On Feb 6, 2011, at 2:22 PM, Matthew Lucas wrote:
> I'm trying to run wireshark on my 2008 MacBook Pro, running Mac OS 10.6.6. I'm an admin user and I've copied the ChmodBPF folder to /Library/StartupItems and restarted my machine to cause it to run. On restart I got the following error:
>
> {"Insecure Startup Item disabled." message}
That probably means that it's not owned by user root and group wheel; unfortunately, the drag-install process doesn't cause the startup item to be given the right ownership. (The dmg is probably mounted with the "make it look as if everything on the file system is owned by the person who mounted it" option, and the Finder's copy preserves the ownership.)
You'd need to open up Terminal and do
sudo chown -R root:wheel /Library/StartupItems/ChmodBPF
> When I navigate to /Library/StartupItems/ChmodBPF/ and run the ChmodBPF script, I get the following:
>
> Last login: Sun Feb 6 21:45:06 on ttys000
> /Library/StartupItems/ChmodBPF/ChmodBPF ; exit;
> Matts-MacBook-Pro:~ matt$ /Library/StartupItems/ChmodBPF/ChmodBPF ; exit;
> /Library/StartupItems/ChmodBPF/ChmodBPF: line 35: $1: unbound variable
> logout
You need to open up Terminal and run it as
sudo SystemStarter ChmodBPF start
> Having read through all the documentation, it appears that the files that require permission change are in /dev - however I have no such folder. I've unhidden the hidden files and folders, and I've tried Go->Go to Folder->/dev to which I get the response "The folder can't be found". I certainly haven't deleted it, and from what I've read, I would imagine I would be having some fairly severe difficulties if I had, so it must have been intentionally moved or removed, presumably by Apple and presumably with a point update. So the question is, is all of this compatible with 10.6.6, and if it's not, is there something I can do manually to resolve it? Or have I simply done something wrong?
There are folders, and there are directories.
"Folders" are what the OS X GUI shows you. "Directories" are what are in the file system name space; a "folder" is a directory that the GUI's willing and able to display.
For better or worse, "/dev" is a directory but not a folder; the GUI hides it from you. If you open up Terminal, you can see that it exists (if it didn't exist, then
1) a huge amount of code in OS X would fail
and
2) Apple couldn't use the word "UNIX" in connection with OS X):
$ ls /dev
auditpipe ptyta ttyr6
autofs ptytb ttyr7
autofs_control ptytc ttyr8
autofs_nowait ptytd ttyr9
bpf0 ptyte ttyra
bpf1 ptytf ttyrb
bpf2 ptyu0 ttyrc
bpf3 ptyu1 ttyrd
...