-
-
NFS. Not… Dead… Yet…
NFS may just never die. I’ve seen many an xsan covert to NFS-based storage with dedicated pipes and less infrastructure requirements. I’m rarely concerned about debating the merits of technology but usually interested in mapping out a nice workflow despite said merits. So in the beginning… there is rpc. Why? Because before we establish a connection to an nfs share, we first want to check that we can talk to the system hosting it. Do so with rpcinfo: rpcinfo server.pretendco.com Now that we’ve established that we can actually communicate with the system, let’s use the mount command (for more on creating mounts see `man exports`). Here, we’ll mount -t nfs…
-
Limit Upload and Download Streams for Google Drive File Stream on macOS
Google Drive File Stream allows you to access files from Google’s cloud. It’s pretty easy for a lot of our coworkers to saturate our pipes. So you can configure a maximum download and upload speed in kilobytes per second. To do so write a com.google.drivefs.settings defaults domain into /Library/Preferences/com.google.drivefs.settings and use a key of BandwidthRxKBPS for download and BandwidthTxKBPS for upload (downstream and upstream as they refer to them) as follows: defaults write com.google.drivefs.settings BandwidthRxKBPS -int 200 defaults write com.google.drivefs.settings BandwidthTxKBPS -int 200
-
Episode 107 of the MacAdmins Podcast: Sweet Rootkits, a Year in Review
It’s been a great year for the MacAdmins Podcast. And a special thank you to Tom, Marcus, Emily, James, and the former co-host Pepijn for continuing to allow me to be a part of something special. The last episode of the year is available at podcast.macadmins.org, using the below embedded link, or wherever you get your podcasts!
-
Download Older Versions of macOS and Mac OS X
I’ve posted a few old links in my time (as I near 4,000 posts it would be hard not to have some that are broken). But Apple App Store downloads seem to do better with not breaking links. So here are some to old versions of macOS and OS X, in case like me, you always seem to need some old thing for testing: 10.14, Mojave https://itunes.apple.com/us/app/macos-mojave/id1398502828?mt=12 10.13, High Sierra: https://itunes.apple.com/us/app/macos-high-sierra/id1246284741?mt=12 10.12, Sierra: https://itunes.apple.com/us/app/macos-sierra/id1127487414?mt=12 10.11, El Capitan: https://itunes.apple.com/app/os-x-el-capitan/id1147835434?mt=12 10.10, Yosemite: https://itunes.apple.com/us/app/id675248567?mt=12 10.9, Mavericks: Beta builds available at https://developer.apple.com/download/more/ 10.8, Mountain Lion: https://www.apple.com/shop/product/D6377Z/A/os-x-mountain-lion 10.7, Lion: https://www.apple.com/shop/product/D6106Z/A/os-x-lion 10.6, Snow Leopard: https://www.apple.com/shop/product/MC573Z/A/mac-os-x-106-snow-leopard 10.5, Leopard: Beta builds available at https://developer.apple.com/download/more/ 10.4, Tiger: No…
-
Updated My Apple Admin Conferences Page
I’ve been keeping a list of Apple Admin conferences for a few years now. I probably should have versioned it and kept each iteration, but… no need to pollute the interwebs with more outdated stuffs than I already have. So here’s the link for the latest version, updated with all the event dates announced thus far: https://krypted.com//community/macadmin-conferences/ Hope to see you at some!
-
Extension Attribute to Detect WindShift in macOS
Patrick Wardle has been researching WindShift and done an extensive writeup at https://objective-see.com/blog/blog_0x3B.html on the emerging malware threat. Based on his research, this extension attribute will check lsregister for usrnode. It’s pretty basic and variants will obviously change their behavior. For example, openurl2622007 has already changed, which is why I didn’t check for that. And the file name, path, and signature are changing of course. But it does seem checking lsregister for the name of the binary appears consistent. Ergo, ymmv with how effective this is en masse, but a good early warning system since this doesn’t seem to get picked up properly by antivirus yet.
-
Enable The Safari Debug Menu
I can’t believe I’ve never posted this: Safari has a Debug menu. I guess I’ve mentioned the Develop menu before. But I also like to use the debug menu on my daily driver, out of the box. I’ve been enabling this thing for what seems like forever in my deployment workflows. defaults write com.apple.Safari IncludeInternalDebugMenu 1 Once enabled, you’ll see a bunch of awesome debugging tools.
-
Super-Simple Bash Graphs
The sparkr gem is installed by default in macOS. To use it to produce simple graphs, simply run it followed by a series of integers: sparkr 12 110 250 110 12 The result would be as follows: This is useful for a quick and dirty visualization in scripts. For example, a series of 5, 10, 200 numbers that don’t have that much range where you’re just looking for a simple pattern. Like number of lines in logs, etc. Obviously, you can pay a lot of money for graphing frameworks and very fancy-schmancy tools. This is really just for me in small scripts. Note: sparkr isn’t installed on all Mac systems.…
-
Hey, So What’s This Mac App Got Access To?
Just some one-liners you may find useful… I’ve written about codesign a few times in the past. To see a detailed description of how an app was signed: codesign -dvvvv /Applications/Firefox.app This also gives you the bundleID for further inspection of an app. But there are a number of tools you can use to check out signing and go further into entitlements and sandboxing. You can check the asctl sandbox check --bundle com.microsoft.outlook The response would be similar to /Applications/Microsoft Outlook.app: signed with App Sandbox entitlements In the above, we see that Outlook has entitlements to do some stuffs. But where do you see an indication of what it can…