krypted.com

Tiny Deathstars of Foulness

There is a new service in macOS, called Tetherator. Tethered-caching is a script that allows you to easily and quickly interact with the tethered-caching service, which has a few kinda’ cool options. This is on a client, and really speeds up all that crazy provisioning stuff you do. It can also check for the presence of a macOS Caching Server and use that as a source for the cache. The tethered-caching script is located at /usr/bin/tethered-caching.

Before you do anything with the service, check the status. That’s done with the -s option (there’s also a -v option to get verbose):

tethered-caching -s

The results before activated should be as follows:

2017-02-28 10:44:45.730 AssetCacheTetheratorUtil[3665:182657] Tetherator is disabled: (no error)
2017-02-28 10:44:45.746 AssetCacheActivatorUtil[3666:182664] Built-in caching server can be activated.
2017-02-28 10:44:45.762 AssetCacheActivatorUtil[3667:182673] Built-in caching server is deactivated: (no error)

Then start the service using the -n option in tethered-caching, along with the IP range to be used:

tethered-caching -n 192.168.1.0

This sets the ListenRanges key in the plist and should result in an activation process that appears as follows:

Starting tethered caching…
2017-02-28 10:47:59.691 AssetCacheActivatorUtil[3848:192902] Built-in caching server can be activated.
2017-02-28 10:47:59.706 AssetCacheActivatorUtil[3849:192910] Built-in caching server is deactivated: (no error)
Filtering the log data using “subsystem == “com.apple.AssetCache” AND messageType == 16″
Timestamp (process)[PID]
2017-02-28 10:48:05.098735-0600 localhost AssetCache[2882]: [com.apple.AssetCache.builtin] Built-in Caching Server activated. Exiting to allow re-launch.
2017-02-28 10:48:05.207493-0600 localhost AssetCache[2882]: [com.apple.AssetCache.builtin] Built-in Caching Server shutting down (0)
2017-02-28 10:48:07.362926-0600 localhost AssetCache[3862]: [com.apple.AssetCache.builtin] Built-in Caching Server version 170 started
2017-03-02 10:45:53.753 AssetCacheTetheratorUtil[29283:2526186] Tetherator enabled.
Started tethered caching. To stop it, press control+c once.

At this point, you’re calling /usr/bin/AssetCacheLocatorUtil to register and then start /usr/libexec/AssetCache/AssetCache via /System/Library/Preferences/Logging/Subsystems/com.apple.AssetCacheServices.plist which defaults read nets:

{Activator = {};
"DEFAULT-OPTIONS" = {
"Default-Privacy-Setting" = Public;
"Enable-Oversize-Messages" = 1;
"Event-Log" = {
Enabled = Inherit;};
Level = {
Enable = Inherit;
Persist = Inherit;};
TTL = {Debug = 0;Default = 10;Info = 10;};};
Daemon = {};
Extensions = {};
Framework = {};
Tetherator = {};}

The AssetCache preferences can be seen by catting /Library/Preferences/com.apple.AssetCache.plist:

Activated = 0;
CacheLimit = 0;
DataPath = "/Library/Caches/com.apple.AssetCache";
LastConfigData = ;
LastConfigURL = "http://suconfig.apple.com/resource/registration/v1/config.plist";
LastPort = 50775;
ListenRanges = ({first = "192.168.1.1";last = "192.168.1.254";});
ListenRangesOnly = 1;
LocalSubnetsOnly = 0;
PeerLocalSubnetsOnly = 1;
Port = 0;
PublicRanges = automatic;
ReservedVolumeSpace = 2000000000;
SavedCacheDetails = {};
SavedCacheDetailsOrder = ("Mac Software","iOS Software","Apple TV Software",iCloud,Books,"iTunes U",Movies,Music,Other);
SavedCacheDetailsStrings = {All the language keys as arrays - which I cut out to truncate the contents of the plist read};
SavedCacheSize = 0;
ServerGUID = "C5F29418-6158-4D3B-9162-XXX";
Version = 1;

Note that in the above, the LastConfigData key is pulled at activation by curling http://suconfig.apple.com/resource/registration/v1/config.plist. I’ve truncated the key as it’s kinda’ long…

A simple command that will be pretty common is to increase the size of the cache. To do so, you’d just edit that CacheLimit key to be the number that you want the cache to be. In the following example, we’re writing the CacheLimit key into AssetCache.plist at 100 gigs:

defaults write /Library/Preferences/com.apple.AssetCache.plist CacheLimit -int 100000000000

There’s also com.apple.AssetCache.builtin.plist in /Library/LaunchDaemons which starts the builtin AssetCache, AssetCacheC, and CacheDelete service.

