birds like wires

Search

Showing 'mac' tagged articles.

Failed Core Storage Conversion

We have a Mac mini connected to an external storage box via FireWire. In a reasonably sensible manner, someone pointed Time Machine at one of the volumes on the DAS, thinking they should back the machine up to this location. They also thought also it would be best to encrypt the backup; very laudable.

However, this triggered a conversion process into an Apple Core Storage volume, which did not complete successfully. Luckily, OS X stopped trying and remounted the volume as HFS+. All appeared to be well, but after a reboot things were much less cheerful.

On restarting the machine, the volume was missing. Checking with diskutil list returned this layout:

/dev/disk1
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *17.6 TB    disk1
   1:                        EFI EFI                     209.7 MB   disk1s1
   2:                  Apple_HFS Backup                  2.0 TB     disk1s2
   3:          Apple_CoreStorage                         15.6 TB    disk1s3
   4:                 Apple_Boot Boot OS X               134.2 MB   disk1s4

But diskutil cs list returned this:

Keep reading...

Running pfSense on a Mac Pro

I’m a big fan of pfSense. If you’ve not heard of it, it’s an open source firewall that’s got more options that you can shake a stick at, but most importantly, is as solid as a rock and takes about a second to back up.

I’d been running it as a virtual machine on a couple of servers, but with a recent round of hardware changes I found myself with a 2006 vintage Mac Pro with no job to do. True, it’s massively overpowered for the job, but it’s got two good gigabit Intel NICs built-in and would make the VM setup, which I never liked, redundant. Plus, it would otherwise be sat on the floor doing nothing.

Setup

It’s trivial; I prepped the Mac with a single 80GB hard drive and zapped the PRAM just to be on the safe side (CMD-ALT-P-R). Then I burned the AMD64 image to a disc, booted the Mac with ALT held down and chose the ‘Windows’ CD. It’s obviously not Windows; that’s just what the Mac is programmed to title boot devices that aren’t OS X.

From there it’s just a case of choosing the installer when prompted and telling it to do a ‘Quick / Easy Install’. Everything from there is handled by pfSense, except for removing the CD (hold down the left mouse button to force a CD eject on reboot). Very easy.

Keep reading...

Mac Pro Storage Upgrade

An SD-PEX40079 with three 256GB Crucial m550 mSATA drives attached.

I’ve been slowly changing my storage habits lately, because I’ve been seduced by the speed of Solid State Drives. When I bought my Mac Pro, I got it with the extortionately expensive Apple SSD. It’s as solid as a rock, and the only thing out there with official TRIM support, but it’s not the speediest option and that’s largely down to the measly 3Gb/s SATA II bus that Apple forgot to upgrade with the 2012 edition. Seriously, guys, you couldn’t have swapped out that controller?

However, because these Mac Pro machines are proper tower systems with PCI-E 2.0, there are options out there. For a long time I was going to go with the Sonnet Tempo SSD Pro (or the Pro Plus as it’s now become) but blimey, at over £200 it’s an expensive way of putting SATA III in your machine. And eSATA is a lovely feature, but not already owning any eSATA caddies, I just didn’t think I’d use it that much.

A little Googling turned up this thread on the TonyMac forum, where ‘gsloan’ had found success with the Syba SD-PEX40068. But would you believe it; discontinued. Nuts.

Keep reading...

Command Line Wireless Options in OS X

Managing OS X wireless options was a terrible mystery until I discovered the magical hidden ‘airport’ command. If you do any Mac sysadmin work, I recommend:

sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport /usr/sbin/airport

This gives you lovely, straightforward access to the airport command, from which you can turn wifi on and off, configure administrative settings; basically everything you need. However, watch out; there’s been a change in the version currently shipping in Mavericks. My fave command was:

sudo airport en1 prefs RequireAdmin=YES

But this will no longer work. Instead you receive this response:

'Unrecognized prefs option 'RequireAdmin=YES'.

It’s not a problem, because Apple have actually unpacked the RequireAdmin option into it’s three constituent parts; RequireAdminIBSS, RequireAdminNetworkChange and RequireAdminPowerToggle. You can now control each of them individually.

