From Eckart.Hasselbrink at web.de Fri Feb 1 00:05:59 2002 From: Eckart.Hasselbrink at web.de (Eckart Hasselbrink) Date: Thu Nov 3 12:29:10 2005 Subject: small network question was: Richard Peskin In-Reply-To: <200201312256.AA06126@ocs.cz> Message-ID: <46D1214A-16EA-11D6-8109-003065BDA0FE@web.de> On Thursday, January 31, 2002, at 11:56 , Ondra Cada wrote: > >>>>>>> Eckart Hasselbrink (EH) wrote at Thu, 31 Jan 2002 23:44:28 +0100: > EH> PS: I consider the ability to NFS export HFS file systems as a bug. > > Why should I not be able to access my OSX partition from my NeXT? If it is an HFS partition on the NFS server, then it is prone to result in files with the resource fork stored in a format which is inconsistent with the HFS format. If a client copies a file to the server, the resource ends in a <.filename> file, which is not the HFS way. The other way around, if one copies a file locally to that volume, then the clients will not see the resource fork. I do not know enough about the NFS protocoll, to judge if it could be fixed, and whether it would need to be fixed on the client or server side, or both. But the present incarnation of NFS does not handle it. And it does not generate an error message, but rather breaks files. If you follow the discussion on this list, you will see that every 14 days someone asks a question, which arises, because he/she NFS exports a HFS volume and is not aware of the problems assocated with it. Hence, Apple should better have disabled this "feature", since for most people it creates an unreliable server. Eckart PS: Ondra, please refrain from starting a general discussion on the merrits of resource forks again. ______________ Eckart Hasselbrink Graf-Bernadotte-Str. 50 45133 Essen From leonvs at occam.com Fri Feb 1 03:50:59 2002 From: leonvs at occam.com (Leon Towns-von Stauber) Date: Thu Nov 3 12:29:10 2005 Subject: [Summary] Deploying Mac OS X - Idle and ByHost In-Reply-To: Message-ID: >> Issue 2: >> There is a folder located at ~/Library/Preferences/ByHost/ that is >> causing me quite a bit of trouble. Preferences in this folder contain >> some form of the internet address for the Mac. I want to create >> custom images of this Mac OS X to distribute to other computers. >> However, because of this folder, I am unable to just image a hard disk >> and stamp it out. I have to go and change the contents of the ByHost >> folder, something that I do not want to do, especially for about 300 >> macs. [...] > I was also told to write a script to change it. I didn't want to. I > was hoping someone might have a more permenant solution. I might just > do this though. Using Script Debugger I was able to find the current > ethernet address with this code: > > Does anyone know the terminal way to get the ethernet address? Probably not the cleanest way to do it, but this should work: ifconfig -a | grep ether | head -1 | awk '{ print $NF }' Following is a script that makes use of this to automatically rename the files in ~/Library/Preferences/ByHost/. A usage statement is included, but basically you would create your image with ByHost files named with an arbitrary tag, such as com.apple.windowserver.mac_address.plist where "mac_address" is some tag you decide on. Then run this: updateByHostPrefs.sh -p mac_address -d /Users It'll turn filenames like the above into things of the form: com.apple.windowserver.003065aabbcc.plist (The "-d /Users" is optional, as /Users is the default.) Here's the script: -------------- next part -------------- A non-text attachment was scrubbed... Name: updateByHostPrefs.sh Type: application/octet-stream Size: 1449 bytes Desc: not available Url : /mailman/archive/macosx-admin/attachments/20020201/15af5441/updateByHostPrefs.obj -------------- next part -------------- It's designed to run silently, although it would be a simple matter to have it produce some basic output. It's worked as I've tested it, but I'd advise doing your own testing as well. ------------------------------------------------------------- Leon Towns-von Stauber http://www.occam.com/leonvs/ Amazon.com, UNIX Systems Engineer "We have not come to save you, but you will not die in vain!" From ocs at ocs.cz Fri Feb 1 03:54:02 2002 From: ocs at ocs.cz (Ondra Cada) Date: Thu Nov 3 12:29:10 2005 Subject: small network question was: Richard Peskin In-Reply-To: <46D1214A-16EA-11D6-8109-003065BDA0FE@web.de> References: <46D1214A-16EA-11D6-8109-003065BDA0FE@web.de> Message-ID: <200202011147.AA06697@ocs.cz> Eckart, >>>>>> Eckart Hasselbrink (EH) wrote at Fri, 1 Feb 2002 09:04:11 +0100: EH> >Why should I not be able to access my OSX partition from my NeXT? EH> EH> If it is an HFS partition on the NFS server, then it is prone to result EH> in files with the resource fork stored in a format which is inconsistent EH> with the HFS format. If a client copies a file to the server, the EH> resource ends in a <.filename> file, which is not the HFS way. The other EH> way around, if one copies a file locally to that volume, then the EH> clients will not see the resource fork. There are no resource forks in any OS but the late Mac OS (and, quite unfortunately, by some legacy code sometimes in OS X). Neither of them can be client here. EH> If you follow the discussion on this list, you will see that every 14 EH> days someone asks a question, which arises, because he/she NFS exports a EH> HFS volume and is not aware of the problems assocated with it. Hence, EH> Apple should better have disabled this "feature", since for most people EH> it creates an unreliable server. This blasted way of thinking leads to communism: let's ban anything which can be possibly used by a dangerous way. Let's ban weapons. Let's ban encryption. Let's ban NFS exports :((((((((((((((((( --- Ondra Cada OCSoftware: ocs@ocs.cz http://www.ocs.cz 2K Development: o.cada@2kdevelopment.cz http://www.2kdevelopment.cz private ondra@ocs.cz http://www.ocs.cz/oc From Eckart.Hasselbrink at web.de Fri Feb 1 04:10:59 2002 From: Eckart.Hasselbrink at web.de (Eckart Hasselbrink) Date: Thu Nov 3 12:29:10 2005 Subject: small network question was: Richard Peskin In-Reply-To: <200202011147.AA06697@ocs.cz> Message-ID: <92975A04-170C-11D6-96C4-003065BDA0FE@web.de> Sorry, I will not continue this discussion. Eckart On Friday, February 1, 2002, at 12:47 , Ondra Cada wrote: >>>>>>> Eckart Hasselbrink (EH) wrote at Fri, 1 Feb 2002 09:04:11 +0100: > EH> >Why should I not be able to access my OSX partition from my NeXT? > EH> > EH> If it is an HFS partition on the NFS server, then it is prone to > result > EH> in files with the resource fork stored in a format which is > inconsistent > EH> with the HFS format. If a client copies a file to the server, the > EH> resource ends in a <.filename> file, which is not the