Puller (folder "Documents", file "XXX"): shortcut: chmod /Users/YYY/Documents/XXX: operation not permitted

I am getting a recurrent message on one of my machines that says

Puller (folder “Documents”, file “XXX”): shortcut: chmod /Users/YYY/Documents/XXX: operation not permitted

Approximately 450 files in several different folders are out of sync, and when I check the terminal, I am seeing similar messages for every single file. The web interface flashes a message saying “Documents” isn’t making progress - check logs for possible root cause. Pausing puller for 1m0s.

Is there a way to fix this?

Fix you permission errors, exactly as the log explains.

I tried to fix permission error from within the Disk Utility in OS-X (both while booted into the OS and while in the recovery partition). I also ran the following command in the terminal: sudo chmod -R -N /Users/YYY

But I am still getting the errors. Is there something else I can try ?

The user which is running syncthing doesn’t own the files it is trying to modify. Either sync using ignore permissolns option, or run syncthing as the user who’s files you are trying to sync.

Are there any security implications with the “ignore permissions” option?

Using the “ignore permissions” setting (on all of the machines) did not help this problem. Any other suggestions?

That’s impossible: https://github.com/syncthing/syncthing/blob/master/internal/model/puller.go#L541

Did you set that setting and restart syncthing on all machines? Security wise, it will not sync permissions on the files, so it’s up for you to decide if that is a problem or not.

As I suggested, it’s best you run syncthing under the user which owns the files, this way you will not have any issues at all.

That’s impossible: https://github.com/syncthing/syncthing/blob/master/internal/model/puller.go#L541

Did you set that setting and restart syncthing on all machines?

Security wise, it will not sync permissions on the files, so it’s up for you to decide if that is a problem or not.

As I suggested, the best thing would be to run syncthing as the user who owns the files.

I set “ignore permissions” from the browser, which I am assuming will make the necessary modifications to the code as you outlined above? (And I did reboot afterwards)

Could the issue be that I am trying to synch the documents folder of 2 macs (both under the same user account) with a Synology device (on which Syncthing was installed as a user called “syncthing”)? If this is the issue, is there any way around it?

I apologise if my questions seem very elementary - I am not an advanced user, but I would really like to get this software working for me if at all possible.

I suggest you apply the setting, restart, fully refresh the webpage and double check that the setting is applied correctly. The fact that you wync with some device which is using a custom user doesn’t matter as long as the user is the owner of these files. I suspect it might be some script you are using on your mac which might be launching syncthing as some custom user.

Will give it a shot. I only have one user on each of my macs, so I don’t know how syncthing could be launched from a different account?

I don’t know how you are launching it… It should show the user in the output of ps

It is launching using this method https://github.com/syncthing/syncthing/issues/982

I am not sure what the “output of ps” means exactly. Where would I find that?

If you type ps auxww | grep syncthing see what it says

On one Mac, I get: ZZZ 9869 0.0 1.3 145255088 213720 ?? S 5:31pm 6:44.90 /Applications/syncthing ZZZ 10370 0.0 0.0 2432772 664 s000 S+ 7:00pm 0:00.00 grep syncthing

On the other Mac, I get: ZZZ 851 182.8 1.6 145224332 131340 ?? R 6:48 pm 1:41.55 /Applications/syncthing ZZZ 887 0.0 0.0 2432772 636 s000 R+ 7:02pm 0:00.00 grep syncthing

On the Synology I get: 2428 syncthin 955m S /usr/local/syncthing/bin/syncthing --home /usr/local/syncthing/var/ 15953 syncthin 259m S /usr/local/syncthing/bin/syncthing --home /usr/local/syncthing/var/ 21964 root 3780 S grep syncthing

This information means nothing to me, but I am hoping you will be able to interpret it.

Thanks.

Sorry I cannot make sense of the ps output on mac’s, as I don’t have one and not sure which column means what.

Hope you got this is working ok now @xsyncguy?

For info @AudriusButkevicius - here is the output and columns names of the ps auxww from a Macs Terminal window:

USER              PID  %CPU %MEM      VSZ    RSS   TT  STAT STARTED      TIME COMMAND
deb             30165   1.3  0.2 145224340  28392   ??  S     9:30am   0:16.77 /Users/deb/bin/syncthing
deb             30598   0.0  0.0  2432784    604 s001  S+   11:32am   0:00.00 grep syncthing

I dont have a Synology device to check the column names on - but assuming it runs Linux, the same command output, including column names would be:

USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
simon     3030  0.0  0.0 265944 11900 pts/11   Sl+  00:19   0:03 syncthing
simon    21239  1.9  0.4 1104888 76540 pts/11  Sl+  01:31  11:45 syncthing
simon    26002  0.0  0.0  13668  2116 pts/29   S+   11:40   0:00 grep syncthing

So - looks like the two Macs have account usernames of ZZZ and the Synology output is missing the User column, as those first numbers look like PID (process ids) to me - unless Synology device has a different ps command output of course.

No, never figured this out. Still have 400-450 files that are reported to be out of sync, with the same message about the folder not making any progress and pausing the puller. If you know something else I can try, fire away!

Hi @xsyncguy Not sure I can help you out much more - I have a few Macs, but not a Synology device.

You said in your original posting

I am getting a recurrent message on one of my machines

Is it one of your two Macs or the Synology device that gets the messages?

This will help pin point the device that has the file permission issues. It appears from the error that Syncthing can not correctly change the file permissions using the chmod command.

