Today, for the first time, I got really angry with Apple.
I’ve been a longtime Apple fanboy. I love the company, its culture and stopped counting the Apple devices around my house when I reached a number higher than ten. :)
Today, while being in the office, I installed the Mac OS X Lion 10.7.3 update on my 1,8 GHz Intel Core i7 MacBook Air. It’s a 1.7 GB major update to the operating system offered by Software Update. I later manually reinstalled the combo update but it did not help at all.
After restarting, I found the MacBook Air entirely disconnected. It was unable to establish a WiFi connection to any wireless LAN, nor could it connect to a wired Ethernet network. Note that this did not only happen after waking Lion up from sleep, the MacBook Air did not connect to any network even after multiple reboots.
It entirely blew my schedule for my workday and I really believe, Apple should find a better guy to run their software quality assurance department AND establish an emergency response team which handles hotfixes the way Microsoft does. (The one area, where Microsoft really is much better than Apple.)
None of the ideas I found on the Apple forums helped. I was close to clean installing Lion and all my apps, which would have cost me another day.
Then I found the solution.
It seems as if the update messes with a system file that drives the built-in firewall rules: /etc/authorization.
A file by file comparison of system files from a working Lion install on a separate machine with the one on my MacBook Air revealed, that after the update an entire block of configuration directives was gone from /etc/authorization. I manually added the missing lines, rebooted and all network functionality came back. Problem solved.
If you happen to have the same problem, open /etc/authorization in your favorite editor. I used TextMate, so submitting sudo mate /etc/authorization on the console did the trick.
Somewhere near the end of that large XML file, find the following block:
<dict> <key>class</key> <string>evaluate-mechanisms</string> <key>mechanisms</key> <array> <string>builtin:on-console</string> </array> <key>tries</key> <integer>1</integer> </dict>
Right after this block, make sure, you’ve got the following XML. If it is gone, the update has messed up your authorization file. Just copy and paste it back in and save.
<key>root-or-admin-or-authenticate-admin</key> <dict> <key>class</key> <string>rule</string> <key>k-of-n</key> <integer>1</integer> <key>rule</key> <array> <string>is-root</string> <string>is-admin</string> <string>authenticate-admin-30</string> </array> </dict> <key>root-or-entitled-admin-or-admin</key> <dict> <key>class</key> <string>rule</string> <key>k-of-n</key> <integer>1</integer> <key>rule</key> <array> <string>is-root</string> <string>entitled-admin</string> <string>admin</string> </array> </dict> <key>root-or-entitled-admin-or-authenticate-admin</key> <dict> <key>class</key> <string>rule</string> <key>k-of-n</key> <integer>1</integer> <key>rule</key> <array> <string>is-root</string> <string>entitled-admin-or-authenticate-admin</string> </array> </dict>
This is it. Reboot and your system should be fine again. Please note, that I take no warranty whatsoever whether this will work for you or entirely ruin your system. :) It helped for me and I hope it’ll help you, too. If you like it, follow me on Twitter.
Feel free to leave your findings in the comments.