sudo /usr/libexec/repair_packages --verify --standard-pkgs --volume /In the above command, we used the repair_packages binary, which has not changed in awhile. We then feed that the –verify option and the –standard-pkgs option, finally providing the volume of the current boot volume using –volume followed by the /. Pretty straight forward. Assuming there’s something to repair, the below will actually run that repair operation:
sudo /usr/libexec/repair_packages --repair --standard-pkgs --volume /Where’s the sweet, sweet button? The rest of the screen is so darn lonely without it. And now that you know the command, feel free to throw it in your self service. That way users can do it without opening terminal or using an admin password!
krypted November 22nd, 2015
diskutil repairPermissions /You could also send some environmental variables from your patch management tool for the boot volume, but in this simple instance we’re just going to run it, with the following type of output:
Started verify/repair permissions on disk0s2 Macintosh HD Permissions differ on "Library/Application Support"; should be drwxr-xr-x ; they are drwxrwxr-x Repaired "Library/Application Support" Group differs on "Library/Printers/InstalledPrinters.plist"; should be 80; group is 0 Permissions differ on "Library/Printers/InstalledPrinters.plist"; should be -rw-rw-rw- ; they are -rw-r--r-- Repaired "Library/Printers/InstalledPrinters.plist" [ \ 0%..10%..20%..30%..40%..50%..60%..70%................ ] 74% 0:00:34 Finished verify/repair permissions on disk0s2 Macintosh HDYou could get much more complicated, writing the output to syslog or even a syslog server. You can also have metapackages that just do a bunch of tasks and call them things like “Try to fix my computer.” Provided you have a patch management tool, you could also just scope some devices and push some of these things out en masse; however, for the most part, I’m a fan of self service, so that’s the example I’m using this for.
krypted October 28th, 2013
Posted In: Mac OS X
diskutil repairPermissions /Volumes/SeldonIn the event that you are scripting and want to take into account a dynamic target you can use a positional parameter or create the script on the fly. If you will then be using a package to choose a destination folder you can send a variable to the script and you would then use $1 in the place of /Volumes/Seldon, indicating a positional parameter. For example, a script might appear as follows:
#!/bin/bash diskutil repairPermissions $1This is how Mike Bombich used to summon repair permissions in NetRestore (if memory serves then his script is practically identical to the one I list here but I’m on a flight can’t cross-reference ’cause I’m still too cheap to get a GoGo account). In watching his scripts mature, I picked up running a repairPermissions as a post-flight deployment task. Since doing so I’ve noticed a slight decrease in the amount of troublesome hosts deployed to the tune of maybe 1 out of 40 imaging projects per year. If the volume name is identical across all hosts then this can be as simple as listing the first command above. If the volume will be a boot volume then you can use the bless command, as indicated yesterday, to grab the volume name.
krypted March 1st, 2010
diskutil verifyPermissions /Volumes/SeldonTo then run a Repair Disk Permissions on that same volume, you would use:
diskutil repairPermissions /Volumes/SeldonIn most cases, repairPermissions is done to the currently booted volume. To find this volume, you can use the bless command along with the –getBoot option. For example:
bless –getBootBless will then respond with the device that comprises your boot volume. To convert this into a path that can be used with diskutil, you would use the diskutil command followed by info followed by the output of the bless command. For example, if the device were /dev/disk0s2 then you would run the following:
diskutil info /dev/disk0s2You could then script a repair permission of the boot volume using the following, which would also dump the output into a log file:
declare tmp=/disk declare boot=/disk bless –getBoot > $tmp mkdir /var/log/318 diskutil info $tmp | grep “Media Name:” | cut -c 30-100 > $boot /usr/sbin/diskutil repairPermissions $boot >> /var/log/318/fixperm.log echo “Repair Permisssions completed at `date` >> /var/log/318/fixperm.logPlacing this script into a package would then allow for sending a Repair Disk Permissions command to client computers though, let’s say, ARD or even allow a user to run it themselves using the JAMF self-service client. All without having to leave ones chair or provide an administrative password to a user (having said this the script will require local administrative privileges).
krypted February 28th, 2010