HFS way. The > other > EH> way around, if one copies a file locally to that volume, then the > EH> clients will not see the resource fork. > > There are no resource forks in any OS but the late Mac OS (and, quite > unfortunately, by some legacy code sometimes in OS X). Neither of them > can be > client here. > > EH> If you follow the discussion on this list, you will see that every > 14 > EH> days someone asks a question, which arises, because he/she NFS > exports a > EH> HFS volume and is not aware of the problems assocated with it. > Hence, > EH> Apple should better have disabled this "feature", since for most > people > EH> it creates an unreliable server. > > This blasted way of thinking leads to communism: let's ban anything > which > can be possibly used by a dangerous way. Let's ban weapons. Let's ban > encryption. Let's ban NFS exports :((((((((((((((((( > --- > Ondra Cada > OCSoftware: ocs@ocs.cz http://www.ocs.cz > 2K Development: o.cada@2kdevelopment.cz http://www.2kdevelopment.cz > private ondra@ocs.cz http://www.ocs.cz/oc > > ______________ Eckart Hasselbrink Graf-Bernadotte-Str. 50 45133 Essen From mike at caisys.co.uk Fri Feb 1 04:45:03 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:10 2005 Subject: apologies In-Reply-To: <27C3F6E4-1695-11D6-88D3-0030656A00AC@nimug.org> References: <27C3F6E4-1695-11D6-88D3-0030656A00AC@nimug.org> Message-ID: <10202011053.AA00118@gandalf.caisys.co.uk> I was responsible for restarting the advocacy debate. You are all right, it doesn't belong here, I'm sorry. I'll keep to admin matters. I would hate anybody to leave on my account. /mike From mike at caisys.co.uk Fri Feb 1 04:45:13 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:10 2005 Subject: shells.. help me here.. In-Reply-To: <675A7E42-16AE-11D6-A6E4-0003931D89F6@eng.monash.edu.au> References: <675A7E42-16AE-11D6-A6E4-0003931D89F6@eng.monash.edu.au> Message-ID: <10202011110.AA00125@gandalf.caisys.co.uk> Anthony Morton wrote: > That's correct. In a default MacOS X installation, /etc/csh.cshrc > contains only the single line 'source /usr/share/init/tcsh/rc'. > > The moral is that you can't rely on man pages to get the full story > about the behaviour of a Unix installation. At some point you're > expected to just read the source code - in this case, to inspect the > actual scripts. That's Unix for you...... So it does. :-) You're absolutely right. I should have looked. /mike From mike at caisys.co.uk Fri Feb 1 04:45:30 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:10 2005 Subject: mounting partitions at boot time In-Reply-To: References: Message-ID: <10202011133.AA00158@gandalf.caisys.co.uk> > Just add the fstab entries with the appropriate dev nodes should work Can one assume with certainty that (a) the disk containing the boot volume will be /dev/disk0? (b) a second internal hard disk will be /dev/disk1? (c) even if there's a disk in the CD/DVD drive? (d) even if there's an external disk - USB, FW or SCSI - attached? If not, what are "the appropriate dev nodes"? Thanks /mike From mike at caisys.co.uk Fri Feb 1 04:45:44 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:10 2005 Subject: NFS/NetInfo guru anywhere? In-Reply-To: References: <200201282126.AA02662@ocs.cz> <10201311918.AA28687@gandalf.caisys.co.uk> Message-ID: <10202011138.AA00164@gandalf.caisys.co.uk> > Nahh- in Mac OS X, you can tell netInfo to bind to a specific server. > I used to do it over a VPN link all the time. (Directory Setup.app) Thanks. Yes, I saw that. But making a clone of the master has other advantages too. Maybe I'll try both, and learn how well they work :-) /mike From mike at caisys.co.uk Fri Feb 1 04:47:01 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:10 2005 Subject: separately mounted user directories In-Reply-To: <1C5DC472-16CF-11D6-A4BB-000393639B02@rlpcon.com> References: <1C5DC472-16CF-11D6-A4BB-000393639B02@rlpcon.com> Message-ID: <10202011149.AA00173@gandalf.caisys.co.uk> > Currently I have my /Users symbolically linked to a separately > mounted partition, /Volumes/Users. while this seems to cause no > problems with OS X, per se, some installers (Vise is one example) are > having trouble locating user directories. Their searches fail. Would > I be better off to link directly to separately mounted user > directories. That is, leave /Users on the root disk, and link home > directories to the separate disk? E.g. /Users/rpeskin --> > /Volumes/rpeskin, rather than /Users --> /Volumes/Users? If Vise can't follow a symbolic link for /Users, I suspect it can't follow /Users/rpeskin, either. But try it and see. OTOH, there are other good reasons IMHO for leaving /Users on the root partition and creating links within it to home folders. That way the root partition (in its pristine, default state) is still intact. /mike From david at idiomatrix.com Fri Feb 1 05:46:00 2002 From: david at idiomatrix.com (David Herren) Date: Thu Nov 3 12:29:10 2005 Subject: monthly log seems odd Message-ID: Hey all- I have to admit this is the first OSX monthly log I've seen--I'm accustomed to OSXServer 1.2 monthly logs, but this seems odd. This is from my laptop--I just changed the cron to run at a time when I figured the laptop would be running, but how could I have negative logins? From: System Administrator Date: Fri Feb 01, 2002 08:30:05 AM US/Eastern To: root Subject: voyager monthly output Subject: voyager monthly run output Doing login accounting: root 0.08 total -279263.12 dherren -279263.20 Rotating log files: wtmp /david -- david herren, shoreham, vermont, usa Hey Osama! Allah would like a word with you... From mike at caisys.co.uk Fri Feb 1 06:22:01 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:10 2005 Subject: [Summary] Deploying Mac OS X - Idle and ByHost In-Reply-To: References: Message-ID: <10202011341.AA00451@gandalf.caisys.co.uk> > > Does anyone know the terminal way to get the ethernet address? > > Probably not the cleanest way to do it, but this should work: > > ifconfig -a | grep ether | head -1 | awk '{ print $NF }' Not reliable. On my G4, this returns the MAC address of en1 (Airport), not en0 (built-in ethernet), and it's the latter which appears to be used to identify currentHost when naming preference files. [This despite the fact that in Network Preferences I have Built-in Ethernet above Airport: ifconfig -a lists the interfaces in the order lo0-en1-en0.] Why not just ifconfig en0 | grep ether | awk '{print $NF}' or ifconfig en0 | grep ether | cut -f2 -d' ' /mike From amaral at alma.edu Fri Feb 1 06:35:03 2002 From: amaral at alma.edu (=?ISO-8859-1?Q?Jos=E9_Pedro_Sousa_do_Amaral?