This chmod command sets the permissions on file(s) to manage and control who can read, write or execute them. The read, write and execute controls are set for the owner of the file, the group the file belongs to, and an everyone setting also.

If you look at files in a Terminal window on your Mac computers and Synology (if it has Terminal or ssh access?) then you can check these permission and maybe see what is causing the error.

For example using the command on a Mac in Terminal: ls -l shows:

MystixMac:Documents deb$ ls -l
total 36976
-rw-rw-r--  1 deb  staff    22528 28 Dec  2004 Ceri 0203.doc
-rwxrwxr-x  1 deb  staff    27136 15 Jun  2006 LGDU-Pres.doc
-rwxrwxr-x  1 deb  staff    20480 28 Dec  2004 Lauren 03.09.doc
-rwxrwxr-x  1 deb  staff    20480 28 Apr  2005 Lauren 29.04.doc
...

The file permissions are shown first (ie rw- for owner, rw- group, r-- everyone. Ignore the very first - for now). So in the outputs above for the file `Ceri 0203.doc’ has:

  • - = ignore this first one
  • rw- = read/write/(no execute) for the owner (ie deb is the owner)
  • rw- = read/write/(no execute) for the group (ie staff is the group)
  • r-- = read/(no write)/(no execute) for everyone (ie any other accounts on the computer)

The deb and staff are the owner and group the files belong too, respectively.

The last file shown in the ls -l output above is Lauren 29.04.doc with the permissions of:

  • - = ignore this first one
  • rwx = read/write/execute for the owner (ie deb is the owner)
  • rwx = read/write/execute for the group (ie staff is the group)
  • r-x = read/(no write)/execute for everyone (ie any other accounts on the computer)

Again, the deb and staff are the owner and group the files belong too, respectively.

While chmod changes the permission, chown can alter the owner and group. You can probably fix the puller issues you are seeing - but you first need to pin pointing which computer has the permission issue, and of course why they got that way also.

To make all the files in a folder owned by deb and to be in the group staff you would use the command: chown deb:staff * on a Mac computer. Be careful though - or you could change the ownership incorrectly, and stop yourself from being able to access the files !! Just create a few test files in a folder and play with those first! You can create empty files to play with in a Terminal with the command: touch my-test-file.txt and touch my-test-file2.txt

To be able to change a files permissions - the person (or in this case the program - Syncthing) needs to have the right privileges to do so. So hence why we the output of the command: ps auxww was asked for - as that shows the person or user that Syncthing is running as on your different computers.

To change file permissions yourself, you use the command chmod, and specify what permissions the file should have. The permissions can be set by working out what you need, for owner, group, and everyone - you choose one of the following numbers based on the permission(s) to be granted:

r w x : permissions
4 2 1 : corresponding permission values

r w x : 7
r w - : 6
r - x : 5
r - - : 4
- w x : 3
- w - : 2
- - x : 1

So: `chmod 755 “Lauren 29.04.doc”`` changes the file to the following:

MystixMac:Documents deb$ ls -l "Lauren 29.04.doc"
-rwxr-xr-x  1 deb  staff  20480 28 Apr  2005 Lauren 29.04.doc

and `chmod 664 “Lauren 29.04.doc”`` changes the file to

MystixMac:Documents deb$ ls -l "Lauren 29.04.doc"
-rw-rw-r--  1 deb  staff  20480 28 Apr  2005 Lauren 29.04.doc

Your errors are probably caused by the the files being owned by one user, and the permissions being set, so a different user cant change them. When Syncthing runs on a computer - it usually inherits the permissions of the user who started it. It then basically has the permissions on the files in the same way that user does. This is probably what is causing your problems - when the files are synced (copied) between the different computers.

There is more info on the internet about file permission - but hopefully the above helps you trouble shoot a bit further.

Also found this in a Google search - which may be of use: https://www.synology.com/en-us/knowledgebase/tutorials/501

In your Mac Terminal you can also enter the commands: man chmod and man chown that will display the manual pages for each of those commands - and explain them in even more detials, and tell you all about the command line switches. Nearly all command have this information, also have a look at: man ls and of course man man :smile:

When reading man pages - press q exit a page, space bar to go forward a page, and b to go back a page.

Cheers

Simon

1 Like

First of all, thank you for taking so much time to lay this all out. It is extremely helpful to a less advanced user like myself and I can see that you spent a lot of time responding to my problem - very much appreciated.

With regard to what you wrote… The difficulty I am running into is on a single Mac (I am syncing 2 Macs and a Synology). There is only a single user on the Mac (call it ZZZ), which is an admin account (I know this is not the smartest thing to do from a security perspective, but let’s move past that for now). Syncthing was installed by this user. FWIW, the second Mac (without these issues) also only has one user which is also called ZZZ, and this account is also an admin account on the second machine.

The files that are causing difficulties are not all in the same sub-directory -some are, but they are scattered throughout the main folder (Documents) that is being synched. However, one of the subfolders contains a number of problematic files, and its permissions are listed as drwx------@ I fact, I see that a number of the subfolders in the Documents folder are listed with the same permissions, but approximately 1/4 are different (mostly drwxr-xr-x, with or without an @ afterwards).

So I am guessing that any of the subfolders listed as drwx------@ need to have the permissions changed to drwxr-xr-x? Would that be with or without the @? And what does the leading d signify?

With this information, am I any closer to a solution?