If you work with server-based home directories on Mac OS X Server and your users exchange files by copying them into each other’s drop boxes, you might experience the following situation: the sender of a file stays the owner of the file, although she copies it into another user’s drop box where she can not read the file anymore. The recipient of the file has only read permissions on the file, meaning noone except root can delete the file anymore.
In addition, if you work with disk quotas enabled, Mac OS X Server counts all the files owned by a user and adds the file sizes to check if the user’s quota has been exceeded. If e.g. a teacher copies a file into the drop boxes of 50 pupils, these 50 files add to the disk space used by the teacher. If he exceeds his quota, he can’t delete the files in his pupils’ drop boxes.
To fix these issues, you might use this script to make every user the owner of all the files in his drop box:
Unzip the script and move it into /usr/local/bin on your server. Open it in your favorite command line editor and make sure that the line
USERPATH=/Users
includes the right path to your users’ directory.
Invoke the script by typing
sudo /usr/local/bin/corruserperm
in the Terminal, and every user should now be the owner of any files in her drop box.
If you see an error message like this one:
chown: separation of user and group with a period is deprecated
just ignore it.
To regularly invoke this script, you might add a cron job:
nano /etc/crontab
Now type the following line to invoke the script every hour:
0 * * * * root /usr/local/bin/corruserperm
As an alternative you can download this file
and extract and copy it into /Library/LaunchDaemons on your server.
Now open the Terminal and type
sudo launchctl load -w /Library/LaunchDaemons/de.andre-aulich.corruserperm.plist
This invokes the script every minute using launchd.
Instead, you could also download this script, which
–after making every user the owner of all files in his Drop box– sets an ACL entry in your users’ Drop
boxes, which automatically makes sure that every user can delete any file in his Drop box.
Make sure ACLs are enabled on the server volume which holds your users’ home directories.
This script has to be invoked each time you add a user in Workgroup Manager, yet, you don’t need a
cron or launchd job anymore.
Use these scripts on a test setup first to make sure everything works like expected.
Good luck!