=) Date: Thu Nov 3 12:29:10 2005 Subject: Stickies File Seems To Have Disappeared In-Reply-To: Message-ID: Em Quinta, Janeiro 31, 2002, ?s 12:50 , John C. Welch escreveu: >>> That sounds like a problem in your install. Mine will certainly bog >>> down a bit while kensington drivers, etc, load, but at worst, the >>> finder loses >>> it's mind for a minute or two. I've got all the menu stuff loading, >>> along >>> with Magic Menu, and the process wizard menu widget, and haven't seen >>> that >>> kind of issue. >> >> Short of reinstalling the system, how would one go about to fix this >> problem? The problem has survived two or three system updates, which >> makes me believe that it may be some problem in some file within my >> home >> directory. > > Does it happen if you log in as another user with the same startup > config? Last night, I tested the suggestion put forth on this list to create a new user, add similar start up items and menu bar gadgets, and Stickies, to see whether the Finder would become irresponsive. And so I did. The new user start up was a charm: fast and I was able to start using the Finder almost immediately upon login. Now for the odd part, when I logged in as my commonly used user avatar, puff! no problems... The Finder loaded well and I was able to start using it almost immediately. Pretty strange but I shall not complain. Apparently, creating a new user reset whatever was causing the Finder to misbehave. Thank you very much to those who suggested this test. On a different note, someone (I believe it was Ondra Cada) suggested that I could replace the Finder with another file manager. Is there a place with reviews of alternative file managers for MOSX? Is this a true replacement, i.e., having the system launch the new file manager instead of the Finder, or instead the new file manager runs along with the Finder? Thank you. Cordially, ZP -- Jos? Pedro Sousa do Amaral A kiss is a course of procedure, cunningly devised, for the mutual stoppage of speech at a moment when words are superfluous. From leonvs at occam.com Fri Feb 1 06:51:00 2002 From: leonvs at occam.com (Leon Towns-von Stauber) Date: Thu Nov 3 12:29:10 2005 Subject: [Summary] Deploying Mac OS X - Idle and ByHost In-Reply-To: <10202011341.AA00451@gandalf.caisys.co.uk> Message-ID: <07136D60-1723-11D6-863F-003065A76B44@occam.com> >>> Does anyone know the terminal way to get the ethernet address? >> >> Probably not the cleanest way to do it, but this should work: >> >> ifconfig -a | grep ether | head -1 | awk '{ print $NF }' > > Not reliable. On my G4, this returns the MAC address of en1 > (Airport), not en0 (built-in ethernet), and it's the latter which > appears to be used to identify currentHost when naming preference > files. [This despite the fact that in Network Preferences I have > Built-in Ethernet above Airport: ifconfig -a lists the interfaces > in the order lo0-en1-en0.] Yeah, I figured this would be a problem. > Why not just > > ifconfig en0 | grep ether | awk '{print $NF}' > or > ifconfig en0 | grep ether | cut -f2 -d' ' Yup, that works better, assuming en0 is always the "primary" interface, i.e. the one used to get currentHost. Is there some way to get currentHost information directly? How does OS X identify the MAC address to use in ByHost filenames? ------------------------------------------------------------- Leon Towns-von Stauber http://www.occam.com/leonvs/ Amazon.com, UNIX Systems Engineer "We have not come to save you, but you will not die in vain!" From jwelch at aer.com Fri Feb 1 07:08:01 2002 From: jwelch at aer.com (John C. Welch) Date: Thu Nov 3 12:29:10 2005 Subject: Stickies File Seems To Have Disappeared In-Reply-To: Message-ID: On 02/01/2002 09:33, "Jos? Pedro Sousa do Amaral" wrote: > On a different note, someone (I believe it was Ondra Cada) suggested > that I could replace the Finder with another file manager. Is there a > place with reviews of alternative file managers for MOSX? Is this a true > replacement, i.e., having the system launch the new file manager instead > of the Finder, or instead the new file manager runs along with the > Finder? Thank you. You *can* do this, but I would not recommend it. Almost any time you had a problem, you'd have to re-enable the Finder, to see if that was a cause. If you want to use Rbrowser along side the Finder, (and there are some fairly intelligent and practical reasons for doing this), then you should have no problems. Just treat it as another tool that lets you do things the Finder isn't so good at. john From mbartosh at mac.com Fri Feb 1 07:22:01 2002 From: mbartosh at mac.com (Michael Bartosh) Date: Thu Nov 3 12:29:10 2005 Subject: [Summary] Deploying Mac OS X - Idle and ByHost In-Reply-To: <07136D60-1723-11D6-863F-003065A76B44@occam.com> References: <07136D60-1723-11D6-863F-003065A76B44@occam.com> Message-ID: At 6:50 AM -0800 2/1/02, Leon Towns-von Stauber wrote: >Is there some way to get currentHost information directly? How >does OS X identify the MAC address to use in ByHost filenames? you could ask configd, probly. The information you're looking for is somewhere nestled in /var/db/SystemConfiguration/preferences.xml But I'd ask configd directly if I could (mabye using scutil? Justin, you there?) -mab -- http://www.4am-media.com Mac OS X Consulting and Training Michael Bartosh mbartosh@4am-media.com 303.517.0272 Denver, CO "The surest way to corrupt a youth is to instruct him to hold in higher regard those who think alike than those who think differently." - -- Nietzsche Think Different. From PERBIX at lmsd.org Fri Feb 1 07:42:01 2002 From: PERBIX at lmsd.org (Perbix, Michael) Date: Thu Nov 3 12:29:10 2005 Subject: OSX Server and Cisco Message-ID: I had a horrible mismatch in duplex and put this out there for general info (although I am sure that most people know this already). We use entirely Cisco switches, we had our server switch ports locked to 100 full. We had the servers (both OSX and W2K) set to Auto. Per Cisco documentation, this is a no no because the client will negotiate the proper speed, but not duplex and default to half. Although the server will function, we will get greatly decreased performance. This was completely noticeable in our internet browsing. We upgraded from dual T-1's to a 6 MBPS T-3. We noticed no real gain in browsing speed. Once I discovered this duplex mismatch I reset my firewall Nics to 100 full (since the switch port was already at 100 full set) and my Proxy to 100 full (it's switch port was set to 100 full as well) and viola. Supposedly you can keep your setting to Auto on both ends, however I prefer to keep my servers static set. The only thing is that the Apple SE working with me said that the Mac OSX server NEEDS to be on Autonegotiate on both ends. I went from 80Kbps (Helios Lan test) to 8Mbps 8-). Now the question that I have. Is there a terminal command that allows me to lock the