Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

10.7: Re-enable syslogd for incoming connections UNIX
I like to have all my logs in one place, so I was using syslogd's network listening on my 10.6 Server to let my router send its logs to it. After updating to 10.7 the plist was reverted to its default state, preventing what I was used to. This hint explains what to do, to get it working again.

First make a backup of the plist, then do the following:

Convert it to XML so it's editable:

sudo plutil -convert xml1 /System/Library/LaunchDaemons/com.apple.syslogd.plist

Edit the file; I used pico with this command (you can also use TextWrangler, etc.):

sudo pico /System/Library/LaunchDaemons/com.apple.syslogd.plist

You need to insert this key:
<key>NetworkListener</key>
 <dict>
        <key>SockServiceName</key>
        <string>syslog</string>
        <key>SockType</key>
        <string>dgram</string>
 </dict>
Convert the plist back to binary format: 2br sudo plutil -convert binary1 /System/Library/LaunchDaemons/com.apple.syslogd.plist

Unload and reload syslogd:

sudo launchctl unload /System/Library/LaunchDaemons/com.apple.syslogd.plist
sudo launchctl load /System/Library/LaunchDaemons/com.apple.syslogd.plist


Afterwards check Console.app for incoming logs from your router, etc.

[crarko adds: I haven't tested this one.]
  Post a comment  •  Comments (11)  
  • Currently 3.29 / 5
  You rated: 2 / 5 (7 votes cast)
 
[15,902 views]  View Printable Version
View currently open network connections UNIX
Do you *know* what ports you have open on your machine or your server? Do you know what processes are communicating with what machines on the net, and as which user? If you are curious about these things, this script might be for you!

This is a bash-script that runs in the background (via launchd) and gathers information about what currently open network connections your machine have, both outgoing and incoming (listening) ports. It does so every two minutes. When the script is run by root, it gathers the data; when run as any other user it displays the data.

You can use this in conjunction with GeekTool to always see the data on your screen. Here is the script:
#!/bin/bash
# Script to install open_ports.sh
# 2011-05-05 / Peter Mˆller, Datavetenskap, LTH
# Location: 
# http://fileadmin.cs.lth.se/cs/Personal/Peter_Moller/scripts/open_ports_install.sh


# Make sure the user is "root"
if [ ! "$USER" = "root" ] ; then
  echo "Must be run by root!"
  echo "Exiting..."
  exit 1
fi

# BINDIR points to the "binary"
BINDIR="/usr/bin"
# PREFIX points to where all the datafiles are stored
PREFIX="/Library/cs.lth.se/OpenPorts"
# IP_CACHE is a growing list of IP-addresses and their geo location. 
# Since this is being used by other scripts, it's not in the OpenPorts directory
IP_CACHE="/Library/cs.lth.se/ip_cache.txt"
# EXTERN stores the computers "external" address. Checked hourly
EXTERN="$PREFIX/ExternIP.txt"
# FILE4 stores current IPv4-ESTABLISHED connections. Generated every two minutes!
FILE4="$PREFIX/ip4.txt"
# FILE6 stores current IPv6-ESTABLISHED connections. Generated every two minutes!
FILE6="$PREFIX/ip6.txt"
# FILE_LISTEN stores current LISTEN connections. Generated every two minutes!
FILE_LISTEN="$PREFIX/listen.txt"
# CHECKSUM stores a sha1-checksum for the lsof-binary. Cheched every two houres
CHECKSUM="$PREFIX/Checksum.txt"
# IP_LOCATE_CACHE is a temporary file that stores the geo location of the computers external address
IP_LOCATE_CACHE="$PREFIX"/ip_locate_cache.txt


# Fetch and launch the launchd-component
echo "Fetching launchd-component"
curl -o /Library/LaunchDaemons/se.lth.cs.open_ports.plist http://fileadmin.cs.lth.se/cs/Personal/Peter_Moller/scripts/se.lth.cs.open_ports.plist
chmod 644 /Library/LaunchDaemons/se.lth.cs.open_ports.plist
launchctl load /Library/LaunchDaemons/se.lth.cs.open_ports.plist
launchctl start se.lth.cs.open_ports
echo
echo

