rbononno – there appears to be something odd about the ls command when applied to the Containers folder. It lists some of the folders in the directory but not all and it appears to list items that Finder doesn’t show (even when Finder is permitted to show hidden files). macOS prevents me from using ls on com.apple.mail too. But Finder does what I need.
Many (all?) of the folders in ~/Library/Containers have FinderInfo and data-container-personality extended attributes which (I believe) causes Finder to treat them special. I know, for instance, that six different such containers are presented by Finder a “Mail”. (See above ).
But I haven’t had any problem with ls. You just have to keep in mind that it is showing the real filenames, not Finder’s presentation of them. On my (Big Sur) system, I see all these locations just fine:
$ cd ~/Library/Containers
$ ls -l@d com.apple.mail
drwx------@ 6 dcharlap staff 192 Dec 14 18:38 com.apple.mail/
com.apple.FinderInfo 32
com.apple.data-container-personality 2528064
$ ls -l@ com.apple.mail
total 80
-rw-------@ 1 dcharlap staff 37016 Nov 10 2020 Container.plist
com.apple.lastuseddate#PS 16
com.apple.macl 72
drwx------ 14 dcharlap staff 448 Sep 27 2021 Data/
$ ls -R com.apple.mail
Container.plist Data/
com.apple.mail/Data:
CloudKit Documents Library Music SystemData
Desktop Downloads Movies Pictures tmp
com.apple.mail/Data/CloudKit:
5148ba626ad2912bf4fd028b18d17b01bf5ed127 9aff907b8532e88139c729caf921db8f6052326c
com.apple.mail/Data/CloudKit/5148ba626ad2912bf4fd028b18d17b01bf5ed127:
AssetsDb MMCS Records
...
$ cd com.apple.mail
$ ls
Container.plist Data
$ cd Data
$ ls
CloudKit Documents Library Music SystemData
Desktop Downloads Movies Pictures tmp
$ cd Library
$ ls
Application Scripts Favorites Mail
Application Support Filters Mail Downloads
Audio FontCollections PDF Services
Caches Fonts Preferences
Calendars Images QuickLook
ColorPickers Input Methods Saved Application State
ColorSync KeyBindings Sounds
Colors Keyboard Layouts Spelling
Components Keychains SyncedPreferences
Compositions LaunchAgents WebKit
Dictionaries Logs
$ cd Mail\ Downloads
David, thank you.
The user from which I ran ls is not an admin user. Is that why it was refused access to com.apple.mail?
It shouldn’t matter. The folder in question (~/Library/Containers/com.apple.mail) is a per-user directory, located in a home directory and should be owned by that user.
If you type ls -ld ~/Library/Containers/com.apple.mail, what permissions do you see? I see (substituting my user name):
$ ls -ld ~/Library/Containers/com.apple.mail
drwx------@ 6 username staff 192 Dec 14 18:38 /Users/username/Library/Containers/com.apple.mail
The important things to see:
- The permissions are
rwx------. This means the owner has full access, but nobody else (group or others) has access. - The owner is
username. This should be the short-name of the user that owns the home directory.
1 Like
On Catalina, using zsh:
robertb@bliss Containers % ls -l@ com.apple.mail
ls: com.apple.mail: Operation not permitted
On Catalina, I’m seeing:
robertb@bliss Containers % ls -l@d com.apple.mail
drwx------ 5 robertb staff 160 Sep 24 13:36 com.apple.mail
I think this response is happening because your Terminal application doesn’t have full-disk-access permission, so the “ls” command can’t read anything.
Go to System Preferences → Security & Privacy → Privacy → Full Disk Access and make sure Terminal has access. If it doesn’t, manually add it.
2 Likes
Replying to David C.
Permissions etc same as Robert:
drwx------@ 5
and when I enter ls
ls: .: Operation not permitted
That’s it. Full Disk Access required.
So much security!
1 Like
So, is it safe to simply delete all those old message attachments in the /Containers/com.apple.mail/ folder? They would appear to be redundant.
Yup. That made the difference.
I found it. It’s part of each directory’s extended attributes.
The ls -ld command shows that there are extended attributes (the @ following the permissions):
$ ls -ld ~/Library/Containers/com.apple.mail
drwx------@ 6 ... staff 192 Dec 14 18:38 /Users/.../Library/Containers/com.apple.mail
If I use the -@ option, it will show the names of these attributes:
$ ls -ld@ ~/Library/Containers/com.apple.mail
drwx------@ 6 ... staff 192 Dec 14 18:38 /Users/.../Library/Containers/com.apple.mail
com.apple.FinderInfo 32
com.apple.data-container-personality 2528064
The FinderInfo attribute has Finder-specific data (what HFS and HFS+ used to track natively), including the legacy type/creator codes.