Once started, you will have a sqlite3 database called AssetInfo.db at /Library/Caches/com.apple.AssetCache. A basic structure of how data is stored includes the following tables:

  • ZAFFINITY with the following column: Z_PK INTEGER PRIMARY KEY, Z_ENT INTEGER, Z_OPT INTEGER, ZLASTSAVED TIMESTAMP, ZID VARCHAR
  • ZASSET with the following columns: Z_PK INTEGER PRIMARY KEY, Z_ENT INTEGER, Z_OPT INTEGER, ZMD5OFFSET INTEGER, ZTOTALBYTES INTEGER, ZCREATIONDATE TIMESTAMP, ZLASTACCESSED TIMESTAMP, ZCHECKSUM VARCHAR, ZGUID VARCHAR, ZINDEX VARCHAR, ZLASTMODIFIEDSTRING VARCHAR, ZNAMESPACE VARCHAR, ZURI VARCHAR, ZMD5CONTEXT BLOB
  • Z_METADATA with the following columns: Z_VERSION INTEGER PRIMARY KEY, Z_UUID VARCHAR(255), Z_PLIST BLOB
  • Z_MODELCACHE with just the Z_CONTENT column
  • TABLE Z_PRIMARYKEY with the following columns: Z_ENT INTEGER PRIMARY KEY, Z_NAME VARCHAR, Z_SUPER INTEGER, Z_MAX INTEGER

Once enabled, updates will be cached to the computer that the service is enabled on, metadata stored in the previously mentioned database, and then change ports and network ranges when needed.

March 27th, 2017

Posted In: Apple Configurator, Apple TV, Apple Watch, iPhone, JAMF, Mac OS X, Mac OS X Server, Mass Deployment, precache

Tags: , , ,

Posted a Huffington Post article from my notes from the WWDC keynote. Hope you enjoy!

Apple kicked off WWDC (World Wide Developers Conference) today, with a Keynote that showcased some of the upper tier of talent and management within Apple. As a former WWDC speaker, I watch the keynote and most sessions through the remainder of the week religiously. Here, you see what’s coming in the fall releases of the four operating systems: macOS, watchOS, iOS, and tvOS (for Macs, Apple Watches, iPhones and iPads, and Apple TVs respectively).

Screen Shot 2016-06-14 at 2.01.07 PM

PS: macOS autocorrects to tacos. Mmmmm, tacos…

June 14th, 2016

Posted In: Apple TV, Apple Watch, iPhone, JAMF, Mac OS X, Mac OS X Server

Tags: , , , , , ,

Precache, available at https://github.com/krypted/precache, is a script that populates the cache on an OS X Caching server for Apple updates. The initial release supported iOS. The script now also supports caching the latest update for an AppleTV. To use that, there’s no need to include an argument for AppleTV. Instead, you would simply  run the script followed by the model identifier, as follows:

sudo python precache.py AppleTV5,4

Screen Shot 2016-04-27 at 1.30.17 PM

April 28th, 2016

Posted In: Apple TV, iPhone, Mac OS X, Mac OS X Server, precache

Tags: , , , ,

AppleTVs automatically update. They do so using a process similar to how iOS updates, but instead of looking at the feed I posted in http://krypted.com/mac-security/how-the-os-x-caching-server-caches-updates/, they look at http://mesu.apple.com/assets/tv/com_apple_MobileAsset_SoftwareUpdate/com_apple_MobileAsset_SoftwareUpdate.xml.

The AppleTV feed is similar to that available for iOS updates, with each dictionary having roughly the same data:

<key>ActualMinimumSystemPartition</key>
<integer>1482</integer>
<key>Build</key>
<string>13Y6234</string>
<key>InstallationSize</key>
<string>0</string>
<key>MinimumSystemPartition</key>
<integer>1534</integer>
<key>OSVersion</key>
<string>9.2</string>
<key>ReleaseType</key>
<string>Beta</string>
<key>SUDocumentationID</key>
<string>PreRelease</string>
<key>SUInstallTonightEnabled</key>
<true/>
<key>SUMultiPassEnabled</key>
<true/>
<key>SUProductSystemName</key>
<string>iOS</string>
<key>SUPublisher</key>
<string>Apple Inc.</string>
<key>SupportedDeviceModels</key>
<array>
<string>J42dAP</string>
</array>
<key>SupportedDevices</key>
<array>
<string>AppleTV5,3</string>
</array>
<key>SystemPartitionPadding</key>
<dict>
<key>1024</key>
<integer>1280</integer>
<key>128</key>
<integer>1280</integer>
<key>16</key>
<integer>160</integer>
<key>256</key>
<integer>1280</integer>
<key>32</key>
<integer>320</integer>
<key>512</key>
<integer>1280</integer>
<key>64</key>
<integer>640</integer>
<key>768</key>
<integer>1280</integer>
<key>8</key>
<integer>80</integer>
</dict>
<key>_CompressionAlgorithm</key>
<string>zip</string>
<key>_DownloadSize</key>
<integer>856434408</integer>
<key>_EventRecordingServiceURL</key>
<string>https://xp.apple.com/report</string>
<key>_IsZipStreamable</key>
<true/>
<key>_Measurement</key>
<data>cm8k41In38EOJEj20IwJp5Suskw=</data>
<key>_MeasurementAlgorithm</key>
<string>SHA-1</string>
<key>_UnarchivedSize</key>
<integer>3438532888</integer>
<key>__AssetDefaultGarbageCollectionBehavior</key>
<string>NeverCollected</string>
<key>__BaseURL</key>
<string>
http://appldnld.apple.com/tvOS9.2//031-53364-20160321-7C5E21F2-E7B5-11E5-89F7-525CBD379832/
</string>
<key>__CanUseLocalCacheServer</key>
<true/>
<key>__RelativePath</key>
<string>
com_apple_MobileAsset_SoftwareUpdate/f58f4b324a9c717ea57b0cee063473a99d9e9e92.zip
</string>
To construct a URL to a zip, you would then simply merge the _BaseURL and the _RelativePath to the asset from the feed for a given model, in the above example, ending up with the following URL to manually download tvOS 9.2 for AppleTV 5,3:
http://appldnld.apple.com/tvOS9.2//031-53364-20160321-7C5E21F2-E7B5-11E5-89F7-525CBD379832/com_apple_MobileAsset_SoftwareUpdate/f58f4b324a9c717ea57b0cee063473a99d9e9e92.zip
BTW, Applednld is load balanced between 17.253.29.201 and 17.253.29.202, both within Apple’s Class C.
You don’t need two / characters in the path, but if you take the same process from my earlier post, you end up with
http://10.1.1.2:55491/tvOS9.2/031-53364-20160321-7C5E21F2-E7B5-11E5-89F7-525CBD379832/f58f4b324a9c717ea57b0cee063473a99d9e9e92.zip?source=appldnld.apple.com

April 27th, 2016

Posted In: Apple TV, Mac OS X, Mac OS X Server, Mac Security

Tags: , , , , , , , , ,

April 26th, 2016

Posted In: Apple TV, iPhone, Mac OS X, Mac OS X Server, Mac Security, MacAdmins Podcast

Tags: , , , , , , ,

When applying management profiles, it helps to be able to look at the logs and troubleshoot why any settings aren’t applied. To view logs on an Apple TV, open Xcode and then click on an Apple TV.

Screen Shot 2015-11-02 at 9.37.52 PM

From the Apple TV screen, click on View Device Logs. The logs will appear in the app.

Screen Shot 2015-11-02 at 9.37.58 PM

Click Done when you’re finished reviewing the logs.

November 8th, 2015

Posted In: Apple TV

Tags: , , , , , , ,

The 4th Generation of the Apple TV supports installing apps. And part of playing around with new apps is sometimes you’re not going to want them on your TV any more. To remove apps, the process is similar to that of an iPad. Highlight an app that you’d like to remove and then hold down the clicker on the app.

Screen Shot 2015-11-02 at 10.03.21 PM

The app will go a little larger. Click on it again and you’ll get the option to Delete the app.

Screen Shot 2015-11-02 at 10.03.32 PM

Click Delete and the app disappears.

Screen Shot 2015-11-02 at 10.03.39 PM

That’s it. The app, and any storage that is being consumed by the app, is then freed up.

November 7th, 2015

Posted In: Apple TV

Tags: , , , , , , ,

The most substantial part of the update to the 4th generation of the Apple TV is the addition of an App Store. Awesome! There are a nice number of apps so far. Not too many, just yet. Let’s look at installing an app. To do so, start your Apple TV and from the home screen, click on the App Store icon.

