Apple has a number of different logging APIs. For the past few releases, Apple has tried to capture everything possible in logs, creating what many administrators and developers might consider to be a lot of chatter. As such, an entirely new interface needed to be developed to categorize and filter messages sent into system logs. Writing Logs The logger command is still used to create entries in system logs. However, if you are then using tail to view /var/log/system.log then you will notice that you no longer see your entry being written. This is because as the logs being created in macOS have gotten more complex, the tools to read…
-
-
Use DNS To Improve Caching Service Discoverability
Clients discover the Apple Caching service bundled with macOS Server (and in the future macOS) automatically. You can create a text recored for _aaplcache._tcp on your DNS server. That would look _aaplcache._tcp 518400 IN TXT “prs=192.168.50.100” Name: _aaplcache._tcp with a type of TXT and a TTL of 518400 seconds. The prs is the address to be used and is set to a value using prs=192.168.50.100.
-
Using mdmclient on macOS
I mentioned mdmclient when I gave the talk on the inner workings of Mobile Device Management, or MDM. There, I spent a lot of time on APNs and profiles, but just kinda’ spoke about mdmclient in terms of it being the agent that runs on macOS to provide mdm parity for the Mac. The mdmclient binary is located at /usr/libexec/mdmclient and provides pretty limited access to see how the Mac reacts to and interprets information coming from a device management provider. I had been meaning to do a write-up on mdmclient and document what it can do since it first shipped. But as luck would have it, @Mosen on the…
-
One-liner To Grab Which macOS Caching Server You’re Using
There’s a macOS tool called AssetCacheLocatorUtil located at /usr/bin/AssetCacheLocatorUtil. The output is in… stderr. Because stderr is so fun to work with (note that sed -i only works with stdin). So, to update the caching server(s) you are using and only print the IP address of those, you’d do the following: /usr/bin/AssetCacheLocatorUtil 2>&1 | grep guid | awk '{print$4}' | sed 's/^\(.*\):.*$/\1/' | uniq If you use Jamf Pro and would like to use this as an extension attribute, that’s posted here: https://github.com/krypted/cachecheck. I didn’t do any of the if/then there, as I’d usually just do that on the JSS.
-
QuickLook Crashing?
I recently had an issue where QuickLook was crashing every time I clicked on certain file types. I thought they were unsupported by QuickLook. But it turns out that they were animated and trying to start while the QuickLook animation was starting. So disable the QuickLook animation and the files appeared as intended. To do so, write a key called QLPanelAnimationDuration into the global defaults database, with a -float value of 0, as follows: defaults write -g QLPanelAnimationDuration -float 0
-
To Hex And Back
The xxd is a bash command in Linux and macOS that is used to take a hexdump (convert a string to hex), or convert hex back to a string. To use xxd, just call it with a couple of options. Below, we’ll use the -p option to export into plain hexdump, and we’ll quote it and the <<< is to take input rather than a file name to convert (the default behavior), as follows: xxd -p <<< "hey it's a string" The output would be a hex string, as follows: 6865792069742773206120737472696e670a Then use the -r option to revert your hex back to text. Since xxd doesn’t allow for a positional…
-
log, logs, and logger
This is the first page of a 5 page piece I just finished writing for MacTech. After the last episode of the MacAdmins podcast though, I wanted to go ahead and get some of the information out there. For a much more detailed analysis, check out MacTech! Apple has a number of different logging APIs. For the past few releases, Apple has tried to capture everything possible in logs, creating what many administrators and developers might consider to be a lot of chatter. As such, an entirely new interface needed to be developed to categorize and filter messages sent into system logs. Writing Logs The logger command is still used…
-
Jamf Pro 9.98 Now Available
The next release of iOS (10.3), macOS (10.12.4), and tvOS (10.2) bring us a host of new management features. These include DEP configuration, remote wipe, single app mode, conference room mode, and remote reboot for Apple TVs. The next evolution of iOS brings us sounds in lost mode, the ability to prevent users from connecting to unmanaged wireless networks (just make sure to push that policy after sending down the actual managed wireless networks – or eek), the option to remotely shut down and reboot devices, The Mac options includes some of the above but also restricting the feature to unlock macOS devices with Touch ID, restrict documents and desktop…
-
Use awk to evaluate compound conditions
You search for items in macOS using compound conditions in a number of ways. One way is with awk. Here, we’re going to grab the output of a simple ls command. That gets piped into an awk statement. Then we’re going to look at the expression to evaluate. Basically, we’re going to say anything that contains com. as well as apple and .plist. Because it’s ls, we’re looking for names of files that match those patterns. Each pattern is listed in brackets. And then there’s the {print} to lay out the action of printing to the files that match the pattern to the screen: ls |awk '/[com.][apple][.plist]/ {print}' Note: I…
-
macOS Logging Subsystems In A Gist
If you happen to be tweaking the macOS subsystems for logging, I’ve put them into a little python class. If you need it, find it at this gist: https://gist.github.com/krypted/495e48a995b2c08d25dc4f67358d1983 Could use an array of all the levels, TTLs, and options. But I’ll get to that when I get some time. If this is all you need, though: class Logging(object): __name__ = 'logger.info(1)' plist = '/System/Library/Preferences/Logging/Subsystems/' def __init__(__name__, plist, *args, **kwargs): super(getLogger/, self).__init__() logger.info('Input parameters:\n' 'accessibility: "{com.apple.Accessibility.plist}"\n' 'StandaloneHIDFudPlugins: "{com.apple.StandaloneHIDFudPlugins.plist}"\n' 'duetactivityscheduler: "{com.apple.duetactivityscheduler.plist}"\n' 'passkit: "{com.apple.passkit.plist}"\n' 'AppKit: "{com.apple.AppKit.plist}"\n' 'SystemConfiguration: "{com.apple.SystemConfiguration.plist}"\n' 'eapol: "{com.apple.eapol.plist}"\n' 'persona: "{com.apple.persona.plist}"\n' 'AppleIR: "{com.apple.AppleIR.plist}"\n' 'TCC: "{com.apple.TCC.plist}"\n' 'icloudpreferences: "{com.apple.icloudpreferences.plist}"\n' 'apple.pf: "{com.apple.pf.plist}"\n' 'AssetCache: "{com.apple.AssetCache.plist}"\n' 'TimeMachine: "{com.apple.TimeMachine.plist}"\n' 'internetAccounts: "{com.apple.internetAccounts.plist}"\n' 'photoanalysisd.graph: "{com.apple.photoanalysisd.graph.plist}"\n' 'AssetCacheServices: "{com.apple.AssetCacheServices.plist}"\n' 'Transport: "{com.apple.Transport.plist}"\n'…