mac.column.ted: More Tiger Troubleshooting Tips

mac.column.ted: More Tiger Troubleshooting Tips

Ted Landau
June 2005

In last month's column, I began a look at some of the "smaller" troubleshooting-related changes in Mac OS X 10.4 (Tiger), focusing on changes to the "unexpectedly quit" dialog. This month, I explore several other troubleshooting enhancements to Tiger.

Safe Boots. Apple introduced the Safe Boot in Panther. Essentially, holding down the Shift key immediately after hearing the chimes at startup in Panther resulted in two separate actions: (1) a disk repair check was done -- as would otherwise require selecting "Repair Disk" in Disk Utility's First Aid or using fsck in single user mode; and (2) all non-essential extensions (those files with names that end in .kext and stored in /System/Library/Extensions) as well as third-party startup items (typically stored in /Library/StartupItems) were disabled. To confirm that this occurred, the words "Safe Boot" appeared on the screen during the blue-screen phase of startup. The function of a Safe Boot, especially via the disabled files, was to allow for a successful startup in a situation where one of the otherwise disabled files was the cause of a startup crash. The Safe Boot remains in Tiger, but it has been beefed up to be more helpful and less confusing.

A Safe Boot in Tiger (which is initiated by the same Shift key method) still performs the same two actions as it did in Panther. It then keeps going:

  • It disables all fonts except those in the /System/Library/Fonts folder. If a corrupt font, most likely installed via a third-party application's Installer, is causing a crash at startup, this will bypass it.

  • It moves to the Trash the font caches files (just the ones for the logged in user) stored in a folder in /Library/Caches/com.apple.ATS/. As damaged cache files, especially font cache files, are a known cause of startup crashes, this again can bypass the problem. There are several other ways, including using third-party utilities such as Font Finagler, to trash these cache files. But they typically require that you successfully startup your Mac to use them. The Safe Boot has the advantage of working in situations where these other solutions would be inaccessible.

    By the way, the removed cache files remain in the Trash after startup is over. So you can save them, examine them and even reinstall them should you wish to do so. Just drag them out of the Trash before it gets emptied. In almost all cases, however, I would not bother with this. Just delete the files and let Mac OS X create new default (uncorrupted) cache files -- especially if the Safe Boot succeeded in getting your Mac to start up.

  • It disables Login Items. These are the items that load after you select to login, as listed in the Login Items section of your account listing in the Accounts System Preferences pane. In Panther, you could similarly disable these items (which were confusingly referred to as Startup Items) by holding down the Shift key just after clicking to login at the login window.

    Panther's method led to two inconveniences: (1) You could not easily do disable these items if you normally logged in automatically -- as the Login window did not appear; and (2) A Safe Boot and disabling login items were two separate actions (simply holding down the Shift key once at startup did not do both!).

    Tiger improves on both of these matters. A Safe Boot forces the Login window to appear, even if you have selected to automatically log in normally (via the Login Option in the Accounts System Preferences pane). Actually, it is at this point in the startup process that the words "Safe Boot" now appear on your screen. And a Safe Boot disables login items; a separate action is no longer required to do this. It also moves your font cache files to the Trash.

    Should you want to disable Login Items (and move your font cache files to the Trash) without doing the other actions of a Safe Boot, you can do so. Simply hold down the Shift key at the Login window as you click the Log In button. If you have selected to automatically log in (which means the Login window would not normally appear), you can still force it to appear by holding down the Shift key after the blue screen first appears at startup. This gives you access to the Login window without doing a Safe Boot.

    All in all, what this means is that a Safe Boot in Tiger does more to work-around potential causes of startup crashes than it did in Panther and simplifies doing all of these things with one action at startup.

