I work in academia in a large 1:1 deployment of around 6,000 MacBooks. At one point in time when we made the switch to Macs an assessment testing software developer had not made a universal binary app yet and their PPC app just would not run right on Intel based Macs. So, I had to create and deploy a dual boot image for them. The thought had crossed my mind on how to allow managed users (with no admin rights) the ability to dual boot? I cannot use any boot loader that runs in EFI either because I have to have firmware passwords on the Macs via security protocols.
So, I dug around in Terminal and was messing around with the bless command. If you execute this command:
It will set the partition that lives on /dev/disk0s3 to boot for next restart only, and the -legacy option supports booting an OS that does not support EFI boot loaders. Since Windows still requires older technology like a BIOS to actually load from, the -legacy option gives that support.
In the end I wrapped this command up in a Casper policy and allowed users to execute it via self service, which is a web-like app that users can execute policies on their own, and they run as root. So, the user just clicked on the dual boot policy and hit install. The Self Service app ran the bless command and a command to force a reboot.
It is probably possible to accomplish this with an AppleScript saved as an application or something similar.
In my line of work, I frequently deal with very very large text files, gigs in size. Every once in awhile, I inadvertently open such a file using the open -e command from the command line to view it in TextEdit (without checking the file size first).
Whenever I do this, my system crawls to a halt as TextEdit's virtual memory size bloats and the swap space goes crazy with page swaps. It takes minutes for me to go around saving open files before I can force-quit TextEdit. Here's a way I've found that can avoid these headache-inducing periods of no work getting done.
This hint, unfortunately, only works if you happen to (like me) use the C shell as your shell of preference, because there's no way of referencing arguments in a bash alias. Perhaps someone can post a bash equivalent in the comments. Also, there are many valid reasons to avoid aliasing actual commands (though I do so all the time without any problem) so you may want to change the alias name to something other than 'open.'
Finally, I used perl because I'm most familiar with it, though I'll admit there may be a more efficient and simple way of doing it. Again, I'll defer to improvements in the comments.
Basically, all I did was create an alias for the open command which first checks the file sizes before performing the command. If one or more of the files supplied to open (with -e as the first argument) is larger than 200M, it prints a warning instead of opening the file(s). Thus, to get around the warning, you would have to escape the alias (e.g. \open -e myfiles). It's a nice check to make sure I'm not opening a very huge file.
Here it is:
alias open 'perl -e "@x=split(/\s+/,qq(\!*));(@x)[0] eq qq(-e) ? (scalar(grep{@y=(split(/\n/));(stat((@x)[(@y)[0]]))[7]>200000000}(1..(scalar(@x)-1)))?print STDERR (qq(WARNING: One or more of your files is awfully big to open in text edit: ),(stat(qq((@x)[1])))[7],qq(\n)):exec(qq(open \!*))) : exec(qq(open \!*))"'
Just put the alias in your .cshrc file and you're good to go. Note I went to great lengths to avoid using the dollar symbol due to shell interpolation. I'd be very interested in learning better ways to avoid the interpolation.
I spend a lot of time reading man pages. Normally, the system pager less is fine for this. Occasionally, they're big enough or important enough that I want to keep them open in a window and read them at leisure. For those cases, I made a 2-line shell script pdfman.sh that runs man to generate postscript and presents the formatted output through preview.
Here is the script:
#!/bin/sh
ps=`mktemp -t manpageXXXX`.ps
man -t $@ > "$ps"
open "$ps"
[crarko adds: There are a number of ways to accomplish the viewing of man pages in Preview such as this older hint. The method can vary between versions of Mac OS X. The present hint is an addition to the list of methods.]
My power went out yesterday. I wanted a quick way to set all the house clocks accurately and easily.
I used the Mac's speech ability and scriptability to make a quick talking clock. I ran this script and turned up my speakers and set all the clocks in the house with ease:
while [ 1 ];do z=`date +%S`;if [ `expr $z % 5` -eq 0 ];then say `date "+%l %M and %S seconds"`;fi;done
Paste into a terminal window and press enter. Type Control+C to quit.
[crarko adds: I tested this, and it works as described. Note that this is bash shell syntax; if you use a different shell you may need to modify the script accordingly. I give it an A for cleverness.]
I just got the DTrace book from Amazon and wanted to get a list of providers for DTrace that OSX supports. (DTrace is a probe/profiling tool created by Sun that came with Mac OS X starting with Leopard.)
So I played with dtrace -l until I got the output to be just a sorted unique list of the providers (it also strips numbers off to keep the list concise).