Screen Shot 2015-11-02 at 9.28.37 PM

From the App Store, search for an app and click on it. If you like the screenshots, click on the Get button (it’s a free app so it says Get).

Screen Shot 2015-11-02 at 9.29.35 PM

Once installed, click on Open.

Screen Shot 2015-11-02 at 9.29.44 PM

The app opens. Yay. Very easy.

Screen Shot 2015-11-02 at 9.29.53 PM

Some of the apps from your other devices may work on the Apple TV. If you go to Purchased Apps from the top row of options, you’ll be able to click on All Apps. From there, you’ll see a list of apps available for the Apple TV.

Screen Shot 2015-11-02 at 9.30.28 PM

If you click on an App, you can then click on Install.

Screen Shot 2015-11-02 at 9.30.37 PM

Once installed, you can open apps and use them.

November 4th, 2015

Posted In: Apple TV

Tags: , , , ,

The new Apple TV has a USB-C port. It’s got some great uses. One of which is that you can use it to take screenshots through Xcode. To do so, you’ll either need a USB-C MacBook or a USB-C to USB adapter. Once you’ve plugged your computer into the back of the Apple TV, open Xcode and choose Devices from the Window menu at the top of the screen.

Screen Shot 2015-11-02 at 9.37.52 PM

From Devices, click on your new 4th Generation Apple TV. You’ll then be greeted by a Take Screenshot button. Click on it.

Screen Shot 2015-11-02 at 9.37.35 PM

You should then see the screen from your Apple TV. Now, good luck with that pose… Now that I can take a proper screenshot of an Apple TV I’ll have to meditate on whether or not I’ll someday write a book on the darned things…

 

November 3rd, 2015

Posted In: Apple TV

Tags: , , , , ,

The new fourth generation Apple TV is everything I hoped the third generation would be. We have a touch remote with a Mic, great video, USB-C, and most importantly, an App Store! And while I have security concerns around the setup process, I am sure Apple has thought through the myriad of questions I have surrounding sharing Apple ID keys over bluetooth from a phone to the Apple TV to streamline the setup process. So about that setup process. Configuring the new Apple TV is pretty straight forward. To get started, get your phone out. Yes, your phone. Then unwrap the Apple TV and plug it into the HDMI port on your TV and the AC adapter (which is the same as the second and third generation Apple TVs).

IMG_6014

Once plugged in, boot up your Apple TV. When prompted, click Set Up with Device on the fancy  new remote.

IMG_6015

At the Set Up Your Apple TV prompt, make sure that Bluetooth is enabled on your phone and then wait for it, the TV will see your phone!

Screen Shot 2015-11-02 at 8.03.45 PM

When prompted on your phone, tap Continue.

IMG_6017

When the TV tells you to enter the Apple ID on your phone, make sure your phone is unlocked and then provide that information.

IMG_6018

You’re then prompted for whether you’d like the Apple TV to retain your password. Obviously, if you have kids that love to buy in app purchases, this might be a bad idea. If you live alone, maybe a good idea.

IMG_6019

Make your selection and then you’ll be prompted for whether you’d like to send data to Apple. I usually tap OK here, as I prefer my experience to get better with products (and usually don’t go in for all the tin foil hat stuffs).

IMG_6020

Back on the TV, choose whether or not to enable Location Services. If you travel with Apple TV, this might be helpful. If not, then it’s likely not a biggee.

IMG_6021

One of the great new features is the new Siri integration with Apple TV. While Siri on my TV doesn’t seem to like me much, I’m sure it’s my fault, so I’d still click that Use Siri option.

IMG_6022

I loved the photos on the previous generation of Apple TV, so decided to let Apple give me some more. You may not want to use their background for a screensaver. Click Automatically Download if you’d like to use theirs, or Not Now if not.

IMG_6023

You’re then prompted for whether or not to send Diagnostics and Usage Data to Apple again. Choose if you’d like to do so.

IMG_6024

If you want your apps to get better, click Share with App Developers.

IMG_6025

Click Agree to agree to the warranty.

IMG_6026

Click Agree to agree to Apple’s Terms and Conditions (for these, you can’t proceed unless you agree to them; otherwise you can return the device).

IMG_6027

Now you’re at the Main Apple TV screen. If you’re used to using Netflix, the next thing you’ll want to do is head over to the App Store and install some apps. You can also go ahead and start buying media, etc. Enjoy!

 

November 3rd, 2015

Posted In: Apple TV

Tags: , , , , , ,