How to fix the Mac OS X Lion 10.7.3 wifi network issue

09 Feb
09/02/2012

Today, for the first time, I got really angry with Apple.

I’ve been a longtime Apple fanboy. I love the company, its culture and stopped counting the Apple devices around my house when I reached a number higher than ten. :)

Today, while being in the office, I installed the Mac OS X Lion 10.7.3 update on my 1,8 GHz Intel Core i7 MacBook Air. It’s a 1.7 GB major update to the operating system offered by Software Update. I later manually reinstalled the combo update but it did not help at all.

After restarting, I found the MacBook Air entirely disconnected. It was unable to establish a WiFi connection to any wireless LAN, nor could it connect to a wired Ethernet network. Note that this did not only happen after waking Lion up from sleep, the MacBook Air did not connect to any network even after multiple reboots.

It entirely blew my schedule for my workday and I really believe, Apple should find a better guy to run their software quality assurance department AND establish an emergency response team which handles hotfixes the way Microsoft does. (The one area, where Microsoft really is much better than Apple.)

None of the ideas I found on the Apple forums helped. I was close to clean installing Lion and all my apps, which would have cost me another day.

Then I found the solution.

It seems as if the update messes with a system file that drives the built-in firewall rules: /etc/authorization.

A file by file comparison of system files from a working Lion install on a separate machine with the one on my MacBook Air revealed, that after the update an entire block of configuration directives was gone from /etc/authorization. I manually added the missing lines, rebooted and all network functionality came back. Problem solved.

If you happen to have the same problem, open /etc/authorization in your favorite editor. I used TextMate, so submitting sudo mate /etc/authorization on the console did the trick.

Somewhere near the end of that large XML file, find the following block:

<dict>
  <key>class</key>
  <string>evaluate-mechanisms</string>
  <key>mechanisms</key>
  <array>
    <string>builtin:on-console</string>
  </array>
  <key>tries</key>
  <integer>1</integer>
</dict>

Right after this block, make sure, you’ve got the following XML. If it is gone, the update has messed up your authorization file. Just copy and paste it back in and save.

<key>root-or-admin-or-authenticate-admin</key>
<dict>
  <key>class</key>
  <string>rule</string>
  <key>k-of-n</key>
  <integer>1</integer>
  <key>rule</key>
  <array>
    <string>is-root</string>
    <string>is-admin</string>
    <string>authenticate-admin-30</string>
  </array>
</dict>
<key>root-or-entitled-admin-or-admin</key>
<dict>
  <key>class</key>
  <string>rule</string>
  <key>k-of-n</key>
  <integer>1</integer>
  <key>rule</key>
  <array>
    <string>is-root</string>
    <string>entitled-admin</string>
    <string>admin</string>
  </array>
</dict>
<key>root-or-entitled-admin-or-authenticate-admin</key>
<dict>
  <key>class</key>
  <string>rule</string>
  <key>k-of-n</key>
  <integer>1</integer>
  <key>rule</key>
  <array>
    <string>is-root</string>
    <string>entitled-admin-or-authenticate-admin</string>
  </array>
</dict>

This is it. Reboot and your system should be fine again. Please note, that I take no warranty whatsoever whether this will work for you or entirely ruin your system. :) It helped for me and I hope it’ll help you, too. If you like it, follow me on Twitter.

Feel free to leave your findings in the comments.


Tags: , , ,
17 replies
  1. Tom says:

    If you installed the Mac OS X Lion 10.7.3 combo update then you did not update to the operating system offered by Software Update.

    Reply
  2. Tom says:

    It is best probably to use Lion Recovery, a feature of Lion. You can read about it here http://www.apple.com/macosx/recovery/ .

    Reply
  3. oliver says:

    Where did you find this file” /etc/authorization” to edit.. I did a search in spotlight and it came up with nothing… Please advise.

    Reply
    • Ralf says:

      Spotlight does not index system files. You need to fire up Terminal and do a cd /etc. In /etc you’ll find authorization. Hope this helps.

      Reply
      • Thalie says:

        Well after the /etc/authorization, Terminal indicates “permission denied”. Help please :-)

        Reply
  4. alex wright says:

    Thank you so much!!! It worked great for me!! None of the EFI firmware update worked for me and you were my ONLY solution!!!!
    You rock!!!

    Alex

    Reply
  5. Silver says:

    I already have the following XML in /etc/authorization… And my Wi-Fi don’t stop dropping !

    Reply
  6. Mike says:

    Awesome… I’ve been struggling with the damn update for a few days. When I applied the update initially (5 days ago), my wi-fi was just hosed. I spun my wheels for a few hours, then Google’d around and figured out that if I just turned my Firewall preference back on (the update turned it off), all was fine.

    Then today, for some obscure reason I haven’t figured out, my wi-fi blew out again! Spun my wheels for a few hours, then Google’d around and found this little Authorization file fix. Once again… it worked like a charm and I’m back up and running again. I’m dreading the future, walking on eggshells thinking this is gonna happen again.

    Reply
  7. Michel says:

    This man needs a price!!
    Don’t we have a Grammy for Apple addicts?

    Had troubles after upgrade, banged my had I did the upgrade, but now it’s solved!

    Great, Thanks, Michel

    Reply
  8. Mathilde says:

    I don’t understand how to find /etc/authorization :(

    Reply
  9. peter says:

    Thanks Ralf, this worked for me.
    You would expect such issues and fixes on a Linux system. Never thought I would be fixing problems on my Mac this way…:-)
    My Mac Mini’s ethernet connection failed, and toggling the firewall on and off seemed to temporarily fix the problem.
    I got this

    4/03/12 12:42:41,056 com.apple.SecurityServer: ‘root-or-admin-or-authenticate-admin’ does not name a built-in rule

    in my system log, and googling for a solution ( nothing on the Apple sites, wat is it with these people) I stumbled on your solution.
    This was the part missing in my authorization file:

    root-or-admin-or-authenticate-admin

    class
    rule
    k-of-n
    1
    rule

    is-root
    is-admin
    authenticate-admin-30

    A few others below were still there. They look very similar so this could be the reason why you get these “I have’m already” replies.
    After I added it and rebooted, all was well again.

    Reply
  10. Alexander says:

    I simply cannot figure out how to get those files open?
    I’m trying to type in everything it says in the terminal, but nothing seems to happen.

    Reply
  11. Sid says:

    If you updated your mac try checking if you have /etc/authorization~previous. If answer is yes simply restore it with mv command

    All you need to do is to rename the current /etc/authorization to something else:

    #mv /etc/authorization /etc/authorization_backup

    and then rename the /etc/authorization~previous file:

    # mv /etc/authorization~previous /etc/authorization

    Reboot and voila. it works.

    Reply
  12. Sharon Philips says:

    This does not work, and if it did any company that requires the users of its products to edit a fiel only visible using a Linux editor in terminal is evil.

    Reply

Trackbacks & Pingbacks

  1. […]  In the morning I went to Twitter and found several people had the same problem and one guy, Ralph Rottmann, had a solution. It seemed that the 10.7.3 update had messed up the firewall’s […]

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

© Copyright 2017 by Ralf Rottmann.