# fetch the script
echo "Fetching main script"
ScriptName="open_ports.sh"
curl -o /tmp/${ScriptName} http://fileadmin.cs.lth.se/cs/Personal/Peter_Moller/scripts/${ScriptName}
curl -o /tmp/${ScriptName}.sha1 http://fileadmin.cs.lth.se/cs/Personal/Peter_Moller/scripts/${ScriptName}.sha1
if [ "$(openssl sha1 /tmp/${ScriptName} | awk '{ print $2 }')" = "$(less /tmp/${ScriptName}.sha1)" ]; then
  mv /tmp/${ScriptName} ${BINDIR}/${ScriptName}
  chmod 755 ${BINDIR}/${ScriptName}
else
  echo "Checksum does NOT match!! Installation aborted!"
  exit 1
fi
echo
echo

# Create the directory for the files and set the access rights
mkdir -p "$PREFIX"
chmod 755 "$PREFIX"
touch "$FILE4" "$FILE6" "$IP_CACHE" "$IP_LOCATE_CACHE"
chmod 666 "$FILE4" "$FILE6" "$IP_CACHE" "$IP_LOCATE_CACHE"

echo "Done installing base parts of \"open_ports.sh\". Now proceeding to install GeekTool"
echo

echo "Fetching GeekTool"
# Get GeekTook
curl -o /tmp/GeekTool.dmg http://update.tynsoe.org/geektool3/Public/GeekTool%203.0.dmg
hdiutil mount /tmp/GeekTool.dmg
open /Volumes/GeekTool\ 3/
say "Done installing base parts of open ports. Now you will have to install GeekTool yourself"

exit 0
Installation
  • Save the install script.
  • Start Terminal.
  • Become root: if you are a normal user, type sudo adminusernamne and then sudo -i; if you are an admin user, type sudo -i.
  • Set access rights for the install script: chmod 755 open_ports_install.sh (you must locate it).
  • Run the script: ./open_ports_install.sh.
  • The installation is normally quick. It ends with GeekTool being opened. To install it, double-click its .PrefPane
  • In GeekTool: click the icon named "Shell" and drag it to an empty part of the desktop (must be free of windows). Size it as well.
  • A "Properties" window opens. What you need to enter is:
    • Command: open_ports.sh
    • Refresh every: 120 s
    • Change font to a monospace one (I'm using Menlo and white font color)
  • Now you may close GeekTool
Note that GeekTool doesn't move things around if you change the number of monitors (for instance a portable computer with external displays). It will, however be visible again when you restore the monitor setting.

Also note that the script will start automatically after a reboot.

Update the script

The script auto-updates once per week. You can also update the script manually by running, as root, the following command in a terminal window:

open_ports.sh -u

It will fetch the latest version of the script and install it (if it is different that what you have). If you already have the latest version it will tell you!

You'll find the script and further information here.

Oh, and it runs on Linux as well (the exact same script -- different installer though). It also updates itself every two weeks if there's a new version available.

[crarko adds: I haven't tested this one.]
  Post a comment  •  Comments (21)  
  • Currently 1.25 / 5
  You rated: 5 / 5 (20 votes cast)
 
[10,824 views]  View Printable Version
A script to automatically open a Terminal window to its directory UNIX
How many times have you been to a folder in Finder and needed a Terminal window open to that folder? For me, the answer was many. So, I wrote little AppleScript to take care of it automatically.

This script works by opening a Terminal window and cd'ing into the directory the script was in. Just copy the script into every folder you want to use if from; it's got a tiny footprint. Here's the code:
set myPath to (do shell script "dirname " & quoted form of (POSIX path of (path to me) as string)) as string
tell application "Terminal"
  activate
  do script ("cd " & quoted form of myPath)
end tell
Paste this into AppleScript Editor and save it as an application. Copy it into each folder you'll want to use it with.

I recommend naming it something like " Terminal" (the space in front will make it float to the top of a list of files).

