under macos 10.15.7, why cannot cron find files on my external hard drive?

Question

I purchased an external hard drive for scheduled backups of my macbook pro, presumably under cron. My rsync commands work fine when I invoke on the bash (interactive) command line. But as soon as I try to do them under cron, they fail. In fact, cron cannot find files on the external hard drive. The code below demonstrates this.

#!/bin/bash
echo ========================================== 
date '+%Y-%m-%d %a %H:%M:%S'
whoami 
printenv
find -s /Users/kpr/nDoNotBackup/Dustin /Volumes/oom/tmp -type f  -newermt '2021-12-30'

The script is called zee. To put both the interactive command and the cron command into identical shells, I used env -i /bin/bash -login -c. For this, I followed https://stackoverflow.com/questions/9671027/sanitize-environment-with-command-or-bash-script.

First interactive:

~/tmplocal/DUMS/zee> env -i /bin/bash -login -c '/Users/kpr/u/kh/bin/zee >> /Users/kpr/tmplocal/DUMS/zee/out.txt 2>&1'

and then

~> crontab -l
00 16  *  *  *  $HOME/u/kh/bin/jaw20200410cronmakeccalfile.sh
05 22  *  *  *  env -i /bin/bash -login -c '/Users/kpr/u/kh/bin/zee >> /Users/kpr/tmplocal/DUMS/zee/out.txt 2>&1'
~>

In out.txt, the invocations are distinguishable by their values of PWD.

==========================================
2021-12-30 Thu 22:03:43
kpr
PATH=/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/TeX/texbin:/Library/Apple/usr/bin
PWD=/Users/kpr/tmplocal/DUMS/zee
SHLVL=2
_=/usr/bin/printenv
/Users/kpr/nDoNotBackup/Dustin/srczee/Hey
/Volumes/oom/tmp/srczee/Hey
==========================================
2021-12-30 Thu 22:05:00
kpr
PATH=/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/TeX/texbin:/Library/Apple/usr/bin
PWD=/Users/kpr
SHLVL=2
_=/usr/bin/printenv
/Users/kpr/nDoNotBackup/Dustin/srczee/Hey
find: /Volumes/oom/tmp: Operation not permitted

Why would cron cause this problem? How can I run a command as simple as find, under cron, so that it will work as well as in the interactive shell?

Below is some information on the external HD and on my macbook's HD. Do I need to format the external HD differently? But then why is it accessible from the command line?