Macintosh NIC in OSX to a given speed/duplex. I know there is nothing for MacOS9 other than the unsupported extensions however in OSX there should be a Terminal command at least? No? I put this out there because a majority of our servers are W2K running EZIP and we were having MAJOR speed issues, the W2K showed the link as being full, however after setting the link to be 100 full to match the switch, all was well with speed. BTW, this duplex issue was not apparent entirely from the windows clients. Also the main reason I found this was because I was able to send a 35 meg file via wireless in a fraction of the time I could being hard wired. By manually setting my Ethernet switch port to 10 half, I was totally able to replicate my wireless transfer speeds (since our airports connect to the network at 10 half) so the server duplex mismatch is only affecting my wired users who are connected at 100. If anyone wants more info on this particular issue, feel free to write me off list, however if anyone has a Terminal command to set the NIC, I think we all would appreciate it 8-). -mike From shoop at iWiring.Net Fri Feb 1 09:19:03 2002 From: shoop at iWiring.Net (Dan Shoop) Date: Thu Nov 3 12:29:10 2005 Subject: sendmail vs postfix vs exim vs spam In-Reply-To: References: Message-ID: At 5:33 PM -0800 01/31/02, jgo wrote: > > 2002-01-30 00:50:13 -0500 Dan Shoop wrote: >>> At 2002-01-29 12:23 -0800, ../randy wrote: >>> On that same note: I setup postfix (which is a bit easier to setup >>> and configure) in a matter of minutes and it works a bit better and >>> more reliably than sendmail did (especially with the whole "group >>> writable" issue). postfix compiles and installs pretty easy like... > >> I built exim, a more full featured MTA, w/o incident from the source. >> I'd be happy to share the build if anyone is interested. > >> WRT exim, there's a new O'Reilly book by it's author, and it works >> really well for virtual hosts, is highly configurable, and supports >> strong anti-spam measures. > >How do the anti-spam measures compare? >I see mailman has a wild-card-equipped spam filter, but have >read that sendmail's doesn't allow wild cards... and then >there's that whole sendmail.cf xxx.m4 obstacle course. >What of the others? Do they have separate spam filter files? >What kind of wild-carding do they provide? With exim you have complete control over the whole mail transport process. It reminds me very much of Apache, how the phases go together, and you can use perl very extensively, almost like you do mod_perl. This makes it very easy to teach it to do all sorts of tricks. -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From ocs at ocs.cz Fri Feb 1 10:33:01 2002 From: ocs at ocs.cz (Ondra Cada) Date: Thu Nov 3 12:29:10 2005 Subject: small network question was: Richard Peskin In-Reply-To: <92975A04-170C-11D6-96C4-003065BDA0FE@web.de> References: <92975A04-170C-11D6-96C4-003065BDA0FE@web.de> Message-ID: <200202011826.AA07017@ocs.cz> Eckart, >>>>>> Eckart Hasselbrink (EH) wrote at Fri, 1 Feb 2002 13:09:41 +0100: EH> Sorry, I will not continue this discussion. Right, I do heartily agree. Just please don't start it by such ridiculous statements like "NFS export of HFS+ volumes is a bug" either. --- Ondra Cada OCSoftware: ocs@ocs.cz http://www.ocs.cz 2K Development: o.cada@2kdevelopment.cz http://www.2kdevelopment.cz private ondra@ocs.cz http://www.ocs.cz/oc From rpeskin at rlpcon.com Fri Feb 1 11:24:15 2002 From: rpeskin at rlpcon.com (Richard Peskin) Date: Thu Nov 3 12:29:10 2005 Subject: NetInfo Mgr question Message-ID: <1D39F59A-1749-11D6-B856-000393639B02@rlpcon.com> I have a server and client with duplicate user accounts. (rpeskin and root exist on both, with both having admin group membership). NetInfoManager on the server will not allow writes to the netinfo database by rpeskin, and will not allow root to open the NetInfo application at all. The console message says: 2002-02-01 14:12:09.809 NetInfo Manager[882] Could not find image named `delete'. Feb 1 14:12:41 pbook netinfod local[218]: Remote user rpeskin may not modify directory 154 Is this a NetInfoManager problem, or do I have a corrupt ni.db, or am I missing something else here? thanks, --dicck peskin Richard L. Peskin, RLP Consulting, Londonderry, VT http://www.rlpcon.com http://www.caip.rutgers.edu/~peskin -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 802 bytes Desc: not available Url : /mailman/archive/macosx-admin/attachments/20020201/f14c6f03/attachment.bin From root at nimug.org Fri Feb 1 11:34:04 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:10 2005 Subject: NetInfo Mgr question In-Reply-To: <1D39F59A-1749-11D6-B856-000393639B02@rlpcon.com> Message-ID: <8AC508F6-174A-11D6-88D3-0030656A00AC@nimug.org> On Friday, February 1, 2002, at 07:23 , Richard Peskin wrote: > I have a server and client with duplicate user accounts. (rpeskin and > root exist on both, with both having admin group membership). > NetInfoManager on the server will not allow writes to the netinfo > database by rpeskin, and will not allow root to open the NetInfo > application at all. The console message says: > 2002-02-01 14:12:09.809 NetInfo Manager[882] Could not find image > named `delete'. > Feb 1 14:12:41 pbook netinfod local[218]: Remote user rpeskin may not > modify directory 154 > Is this a NetInfoManager problem, or do I have a corrupt ni.db, or am I > missing something else here? This is a bit like NIS. There are remote (local) users and there are NIS (network) users. The local users cannot modify anything on the NIS while there are NIS users who can log into local machines. The problem here is that your usernames are the same and we use usernames to log into machines. When you log onto a client machine with an Admin user from the NetInfo server (create one for a laugh and try it out) then you should be able to modify the NetInfo domain. You could also always delete or rename the local users. -- From rpeskin at rlpcon.com Fri Feb 1 14:13:01 2002 From: rpeskin at rlpcon.com (Richard Peskin) Date: Thu Nov 3 12:29:11 2005 Subject: NetInfo Mgr question In-Reply-To: <200202012001.g11K1DS03649@lists.omnigroup.com> Message-ID: This is a reasonable explanation, but the problem persists even when I shutdown the client and disconnect the networks. Even in that situation, I can't modify the server NetInfo. --dick peskin On Friday, February 1, 2002, at 03:01 PM, macosx-admin- request@omnigroup.com wrote: > Message: 43 > Date: Fri, 1 Feb 2002 19:33:17 +0000 > Subject: Re: NetInfo Mgr question > Content-Type: text/plain; charset=US-ASCII; format=flowed > Mime-Version: 1.0 (Apple Message framework v480) > From: r00t > To: OSX Admin > Content-Transfer-Encoding: 7bit > In-Reply-To: <1D39F59A-1749-11D6-B856-000393639B02@rlpcon.com> > Message-Id: <8AC508F6-174A-11D6-88D3-0030656A00AC@nimug.org> > Sender: macosx-admin-admin@omnigroup.com > Precedence: bulk > List-Help: > List-Post: > List-Subscribe: > , > > List-Id: Mac OS X administration > List-Unsubscribe: > , > > List-Archive: > > > On Friday, February 1, 2002, at 07:23 , Richard Peskin wrote: > >> I have a server and client with duplicate user accounts. (rpeskin and >> root exist on both, with both having admin group membership). >> NetInfoManager on the server will not allow writes to the netinfo >> database by rpeskin, and will not allow root to open the NetInfo >> application at all. The console message says: >> 2002-02-01 14:12:09.809 NetInfo Manager[882] Could not find image >> named `delete'. >> Feb 1 14:12:41 pbook netinfod local[218]: Remote user rpeskin may not >> modify directory 154 >> Is this a NetInfoManager problem, or do I have a corrupt ni.db, or am I >> missing something else here? > > This is a bit like NIS. > > There are remote (local) users and there are NIS (network) users. The > local users cannot modify anything on the NIS while there are NIS users > who can log into local machines. The problem here is that your usernames > are the same and we use usernames to log into machines. > > When you log onto a client machine with an Admin user from the NetInfo > server (create one for a laugh and try it out) then you should be able > to modify the NetInfo domain. > > You could also always delete or rename the local users. > > > Richard L. Peskin, RLP Consulting, Londonderry, VT http://www.rlpcon.com http://www.caip.rutgers.edu/~peskin -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 2726 bytes Desc: not available Url : /mailman/archive/macosx-admin/attachments/20020201/62dc89ff/attachment.bin From Eckart.Hasselbrink at web.de Fri Feb 1 14:48:01 2002 From: Eckart.Hasselbrink at web.de (Eckart Hasselbrink) Date: Thu Nov 3 12:29:11 2005 Subject: merging resource fork files (NFS) In-Reply-To: <200202012001.g11K1MS03725@lists.omnigroup.com> Message-ID: <8796E849-1765-11D6-BC54-003065BDA0FE@web.de> On Friday, February 1, 2002, at 09:01, Scott Stevenson wrote: > On Wednesday, January 30, 2002, at 08:10 AM, Richard Peskin wrote: > >> An NFS connected client will write resource fork info in a separate >> file ("._forkfileName). (Thanks to John Fieber for pointing this out.) >> Is there a way to "merge" these with the corresponding data fork back >> into a "classic" dual fork HFS file? > > One way is to copy the in question file back to an HFS+ volume using the > Finder. It will take the file you copy and reunite it with its resource > fork. > However, you will have to do that using the Finder on the NFS client copying to a local HFS volume. Right? I once experimented - in another context - with CpMac "._filename" filename/rsrc to fix this problem locally, but did not have immediate sucess. Is there a way to do it locally, i.e. on a HFS volume where things went wrong, which is attached locally. Eckart ______________ Eckart Hasselbrink Graf-Bernadotte-Str. 50 45133 Essen From root at nimug.org Fri Feb 1 15:46:00 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:11 2005 Subject: NetInfo Mgr question In-Reply-To: Message-ID: On Friday, February 1, 2002, at 10:11 , Richard Peskin wrote: > This is a reasonable explanation, but the problem persists even when I > shutdown the client and disconnect the networks. Even in that > situation, I can't modify the server NetInfo. Hang a mo. You'll have to run that by me once more. With the client shut down you cannot modify the Server NetInfo while logged into the server using the userid rpeskin which is an Admin account on the server? That's what I got from that...am I right? What happens when you create a new Admin user without a duplicate name on the client? From dan at powermax.com Fri Feb 1 16:11:00 2002 From: dan at powermax.com (Daniel C. Stillwaggon) Date: Thu Nov 3 12:29:11 2005 Subject: Cron and applescript Message-ID: I've been having a devil of a time with cron and applescript today. When calling an applescript from cron I reliably (meaning every time) get an error returned that "application X got an error: application not running (-600)". In this particular case application X is Filemaker, but the same results occured with the Finder. This is observable on two different machines running 10.1.2. Has anyone else observed this? (the scripts run perfectly when run by hand, btw) -- -------------- Daniel C. Stillwaggon (dan@powermax.com) From magnus at usc.edu Fri Feb 1 18:45:02 2002 From: magnus at usc.edu (Magnus Nordborg) Date: Thu Nov 3 12:29:11 2005 Subject: Classic and automounted home directories Message-ID: I share home directories using NFS/automount and Mac OS X Server 10.1.2. One problem with this is that the home directories are not visible to Classic apps. 1) Does anyone know whether this should work, or whether it is planned to work eventually? 2) I tried sharing using AFP/automount earlier, but found that: a) automounted AFP dirs do not show up under Classic either (whereas manually mounted ones do); b) AFP is not automounted when one logs in via ssh/telnet etc; c) AFP was too buggy for use. This was in an earlier version (10.1): does anyone know whether it works now? 3) Other suggestions for how to do this? I still have some Classic apps that are needed... Thanks a lot, Magnus Magnus Nordborg Molecular & Computational Biology University of Southern California 835 W 37th St, SHS 172 Los Angeles, CA 90089-1340 +1.213.821-5349 (office) +1.213.821-2857 (lab) +1.213.740-8631 (fax) magnus@usc.edu http://magnolia.usc.edu/~magnus From epeyton at epicware.com Fri Feb 1 19:04:01 2002 From: epeyton at epicware.com (Eric Peyton) Date: Thu Nov 3 12:29:11 2005 Subject: Classic and automounted home directories In-Reply-To: Message-ID: <5B7BA9D0-1789-11D6-9BB5-0003935A7870@epicware.com> On Friday, February 1, 2002, at 08:44 PM, Magnus Nordborg wrote: > I share home directories using NFS/automount and Mac OS X Server > 10.1.2. One problem with this is that the home directories are not > visible to Classic apps. > > 1) Does anyone know whether this should work, or whether it is planned > to work eventually? > It does not, should not and probably never will. Classic does not inherently understand NFS. Eric > 2) I tried sharing using AFP/automount earlier, but found that: a) > automounted AFP dirs do not show up under Classic either (whereas > manually mounted ones do); b) AFP is not automounted when one logs in > via ssh/telnet etc; c) AFP was too buggy for use. This was in an > earlier version (10.1): does anyone know whether it works now? > > 3) Other suggestions for how to do this? I still have some Classic > apps that are needed... > > Thanks