And, it will Just Work. Double-click the app and Terminal will open with a new window cd'd to the folder where you just were in Finder.

[crarko adds: I tested this, and it works as described. We've run hints of this type before; here is another method.]
  Post a comment  •  Comments (25)  
  • Currently 2.85 / 5
  You rated: 3 / 5 (13 votes cast)
 
[8,043 views]  View Printable Version
Unix mail notifications via Growl UNIX
This tip lets you get a notification through Growl whenever new Unix mail arrives, with the subject of the mail. I get Unix mail as a result of run cron-jobs. I use cron because whether you have lingon or not; it is far easier to schedule a job with cron.

When there is something that I really want to watch from a process run by cron I do:

echo "the very interesting stuff" |mail -s "IMPORTANT" myusername

or some other Unix command to send the same mail message.

The problem is that I have to manually go into Unix mail and manually check if there is any new mail or not, and sometimes I just forget to do that.

Therefor I have made a notification in Growl via a launchd job and an AppleScript.

Prerequisites: You need to have installed Growl and Growl helper.

The lanchd process checks if your /var/mail/You mail file has changed, and if it has, the launchd process will run the script below and die until next time a new mail arrives and changes the mailfile. The AppleScript makes Growl show that there is a new mail with subject line of the last arrived mail in the bezel window.

Installation:

This script creates a Growl notification and must be placed somewhere on your disk. I have folder named .UserAgents for that purpose; to keep them collected. And a folder named .Processess for the jobs I run through cron via Cronnix.

The script must be installed via a property list file looking like the one given after the shell script below, except that you have to adjust it to insert the correct path for both the shell script and your mailfile.

You must also set its executable bit with the command chmod u+x from a Terminal window.
--------UnixMailNotifier.sh
#!/bin/bash
export mvar=`mail -H |tail -1 |sed -n 's/(..*")([^"][^"].*)(["].*)/2/p'`
/usr/bin/osascript <<-EOF 2>/dev/null 1>&2
  tell application "GrowlHelperApp"
    try
      set the allNotificationsList to ¬
        {"Unix Mail Notification"}
      set the enabledNotificationsList to ¬
        {"Unix Mail Notification"}
      register as application ¬
        "Growls Unix Mail Notification" all notifications allNotificationsList ¬
        default notifications enabledNotificationsList ¬
        icon of application "Terminal.app"
      
      --  Send a Notification...
      notify with name ¬
        "Unix Mail Notification" title ¬
        "Unix Mail Notification" description ¬
        "Subject: $mvar" application name "Growls Unix Mail Notification" icon of application "Terminal.app"
      
    on error the error_message number the error_number
      display dialog "Error: " & the error_number & ". " & the error_message buttons {"Cancel"} default button 1
    end try
    
  end tell
EOF
The property list file which must be installed in ~/Library/LaunchAgents looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <key>Label</key>
  <string>com.You.UnixMailNotifier</string>
  <key>Program</key>
  <string>/Users/You/.UserAgents/UnixMailNotifier.sh</string>
  <key>ProgramArguments</key>
  <array>
    <string>/Users/You/.UserAgents/UnixMailNotifier.sh</string>
  </array>
  <key>RunAtLoad</key>
  <true/>
  <key>KeepAlive</key>
  <dict>
    <key>SuccessfulExit</key>
    <false/>
  </dict>
  <key>WatchPaths</key>
  <array>
    <string>/var/mail/You</string>
  </array>
</dict>
</plist>
After you have saved the property list file as (for instance) com.You.UnixMailNotification.plist you must start it with:

launchctl load com.you.UnixMailNotification.plist.

From there on you should get a notification whenever you get a Unix mail.

