OSX 10.15.7 error EPERM: Operation not permitted [opendir] only in specific circumstances

Get help for specific problems
Posts: 6
Joined: 11 Jan 2023

igorD

OSX 10.15.7
FreeFileSync 13.0

I have very strange error, can not understand why.
Probably this is some OSX problem, but still would like to document it for others and maybe somebody can explain what is the problem.

I was using FreeFileSync automatically from launchd, because I wanted to start it ever time I start PC and then every hour later. I manage to configure it and it was and is still working fine.
This is plist code:
<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
     <dict>
         <key>Label</key>
         <string>com.user.freefilesync</string>
        <key>ProgramArguments</key>
         <array>
             <string>/usr/local/bin/FreeFileSync</string>
             <string>/Users/macbook/my_scripts/FreeFileSyncSettings_OpalStack.ffs_batch</string>
         </array>
        <key>RunAtLoad</key>
         <true/>
        <key>StartInterval</key>
         <integer>3600</integer>
        <key>StandardOutPath</key>
         <string>/Users/macbook/my_scripts/LOGS/FreeFileSync.stdout</string>
         <key>StandardErrorPath</key>
         <string>/Users/macbook/my_scripts/LOGS/FreeFileSync.stderr</string>
     </dict>
 </plist>
So I am just starting FreeFileSync with my configuration and this is working fine.

Later I decided(for reasons not important for this discussion, but if needed can explain) to make shell script that will be called by launchd.
Here is how my shell script look like:
#!/bin/bash
# for redirecting both outputs to LOG file
 exec >> /Users/macbook/my_scripts/LOGS/at_startup_and_every_1h_`date +%Y-%m-%d`.txt
 exec 2>&1
echo `date +%Y-%m-%d_%H:%M:%S` " --- START " $$
### FreeFileSync backup
 /usr/local/bin/FreeFileSync ~/my_scripts/FreeFileSyncSettings_OpalStack.ffs_batch
 # also same problem
#/usr/local/bin/FreeFileSync /Users/macbook/my_scripts/FreeFileSyncSettings_OpalStack.ffs_batch
echo `date +%Y-%m-%d_%H:%M:%S` " --- END " $$; echo
Except for some additional logging(it is working) I am just calling "/usr/local/bin/FreeFileSync ~/my_scripts/FreeFileSyncSettings_OpalStack.ffs_batch".
When I run script from terminal it is working fine.

Then I decided to make new plist for launchd. Here is code:
<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
     <dict>
         <key>Label</key>
         <string>com.user.at_startup_and_every_1h</string>
        <key>Program</key>
         <string>/Users/macbook/my_scripts/at_startup_and_every_1h.sh</string>
        <key>RunAtLoad</key>
         <true/>
        <key>StartInterval</key>
         <integer>3600</integer>
     </dict>
 </plist>
As you can see it is as simple as it can be, start on startup and ever 3600 minutes after that.

But when it is tested with "launchctl load com.user.at_startup_and_every_1h.plist" or "launchctl start com.user.at_startup_and_every_1h" I always have error. It is GUI popup.
Cannot open directory "/Users/macbook/Downloads/02_Obsidian_Vaults".
EPERM: Operation not permitted [opendir]
What I have already tested:
1. Did reboot (few of them) it is the same.
2. Full Disk Access viewtopic.php?t=5706#p18924 is not problem, it is checked.
3. As I said when shell script is run from terminal it is working fine eg. "./at_startup_and_every_1h.sh".

Only idea that I have left is that something, some unknown configuration to me is different when launchd is starting "com.user.at_startup_and_every_1h.plist" and then it is starting "at_startup_and_every_1h.sh".
But I have no idea how to test/confirm it.

Any idea what to do next ?
Thanks
Posts: 6
Joined: 11 Jan 2023

igorD

I was not able to find the solution but found workaround.

crontab in OSX support @reboot. I have used this to my FreeFileSync shell script.
I also start same script every hour.
And use this code to prevent both scripts running in same time.
#!/bin/bash
# for redirecting both outputs to LOG file
 exec >> /Users/macbook/my_scripts/LOGS/backup_to_remote_`date +%Y-%m-%d`.txt
 exec 2>&1
echo `date +%Y-%m-%d_%H:%M:%S` " --- START " $$
pid_file="/Users/macbook/my_control_files/backup_to_remote.pid"
 current_time=$(date +%s)
 threshold=$((1 * 24 * 3600))  # 1 days in seconds
if [ -e $pid_file ]; then
     file_mtime=$(stat -f %m $pid_file)
    if [ $((current_time - file_mtime)) -ge $threshold ]; then
         # File is older than 1 days, delete it
         rm $pid_file
         echo "Deleted old PID file, it is older than 1 day."
     else
         # File is not older than 1 days, just exit
         echo "PID file is not older than 1 days. Exiting."
     osascript  -e 'display notification "Check why is there old file !!!" with title "From backup_to_remote.sh"'
         echo `date +%Y-%m-%d_%H:%M:%S` " --- END " $$; echo
         exit 0
     fi
 else
     # If the file doesn't exist or was deleted, create a new one with the current PID
     echo $$ > $pid_file
     echo "Created new PID file with PID $$."
 fi

### copy to backup
 # some my additional copy
 # this is why I changed original setup

### FreeFileSync
 echo "FreeFileSync " `date +%Y-%m-%d_%H:%M:%S`
 /usr/local/bin/FreeFileSync ~/my_scripts/FreeFileSyncSettings_OpalStack.ffs_batch
# delete PID file at the end
 rm $pid_file
echo `date +%Y-%m-%d_%H:%M:%S` " --- END " $$; echo
crontab setup is much easier than launchd.
I found lot of strange behaviour with launchd and no way to troubleshoot it.