a lot, > > Magnus > > > Magnus Nordborg > Molecular & Computational Biology > University of Southern California > 835 W 37th St, SHS 172 > Los Angeles, CA 90089-1340 > > +1.213.821-5349 (office) > +1.213.821-2857 (lab) > +1.213.740-8631 (fax) > magnus@usc.edu > http://magnolia.usc.edu/~magnus > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin From me at RichRamos.com Fri Feb 1 19:11:00 2002 From: me at RichRamos.com (Rich Ramos) Date: Thu Nov 3 12:29:11 2005 Subject: Terminal 'activity monitor' In-Reply-To: References: Message-ID: <1831180.1012587376@localhost> What does the Terminal preference labeled 'activity monitor'do? I checked the help and it was anything but. -Rich -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 229 bytes Desc: not available Url : /mailman/archive/macosx-admin/attachments/20020201/c2093631/attachment.bin From me at RichRamos.com Fri Feb 1 19:11:11 2002 From: me at RichRamos.com (Rich Ramos) Date: Thu Nov 3 12:29:11 2005 Subject: entire system backup In-Reply-To: References: Message-ID: <1956102.1012589458@localhost> > Use an external FireWire HD (LaCie 20giga) and backup my home using "ditto > -rsrcFork $HOME ThePathToLacie/MyHome_aDate I want to make a backup of my entire system (all contained on one hard disk) to a second firewire disk. When I do the backup I don't want to get into a recursive loop and try to backup the second mounted firewire volume onto itself. I don't see an exclude option to ditto, to exclude the backup volume. The only way I can see to use ditto to do what I want is to give it a bom. So, if I do the following: 1. run mkbom on / and output to a bomfile 2. mount the firewire volume 3. run 'ditto -rsrcFork -bom bomfile / /backupvolume' Will that get the backup that I'm looking for? Is this overly complicated? Is there an easier way that I'm missing? -Rich -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 229 bytes Desc: not available Url : /mailman/archive/macosx-admin/attachments/20020201/05675c55/attachment.bin From me at RichRamos.com Fri Feb 1 19:11:22 2002 From: me at RichRamos.com (Rich Ramos) Date: Thu Nov 3 12:29:11 2005 Subject: entire system backup, more... Message-ID: <2006938.1012590305@localhost> >1. run mkbom on / and output to a bomfile alright, when trying to do this I get the following error: [~/tmp] ramos% sudo mkbom / entire.bom Password: ./dev/fd/4: Not a directory can't make bom entire.bom for dir / If I go look in that dir I find: [/dev/fd] ramos% ls -l total 0 crw--w---- 1 ramos tty 4, 1 Feb 1 18:59 0 crw--w---- 1 ramos tty 4, 1 Feb 1 18:59 1 crw--w---- 1 ramos tty 4, 1 Feb 1 18:59 2 dr--r--r-- 2 root wheel 512 Jan 29 16:19 3 dr--r--r-- 2 root wheel 512 Jan 29 16:19 4 dr--r--r-- 2 root wheel 512 Jan 29 16:19 5 [/dev/fd] ramos% ls -l 4 ls: 4: Bad file descriptor [/dev/fd] ramos% ls -l 3 ls: 3: Bad file descriptor [/dev/fd] ramos% ls -l 5 ls: 5: Bad file descriptor What's up with those directories? Is this proper behavior for those? If so, how do I get my bom made? -Rich -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 229 bytes Desc: not available Url : /mailman/archive/macosx-admin/attachments/20020201/84a2f599/attachment.bin From macosx at randys.org Fri Feb 1 19:19:01 2002 From: macosx at randys.org (../randy) Date: Thu Nov 3 12:29:11 2005 Subject: mpg123 Message-ID: Anyone succesfully build mpg123 on OS X? I got icecast/shout to compile and run quite happily on 10.1.2 ...but mp3123 does not like it at all.... Any tricks/hacks to get this working? TIA - randy From mike at blakeley.com Fri Feb 1 20:37:01 2002 From: mike at blakeley.com (Michael Blakeley) Date: Thu Nov 3 12:29:11 2005 Subject: [Summary] Deploying Mac OS X - Idle and ByHost (CFPreferences Current host) Message-ID: At 12:01 -0800 2002-02-01, macosx-admin-request@omnigroup.com wrote: >From: James Reynolds >Subject: [Summary] Deploying Mac OS X - Idle and ByHost (CFPreferences > Current host) > > >Issue 2: >>There is a folder located at ~/Library/Preferences/ByHost/ that is >>causing me quite a bit of trouble. Preferences in this folder >>contain some form of the internet address for the Mac. I want to >>create custom images of this Mac OS X to distribute to other >>computers. However, because of this folder, I am unable to just >>image a hard disk and stamp it out. I have to go and change the >>contents of the ByHost folder, something that I do not want to do, > >especially for about 300 macs. Looking at my own setup, I seem to have duplicate ByHost files for my actual hostname, for localhost, and for my MAC (ethernet) address - no doubt because I've mucked around with /etc/hostconfig. My most recent plist files all key off of the current hostname. But the interesting thing, to me, is that the ByHosts key isn't always the MAC address. Perhaps you could simply change the hostname to 'localhost' (/etc/hostconfig) on your master, verify that your ByHosts key has changed to 'localhost', and distribute that way? -- Michael Blakeley mike@blakeley.com Performance Analysis for Internet Technologies From csmith at barebones.com Fri Feb 1 20:45:02 2002 From: csmith at barebones.com (Christian Smith) Date: Thu Nov 3 12:29:11 2005 Subject: Cron and applescript In-Reply-To: Message-ID: <20020201234415-r01010800-9e23fd7c-0922-010c@localhost> On 2/1/02 at 4:10 PM, dan@powermax.com (Daniel C. Stillwaggon) wrote: > I've been having a devil of a time with cron and applescript today. > When calling an applescript from cron I reliably (meaning every time) > get an error returned that "application X got an error: application > not running (-600)". In this particular case application X is > Filemaker, but the same results occured with the Finder. This is > observable on two different machines running 10.1.2. Has anyone else > observed this? (the scripts run perfectly when run by hand, btw) I believe you can not run scripts from cron which interact with applications running in the user space. Chris From creed at landooz.com Fri Feb 1 21:25:59 2002 From: creed at landooz.com (Creed Erickson) Date: Thu Nov 3 12:29:11 2005 Subject: entire system backup, more... In-Reply-To: <2006938.1012590305@localhost> References: <2006938.1012590305@localhost> Message-ID: At 7:05 PM -0600 2/1/02, Rich Ramos wrote: >>1. run mkbom on / and output to a bomfile > >alright, when trying to do this I get the following error: > >[~/tmp] ramos% sudo mkbom / entire.bom >Password: > >./dev/fd/4: Not a directory >can't make bom entire.bom for dir / > > >If I go look in that dir I find: > >[/dev/fd] ramos% ls -l >total 0 >crw--w---- 1 ramos tty 4, 1 Feb 1 18:59 0 >crw--w---- 1 ramos tty 4, 1 Feb 1 18:59 1 >crw--w---- 1 ramos tty 4, 1 Feb 1 18:59 2 >dr--r--r-- 2 root wheel 512 Jan 29 16:19 3 >dr--r--r-- 2 root wheel 512 Jan 29 16:19 