What went wrong?

30 Oct 2018


Okay. So I had a problem with my Mac. Basically, about 10 minutes after a restart, the application switcher and the dock would stop working. Whichever application I had at the front (chrome, terminal, editor whatever) would be fine but I won’t be able to load or change to any other application. Alt-Ctrl-Esc would work, so I could kill applications, but that wasn’t particularly helpful.

The cause of the problem took FAR TOO LONG to track down. It was apache. More specifically, I had installed Homebrew’s Apache and the built-in version of apache hadn’t been disabled properly, so they both started up on a reboot. NO IDEA why this broke the dock.

(Note: I had setup apache using this guide macOS 10.14 Mojave Apache Setup: Multiple PHP Versions – and thank-you grav people, very helpful.)

If I killed all the httpd processes (sudo pkill httpd) immediately after the restart, and then restarted apache I was fine but that wasn’t exactly a longterm solution.

This command should stop the running instance of Apache, and record that it should not be restarted.

sudo launchctl unload -w /System/Library/LaunchDaemons/org.apache.httpd.plist

But it gave the error:

/System/Library/LaunchDaemons/org.apache.httpd.plist: Could not find specified service

Basically, the native OSX instance was still running, but it had become separated from launchctl, so launchctl couldn’t unload or stop it.

First of all, I took the brew apache out of the picture

brew unlink httpd

Then try

which httpd

This showed /usr/sbin/httpd Okay, we can now FINALLY see the OSX apache. Try restarting it.

sudo apachectl restart

It gave this error:

Address already in use: AH00072: make_sock: could not bind to address [::]:80

That’s my problem. Because of this error, the apachectl process would start up, but the launchctl couldn’t shut it down properly.

A little bit of headscratching, but fixed by editing the apache config file (for OSX, not brew apache) /private/etc/apache2/httpd.conf and setting:

ServerName 127.0.0.1

Now the command sudo apachectl restart works. And sudo launchctl unload ... also works.

Restart the mac, check the processes and (hurrah) no httpd processes found.

Link brew version back up.

brew link httpd
brew services restart httpd

Normality restored. But it took me a long time to get there.

Pretty sure all this kicked off when I upgraded to Mojave 10.14.

TL;DR launchctl thought it had properly shut the apache process down, but the apachectl agent refused to stop because reasons, resulting in a decoupled process

Root is no longer all powerful

7 May 2016


Basically, root is no longer all powerful – there are some things even root account cannot do! Official name is “System Integrity Protection” I’m writing all this down so next time I run into the problem and start googling, I’ll find my own notes.

I was trying to rename / remove the previous version of php

  sudo mv /usr/bin/php /usr/bin/php55

This failed with the error “Operation not permitted”

When I try ls -lO /usr/bin/php I get:

  -rwxr-xr-x 1 root wheel restricted,compressed 10577504 3 Dec 06:35 /usr/bin/php

restricted is a new flag for El Capitan. Basically Apple has added a whole new layer of security in OS X. They have taken away some privileges from root. If a file has a restricted flag, only restricted processes which are signed by Apple will be able to modify them. However, you can disable this security system by booting in recovery mode and disabling it in a Terminal by running the command:

  csrutil disable

And for all the exciting details: https://apple.stackexchange.com/questions/193368/what-is-the-rootless-feature-in-el-capitan-really