I recently have added a second hard drive to my system and have been trying to make myself the owner of the entire drive (and keep everyone else out). What I have found is that I can only seem to accomplish this by formatting the drive as UFS and then going to terminal to change the owner and permissions at the root of the new drive. This works fine and other users cannot even open the drive at that point. The trouble I am having is that I would like to use HFS+ rather than UFS and when I follow the same procedure I cannot lock others out of the drive. I can keep people out of my folders on the drive but not out of the drive itself. With HFS+ they can still open the drive and save new data without restriction. Am I trying to do something that cannot be done with HFS+?

i had this issue.

then i examined new user's group id. it's 20, which is staff.

all partitions have a default group of 20, staff.

change the partitions to grp wheel, recursively, and kaboom, no general user access allowed.


i like to keep my partitions group and other read so the locate.database updater considers them and i can use locate to find their contents.

this, very effectively, keeps users from write access. there are no hfs+ vs. ufs issue in this regard that i know of. unix qua unix.


# chgrp -R wheel /Volumes/*

% ll / -d
drwxr-xr-t 40 root admin 1.3k Jan 23 10:03 //

% ll /Volumes/ -d
drwxrwxrwt 17 root wheel 534 Jan 23 20:26 /Volumes//

% ll /Volumes/
total 68k
----r-xr-x 1 dawg wheel 0 Dec 17 22:13 -i*
drwxr-xr-x 23 dawg wheel 738 Jan 22 17:57 banshee/
drwxr-xr-x 24 dawg wheel 772 Jan 22 17:57 chunder/
drwxr-xr-x 20 dawg wheel 636 Jan 21 02:29 data/
drwxr-xr-x 22 dawg wheel 704 Jan 22 17:57 ebola/
drwxr-xr-x 47 dawg wheel 1.5k Jan 22 17:57 flivver/
drwxr-xr-x 17 dawg wheel 534 Jan 22 17:57 gunt/
drwxr-xr-x 19 dawg wheel 602 Jan 22 17:57 hell/
drwxr-xr-x 22 dawg wheel 704 Jan 23 20:25 meow/
drwxr-xr-x 25 dawg wheel 806 Jan 22 17:57 tango/
drwxr-xr-x 41 dawg wheel 1.3k Jan 22 17:57 whiskey/
drwxr-xr-x 19 dawg wheel 602 Jan 22 18:17 zulu/


let me know if that works for you.

Thank you mervTormel, your answer led to the solution but in a wierd way.
Sure enough, the group was staff so I exitedly made the change to wheel. I then logged in as another user and was surprised to find that I could still access the drive. Going to terminal and checking the permisions I saw that the owner had changed to the person I was logged in as. This happened for each user I tested, the owner would change and I would have access. I eventually got what I wanted by logging in as root and changing the current owner (now root) to my user, after that everything worked as I had originally wanted. I am happy but a bit confused. I am pretty sure that at some point while testing I had su'ed from my user to root and performed the same chown but for some reason it did not take until I relogged completely in as root. It is all hazy, but I would not mind knowing why the owner originally changed to the user that was logged in. Regardless, thank you for the help - I am fixed!