15

macOS El Capitan (10.11) is unable to install any software updates or install any software because the /tmp and the /private/tmp folders don't seem to be writeable.

Running this:

sudo /usr/libexec/repair_packages --repair --standard-pkgs --volume /

Gives me this error: 

unable to set owner and group on "tmp" Error 1 Operation not permitted
unable to set permissions on "tmp" Error 1 Operation not permitted

Is there a way to manually delete the tmp folders and recreate them? When I tried renaming or deleting /tmp or /private/tmp I kept getting operation not permitted. sudo chmod 1777 also failed in the same way on both /tmp and /private/tmp folders

Disk Utility says the disk is healthy with no issues detected when running first aid.

Is there any way to redirect the tmp location to another writeable folder?

Giacomo1968
  • 53,069
  • 19
  • 162
  • 212
Ali
  • 1,199
  • 1
  • 8
  • 11
  • 1
    Did you disable SIP first? From Recovery; Terminal `csrutil disable` – Tetsujin Oct 10 '16 at 04:50
  • 2
    I have the same problem. Followed Tetsujin's advice, restarted in recovery mode, and ran `csrutil disable`. After that, I was able to execute `repair_packages` with success and was able to access /tmp as usual. However, after going back to recovery mode and executing `csrutil enable`, my system is having the same problem. It seems the only way I can gain access to /tmp is by disabling System Integrity Protection. – Andrew Ferk Oct 17 '16 at 21:15
  • 4
    I ended up going back to recovery mode and executing `csrutil disable`. After a restart, I removed tmp folder: `sudo rm /tmp; sudo rm /private/tmp`, created tmp folder `sudo mkdir /private/tmp; sudo chown root:wheel /private/tmp; sudo chmod 1777 /private/tmp`, created the symlink: `sudo ln -s /private/tmp /tmp`, and ran `repair_pacakges` again. After going back to recovery mode and running `csrutil enable`, all is working again! However, the permissions of /private/tmp used to be `drwxrwxrwt@` and now they are `drwxrwxrwt`. I'm unsure what the `@` is and if this will cause me problems. – Andrew Ferk Oct 17 '16 at 21:34
  • 1
    @AndrewFerk: see these posts http://apple.stackexchange.com/questions/42177/what-does-signify-in-unix-file-permissions http://unix.stackexchange.com/questions/10/what-does-the-mean-in-ls-l for explanation of the `@` **extended permissions** marker – Adam Michalik Oct 18 '16 at 07:25
  • [Another, simpler, solution](https://github.com/Kevin-De-Koninck/Clean-Me/issues/23#issuecomment-617059971): apparently, `sudo mkdir /private/tmp` followed by `sudo chmod +t /private/tmp` is enough. – Clément Apr 21 '20 at 13:27

5 Answers5

27
  1. Reboot your Mac into recovery mode

  2. Open Utilities menu in the top bar > open Terminal

    csrutil disable

  3. Reboot

  4. Remove the tmp folder

    sudo rm -i /tmp
sudo rm -i /private/tmp

  5. Create tmp folder

    sudo mkdir /private/tmp
sudo chown root:wheel /private/tmp
sudo chmod 1777 /private/tmp

  6. Create the symlink

    sudo ln -s /private/tmp /tmp

  7. Run repair_packages (you may not need to do this)

    sudo /usr/libexec/repair_packages --repair --standard-pkgs --volume /

  8. Reboot back to recovery mode and run

    csrutil enable

  9. Reboot

Props to Andrew Ferk for figuring out a fix; pulling out your comment as a community wiki answer so it's more readable.

yairchu
  • 1,865
  • 2
  • 12
  • 9
ento
  • 256
  • 3
  • 10
11
sudo chmod 1777 /private/tmp

Did it for me.

Renetik
  • 213
  • 2
  • 5
  • 2
    ^This^ is why the accepted answer works, and this solution is much safer! No need to nuke existing directories then recreate them with different permissions. – elimisteve Nov 15 '20 at 00:02
  • Thank you so much. My machine re-enables `csrutil` on startup so I couldn't take the steps in the other answer. This answer is a million times more useful. For any potential future googlers - this solved my problem with Cisco AnyConnect saying "failed to determine valid temporary file folder." – Kyle Pittman May 20 '21 at 16:45
0

I fixed this by restoring my system from a Time Machine Backup. But the other suggestions in the comments are worth trying too.

Ali
  • 1,199
  • 1
  • 8
  • 11
0

If you got this message in terminal (or iTerm) using maxOS Mojave

Operation not permitted

It turned out I needed to add my terminal app to the Settings.app "Security & Privacy" > "Full Disk Access"
(I added both terminal.app and iTerm.app)

Aiden Moon
  • 1
-1

Try to create and modify permissions on /private/tmp folder without running csrutil disable. This worked for me, after trying unsuccessfully to delete and the error message on boot is gone.

kenorb
  • 24,736
  • 27
  • 129
  • 199
user69083
  • 1
  • Welcome to Super User. Please don't post an answer to confirm that another answer worked. The site's Q&A format reserves answers for solutions to the question, and each answer should contribute another solution. The way to indicate that an answer was useful is to invest a little time in the site and you will gain sufficient [privileges](http://superuser.com/help/privileges) to upvote answers you like. – fixer1234 Oct 21 '16 at 08:55