Yesterday I’d just completed a painful migration from an old Macbook Air to my new Macbook Pro. I went old-school manual due to the amount of cruft Migration Assistant had loaded the last time I used it; I guess after 10 years it was time to start fresh.
For one of my final tests, I launched VMWare Fusion (version 8.5.1) on my new Mac. It prompted me to enter my password, so it could “adjust some settings”. Which I did. Big mistake.
After about an hour of a spinning beachball, I force-rebooted the Mac. When I logged in, I got a dialog box saying my Library folder had to be repaired, with a Cancel and a Repair button. Clicking either of these immediately showed the same dialog again.
Based on this thread, it looks like there’s a really nasty bug in Fusion, where on Mac OS X 10.12.5 it somehow (by following a symlink?) changes the owner of everything on your Mac to root. That includes your user’s home directory. which makes the Mac unusable. I know the thread implies this is a very unlikely situation which also required a corrupted disk or some other problem, but I think that’s a bunch of hooey.
I wasn’t about to start over, so after several false starts, I wound up following this procedure:
- Boot the Mac in “single user mode“, by holding down cmd-S during startup. I had to select an account to use, but I didn’t enter a password – seems odd.
- This boots to a terminal UI, and after a few minutes the various startup messages ended. The fun part is that it’s using full resolution for the display. We’re talking 3 point text on my Macbook Pro. I’ve never felt so old, as I pretty much had to take off my glasses and press my nose against the screen to read anything.
- The terminal displays some helpful hints about what commands to run next.
- The first one is
/sbin/fsck -fy, which checks your disk for corruption issues. That command was fine, and completed without issues. - The second one is
/sbin/mount -uw /. Unfortunately on Mac OS Sierra you have to provide a filesystem type parameter (-t fstype). I tried-t hfs, but that no longer works. After a fair amount of searching I found that Sierra uses the Apple File System, which I guessed was type “apfs”. Running/sbin/mount -t apfs -uw /worked, and my disk was now mounted.
- The first one is
- At this point I could list my home directory files via
ls -l /Users/kenkrugler/, and I saw that they all had their owner/group set toroot:wheel, which was wrong. - I tried to fix them up via
chown -R kenkrugler:staff /Users/kenkrugler, but this failed with an error about “kenkrugler” not being a valid user. - This question on Super User explained that Mac OS X uses Directory Service, not the
/etc/passwdfile for keeping track of users. But when you’re booted in single user mode the Directory Service isn’t running. Luckily I found a folder that hadn’t been converted, which showed me the user as “501”, which is the raw id. - Running
chown -R 501:staff /Users/kenkrugler/took a while, and reported a number of issues with files that couldn’t be changed, but in general seemed to work. - Running
exitreturned me to a regular boot of my user, which worked.
So now I’m back in business, after only a few hours of pain and suffering.
Ken's Techno Tidbits 
OK, there are still a few issues. E.g. in the Console app I couldn’t view the system.log file (in /private/var/log/), because its group was “wheel” instead of “admin”.
And Eclipse wouldn’t launch, because (unlike most other apps) it has to have its executable file group set to staff, but all files were owned by root:wheel.
I’m sure I’ll run into other odd issues going forward, oh well.
And I had to change the permissions of a directory used by apps during USB syncing: sudo chmod -R _usbmuxd:_usbmuxd /var/db/lockdown
If you don’t do this, then iTunes displays an error when trying to sync with an iPhone – “iTunes could not connect to this iPhone. Could not allocate a resource.”
I’m sure the list will grow over the coming days…
I just had this happen to me and I don’t know what to do…
FYI… best option for me was time machine restore
Hi Rich – normally that’s what I’d do as well (Time Machine restore), but I hadn’t yet switched to backing up from my new Mac – I was still using my Time Machine backup disk for my old Mac.
Sorry to hear that. I was too worried that manually making changes would allow me to miss something or leave the machine vulnerable in some way. Thankfully, I had a useful back up. Strangely, Apple support didn’t even suggest time machine restore which tells you how great their support is and why I was a bit lost for a minute.
My biggest disappointment with this issue is that VMWare had documented cases and did nothing to warn registered owners of their software of the potential threat of launching their software on Sierra. I hadn’t loaded Fusion for some time, so a simple email from them could have prevented this issue.
I understand the issue is resolved with 8.5.8+, but I’m not sure if I will install it again as I haven’t had as much use for the software as I have in the past.
Thanks for your detailed blog post.
Hi! Thank you so much for posting this! I was about 30 seconds away from wiping everything and rebuilding my laptop from the ground up. You singlehandedly saved my butt!
I may have found a better way to repair the permissions. This command:
diskutil resetUserPermissions / `id -u`
It resets all the odds and ends with the correct owner and group.
I suspect (though have not tested) that it would also fix the problem with the /Users/ directory.
Thanks so much!