Tiny Deathstars of Foulness

I did an article some time ago about how DHCP leases work. From that, I’ve gotten a number of questions about why, after you click on Renew DHCP Lease in the Network System Preference pane, you sometimes see the information until you get a new lease. You can also reset the lease from the command line, which does not usually show you a new lease in the GUI immediately. To reset the DHCP lease from the command line, use ipconfig: ipconfig set en0 BOOTP ipconfig set en0 DHCP If the information is displayed on the screen, then it has to be stored somewhere, right? When your system sends an acceptance for a lease, the leases are then stored in /var/db/dhcpclient/leases. These are stored in standard property list form using the interface, followed by the MAC address of the interface followed by .plist. For example, if your MAC address is en0-1,10:9a:cc:ab:5d:ac then the lease would cat as follows: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" ""> <plist version="1.0"> <dict> <key>IPAddress</key> <string></string> <key>LeaseLength</key> <integer>86400</integer> <key>LeaseStartDate</key> <date>2011-05-31T15:36:59Z</date> <key>PacketData</key> <data> AgEGAMHrfCMAAAAAAAAAAMCo0l4AAAAAAAAAABCa3atdrAAAAAAAAAAAAAD/AAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjglNjNQEFNgTAqNIBAQT///8A MwQAAVGANAEDAwTAqNIBBghEV02CRFdIgv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= </data> <key>RouterHardwareAddress</key> <data> AAaxLwVA </data> <key>RouterIPAddress</key> <string></string> </dict> </plist> The keys in this file make it easier to script figuring out a few things about your active leases, such as when they’re going to expire, when the lease was accepted or even whether or not the system has a lease (especially when it shouldn’t have a lease). But they can cause misreporting. If the information seems “stuck” in the System Preferences pane you can then rm the dhcp lease file. Note: If the RouterIPAddress cannot be reached, the lease will be delayed in processing, causing the lease to appear to take a long time to be obtained even though it’s looping to hopefully find a more appropriate lease with a RouterIPAddress that can be reached. For anyone who uses a shell script to reset their IP address, I recommend using the following as the full script, rather than the two lines most commonly used (where $leasefile is the name of your lease file): ipconfig set en0 BOOTP ipconfig set en0 DHCP rm /var/db/dhcpclient/leases/$leasefile Being the nerd I am, I called mine ipcfg.exe and end with an echo of the IP: ipconfig getifaddr en0 Finally, a very effective way I’ve seen people reset leases that are seriously stuck is to swap locations and then swap back. Let’s say your users generally use the “Automatic” location and you have one called “TEMP”. You can use the scselect command to see locations and switch between them. So to switch to TEMP, we would simply: scselect TEMP And then to select Automatic again: scselect Automatic Now be careful with this last little tidbit. As if you have TEMP and don’t have any interfaces active and are running remotely then you might have some walking (or driving) around to do…

May 31st, 2011

Posted In: Mac OS X, Mac Security, Mass Deployment

Tags: , , , ,

There are two commands that can be really helpful when scripting operations that involve filenames and paths. The first of these is dirname: dirname can be used to return the directory portion of a path. The second is basename: basename can be used to output the file name portion of a path. For our first example, let’s say that we have an output of /var/db/shadow/hash/850F62CD-966C-43A7-9C66-9F9E6799A955, which we know contains the encrypted password for a given user. To just see the UUID here would be done using the following extremely basic incantation of basename: basename /var/db/shadow/hash/850F62CD-966C-43A7-9C66-9F9E6799A955 Basename can also be used to trim output. For example, let’s say we didn’t need the final portion of the above filename in our output. We could run basename using the -s option, followed by the string at the end that we do not want to see to output of just the first 4 sections: basename -s -9F9E6799A955 /var/db/shadow/hash/850F62CD-966C-43A7-9C66-9F9E6799A955 The dirname command is even more basic. It outputs the directory portion of the file’s path. For example, based on the same string, the following would tell you what directory the UUID files with the passwords are stored in: dirname /var/db/shadow/hash/850F62CD-966C-43A7-9C66-9F9E6799A955 A great example of when this gets more useful is keying off of currently active data. For example, if we’re scripting a make operation, we can use the which command to get an output that just contains the path to the make binary: which make We can then wrap that for expansion and grab just the place that the active make binary is stored: dirname `which make` This allows us to key other operations off the path of an object. A couple of notable example of this is home or homeDirectory paths and then breaking up data coming into a script via a positional parameter (e.g. $1).