Using the xattr command, I was able to dump these attributes (using the head command to only show the start of data, since the data-container-personality attribute is 2.5 MB):
$ xattr -l ~/Library/Containers/com.apple.mail | head
com.apple.FinderInfo:
00000000 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 |................|
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000020
com.apple.data-container-personality:
00000000 62 70 6C 69 73 74 30 30 D4 01 02 03 04 05 06 3B |bplist00.......;|
00000010 3C 54 69 63 6F 6E 54 6E 61 6D 65 52 70 69 57 76 |<TiconTnameRpiWv|
00000020 65 72 73 69 6F 6E 4F 12 00 26 90 80 69 63 6E 73 |ersionO..&..icns|
00000030 00 26 90 80 69 63 31 32 00 00 12 2F 89 50 4E 47 |.&..ic12.../.PNG|
00000040 0D 0A 1A 0A 00 00 00 0D 49 48 44 52 00 00 00 40 |........IHDR...@|
xattr: [Errno 32] Broken pipe
Note the text representation of the start of the data-container-personality attribute: bplist00. This data is a binary-format plist file. This means we can save it to a file. The xattr command can be used to dump binary-format attributes as hex data:
$ xattr -p com.apple.data-container-personality ~/Library/Containers/com.apple.mail > ~/tmp/mail.plist.hex
$ head ~/tmp/mail.plist.hex
62 70 6C 69 73 74 30 30 D4 01 02 03 04 05 06 3B
3C 54 69 63 6F 6E 54 6E 61 6D 65 52 70 69 57 76
65 72 73 69 6F 6E 4F 12 00 26 90 80 69 63 6E 73
00 26 90 80 69 63 31 32 00 00 12 2F 89 50 4E 47
0D 0A 1A 0A 00 00 00 0D 49 48 44 52 00 00 00 40
00 00 00 40 08 06 00 00 00 AA 69 71 DE 00 00 00
01 73 52 47 42 00 AE CE 1C E9 00 00 00 44 65 58
49 66 4D 4D 00 2A 00 00 00 08 00 01 87 69 00 04
00 00 00 01 00 00 00 1A 00 00 00 00 00 03 A0 01
00 03 00 00 00 01 00 01 00 00 A0 02 00 04 00 00
To convert this hex data to its binary representation, the xxd command can be used:
$ cd tmp
$ xxd -r -p mail.plist.hex mail.plist
$ ls -l
total 21456
-rw-r--r-- 1 ... staff 2528064 Jan 4 11:13 mail.plist
-rw-r--r-- 1 ... staff 7584192 Jan 4 11:11 mail.plist.hex
And from there, we can dump the contents of the plist using the plutil command:
$ plutil -p mail.plist
{
"icon" => {length = 2527360, bytes = 0x69636e73 00269080 69633132 0000122f ... 49454e44 ae426082 }
"name" => {
"ar" => "البريد"
"Base" => "Mail"
"ca" => "Mail"
"cs" => "Mail"
"da" => "Mail"
"de" => "Mail"
"el" => "Mail"
"en" => "Mail"
...
"zh_HK" => "郵件"
"zh_TW" => "郵件"
}
"pi" => {length = 36, bytes = 0x00000000 14030000 08000000 88b152cc ... 14030000 00000000 }
"version" => 0
}
And here you can see where the Finder is getting its presentation. The “icon” attribute contains the custom folder icon. And the “name” attribute contains the name it is presented with (in a large set of languages, so it will be localized for languages that don’t have Latin alphabets).
I haven’t (yet) looked to see what the “pi” attribute is for
2 Likes
Yes, you can delete the folders in
~/Library/Containers/com.apple.mail/Data/Library/Mail Downloads
I have done this many times without a problem and without losing information.
1 Like
Question on this:
If ~/Library/Containers/com.apple.mail/Data/Library/Mail Downloads
are the ones you’ve opened?
Is there a place for attachments you haven’t opened?
Diane
So far as I know they are only downloaded from the mail server when you open them. If unopened, they remain on the server and are still available but do not occupy space on your device.
Well that’s a good thing - thanks!
And all the signature attachments, they would either be not downloaded in unopened email, or in the Mail Downloads folder?
Diane
I imagine so.
If you want to avoid accumulating gigabytes of download, click on QuickLook to open attachments in mail rather than just opening or clicking on the download file. If you need to take a closer look or save the file once you’ve done a QuickLook, then click on Save As and save it with your documents or your other Downloads (not the your Library).
I checked my Library, and it’s a rat’s next. From a quick scan it looks like different versions of Mail may have stored Downloads in different places. A quick scan of /Libraries/Mail Downloads found about a gig of old downloads from around 2010-2014, including some long-forgotten family photos sent by a relative. I have yet to find any others, but I’m sure they must be around somewhere.
In MacOS Mail you can sort by attachment size and that may help sift through things.
2 Likes
Hazel can monitor folders and route files found within them or within subfolders within them wherever you wish. You can create quite complex rules and operations on them, it’s very useful.
https://www.noodlesoft.com/manual/hazel/hazel-basics/about-folders-rules/