Startup Items Security Alerts. Speaking of Startup Items, Apple wants to protect you from malicious Startup Items, possibly installed surreptitiously by software you downloaded from the Web. To do so, new in Tiger, Mac OS X now performs what Apple calls an ?Automatic Security Check.? If a Startup Item does not have what Mac OS X considers to be a ?valid security clearance,? you get an alert message at startup, stating ?The startup item {name of item} has problems that reduce the security of your computer.? This message appears after you login to your account, but before login is completed. The alert message includes three buttons (you will need to enter an administrator?s password after you select any of them):

  • Fix. This is the default choice. This changes the settings for the Startup Item so that Mac OS X will not flag it again in the future. Do this only if you are confident that the item is indeed safe. If you do so, you will see the following message: ?Some startup items have been repaired. To use the repaired items, you must restart your computer.? If you click Cancel at this point, the item will not startup on this launch, but will do so on future launches.

  • Decide Later. If you select this, the item will not be launched on this startup. However, the next time you startup, you will see this same alert again. Ideally, before your next restart, you should investigate (perhaps by doing a search on the Web or calling the software vendor who appears to have created the file) to determine its safety. You can then select Fix or Disable, as appropriate.

  • Disable. This ?permanently? disables the item.

Startup Item Alert

A potential problem with disabling an item is that, if the item turns out to be safe, it may also be important for the use of some installed application. Disabling the item could prevent the application from working. If this happens, you can still re-enable a Startup Item, even after having clicked the Disable button here. One way would be to simply reinstall the application (which would presumably install a new copy of the Startup Item). Otherwise, you can do so, by deleting an invisible file, named .disabled, that was created and placed inside the disabled Startup Item?s folder when the item was disabled. To do this via Terminal:

  1. Type: cd /Library/StartupItems/{name of Startup Item} and press Return.
  2. Next type: sudo rm .disabled and press Return. Provide your administrative password when asked.
  3. Restart your Mac.

Mac OS X (Tiger) also checks the settings of the Startup Items folder itself. If it finds problems, you will get a message that states: ?The Startup Items folder (?/Library/StartupItems/?) does not have the proper security settings.? You can similarly choose to fix this as well. If not, none of the items in the folder will launch.

Perhaps you are wondering exactly what does Mac OS X check to determine if a Startup Item is secure. It checks the permissions for the files and/or folders that make up the Startup Item. In particular, Apple states that "directories and executable files should have permissions of '0755,' with the owner set to 'root' and group set to 'wheel.' Other (non-executable) files should have permissions of '0644,' with the owner set to 'root' and group set to 'wheel.'" Any other settings will trigger the alert. This means that only the owner (root) has write access to the Startup Item's contents, although anyone can read them (or run them, if they are executable).

Although it might seem that having root as the owner of a rogue Startup Item would be a security risk in itself, this is not really the case here. These startup items can have no user interface and cannot directly affect a user process (although they can accept requests from user processes). Still, it does not strike me that this is a particularly strong form of protection. It will guard against some dangers, but not all.

Restricted files that cannot be moved. Every user who buys and sets up their own Mac, no matter how technically naive and inexperienced they may be, is an administrator on their machine. This means that they have the power to do virtually anything, including moving or deleting files that can prevent the Mac from starting up! To protect against such inadvertent actions, Apple has made it harder to do them in Tiger. In Panther, for example, if you Command-dragged an item out of the /System/Library/CoreServices folder to your Desktop, you get the Authenticate dialog. Enter your administrator name and password, and the item gets removed from the folder and placed on your Desktop. In Tiger, this no longer works. If you try it, the item is copied (just as would happen if you did not hold down the Command key); you have no option to move the file. The odd exception to this is if you drag the file to the Trash; here you will get the Authenticate dialog and be able to move the file.

If you are determined to move a file that is restricted in this way, the simplest work-around is probably to log in as the root user and move whatever it is you want. Otherwise, you can temporarily change the ownership and permissions of the files and/or enclosing folder (via Get Info windows or in Terminal), so that you have the access needed to move the file.

This is the latest in a series of monthly mac.column.ted articles by Ted Landau. To see a list of previous columns, click here. To send comments regarding this column directly to Ted, click here. Note: This article was adapted from the Tiger edition of Mac OS X Help Line (due out later this summer).

Resources
  • More from Mac Musings
  •  

    Join the discussion

    Conversation powered by Livefyre

    Show Comments Hide Comments