ashleyharvey@Themis:~$ ls -al .chunkwmrc
-rw------- 2 ashleyharvey staff 4.7K Apr 4 22:24 .chunkwmrc
ashleyharvey@Themis:~$ chunkwm
/bin/bash: /Users/ashleyharvey/.chunkwmrc: Permission denied
So, chunkwm
is running obviously under a different uid than my own. One way to fix this would be to give a wider set of permissions: I could chmod 640
or chmod 644
the file; however my question is how to figure out which uid/gid a process runs as in order to fix that while maintaining as tight a security boundary as possible.
I did find an answer on the unix stackexchange site that had to do with running stat on a process, so I tried something along the lines of $ (stat /proc/$$/)
, but apparently because of the difference in the macOS kernel, that won't work. I ended up in /dev, but only found fd's for the standard in/out and a bunch of special stuff, clearly that's not where process FDs go.
EDIT2:
More relevant info on chunkwm:
ashleyharvey@Themis:~$ ls -al /usr/local/opt/chunkwm/bin/chunkwm`
-r-xr-xr-x 1 ashleyharvey admin 207K Mar 7 21:55 /usr/local/opt/chunkwm/bin/chunkwm
ashleyharvey@Themis:~$ ps aux | grep chunkwm`
ashleyharvey 15153 0.0 0.1 4375940 20508 ?? S 11:23pm 0:01.33 /usr/local/opt/chunkwm/bin/chunkwm
ashleyharvey@Themis:~$ type /usr/local/Cellar/chunkwm/0.4.8/bin/chunkwm
/usr/local/Cellar/chunkwm/0.4.8/bin/chunkwm is /usr/local/Cellar/chunkwm/0.4.8/bin/chunkwm
ashleyharvey@Themis:~$ file /usr/local/Cellar/chunkwm/0.4.8/bin/chunkwm
/usr/local/Cellar/chunkwm/0.4.8/bin/chunkwm: Mach-O 64-bit executable x86_64
Best Answer
You have accidentially gone done a wrong path in trying to fix the bug. The error message does not mean that the user does not have permission to read the .chunkwmrc file - instead it means that the user does not have permission to execute the file.
The configuration file for chunkwm (.chunkwmrc) is actually a shell script that is run with bash (in your case). Therefore it needs to be executable.
You have set the permissions so that it is not executable, and that's why it fails. You need to run the following command:
This will set the executable bit so that you are allowed to execute the file.
To answer your other questions about determining current uid for a process - the easiest way to do that is run the following command in Terminal:
You'll see the username (or uid) as the first column of the result.
The /proc file system is Linux specific and doesn't exist in macOS (nor in many other operating systems). That's why the commands you have found regarding /proc do not work for you.
The /dev directory holds device nodes. macOS does not create device nodes for each running process that could give the uid of the running process. This is similar to other operating systems such as Linux, FreeBSD, etc. as this is simply not how /dev is meant to be used.
All in all remember that your specific problem here had nothing to do with uid's being changed, so there was no reason to lookup the uid's or trying to "stop" them being changed.