireport . /users name instead.
- Use egrep to subtract any users who either have home directories in a different location (like root) or don't have home directories at all.
- Make every folder of every user private.
- For each user, allow public access to the Public and Sites folders and the top-level user folder.
- Make sure the user is the owner of all files in their folder.
If you run into "Operation not permitted" errors on certain files, those files are probably locked. If you want to unlock them, run
sudo chflags nouchg filename or
sudo chflags -R nouchg foldername.