The “Operation not permitted” error message is caused by one of the typical
annoyancesfeatures in macOS, namely the Terminal app lacking “full disk access” by default (and by design).
This conclusion unfortunately isn’t obvious, as when encountering the above error message, one would typically first check the ownerships and permissions of the directory/file/symlink “causing” the error, then perhaps the ACL / extended attributes, then whether the resource might still be locked by another process accessing it, and last but not least, one would remember macOS’s SIP (System Integrity Protection) and even consider booting into recovery mode. But none of that is actually required. The solution is:
- In the macOS “System Settings”, go to “Privacy & Security”
- Then click on “Full Disk Access” and enable it for “Terminal” (slider turns blue)
- Open a new Terminal window/session
Irritatingly, upgrading to macOS Ventura apparently resets the Terminal app’s security privileges.
I wanted to remove and recreate a symlink, so that “MobileSync” (where macOS stores backups of iOS devices like iPhones, iPads) isn’t just a regular, local directory, but a symlink pointing to a directory on a mounted NAS share. Advantage: Backups of iOS devices don’t use up valuable (and expensive) SSD storage space on your MacBook Air/Pro, but use cheap NAS storage instead (further, you don’t create duplicate backups on each of your Macs). Here’s where the MobileSync symlink is located and where it points to, in my case (you can create it using ‘
ln -s /Volumes/backups_ios/MobileSync .‘, my share is named ‘
mymac ~/Library/Application Support $ ls -lad ~/Library/Application\ Support/MobileSync
lrwxr-xr-x 1 myuser staff 31 Apr 1 00:47 '/Users/myuser/Library/Application Support/MobileSync' -> /Volumes/backups_ios/MobileSync
Even as root, I first couldn’t remove the symlink I created some time back before the upgrade to Ventura. Which is even the more puzzling considering this all happens in a regular user’s home directory.
If you see the following error message when executing ‘zpool status’ after “upgrading” Proxmox to the (currently) latest version with ZoL 0.6.4 instead of 0.6.3:
zpool: Symbol `spa_feature_table' has different size in shared object, consider re-linking
“Re-linking” doesn’t have a special meaning in ZFS/ZoL terminology, it rather just describes the usual linking step after compiling some source code.
The most likely cause is that some new, updated and required packages have not been installed (e.g. with ‘uname -a’, you’ll see that the old kernel is still running, even after rebooting). Usually, this happens if one executes “apt-get update && apt-get upgrade” (as usual) rather than “apt-get update && apt-get dist-upgrade“. So, in order to solve this problem, do:
# apt-get update && apt-get dist-upgrade
In this case, ZoL 0.6.4 also includes a couple of new features which can be enabled for all local ZFS pools by executing:
# zpool upgrade -a
This system supports ZFS pool feature flags.
Enabled the following features on 'rpool':
While debugging a Gentoo/Mailman problem, I found this very useful python wrapper for mailq provided by Dan Mick. It allows to selectively display message IDs of queued messages for a certain recipient. Thanks, Dan!
[Mailman-Developers] Postfix mailq formatter/dumper/searcher: mq
One of the about 30 something new books on my bookshelf – and a truly great one I just finished reading. Gosling gives a systematic insight into the matter of design and innovation. A very inspiring and useful, yet very concise framework!
“Realising Dreams – strategies for deep design” by William Gosling
“The Art of the Start” by Guy Kawasaki. Not the latest, but a courageous and entertaining presentation worthwhile watching.
I’ve just discovered the new ajaxified, PHP-based MODx Content Management System. It looks and feels great (test it here!). If there wasn’t any need for a dedicated admin interface (i.e. instead, content editable in-place for privileged users), it would be even more userfriendly. Maybe that’s the next step to take?
Another not-yet-ajaxified but nonetheless cool CMS (JEE based, supports JSR-170) I already mentioned before: Magnolia CMS (live demo, currently out of duty).
Further, a nice JEE based Open Source DMS/CMS/ECM supporting JSR-170: Alfresco.
