Is “Ignore ownership on this volume” reversible?
https://apple.stackexchange.com/questions/325577
-
21-04-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
In other words, does it just hide the permissions on file, or change them? More specifically, if you have a volume with file on it that have different owners and you check Ignore ownership on this volume, and then later you uncheck it, will the original ownerships/permissions revive correctly?
I have not seen anything that answers this directly, although what I have seen about problems with Ignore ownership settings needing to be reset and about them being recorded in /var/db/volinfo.database suggest that the answer to my questions is yes. Nevertheless, it would be very reassuring if someone could confirm this.
(The context is that I have a bootable backup on an external disk that I would like to keep the permissions intact on so that I can boot from it if needed, but I would also like to be able to read from it on another computer where the users don’t match up to give me access to the relevant files. Being able to switch Ignore ownership on for the latter, and then switch it off again to leave the disk in good condition for potential boot/restore use, looks like it would be a nice, simple way of doing this, but I am concerned about breaking things if I experiment.)
Solution
Yes, it is reversible. Checking and unchecking "Ignore ownership on this volume" changes how the volume is mounted, but doesn't (directly) change anything on the volume itself. Mounting with owners ignored does two things:
When files and folders on the volume are accessed, item ownership is ignored. Essentially, everyone gets owner access. Note that this doesn't mean permissions are entirely ignored, because if the permissions say that an item's owner can't access it, then you won't be able to either.
When new items are created on the volume, their ownership info is left empty. I don't know the details of how this works, but the effect is that when ownership is reenabled the item effectively belongs to everyone.
One result of this is that if you edit a file with a program that saves via delete-and-replace (many do), the ownership for that file will be lost. Similarly, if you copy items within the volume, the copies will be ownerless.
Also note that this option is a per-volume-per-computer setting. That is, if you plug a disk into your computer and set it to respect ownership, and then move it to another computer and set it to ignore ownership, each computer will independently remember their setting and re-use it when it sees that volume again later.
In your situation, I wouldn't be too worried about breaking things as long as you don't mess with the OS files on the computer with ownership ignored. It might be better to minimize making changes (editing, copying, and creating files and folders) on the computer with ownership ignored, but that's unlikely to cause serious problems.
If you're just reading items with ownership ignored (or copying them off to another volume), there should be no problem at all.
OTHER TIPS
Yes, ignoring ownership is reversible, but I wouldn't recommend that as being a solution to your problem because the Ignore ownership on this volume option shouldn't be used on a drive you also want to use as a bootable drive for one of your Macs. And, since your Macs are running different versions of macOS, you may be asking for added trouble. In addition, you mention that this is also a backup drive - while you don't clarify this, in the case of drives also used by Time Machine Apple recommends:
Make sure "Ignore ownership on this volume" at the bottom of the "Sharing & Permissions" section of the Get Info window is deselected (unchecked).
Source: https://support.apple.com/HT202380
Ignore ownership on this volume
The main reason the Ignore ownership on this volume option exists is to ensure that file servers, applications, operating systems, etc can still function correctly because they require permissions to keep track of which users have access to which files.
However, drives used purely for data storage (as opposed to being boot volumes) shouldn't generally use permissions and ownership (although they can be secured in other ways).
What I'm saying is that the Ignore ownership on this volume option shouldn't be used for boot disks or server volumes (and you may not even get the option anyway - depending on macOS version). It's best this is only used for drives that are used purely for data storage, and even then only for drives that are directly connected to your computer.