May 27th, 2011

Posted In: Mac OS X, Mass Deployment, Ubuntu, Unix

Tags: , , , , , , , ,

Many data migrations are handled in Excel. When migrating data you often find yourself “massaging” the data a bit. To do so, I often use Excel. For example, let’s look at taking a first and last name and then creating a short name that has a firstname.lastname convention and a full name that has a firstname (space) lastname convention. This can be done with formulas pretty quickly. First, let’s place our firstname into column A and our lastname data into column B, making sure that the first and last names for the rows match up (usually validating the first row and last row will be good enough). To start a formula in Excel, click in a column and then type the equals sign (=). Cells can be called by simply typing the column then the row (e.g. A1 is the top left field in Excel. If you type an ampersand then it will merge the cell with something, such as a delimiter or another cell (or in our use, both). So using =A1&B1 would simply make firstname.lastname (assuming that is our header). You can also quote characters with double quotes and insert static text into part of a cell. So next, let’s create our firstname.lastname column. Click into cell C1 and type: =A1&”.”&B1 You should then see the merged output in column C1. If you have hundreds or thousands of rows you’ll want to insert the formula into each, with the row updated to reflect each. You can copy/paste the formula and Excel is smart enough to change the rows, or you can click on the lower right corner of the C1 cell (you will see cross hairs if you are hovering over the correct location to click) and then drag down until you have highlighted the last row of column C, which should highlight all of column C that contains data, releasing the mouse to merge your formula per row. Now that we have a shortname, let’s build our full name. Click into cell D1 and type: =A1&" "&B1 You should then see the merged output in column D1. Click on the lower right corner of the D1 cell (you will see cross hairs if you are hovering over the correct location to click) and drag down until you have highlighted the last row of column D, which should highlight all of column D that contains data. Then release the mouse and you should see the merged content displayed correctly for all of the cells. Save the final file as a csv file again and you’re done!

May 26th, 2011

Posted In: Active Directory, Mass Deployment

Tags: , , , , , ,

I’ve been noticing more and more people using Apache as a way of getting files to and from servers. Call me silly but I think we’re going to continue to see more and more of this. A really common issue that comes up with Apache2 is default permissions of new files. Mac OS X is great with ACLs and whatnot. But Apache is built for posix. Posix is built on the foundation that the permissions of new files that are created come from umask. If you have a script that uploads a file then you can set the permissions as part of the script. But if you just pull it in you’re using Apache and the umask is applied giving the file or folder that Apache is handling a permission of the inverse of the umask (e.g. a umask of 002 results in 775 for the files, or 007 gives new files 770). Apache has an environment variable for umask that is set in the envvars file. In a standard Linux installation of Apache this would be located in /etc/apache2/ or maybe /etc/sysconfig/httpd. But in Mac OS X the envvars file is stored in /usr/sbin/. To set the umask for new files, add a line of umask followed by the octal umask you want to set. Let’s set ours to 002: umask 002 Each daemon can have its own umask, but it is worth knowing that most will have some way to change such behavior. Once you’ve made the change using envvars, restart Apache and test.

May 19th, 2011

Posted In: Mac OS X Server, Mac Security

Tags: , , , ,

Happy Mothers Day!

May 8th, 2011

Posted In: personal

Tags: ,

Many of you may have noticed that you can’t use cp or ditto to move Time Machine backups. But you can use asr. This is because moving a Time Machine backup needs to be block level in most cases. Let’s look at doing so in Disk Utility. Disable Time Machine Moving Time Machine backups to a new disk is a bit tricky for some, due to the restrictions placed around the files that Time Machine uses. To do so, first disable Time Machine. To do so, open the Time Machine sytem preference pane turn off Time Machine. Partition the New Volume Next, connect the current backup volume and your new volume (which can be a disk image). Then open Disk Utility from /Applications/Utilities. From the left sidebar of Disk Utility, click on the new volume that you wish to use for Time Machine. Then click on the Partition tab and then at the Volume Scheme pop-up, click on 1 Partition. Click on Options and make sure GUID Partition Table is selected. Then click on OK and provide a name for the new backup volume. The Format pop-up menu should read Mac OS Extended (Journaled). If so, go ahead and click on the Apply button. Restore the Old Volume to the New Volume Next, click on the Restore tab and drag the icon for the existing Time Machine volume from the Disk Utility sidebar to the Disk Utility Source. Then drag the new volume from the Disk Utility sidebar to Destination. This is important: Check the Erase Destination checkbox! Then click on Restore twice and wait for the copy to finish (it can take awhile). Enable Time Machine Again Now we want to turn Time Machine back on, selecting our new target volume. Open System Preferences and click on Time Machine. Then use the Select Disk button to choose the new volume. Close System Preferences and you should be back in business.

May 1st, 2011

Posted In: Mac OS X, Mac OS X Server

Tags: , ,