[crarko adds: I haven't tested this one. If there are any errors in either the script or the plist please let me know via the comments and I will correct them.]
  Post a comment  •  Comments (7)  
  • Currently 3.50 / 5
  You rated: 4 / 5 (4 votes cast)
 
[4,800 views]  View Printable Version
Set Boot Camp partition to boot to Windows via command line UNIX
I work in academia in a large 1:1 deployment of around 6,000 MacBooks. At one point in time when we made the switch to Macs an assessment testing software developer had not made a universal binary app yet and their PPC app just would not run right on Intel based Macs. So, I had to create and deploy a dual boot image for them. The thought had crossed my mind on how to allow managed users (with no admin rights) the ability to dual boot? I cannot use any boot loader that runs in EFI either because I have to have firmware passwords on the Macs via security protocols.

So, I dug around in Terminal and was messing around with the bless command. If you execute this command:

/usr/sbin/bless --device /dev/disk0s3 --setBoot --legacy --nextonly

It will set the partition that lives on /dev/disk0s3 to boot for next restart only, and the -legacy option supports booting an OS that does not support EFI boot loaders. Since Windows still requires older technology like a BIOS to actually load from, the -legacy option gives that support.

In the end I wrapped this command up in a Casper policy and allowed users to execute it via self service, which is a web-like app that users can execute policies on their own, and they run as root. So, the user just clicked on the dual boot policy and hit install. The Self Service app ran the bless command and a command to force a reboot.

It is probably possible to accomplish this with an AppleScript saved as an application or something similar.

[crarko adds: I haven't tested this one.]
  Post a comment  •  Comments (2)  
  • Currently 3.50 / 5
  You rated: 4 / 5 (6 votes cast)
 
[12,606 views]  View Printable Version
Don't accidentally open huge text files from the Command Line UNIX
In my line of work, I frequently deal with very very large text files, gigs in size. Every once in awhile, I inadvertently open such a file using the open -e command from the command line to view it in TextEdit (without checking the file size first).

Whenever I do this, my system crawls to a halt as TextEdit's virtual memory size bloats and the swap space goes crazy with page swaps. It takes minutes for me to go around saving open files before I can force-quit TextEdit. Here's a way I've found that can avoid these headache-inducing periods of no work getting done.

This hint, unfortunately, only works if you happen to (like me) use the C shell as your shell of preference, because there's no way of referencing arguments in a bash alias. Perhaps someone can post a bash equivalent in the comments. Also, there are many valid reasons to avoid aliasing actual commands (though I do so all the time without any problem) so you may want to change the alias name to something other than 'open.'

Finally, I used perl because I'm most familiar with it, though I'll admit there may be a more efficient and simple way of doing it. Again, I'll defer to improvements in the comments.

Basically, all I did was create an alias for the open command which first checks the file sizes before performing the command. If one or more of the files supplied to open (with -e as the first argument) is larger than 200M, it prints a warning instead of opening the file(s). Thus, to get around the warning, you would have to escape the alias (e.g. \open -e myfiles). It's a nice check to make sure I'm not opening a very huge file.

Here it is:
alias open 'perl -e "@x=split(/\s+/,qq(\!*));(@x)[0] eq qq(-e) ? (scalar(grep{@y=(split(/\n/));(stat((@x)[(@y)[0]]))[7]>200000000}(1..(scalar(@x)-1)))?print STDERR (qq(WARNING: One or more of your files is awfully big to open in text edit: ),(stat(qq((@x)[1])))[7],qq(\n)):exec(qq(open \!*))) : exec(qq(open \!*))"'
Just put the alias in your .cshrc file and you're good to go. Note I went to great lengths to avoid using the dollar symbol due to shell interpolation. I'd be very interested in learning better ways to avoid the interpolation.

[crarko adds: I haven't tested this one.]
  Post a comment  •  Comments (10)  
  • Currently 3.00 / 5
  You rated: 1 / 5 (5 votes cast)
 
[5,171 views]  View Printable Version
Open formatted man pages in Preview from the command line UNIX
I spend a lot of time reading man pages. Normally, the system pager less is fine for this. Occasionally, they're big enough or important enough that I want to keep them open in a window and read them at leisure. For those cases, I made a 2-line shell script pdfman.sh that runs man to generate postscript and presents the formatted output through preview.

