Tiny Deathstars of Foulness

macOS has keychains. Sometimes they’re a thing. When they are you might want to delete them. Let’s say you have an admin account. You want to keep the keychains for that account, but remove all the others. For this, you could do a shell operator to extglob. Or you could do a quick while loop as follows:

ls /Users | grep -v "admin" | while read USERNAME do; rm -Rf "/Users/$USERNAME/Library/Keychains/*" done;

If you borrow this, be careful.

December 1st, 2016

Posted In: Mac OS X, Mac Security

Tags: , , , ,

One Comment

November 29th, 2016

Posted In: MacAdmins Podcast

Tags: , , , ,

Leave a Comment

November 22nd, 2016

Posted In: JAMF, MacAdmins Podcast

Tags: , , ,

Leave a Comment

The MacAD.UK (aka macaduck) is coming up in February. The schedule and lineups are coming together nicely and I really like the sessions that have been announced thus far (turns out our friends at Amsys have their finger on the pulse!). Soooo, you should join us! And for a limited time, you can join us at a sweet, sweet discounted price! The code is 2017sp10 and is valid for a 10% discount! Sign up at


November 19th, 2016

Posted In: public speaking

Tags: , , , ,

One Comment

You work for weeks, months, or years to build a business that is killing it. Then you get a huge new customer. You feel like you’ve been put on the map. But then the reality sets in. Maybe you won the business because you’re innovative, less expensive, faster, etc. But now you start getting completely destroyed by the overhead of making those sweet, sweet dollars from that new customer. Wouldn’t it have been great to have known about a few things to ask about? My response includes a few tips on how to work with them, that just might save you some serious margin!. Check it out at


November 18th, 2016

Posted In: Articles and Books

Tags: , , , ,

Leave a Comment

OK, I don’t talk politics, about personal stuff, etc on this site usually. And I’m not gonna’ start now. But with Give To The Max Day in Minnesota today, I did write an article on the meaning of Compassion on Huffington Post. It can be found at if you’re interested in such things; if not, hope you have a wonderful day!


November 17th, 2016

Posted In: Tamarisk

Tags: , , , , ,

Leave a Comment

I thought there might be an easier way to do this. So there’s this binary called serverrails that I assumed would install rails – no wait, actually it’s a ruby script that tells me to ‘gem install rails’ – which fails:

cat `which serverrails`
# Stub rails command to load rails from Gems or print an error if not installed.
require 'rubygems'

version = ">= 0"
if ARGV.first =~ /^_(.*)_$/ and Gem::Version.correct? $1 then
version = $1

gem 'railties', version or raise
rescue Exception
puts 'Rails is not currently installed on this system. To get the latest version, simply type:'
puts ' $ sudo gem install rails'
puts 'You can then rerun your "rails" command.'
exit 0

load Gem.bin_path('railties', 'rails', version)

Given that doesn’t work, we can just do this the old fashioned way… First let’s update rails to 2.2 or 2.2.4 using rvm, so grab the latest rvm and install it into /usr/local/rvm:

sudo curl -sSL | bash -s stable --ruby

Then fire it up:

sudo source /etc/profile.d/

Then install the latest ruby:

sudo rvm install 2.2

Set it as default:

sudo rvm use 2.2 –default

Then run your gem install:

gem install rails


November 14th, 2016

Posted In: Mac OS X, Mac OS X Server

Tags: , , , , , ,

Recently, I got a strange message when trying to run a command:

You have exceeded the maximum number of shell sessions.

I’d seen a series of commands but never really needed to use them, so I ran:


And viola, life was good. My command run. Of course, the next time I went to close the terminal correctly using the exit command. Upon doing so, I noticed:

Saving session…
…copying shared history…
…saving history…truncating history files…

[Process completed]


So, I opened a new shell and ran:


And go the same result. Same with:



November 8th, 2016

Posted In: Mac OS X, Mac OS X Server, Mac Security

Tags: , , , ,

Stoked that we got to interview Michael Lynn (@mikeymikey) for the MacAdmins podcast. It turned out to be a great episode on the future of Mac management and MDM. I’m glad we were able to have him join in! Pepijn and Marcus did a great job as well, so all round, a great episode. Hope you enjoy!

Or find it on the Podcast site at

October 24th, 2016

Posted In: Mac OS X, Mac OS X Server, Mac Security, MacAdmins Podcast

Tags: , , , , , ,

Automating OS installations is going to eventually be about as easy on macOS as it is in iOS (er, if you have MDM that is). But in the meantime, it’s getting a bit more challenging. The obvious way Apple would prefer this to happen these days is via the startosinstall command that first shipped with El Capitan and with brtool getting moved around all the time, and becoming less of a thing, there’s one quick and easy thing you can do:

sudo "/Applications/Install macOS" --applicationpath "/Applications/Install macOS" --agreetolicense --nointeraction --volume /Volumes/Macintosh\ HD

In the above command, we’ve dropped “Install macOS” on a machine. While you’d guess that it would find the application path based on its own surname, we went ahead and supplied it as that seems to basically be a thing. Basically, –agreetolicense keeps us from having to run some expect scripts to accept a license agreement, –nointeraction suppresses as many of the screens as possible, and –volume allows us to install to any volume we’d like. This isn’t fully automated, but I have been able to layer in some more logic to quit apps before the script fires and then expect out other items from the script to automate a restart, watching for osinstallersetupd as a key.

This is all a bit bulkier than just using something like createOSXinstallPkg but it’s important to mention that there are a number of system components that are allowed for in SIP that use osinstallersetupd and so this blessed mechanism is likely the future until you can trigger an OS upgrade (and update I suppose) using an MDM command.

October 23rd, 2016

Posted In: Mac OS X, Mac OS X Server, Mac Security

Tags: , , , , , , ,

Next Page »