Recently I made the mistake of upgrading my Mac to Big Sur. I now can no-longer use Microsoft Office or the Adobe CS5 Suite, and of course licenses are not Transferable so I have thousands of dollars in new licenses to pay (again)… Except I won’t, I’ll just use the old machine for the photographic stuff I do and be damned with Apple and Adobe. Microsoft Word is now OpenOffice. However, by far the most annoying (and why I’ve even considered reverting to El-Capitan) is the new Sandboxing rules that have been imposed.
I do a fair bit of work with FileBot and in years past I made the choice to go with the AppStore version, and bought a license for it way back whenever. Apple have in their infinite wisdom have chosen to impose the restriction that all Apps are Sandboxed when delivered via the AppStore.
Seems like a good idea? Yeah, I thought so as well… until they chose for reasons unknown to restrict where the sandbox will allow you to work.. and it seems it’s impossible to add sanity or override/add paths that a user may require. In my case I have a number of network drives, some 200 Terrabytes of space between them, and as they are a combination of APF, and NFS mounts I had the NFS mounts mounted with the built-in ‘automountd‘ auto mounter. Using the default configuration and adding the shares to ‘/etc/fstab‘ this puts the shares under the default path of ‘/Network/Servers‘. The auto mount works fine, can see all the files and every time I reboot I have to remount the AFP shares as these require credentials associated with the user account and I want them in ‘/Volumes‘.
Not such a good idea anymore…. Sandbox will *NOT* allow access to arbitrary paths and won’t allow access to ‘/Network/Servers‘ any more. Many hours of research have provided no solution and those who could be bothered to log a bug with Apple have found their bugs get closed without comment (and of course no fix.)
So what to do? Well I’m not mounting 10+ shares everytime I login, so went out of my way to get it to present the shares under ‘/Volumes/‘.. not an easy task, AppleScripts work, but not with the right credentials and other really odd issues where they would work sometimes and not others. Big Sur though has had a change that does make the solution work with a bit of scripting and bashing your head against the wall for a few hours.
To save the poor walls around your house/office here’s the way I did it.
First edit ‘/etc/auto_master’ and add/change a few lines… here’s mine:
# Automounter master map
#
+auto_master # Use directory service
/net -hosts -nobrowse,hidefromfinder,nosuid
/home auto_home -nobrowse,hidefromfinder
/Network/Servers -fstab
/- -static
/- auto_afp -nobrowse,nosuid
/- auto_smb -nobrowse,nosuid
/- auto_nfs -nobrowse,nosuid
Next create/edit:
/etc/auto_afp
/etc/auto_smb
/etc/auto_nfs
(Note: in my case auto_smb is an empty file as I don’t have SMB mounts currently)
My /etc/auto_afp file:
/System/Volumes/Data/Volumes/Downloads -fstype=afp,rw afp://*username*:*password*@*IP-address-of-NAS*:/Downloads
/System/Volumes/Data/Volumes/TV -fstype=afp,rw afp://*username*:*password*@*IP-address-of-NAS*:/TV
/System/Volumes/Data/Volumes/Movies -fstype=afp,rw afp://*username*:*password*@*IP-address-of-NAS*:/Movies
/System/Volumes/Data/Volumes/Music -fstype=afp,rw afp://*username*:*password*@*IP-address-of-NAS*:/Music
/System/*username*/Data/Volumes/Videos -fstype=afp,rw afp://*username*:*password*@*IP-address-of-NAS*:/Videos
/System/Volumes/Data/Volumes/Transmission -fstype=afp,rw afp://*username*:*password*@*IP-address-of-NAS*:/Transmission
My /etc/auto_nfs file:
/System/Volumes/Data/Volumes/Storage -fstype=nfs,noowners,noresvport,hard,bg,intr,rw,tcp,rdirplus,rsize=65536,wsize=65536,readahead=128 nfs://*StorageServer1*/Storage
/System/Volumes/Data/Volumes/Archive -fstype=nfs,noowners,noresvport,hard,bg,intr,rw,tcp,rdirplus,rsize=65536,wsize=65536,readahead=128 nfs://*StorageServer2*/Archive
Now, you’d think this would be all good, just run ‘sudo automount -vc‘ and you’d be good to go right? Wrong! automountd will not create directories, so create them and run ‘sudo automount -vc‘ and you’ll be good to go… well until you reboot… The ‘/Volumes/‘ directories that appeared when you created the directories under “/System/Volumes/Data/Volumes” are deleted/removed on reboot, so the auto mounter can’t mount anything the next time around and you have to create the directories all over again. A bit of searching, reading manual pages and it appears ‘/etc/synthetic.conf‘ would solve it… Wrong again! <insert expletives aimed at Apple>..
The solution is to get launchd to create the directories for you and tell automountd to flush the cached information (and therefore reload everything).. so just add the following files:
File: /Library/Scripts/com.apple.automount.sanity.sh
#!/bin/sh
PATH=/usr/bin:/bin:/usr/sbin:/sbin
for mapfile in `cat /etc/auto_master | grep -- '^/-' | awk '{print $2}' | grep ^auto_`
do
# here we should have all the /etc/auto_* files so iterate
for dir in `cat /etc/${mapfile} | grep '^/' | awk '{print $1}'`
do
# here we should have a list of directories to create
mkdir -p ${dir}
done
done
Save the file and make it executable with:
chmod +x /Library/Scripts/com.apple.automount.sanity.sh
Next create a plist description for launchd here: /Library/LaunchDaemons/com.apple.automount.sanity.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key> <string>com.apple.automount.sanity</string>
<key>Disabled</key> <false/>
<key>RunAtLoad</key> <true/>
<key>KeepAlive</key> <false/>
<key>ProgramArguments</key>
<array>
<string>/Library/Scripts/com.apple.automount.sanity.sh</string>
</array>
<key>StandardOutPath</key>
<string>/tmp/com.apple.automount.sanity.stdout</string>
<key>StandardErrorPath</key>
<string>/tmp/com.apple.automount.sanity.stderr</string>
</dict>
</plist>
Finally, you can load it with:sudo launchctl -w /Library/LaunchDaemons/com.apple.automount.sanity.plist
…and for the final test… just reboot, you should find all your mounts reappear on reload.
Enjoy!