即使以 root 身份也无法列出目录?

即使以 root 身份也无法列出目录?

我在 Mac (macOS 10.14.3) 上遇到了一个奇怪的问题。我跑去sudo du -xk /获取有关磁盘使用情况的详细数据,并遇到了几个错误:

du: /Users/brx/Library/Application Support/MobileSync: Operation not permitted
du: /Users/brx/Library/Application Support/CallHistoryTransactions: Operation not permitted
du: /Users/brx/Library/Application Support/com.apple.TCC: Operation not permitted
du: /Users/brx/Library/Application Support/CallHistoryDB: Operation not permitted
du: /Users/brx/Library/IdentityServices: Operation not permitted
du: /Users/brx/Library/Messages: Operation not permitted
du: /Users/brx/Library/HomeKit: Operation not permitted
du: /Users/brx/Library/Mail: Operation not permitted
du: /Users/brx/Library/Safari: Operation not permitted
du: /Users/brx/Library/Suggestions: Operation not permitted
du: /Users/brx/Library/Containers/com.apple.VoiceMemos: Operation not permitted
du: /Users/brx/Library/Containers/com.apple.Home: Operation not permitted
du: /Users/brx/Library/Containers/com.apple.Safari: Operation not permitted
du: /Users/brx/Library/Containers/com.apple.iChat: Operation not permitted
du: /Users/brx/Library/Containers/com.apple.mail: Operation not permitted
du: /Users/brx/Library/Containers/com.apple.news: Operation not permitted
du: /Users/brx/Library/Containers/com.apple.stocks: Operation not permitted
du: /Users/brx/Library/PersonalizationPortrait: Operation not permitted
du: /Users/brx/Library/Metadata/CoreSpotlight: Operation not permitted
du: /Users/brx/Library/Metadata/com.apple.IntelligentSuggestions: Operation not permitted
du: /Users/brx/Library/Cookies: Operation not permitted
du: /Users/brx/Library/Caches/com.apple.safaridavclient: Operation not permitted
du: /Users/brx/Library/Caches/com.apple.HomeKit.configurations: Operation not permitted
du: /Users/brx/Library/Caches/CloudKit/com.apple.Safari: Operation not permitted
du: /Users/brx/Library/Caches/com.apple.Safari: Operation not permitted
du: /Users/brx/Library/Caches/com.apple.homed: Operation not permitted

这很奇怪,因为即使没有sudo.如果我在 Finder 中打开它们,我可以很好地看到内容,但在终端中:

~/Library/Caches$ ls -la com.apple.homed/
ls: : Operation not permitted
~/Library/Caches$ sudo ls -la com.apple.homed/
ls: : Operation not permitted
~/Library/Caches$ ls -lade@ com.apple.homed/
drwxr-xr-x  7 brx  staff  224 Mar 18 14:36 com.apple.homed/

因此没有 ACL 也没有扩展属性。我拥有该目录,所以我应该能够列出它!

然而,如果我这样做open /Users/brx/Library/Caches/com.apple.homed/,则会弹出一个 Finder 窗口,其中包含内容(三个文件Cache.db{,-shm,-wal}和一个名为 的目录fsCachedData)。

这里发生了什么?

答案1

我相信这是macOS的SIP(系统完整性保护),即使以 root 身份运行,也会阻止du和进程访问文件/目录。ls自 macOS Mojave 以来,SIP 似乎在 下的许多位置处于活动状态~/Library,这意味着只有受信任的应用程序才能访问它们。

我将终端应用程序 (iTerm2) 添加到应被授予“完全磁盘访问”的应用程序列表中,并在“安全和隐私”系统首选项设置的“隐私”选项卡下执行此操作。这似乎已经为我解决了。我说“似乎”是因为我不是 macOS 专家,但我相信这就是让我能够访问~/Library.

苹果推荐不是出于显而易见的原因,在系统上全局关闭 SIP,而且我也没有看到这样做的真正理由。

相关内容