My department runs a large enterprise level network of managed Macs in a rapidly growing school district. We use a software deployment solution to push out all district software and we use Workgroup Manager to effectively manage user environments. Like most enterprise-level networks, nearly all of our staff users are non-admin users with mobile accounts.
Rarely there are times when our users need to be an admin user for a limited amount of time: (to install print drivers for odd-ball home printers, joining an unusual secure wireless network, running an obscure web conferencing app, etc.).
It's easy to make a mobile user an administrator through System Preferences, but it's not so easy to remember to remove the admin privileges. While you can set a calendar reminder, invariably the user is offline when your reminder pops up and then a day, or two, or a month or more passes and then it's forgotten.
There are solutions that use login hooks for managed users, but those require your users to actually login, logout, and then log back in. It also requires your server administrator to move users to an admin group and then back out. Recently, I worked up a solution using the Unix at command. It is surprisingly simple and can be sent directly to a computer using Apple Remote Desktop, or through ssh.
Simply edit the following to meet your needs and send the commands through ARD as root:
# Replace shortname below with the shortname of the user you want to make an admin
/usr/sbin/dseditgroup -o edit -a shortname -t user admin
# This line enables the atrun utility to make OS X run Unix commands queued by the at command
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.atrun.plist
# Replace shortname below with the shortname of the user you want to
# remove admin privs from in 1 day
echo "/usr/sbin/dseditgroup -o edit -d shortname -t user admin" | at now + 1 day
If the computer gets put to sleep, shutdown, or restarted during the schedule time, the command will run the next time the system is active.
Please note, you can look at the man pages for at, and see the flexible formats for customizing the command to run whatever time you feel is reasonable. Another thing to consider, is modifying the commands above to schedule the enabling of administrator privileges. By doing so, you could, for example, allow someone to be an administrator for a very limited window of time.
I work in a growing school district with multiple campuses. Each week
I find myself in different buildings for one reason or another. Like
many people, I've realized it's much handier to grab my iPad and go,
rather than lug the laptop. However, there are times when it's
necessary to access information or applications on my laptop when I'm
out and about.
The solution that I'm using to remote back to my laptop involves
enabling VNC access on my laptop (System Preferences » Sharing »
Remote Management » Computer Settings) and using a VNC viewer on the
iPad (my choice, after trying many, is Remoter). There are two issues
with doing this: (1) is that the IP address of my laptop changes
from time to time and (2) when I'm out of the office, my iPad is not on
the same LAN as my laptop, so Bonjour browsing doesn't do any good.
The script below, IP-Change-Notification.sh, takes care of those two
issues by sending me an email every time my ethernet or wireless IP
address changes. I then have the ability to look up my laptop IP
address at any time by just checking my email on the iPad. Once I
have the IP address, then I can open Remoter, paste in the IP, and
connect. To get all this working, I simply put the script in an
accessible folder (personally, I use ~/scripts). Then, I set up a cron
task to run the script however often I want to check for a new IP.
The following hint creates a .DMG of a given directory/folder, then uses SCP to move it from your machine to another machine. It also appends a date onto the .DMG name, and lastly sends you an email that it was transferred successfully (or not).
The script has a few assumptions:
The source machine can send you email from the command line, if Postfix is working correctly.
The source machine has a password-less SCP connection to the destination machine. If not, see this hint for help setting that up.
Once you've moved the script to a location on your machine, you'll need to make it executable by typing the following in Terminal:
sudo chmod +x dmgbackup-script.sh
Of course, the script can then be called via a cron job or other scheduler if desired.
'Regrettably, iPhoto no longer offers an option to back up your iPhoto library to optical media. Rather, you can burn only images to the disc rather than the library itself and you can't burn to multiple discs if the selected number of photos won't fit on a single CD or DVD.'
There is a command-line based workaround for that deficiency. You can split the iPhoto Library into DVD sized tar archives and then copy the archives to DVD's.
To create the archives, type the following command into a Terminal shell:
PuTTY is an open-source, multi-platform SSH, Telnet, Rlogin and serial interface terminal emulation application with a host of configuration items. PuTTY can be operated from a GUI or the command-line. It is currently available for the Mac using the MacPorts environment. X11 forwarding, a tunneling function under SSH, is confused by the Leopard and later X11 DISPLAY string. This can simply be worked around by setting the 'SSH' menu » X display location item, to :0.
My department runs a large enterprise level network of managed Macs in a rapidly growing school district. We use a software deployment solution to push out all district software and we use Workgroup Manager to effectively manage user environments. Like most enterprise-level networks, nearly all of our staff users are non-admin users with mobile accounts.
