I’m using HomeBrew for my port needs (seems a bit “cleaner” than MacPorts).
I can install without sudo
ing (which is great), but the man linking step seems to require it (/usr/local/share/man/man3
is owned by root
).
A guide I found suggests I recursively chown /usr/local
by doing
sudo chown -R `whoami` /usr/local
Is this safe…or is it a Bad Idea™?
Also: are my permissions correct?
$ pwd
/usr/local/share/man
$ ls -lah
total 32
drwxrwxr-x 8 root staff 272B 4 Set 11:02 .
drwxrwxr-x 9 root staff 306B 10 Set 11:27 ..
drwxr-xr-x 3 root wheel 102B 4 Ago 2009 de
drwxrwxr-x 163 root staff 5,4K 10 Set 11:27 man1
drwxr-xr-x 11 root wheel 374B 10 Set 11:27 man3
drwxr-xr-x 7 ago staff 238B 10 Set 11:39 man5
drwxr-xr-x 11 ago staff 374B 10 Set 11:39 man7
-rw-r--r-- 1 root staff 13K 4 Set 11:02 whatis
Best Answer
It is usually better to keep permissions as strict as possible. Keeping
/usr/local
owned byroot
means that only processes that run asroot
/sudo
(or ask for admin user via the Apple authorization dialog box) can write to this area. Thus, a process download has to ask you for a password before corrupting files there.But as you say, it makes adding new programs harder.
I am OK with running
sudo
, as you install things less often than running them but you have to trust that the build process does not change anything it should.If you want to avoid sudo I would install Homebrew into
~/usr/local
and alter your path, manpath etc to include the directories under there.A better way is to create another user—say,
homebrew
and create a directory owned by that user. Then, install there usingsudo -U homebrew
. Other users will have the benefit of not being able to overwrite any other files, because they are not running asroot
and other programs cannot affect homebrew. (I note that the Homebrew FAQ does suggest this new user if you are in a "multi user environment". I would say that any Unix machine including macOS is a multi user environment)However as the Homebrew wiki says the recipes don't find all cases of
/usr/local
and replace them with the chosen directory I suspect we are stuck with/usr/local
.