So my favourite command has now become:

sudo airport en1 prefs RequireAdminIBSS=YES RequireAdminNetworkChange=YES RequireAdminPowerToggle=YES

Keep reading...

Dead Simple Dynamic DNS Updater

I’d been messing with ddclient, trying to get things to play nicely with DNS-O-Matic, Tunnelbroker and Hurricane Electric’s own dynamic DNS system. Problem was, although everything was configured correctly it still wouldn’t update my DNS! It worked when I told it to, but when the IP genuinely changed, it all went wrong.

It turns out that when my IP changed, ddclient was indeed trying to update things. However, it was trying to do it over the IPv6 tunnel which, due to the altered IP address, was now broken. And I could find no way in the config to specify that the tunnel should be updated first, over IPv4. Hmm.

So, I sacked off ddclient and went for the world’s simplest dynamic DNS client. A bash script and curl.

Easy Peasy

Most of the dynamic DNS services have a simple HTTP method for updating. Some have HTTPS, so you’re not waving your password around in clear text. Switching to an IPv4-only updating mechanism is as simple as this:

Keep reading...

Tunnelbroker and Dynamic IPs

Change of plan! While the details provided here are accurate and may well be useful if you’re configuring ddclient, I found issues updating my DNS information this way. So I opted for something much simpler, which I’ve written up here.

My shiny new router, which I’m hoping to write a proper article about soon, supports IPv6 tunnelling. IPv6 is going to become increasingly important over the next decade, as we’re running out of IPv4 (the ones that look like 208.67.220.220) addresses to give to all of the devices out there. Internet service providers are going to need to pick up the pace of handing these out, but in the meantime for those that don’t (such as BT) there are tunnelling services.

An IPv6 tunnelling service does basically what it sounds like; shoves your IPv4 traffic through a tunnel so that it pops out of the other end with a valid IPv6 address. You can then access services that only use IPv6… okay, that’s not many right now, but hey – you’re future proof! There are a few different providers out there, but I use Tunnelbroker. If your router supports it, you can configure the entry point to the tunnel from the details Tunnelbroker provide and pow! You’re accessing IPv6 sites.

Keep reading...

Fix Postfix for Gmail on Snow Leopard

This is a quick and dirty method for getting Postfix (as built-in on Mac OS X v10.6) to send mail via Gmail.

My little home server is a tweaked Mac mini, but Snow Leopard is the last version of OS X that will work on it without even more hacking around (besides, it’s the best version of OS X Server, IMHO). I had a search around on the web and after combining a few different methods, came up with this to make it work.

Sort out Certificates

Google changed to using Equifax as their certificate signing authority some time ago, but Postfix doesn’t know about them. So, you need to add their certificate (and we’ll add Thawte at the same time, for good measure).

Start by creating a certificates directory:

sudo mkdir /etc/postfix/certs

Jump into it and create a file called Equifax_Secure_CA.pem, then copy the following into it:

-----BEGIN CERTIFICATE-----
MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJVUzEQMA4GA1UE
ChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5
MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoT
B0VxdWlmYXgxLTArBgNVBAsTJEVxdWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCB
nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPR
fM6fBeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+AcJkVV5MW
8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kCAwEAAaOCAQkwggEFMHAG
A1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UE
CxMkRXF1aWZheCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoG
A1UdEAQTMBGBDzIwMTgwODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvS
spXXR9gjIBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQFMAMB
Af8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUAA4GBAFjOKer89961
zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y7qj/WsjTVbJmcVfewCHrPSqnI0kB
BIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee95
70+sB3c4
-----END CERTIFICATE-----

Then you need to create the Thawte one as well. Call it Thawte_Premium_Server_CA.pem.

Keep reading...

Moving Apple Software Update Files

Here’s a fun one. You’ve set up Software Update Server on your Mac OS X Server system and all is fine. Then you realise that you’re the proud owner of a directory containing 52GB of software updates and you’ve put it in a silly place.