~/u/kh/bin> diskutil info /Volumes/oom
   Device Identifier:         disk4
   Device Node:               /dev/disk4
   Whole:                     Yes
   Part of Whole:             disk4
   Device / Media Name:       My Passport 260D
Volume Name:               oom
   Mounted:                   Yes
   Mount Point:               /Volumes/oom
Content (IOContent):       Apple_HFSX
   File System Personality:   Case-sensitive Journaled HFS+
   Type (Bundle):             hfs
   Name (User Visible):       Mac OS Extended (Case-sensitive, Journaled)
   Journal:                   Journal size 385024 KB at offset 0x48c8000
   Owners:                    Disabled
OS Can Be Installed:       Yes
   Booter Disk:               disk3s3
   Media Type:                Generic
   Protocol:                  USB
   SMART Status:              Not Supported
   Volume UUID:               3FE9A430-BADA-39B9-8B8A-BBD9F734633D
   Disk / Partition UUID:     D1537CEC-27E9-43EF-86ED-E7A2A7A16C11
Disk Size:                 5.0 TB (5000247902208 Bytes) (exactly 9766109184 512-Byte-Units)
   Device Block Size:         512 Bytes
Volume Total Space:        5.0 TB (5000247902208 Bytes) (exactly 9766109184 512-Byte-Units)
   Volume Used Space:         2.8 TB (2773301460992 Bytes) (exactly 5416604416 512-Byte-Units) (55.5%)
   Volume Free Space:         2.2 TB (2226946441216 Bytes) (exactly 4349504768 512-Byte-Units) (44.5%)
   Allocation Block Size:     8192 Bytes
Read-Only Media:           No
   Read-Only Volume:          No
Device Location:           External
   Removable Media:           Fixed
Solid State:               Info not available
   Virtual:                   Yes
This disk is a Core Storage Logical Volume (LV).  Core Storage Information:
   LV UUID:                   D1537CEC-27E9-43EF-86ED-E7A2A7A16C11
   LVF UUID:                  6C06FD6C-D00A-4953-AFC3-5D5908487D26
   LVG UUID:                  E80D582C-0EDA-49E0-ADD6-A718B36AAF6A
   PV UUID (disk):            70BC9B73-B6CC-4D90-9DC0-22EC0E5490D3 (disk3s2)
   Fusion Drive:              No
   Encrypted:                 Yes
~/u/kh/bin> diskutil info /
   Device Identifier:         disk1s1
   Device Node:               /dev/disk1s1
   Whole:                     No
   Part of Whole:             disk1
Volume Name:               Macintosh HD
   Mounted:                   Yes
   Mount Point:               /
Partition Type:            41504653-0000-11AA-AA11-00306543ECAC
   File System Personality:   APFS
   Type (Bundle):             apfs
   Name (User Visible):       APFS
   Owners:                    Enabled
OS Can Be Installed:       No
   Booter Disk:               disk1s3
   Recovery Disk:             disk1s4
   Media Type:                Generic
   Protocol:                  PCI-Express
   SMART Status:              Verified
   Volume UUID:               36033C28-202B-4932-B271-C8BD841FBAAF
   Disk / Partition UUID:     36033C28-202B-4932-B271-C8BD841FBAAF
Disk Size:                 2.0 TB (2000796545024 Bytes) (exactly 3907805752 512-Byte-Units)
   Device Block Size:         4096 Bytes
Container Total Space:     2.0 TB (2000796545024 Bytes) (exactly 3907805752 512-Byte-Units)
   Container Free Space:      1.2 TB (1209274347520 Bytes) (exactly 2361863960 512-Byte-Units)
   Allocation Block Size:     4096 Bytes
Read-Only Media:           No
   Read-Only Volume:          Yes
Device Location:           Internal
   Removable Media:           Fixed
Solid State:               Yes
   Hardware AES Support:      Yes
This disk is an APFS Volume.  APFS Information:
   APFS Container:            disk1
   APFS Physical Store:       disk0s2
   Fusion Drive:              No
   APFS Volume Group:         8D013C64-D366-4902-B782-502203E919F2
   FileVault:                 Yes
   Locked:                    No
~/u/kh/bin>

Does the answer to "On Catalina, how can a cronjob get permission to touch files on a USB disk?" solve your problem? — Gordon Davisson, Dec 31 '21 at 19:18

score 2 · Answer 1 · answered Dec 31 '21 at 18:47

The answer is laid out explicitly in https://www.getdroidtips.com/cron-permission-issues-macos/. This is risky and "do not try this at home!" Anybody doing this must assume the full risk.

Quote:

If the latest versions of Mac OS faces cron permissions issues, then you should have to grant full disk access. Let’s go by the following steps to allow the full disk access to cron.

Go to System Preferences in Apple Menu and select the “Security & Privacy” option.

In the “Privacy” tab, select the “Full Disk Access” option from the side menu option.

Click on the lock icon in the corner and authenticate with the system password to modify full disk access settings in your Mac.

Now pull down the “Go” menu from the Finder in Mac OS and choose “Go to Folder.”

Now enter the path: /usr/sbin/cron and select Go.

Now you have to drag and drop the “cron” in the list of apps and processes with full disk access permission. Cron should now appear in the list.

Get out of system preferences window and open Finder sbin window once you finished.

There are security measures introduced with the release of new Mac OS, and causes issues like operation not permitted.

under macos 10.15.7, why cannot cron find files on my external hard drive?

1 Answers1