For this site, I might switch to MODx instead of keep using WP (which basically still fights with the same problems it always did). The more as I’ve been dealing with AJAX professionally for a while now (but focussed on JEE as the enterprise server platform). As a DMS, Alfresco would come in handy. Now all I need is enough spare time to realize my plans ;)
The QR Code of this blog’s RSS feed, provided by Feed2Mobile:
(will include it ASAP)
I actually wanted to install OpenSUSE 10.2 on my barebone (which is now no longer acting as a server but a mere “always-on” client). As the OpenSUSE 10.2 DVD didn’t boot I quickly decided to give the newly released Debian 4.0 “etch” a try instead. Coincidentally, that was probably the right decision as the installation (using the new graphical installer) went smoothly and the box runs as solid as expected. I particularly like the fact that the installer gave me a) the choice whether to use lvm and b) even the choice between using a plain or an encrypted lvm volume. I went for the encrypted volume which adds another layer of security at the price of a somewhat lower performance (felt performance, not measured performance).
Congrats and thanks to all the tireless Debian developers and maintainers for this nice release!
 There were only two avoidable incidents: 1) Creating filesystems on the 60 GB drive took quite a while (i.e. one night), probably due to slow formatting instead of quick formatting (or due to a physical integrity check of the whole device). The installer should probably ask the user whether (s)he really wants to spend that much time for something that isn’t required in general. 2) It took me a while to find out that the ethernet cable wasn’t plugged to eth0 but rather eth1, resulting in a dead connection. Unfortunately, the NICs of the Lex barebone are labelled wrongly. In order to connect the cable to eth0 you need to connect it to NIC 2 (instead of to NIC 1). That of course isn’t debian’s fault however, nonetheless the error message could be a bit more specific than basically just “… mirror is not available …”. I thus tried different mirrors, different ifconfig and route settings, different NIC drivers (the 8139too is the correct one) before arriving at the conclusion that the problem had to do with the physical connection.
I’m currently migrating a couple of Windows boxes. When installing the latest (at the time of writing) Unison for Windows, I ran into three problems:
- Unison didn’t find the appropriate GTK+ DLL on the Windows boxes. This can easily be solved by installing GTK+ for Windows as explained (note: “If everything else fails, read the manuals” is not always the best strategy, but it’s applicable here too ;)
- After having emerged unision on my server and configured a new unison profile on the current Windows box, when executing unison on Windows, it complained about a rather cryptic ‘Uncaught exception Unix.Unix_error(20, “create_process”, “ssh”)’ error. Googling lead to the nice Bornholtz Group blog entry explaining what to do in such a case. Doing what’s written there solved the problem for me.
- After that, unison on Windows could connect to the server but complained about a unison version mismatch. My local “Unison for Windows” version was 2.27.10 whereas Gentoo installed an outdated version 2.17.1 of unison (unison-2.17.1-r1.ebuild).. and even for that I had to add an ~amd64 keyword for net-misc/unison to /etc/portage/package.keywords. So I had to make Gentoo install the most current stable version of unision, i.e. v2.27.10. Fortunately, that’s very easy to do, but yet it has to be done manually (edit the existing unison ebuild, creating new digests and manifest files, copy the things to the local portage overlay etc.). For your convenience, I’ve added a TGZ archive for Unison v2.27.10 which you can extract in your local overlay portage tree (e.g. in /usr/local/portage, don’t forget to configure it in /etc/make.conf: set PORTDIR_OVERLAY=/usr/local/portage): net-misc_unison_2.27.10.tgz.
Now unison works great for me. Nonetheless I haven’t tested this only slightly modified ebuild thoroughly enough for submitting it to bugs.gentoo.org. So keep this in mind before using it.. (no warranty etc. blah blah ;)
Back home from a (too) short visit to the BlogCampSwitzerland. Unfortunately, I missed the morning sessions as I was partying in the future yesterday evening till early today ;). Nonetheless I enjoyed attending a couple of sessions and meeting other ppl living in and around the Swiss blogosphere.
I don’t have the time at the moment, but will come up with some more comments later..