4 >dr--r--r-- 2 root wheel 512 Jan 29 16:19 5 >[/dev/fd] ramos% ls -l 4 >ls: 4: Bad file descriptor >[/dev/fd] ramos% ls -l 3 >ls: 3: Bad file descriptor >[/dev/fd] ramos% ls -l 5 >ls: 5: Bad file descriptor > >What's up with those directories? Is this proper behavior for >those? If so, how do I get my bom made? You don't want to backup anything from /dev or /.vol as these are dynamically generated at boot and don't contain anything meaningful to a backup. i.e., They are not really files on the disk. -- --- Creed Erickson Message-ID: <66E5C00D-179D-11D6-BF31-0050E4EE1966@mac.com> On Friday, February 1, 2002, at 10:17 , ../randy wrote: > Anyone succesfully build mpg123 on OS X? I got icecast/shout to compile > and > run quite happily on 10.1.2 ...but mp3123 does not like it at all.... > > Any tricks/hacks to get this working? You can get a patched, working copy with the fink project. Check out http://fink.sourceforge.net/ -- Clark S. Cox, III clarkcox3@yahoo.com http://www.whereismyhead.com/clark/ From justin at mac.com Fri Feb 1 21:41:00 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:11 2005 Subject: [Summary] Deploying Mac OS X - Idle and ByHost In-Reply-To: <10202011341.AA00451@gandalf.caisys.co.uk> Message-ID: <54B58E72-179F-11D6-9EDE-00306544D642@mac.com> On Friday, February 1, 2002, at 05:41 AM, Mike Elston wrote: >>> Does anyone know the terminal way to get the ethernet address? >> >> Probably not the cleanest way to do it, but this should work: >> >> ifconfig -a | grep ether | head -1 | awk '{ print $NF }' > > Not reliable. On my G4, this returns the MAC address of en1 > (Airport), not en0 (built-in ethernet), and it's the latter which > appears to be used to identify currentHost when naming preference > files. [This despite the fact that in Network Preferences I have > Built-in Ethernet above Airport: ifconfig -a lists the interfaces > in the order lo0-en1-en0.] In case it hasn't been discussed, the assignment of device names in Darwin is somewhat, um, problematic. The device discovery scheme is asynchronous, so the order of discovery of devices can vary from system to system, and even from boot to boot (although this is less likely). For network devices, there is a mechanism in place to assure that names (en0, ...) are persistent, but the order is not. The list as produced by 'ifconfig' just follows the order that the devices make themselves known to the networking subsystem (which accounts for the differing orders that you are discussing). Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | When LuteFisk is outlawed | Only outlaws will have | LuteFisk *--------------------------------------*-------------------------------* From justin at mac.com Fri Feb 1 21:46:02 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:11 2005 Subject: [Summary] Deploying Mac OS X - Idle and ByHost In-Reply-To: Message-ID: On Friday, February 1, 2002, at 07:21 AM, Michael Bartosh wrote: > At 6:50 AM -0800 2/1/02, Leon Towns-von Stauber wrote: >> Is there some way to get currentHost information directly? How >> does OS X identify the MAC address to use in ByHost filenames? > > you could ask configd, probly. > > The information you're looking for is somewhere nestled in > /var/db/SystemConfiguration/preferences.xml > > But I'd ask configd directly if I could (mabye using scutil? Justin, > you there?) I'm not sure what 'currentHost' is, nor do I understand the naming you are discussing here. Without understanding that in somewhat more depth, I don't know what problem we're really solving. Regarding this specific question, the scheme already discussed (using 'ifconfig') is as good as any. The MAC address for the built-in ethernet device is, as you say, nestled cozily in the SystemConfig prefs file, but I don't see an advantage to using configd to get at it. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | If you're not confused, | You're not paying attention *--------------------------------------*-------------------------------* From taylor at intuitive.com Fri Feb 1 22:28:00 2002 From: taylor at intuitive.com (Dave Taylor) Date: Thu Nov 3 12:29:11 2005 Subject: [X-Admin]Terminal 'activity monitor' In-Reply-To: <1831180.1012587376@localhost> Message-ID: > What does the Terminal preference labeled 'activity monitor'do? I checked the > help and it was anything but. As far as I understand it, the activity monitor is Terminal's way of trying to be smart about asking for confirmation of window closes: if you have activity monitor enabled and you close a window that has a running process, it should warn you and let you change your mind. If you aren't running the activity monitor, it'll close on you, no questions asked. If that's not quite right, I'd be most interested in updating my knowledge in this regard! :-) Dave Taylor Long-time Mac & Unix guy From leonvs at occam.com Fri Feb 1 23:42:00 2002 From: leonvs at occam.com (Leon Towns-von Stauber) Date: Thu Nov 3 12:29:11 2005 Subject: [Summary] Deploying Mac OS X - Idle and ByHost (CFPreferences Current host) In-Reply-To: Message-ID: <33B985CC-17B0-11D6-B481-003065A76B44@occam.com> > But the interesting thing, to me, is that the ByHosts key isn't always > the MAC address. Perhaps you could simply change the hostname to > 'localhost' (/etc/hostconfig) on your master, verify that your ByHosts > key has changed to 'localhost', and distribute that way? That doesn't seem to work, at least not based on the results of a simple test I ran. It seems that the behavior has changed between version of OS X. ------------------------------------------------------------- Leon Towns-von Stauber http://www.occam.com/leonvs/ Amazon.com, UNIX Systems Engineer "We have not come to save you, but you will not die in vain!" From sanguish at digifix.com Sat Feb 2 00:20:00 2002 From: sanguish at digifix.com (Scott Anguish) Date: Thu Nov 3 12:29:11 2005 Subject: separately mounted user directories In-Reply-To: <54248BEE-16E9-11D6-8A5B-003065F88A86@plsys.co.uk> Message-ID: <7ED5D535-17B5-11D6-92EB-003065C77D64@digifix.com> On Friday, February 1, 2002, at 02:57 AM, Paul Lynch wrote: > > On Friday, February 1, 2002, at 04:49 am, Richard Peskin wrote: > >> Would I be better off to link directly to separately mounted user >> directories. That is, leave /Users on the root disk, and link home >> directories to the separate disk? E.g. /Users/rpeskin --> >> /Volumes/rpeskin, rather than /Users --> /Volumes/Users? > > The best solution is to edit the /users/rpeskin/home property in > netinfo from /Users/rpeskin to /Volumes/rpeskin. I believe this has > come up several times before. > unfortunately, this doesn't seem to cut it for everything.. a number of apps are still looking into /Users/sanguish for my stuff.. and it isn't there.. it's