Favorite quotation: Before you criticize someone, you should walk a mile in their shoes, that way when you criticize them, you're a mile away and you have their shoes. - Jack Handey

Sunday, June 30, 2013

Clean up your Sandbox

Ever look at Console and suspect that your Mountain Lion is using sandbox as its litter box... and it has diarrhea? You know the smelltale signs: sandboxd denying some of Apple's own processes access to file-reda-metadata in various places, and denying Mach lookup to others in other places. Well, I finally found how to adjust the sandbox and get rid of these messages!

There are some files in /usr/share/sandbox which contain the sandbox preferences for the various Apple processes, such as,, et al. You may be accustomed to seeing this kind of crap:

- 7/1/13 12:07:32.169 AM sandboxd[2954]: ([2952]) launchctl(2952) deny file-read-data /private/var/db/launchd.db/

If so then go find the appropriate .sb file and edit it to add the path that's currently being sandboxed. It got rid of a bunch of coreaudiod errors I was getting, and I know a lot of people have been getting sandbox issues with mds, Spotlight's daemon.