Note: this question was starting to sprawl so I rewrote it.
I have a folder that I'm trying to restore from a Time Machine backup. Using cp -R works fine, but certain folders cannot be restored with either the Time Machine UI or Finder.
Other users have reported similar errors and the cp -R workaround was suggested (e.g. Restoring from Time Machine - Permissions Error). But I wanted to understand:
Why cp -R works when the Finder and the Time Machine UI do not.
Whether I could prevent the errors by changing file permissions before the backup.
There do indeed seem to be some permissions that Finder works with and some that it does not. I've narrowed the errors down to folders with the user ben (that's me) and the group wheel.
Here's a simplified reproduction. I have four folders with the owner/group combinations I've seen so far:
ben ~/Desktop/test $ ls -lea
total 16
drwxr-xr-x 7 ben staff 238 27 Nov 14:31 .
drwx------+ 17 ben staff 578 27 Nov 14:29 ..
0: group:everyone deny delete
-rw-r--r--@ 1 ben staff 6148 27 Nov 14:31 .DS_Store
drwxr-xr-x 3 ben staff 102 27 Nov 14:30 ben-staff
drwxr-xr-x 3 ben wheel 102 27 Nov 14:30 ben-wheel
drwxr-xr-x 3 root admin 102 27 Nov 14:31 root-admin
drwxr-xr-x 3 root wheel 102 27 Nov 14:31 root-wheel
Each contains a single file called file with the same owner/group:
ben ~/Desktop/test $ cd ben-staff
ben ~/Desktop/test/ben-staff $ ls -lea
total 0
drwxr-xr-x 3 ben staff 102 27 Nov 14:30 .
drwxr-xr-x 7 ben staff 238 27 Nov 14:31 ..
-rw-r--r-- 1 ben staff 0 27 Nov 14:30 file
In the backup, they look like this:
ben /Volumes/Deimos/Backups.backupdb/Ben’s MacBook Air/Latest/Macintosh HD/Users/ben/Desktop/test $ ls -leA
total 16
-rw-r--r--@ 1 ben staff 6148 27 Nov 14:34 .DS_Store
0: group:everyone deny write,delete,append,writeattr,writeextattr,chown
drwxr-xr-x@ 3 ben staff 102 27 Nov 14:51 ben-staff
0: group:everyone deny add_file,delete,add_subdirectory,delete_child,writeattr,writeextattr,chown
drwxr-xr-x@ 3 ben wheel 102 27 Nov 14:51 ben-wheel
0: group:everyone deny add_file,delete,add_subdirectory,delete_child,writeattr,writeextattr,chown
drwxr-xr-x@ 3 root admin 102 27 Nov 14:52 root-admin
0: group:everyone deny add_file,delete,add_subdirectory,delete_child,writeattr,writeextattr,chown
drwxr-xr-x@ 3 root wheel 102 27 Nov 14:52 root-wheel
0: group:everyone deny add_file,delete,add_subdirectory,delete_child,writeattr,writeextattr,chown
Of these, ben-staff can be restored with Finder without errors. root-wheel and root-admin ask for my password and then restore without errors. But ben-wheel does not prompt for my password and gives the error:
The operation can’t be completed because you don’t have permission to access “file”.
Interestingly, I can restore the file from this folder by dragging it directly to my local drive (instead of dragging its parent folder), but when I do so its permissions are changed to ben/staff.
Here are the permissions after the restore for the three folders that worked correctly, and the file from ben-wheel that was changed to ben/staff.
ben ~/Desktop/test-restore $ ls -leA
total 16
-rw-r--r--@ 1 ben staff 6148 27 Nov 14:46 .DS_Store
drwxr-xr-x 3 ben staff 102 27 Nov 14:30 ben-staff
-rw-r--r-- 1 ben staff 0 27 Nov 14:30 file
drwxr-xr-x 3 root admin 102 27 Nov 14:31 root-admin
drwxr-xr-x 3 root wheel 102 27 Nov 14:31 root-wheel
Can anyone explain this behaviour? Why do Finder and the Time Machine UI break with the ben / wheel permissions? And why does cp -R work (even without sudo)?
