MacOS Sonoma Version 14.2.1
I am running a python script via crontab, and the script runs, but I get an error when trying to iterate the ~/.Trash directory:
PermissionError: [Errno 1] Operation not permitted: '/Users/me/.Trash'
I have enabled full disk access for: /usr/sbin/cron, /usr/bin/crontab, and terminal.app, but still have the same problem.
If I run the script directly, it works fine, but when cron runs it, I get the error above. ~/.Trash is the only directory that I've found to have problems with. I've tried both using absolute path and relative to my home directory .
I have tried a few different crontab entries, but get the same result from all of them (I've ran each version directly and each works fine when not ran via cron).
-
*/5 * * * * /Users/me/miniforge3/envs/dev/bin/fclean >> /dev/null 2>&1
-
*/5 * * * * /Users/me/miniforge3/envs/dev/bin/python /Users/me/miniforge3/envs/dev/bin/fclean >> /dev/null 2>&1
-
*/5 * * * * /Users/me/miniforge3/envs/dev/bin/python /Users/me/path/to/file.py >> /dev/null 2>&1
if it's helpful the python function that's raising the permission issue is:
def clean_folder(folder: Path, _time: int = days(30)) -> None:
"""
If a file in the specified path hasn't been accessed in the specified days; remove it.
Args:
folder (Path): Path to folder to iterate through
_time (int): optional time parameter to pass as expiration time.
Returns:
None
"""
for file in folder.iterdir():
if expired(file, _time):
try:
rm_files(file)
except PermissionError as permission:
logging.exception(permission)
continue
except Exception as _err:
logging.exception(_err)
continue
``
Scripting and TCC are uneasy bedfellows, because:
-
TCC needs to work out the responsible code for a given request, and
-
TCC needs to be able to reliably track the identity of code
neither of which is easy for a script. I talk about this more in On File System Permissions.
Is it just the Trash you’re having problems with? If, just for testing, you tweak your script to access some other FDA-protected directory, does it fail there as well?
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"