You shut down Software Update in Server Admin and move the directory to a bigger drive. You reconfigure the path and then re-enable the server. You see from the logs that all is well and you fire up Software Update on your client machine.

Hooray. That’s not quite what we were aiming for.

Foolishly, I have in the past simply resigned myself to ‘fixing’ this by deleting the software update directory, recreating a blank one and erasing all of the configuration files in /etc/swupd. This is a silly thing to do as you’ll end up downloading that 52GB all over again. It turns out the solution is ridiculously simple.

sudo rm <path to swupd cache>/html/index*

This removes the various .sucatalog symbolic links which are still pointing towards your original software update directory. Software Update Server isn’t clever enough to repair these if the directory is moved, but it is clever enough to recreate them if they’re not there.

Keep reading...

Menu Extras and MCX

There’s a little quirk when you’re controlling menu extras for Mac OS X client systems using MCX. Well, there’s more than one quirk, but you know what I mean.

By default, new users of Mac OS X systems get Blutooth, Time Machine and Volume menu extras, as well as the clock. The Spotlight control is separate, so we won’t mention it here. On our systems I don’t really want to display the Bluetooth menu extra, we don’t use Time Machine and the volume is controlled by the external audio interfaces, so they could all do with going away.

An unmanaged menu bar in OS X

Digging through ~/Library/Preferences/ByHost shows that this is handled by a configuration file called com.apple.systemuiserver.XXXX.plist and as such you can control what appears using the configuration options in Workgroup Manager. The key you’re after is sensibly named dontAutoLoad, which can contain the paths to any Menu Extras.

The simplest way to configure the behaviour is to set up a user as you like it, then import the .plist file into Workgroup Manager using the ‘+’ on the Details tab of Preferences. Just make sure you import with the ‘Import as ByHost preferences’ button ticked. Reboot, log back in to the managed client and…

Keep reading...

Overclocking an iMac G4 with 133MHz Bus

Over at ethernetworks.de there’s a really good description of how to overclock an Apple iMac G4. Unfortunately, their table of resistor positions only holds true for the 167MHz USB 2.0 model iMac and mine is slightly older and has a 133MHz bus.

You can work out the appropriate PLL resistor settings by referring to the datasheet for the MPC7455 (see Table 17: MPC7455 Microprocessor PLL Configuration Example for 1.0 GHz Parts). However, figuring the combinations out can be a bit dizzying, so after working out the settings for 1.27GHz, I figured out the rest just in case I needed them in the future.

‘R’ = resistor present, ‘-’ = no connection.

Please only use this information after double-checking that I’ve got it right. The iMac G4 is probably my favourite design of computer and I don’t want to be hearing that you’ve stuffed one up using the information I’m providing. If you’re uncertain about anything, just don’t do it (although, I must admit that a jump from 1GHz to 1.27GHz does make a noticeable improvement to the machine).

Keep reading...

Mac OS X Energy Scripting

'Now You're Playing With Power.' by Dan_H on Flickr

We’ve got a variety of Macs running OS X versions 10.4, 10.5 and 10.6. They’re all managed from an Xserve with MCX preferences through Workgroup Manager, but for some reason I’ve just never managed to get them all to settle nicely with their power management settings.

While it’s lovely to have the control of these things through Workgroup Manager, I finally got miffed with it not working, particularly with the Tiger clients. It’s also not good to have rooms of machines burning away power and their components pointlessly.

‘Terminal’

So I did what I usually do. Write a script. There’s an excellent blog called Managing OS X which had already covered this issue, so using GregN’s script as inspiration I came up with this, in Perl for some reason.

Loading ‘powerman.pl’ from GitHub...

The idea is that this runs via launchd however often you would like. Using Lingon to create a .plist file, I have it triggered every hour. It uses the hostname of the machine to determine where it is, with different rules applied if the system is a ‘cluster’ or a ‘studio’ machine. Once per boot it reapplies the power management policy, and on every run it examines the state of the machine and decides whether it should be powered down.

Keep reading...