Here is the script:
#!/bin/sh
ps=`mktemp -t manpageXXXX`.ps
man -t $@ > "$ps"
open "$ps"

[crarko adds: There are a number of ways to accomplish the viewing of man pages in Preview such as this older hint. The method can vary between versions of Mac OS X. The present hint is an addition to the list of methods.]
  Post a comment  •  Comments (17)  
  • Currently 2.80 / 5
  You rated: 4 / 5 (5 votes cast)
 
[7,023 views]  View Printable Version
Setting House Clocks after Power Outage UNIX
My power went out yesterday. I wanted a quick way to set all the house clocks accurately and easily.

I used the Mac's speech ability and scriptability to make a quick talking clock. I ran this script and turned up my speakers and set all the clocks in the house with ease:
while [ 1 ];do z=`date +%S`;if [ `expr $z % 5` -eq 0 ];then say `date "+%l %M and %S seconds"`;fi;done
Paste into a terminal window and press enter. Type Control+C to quit.

[crarko adds: I tested this, and it works as described. Note that this is bash shell syntax; if you use a different shell you may need to modify the script accordingly. I give it an A for cleverness.]
  Post a comment  •  Comments (21)  
  • Currently 3.40 / 5
  You rated: 2 / 5 (10 votes cast)
 
[6,600 views]  View Printable Version
Get a list of unique dtrace providers UNIX
I just got the DTrace book from Amazon and wanted to get a list of providers for DTrace that OSX supports. (DTrace is a probe/profiling tool created by Sun that came with Mac OS X starting with Leopard.)

So I played with dtrace -l until I got the output to be just a sorted unique list of the providers (it also strips numbers off to keep the list concise).

Here is the resulting command:
sudo dtrace -l | perl -pe 's/^.*?\S+\s+(\S+?)([0-9]|\s).*/\1/' | sort | uniq

[crarko adds: I haven't tested this one.]
  Post a comment  •  Comments (1)  
  • Currently 3.40 / 5
  You rated: 4 / 5 (5 votes cast)
 
[5,060 views]  View Printable Version
10.6: Make a temporary Administrator account UNIX
Snow Leopard only hintMy department runs a large enterprise level network of managed Macs in a rapidly growing school district. We use a software deployment solution to push out all district software and we use Workgroup Manager to effectively manage user environments. Like most enterprise-level networks, nearly all of our staff users are non-admin users with mobile accounts.

Rarely there are times when our users need to be an admin user for a limited amount of time: (to install print drivers for odd-ball home printers, joining an unusual secure wireless network, running an obscure web conferencing app, etc.).

It's easy to make a mobile user an administrator through System Preferences, but it's not so easy to remember to remove the admin privileges. While you can set a calendar reminder, invariably the user is offline when your reminder pops up and then a day, or two, or a month or more passes and then it's forgotten.

There are solutions that use login hooks for managed users, but those require your users to actually login, logout, and then log back in. It also requires your server administrator to move users to an admin group and then back out. Recently, I worked up a solution using the Unix at command. It is surprisingly simple and can be sent directly to a computer using Apple Remote Desktop, or through ssh.

Simply edit the following to meet your needs and send the commands through ARD as root:
# Replace shortname below with the shortname of the user you want to make an admin
/usr/sbin/dseditgroup -o edit -a shortname -t user admin

# This line enables the atrun utility to make OS X run Unix commands queued by the  at  command
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.atrun.plist

# Replace shortname below with the shortname of the user you want to
# remove admin privs from in 1 day
echo "/usr/sbin/dseditgroup -o edit -d shortname -t user admin" | at now + 1 day
If the computer gets put to sleep, shutdown, or restarted during the schedule time, the command will run the next time the system is active.

Please note, you can look at the man pages for at, and see the flexible formats for customizing the command to run whatever time you feel is reasonable. Another thing to consider, is modifying the commands above to schedule the enabling of administrator privileges. By doing so, you could, for example, allow someone to be an administrator for a very limited window of time.

[crarko adds: I haven't tested this one.]
  Post a comment  •  Comments (11)  
  • Currently 4.57 / 5
  You rated: 3 / 5 (7 votes cast)
 
[11,524 views]  View Printable Version