A number of files got shuffled around in Mountain Lion Server. One is the swupd.plist file used to daisy chain multiple servers so they act as a cascade of software update servers. The new path for the property list is /Library/Server/Software Update/Config/swupd.plist. Here, the metaIndexURL key is sill the location that points to an internal Software Update Server that the server you are editing should look to for updates. To set a server to look at another internal server for software updates, edit the metaIndexURL key in the /Library/Server/Software Update/Config/swupd.plist file to include the path to the new server. The path should always have /content/meta/mirror-config-1.plist after the FQDN of the host…
-
-
Copy Files Status in Mountain Lion
Of the new features in Mountain Lion, one I have already started to love is the fact that when you’re copying folders, you see a status in the Finder screen that lists the folders. This allows me to do a bunch of Finder level copies and rather than tile out the screens that I’m using to copy, I can just watch them from the parent folder. Sometimes it’s the little things…
-
Manage Gatekeeper from the Command Line in Mountain Lion
Gatekeeper is the new feature of OS X that controls what types of apps can be opened. To configure Gatekeeper, open the Security & Privacy System Preference pane. Click on the General tab and unlock to make changes. Here, you’ll see “Allow applications downloaded from:” along with the following 3 options: Mac App Store: Only apps downloaded from the App Store can be opened. “Mac App Store and identified developers”: Only apps downloaded from the App Store and those signed can be opened. Anywhere: Any app can be opened. Configuring Gatekeeper is as easy as selecting one of these options. Now, under the hood, the state of Gatekeeper is kept…
-
Notification Center, Mountain Lion and Me
I love Notification Center on my phone. I think it’s great to receive a simple list of items that have changed since the last time I looked at the phone. I can also quickly dismiss the screen so the fact that there’s often 20 or more items in the list when I’ve been sitting at my computer for 10 minutes and not looking at the phone doesn’t really bum me out much. In Mountain Lion, Notification Center comes to the Mac. What I’ve grown to love on the iPhone, I’m not sold on for OS X. You see, the alerts that pop up on the screen are great for a…
-
Man Pages
For those learning OS X or other Unixy based systems, and for those who have been using them for decades, man is one of the most important commands in our arsenal. The man command is short for manual and shows us how to use each command that has a man page, or a page that acts as an instruction manual for the command (or method). Another command, apropos, searches the whatis database for objects that match a string, or entry. For example, if you’d like to see a listing of all man pages that reference the word case, use the following command: apropos case Or use whatis in the place…
-
Core Dumps in Mac OS X
Every now and then, OS X has to drop some kids off at the pool. Usually it’s some developer that didn’t build a sanity check for every-single-possible-flippin’-thing-you-might-think-to-do-to-his/her-poor-flippin’-app-OMGYFI! And then, suddenly, out of nowhere, you get crap all over the system. Actually, as expected, Apple’s dumps are pretty well sequestered in the /cores directory. Each core file has a number appended behind it. For example, core.9901. When applications crash, they can save a lot of information about the state when they crashed into these files. For example, I have seen cached passwords in there… To disable core dumps, add the following line to /etc/sysctl.conf: kern.coredump=0 After a restart core dumps will…
-
What Changed On My Mac?
According to Wikipedia, fsevents is an API from Apple that allows applications to register for notifications of changes to a given directory tree. This means that when something changes, an application (or daemon/agent) can see the change and take action or track what happened. For Linux, there’s a similar tool in iNotify. This time of the year, a lot of imaging and packaging is going on at schools and companies around the world. A lot of people are also moving various settings out of images and into either post-flight packages, automations or managed preferences of some sort. In OS X, it’s easy to make a change on a computer and…
-
2,000 Posts And Going Strong
In December of 2004, in response to a request from my publisher at the time, I started this site in its current form. I kept the domain from my personal tinkeration site, which was a glorified file service, some static html pages for me to remember things (I can be a bit forgetful at times) and some .htaccess files to keep parts of the site private. I’d been using the domain for awhile, but started tinkering around with a few blogging engines and eventually settled on the one I’m using now. The total number of posts now sits a little over 2020, with a few being drafts on upcoming products…
-
Vulnerability Scanning Web Servers Using Nikto On OS X
I’ve had a pretty easy time using Nikto over the years. Nikto is a security scanner specific to web servers. I did a post on Nessus recently, but Nessus is a tool for looking at any service running on a system and trying to find available vulnerabilities. Nikto is can do many of the same things, but is specific and therefore more in depth for web servers. This involves looking at things like CGI directories and robots.txt files as well. Nikto is written in Perl. In order to do everything Nikto can do there are a few perl mules that need to be installed. But let’s look at one of…
-
A Cheat Sheet For Using pf in OS X Lion and Up
I’ve done plenty of writing on the Application Layer Firewall (ALF) and the IP FireWall (IPFW) in OS X over the years. There will be more on ALF coming in “July” but in the meantime, there’s something I hadn’t written much about in Lion and that’s the pf implementation. To get started, let’s look at the /etc/pf.conf configuration file that comprises pf: scrub-anchor "com.apple/*" nat-anchor "com.apple/*" rdr-anchor "com.apple/*" dummynet-anchor "com.apple/*" anchor "com.apple/*" load anchor "com.apple" from "/etc/pf.anchors/com.apple" Here, you can see that pf is configured with a number of anchors. An anchor is a collection of rules and tables. Basically, the anchor file being loaded is /etc/pf.anchors/com.apple. In here, we…