annoying enough that I've about gone back to just putting everything into /Users again From mike at maibaum.org Sat Feb 2 00:37:00 2002 From: mike at maibaum.org (Michael Maibaum) Date: Thu Nov 3 12:29:11 2005 Subject: entire system backup In-Reply-To: <1956102.1012589458@localhost> References: <1956102.1012589458@localhost> Message-ID: <20020202083401.GD9380@hedgehog.gene-hacker.net> On Fri, Feb 01, 2002 at 06:50:58PM -0600, Rich Ramos wrote: > > > >Use an external FireWire HD (LaCie 20giga) and backup my home using "ditto > >-rsrcFork $HOME ThePathToLacie/MyHome_aDate > > I want to make a backup of my entire system (all contained on one hard > disk) to a second firewire disk. When I do the backup I don't want to get > into a recursive loop and try to backup the second mounted firewire volume > onto itself. I don't see an exclude option to ditto, to exclude the backup > volume. The only way I can see to use ditto to do what I want is to give it > a bom. > > So, if I do the following: > 1. run mkbom on / and output to a bomfile > 2. mount the firewire volume > 3. run 'ditto -rsrcFork -bom bomfile / /backupvolume' > > Will that get the backup that I'm looking for? Is this overly complicated? > Is there an easier way that I'm missing? I think psync is easier (andfaster for subsequent runs #psync / /backupvolume psync is part of the MacOSX::File perl module distribution, look on CPAN HTH Michael -- Dr Michael A. Maibaum - (W)+1 (415) 561 1682 - (H)+1 (415) 626 6733 From root at nimug.org Sat Feb 2 01:57:00 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:11 2005 Subject: separately mounted user directories In-Reply-To: <7ED5D535-17B5-11D6-92EB-003065C77D64@digifix.com> Message-ID: On Saturday, February 2, 2002, at 08:18 , Scott Anguish wrote: > unfortunately, this doesn't seem to cut it for everything.. a > number of apps are still looking into /Users/sanguish for my stuff.. > and it isn't there.. it's annoying enough that I've about gone back to > just putting everything into /Users again Hey Scott, Which apps, if you don't mind me asking. I moved accounts to different disks and hadn't seen a problem though - to be fair - I placed aliases rather than links in appropriate places. I'd like to see if my setup works with all apps - I hate to see what would happen if it didn't... From bw at his.com Sat Feb 2 02:05:01 2002 From: bw at his.com (Bill Whitacre) Date: Thu Nov 3 12:29:11 2005 Subject: SquirrelMail for Mac OS X Message-ID: <4697FEA8-17C4-11D6-B5A0-0003934471CC@his.com> Does anyone know where to find some instructions [detailed or otherwise] on how to install & configure SquirrelMail under MacOSX? Thanks. bw --- Bill Whitacre bw@his.com From Robert.Jacobson at gsfc.nasa.gov Sat Feb 2 02:19:03 2002 From: Robert.Jacobson at gsfc.nasa.gov (Robert C Jacobson) Date: Thu Nov 3 12:29:11 2005 Subject: Cron and applescript In-Reply-To: <20020201234415-r01010800-9e23fd7c-0922-010c@localhost> References: <20020201234415-r01010800-9e23fd7c-0922-010c@localhost> Message-ID: Chris is correct. You can get around it using a third-party scheduling app (most are for Classic, AFAIK). Here's some relevant info from the applescript-users list, from Apple engineering: >You're seeing a security "feature." It has to do with Mach messages, >which form the guts of Apple Events on Mac OS X. For security >reasons, processes in Mach are segregated into "process groups", and >a process in one group is not allowed to send messages to a process >in a different group. Because cron gets launched at boot time, it's >in root's process group, while every application launched by your >login (including the Finder) is in your process group. Therefore, a >script run by cron can't talk to any application that you launched. >There's something of a bug in AppleScript here, too -- at its level, >it can see the application, so it tells the Apple Event Manager to >send it a message, and you get a surprising error. It's not clear >what the truly correct solution is here -- there are valid security >reasons for keeping the process group restrictions in place. In the >meantime, what can you do? Well, scripting additions should still >work, so you can use those. cron unfortunately makes sure that only >one instance of cron is ever running at once, so you can't launch >your own personal cron, though if you're feeling extra studly, you >could get the source for cron (it is open, after all) and modify it >appropriately. --Chris Nebel AppleScript Engineering At 11:44 PM -0500 2/1/02, Christian Smith wrote: >On 2/1/02 at 4:10 PM, dan@powermax.com (Daniel C. Stillwaggon) wrote: > >> I've been having a devil of a time with cron and applescript today. >> When calling an applescript from cron I reliably (meaning every time) >> get an error returned that "application X got an error: application >> not running (-600)". In this particular case application X is >> Filemaker, but the same results occured with the Finder. This is >> observable on two different machines running 10.1.2. Has anyone else >> observed this? (the scripts run perfectly when run by hand, btw) > >I believe you can not run scripts from cron which interact with >applications running in the user space. > >Chris >_______________________________________________ >MacOSX-admin mailing list >MacOSX-admin@omnigroup.com >http://www.omnigroup.com/mailman/listinfo/macosx-admin -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Robert Jacobson Robert.Jacobson@gsfc.nasa.gov BS, Aeronautical Engineering Univ. of Md., College Park Flight Ops. Team - SOlar Heliospheric Observatory (SOHO) From wjcheeseman at earthlink.net Sat Feb 2 03:40:59 2002 From: wjcheeseman at earthlink.net (Bill Cheeseman) Date: Thu Nov 3 12:29:11 2005 Subject: Cron and applescript In-Reply-To: Message-ID: on 02-02-02 5:18 AM, Robert C Jacobson at Robert.Jacobson@gsfc.nasa.gov wrote: > You can get around it using a third-party > scheduling app (most are for Classic, AFAIK). I believe the only one available for X at this time is Script Timer 1.2 . -- Bill Cheeseman - wjcheeseman@earthlink.net Quechee Software, Quechee, Vermont, USA http://www.quecheesoftware.com The AppleScript Sourcebook - http://www.AppleScriptSourcebook.com Vermont Recipes - http://www.stepwise.com/Articles/VermontRecipes Croquet Club of Vermont - http://members.valley.net/croquetvermont From ocs at ocs.cz Sat Feb 2 04:10:58 2002 From: ocs at ocs.cz (Ondra Cada) Date: Thu Nov 3 12:29:11 2005 Subject: Terminal 'activity monitor' In-Reply-To: <1831180.1012587376@localhost> References: <1831180.1012587376@localhost> Message-ID: <200202021204.AA07780@ocs.cz> Rich, >>>>>> Rich Ramos (RR) wrote at Fri, 01 Feb 2002 18:16:16 -0600: RR> What does the Terminal preference labeled 'activity monitor'do? I checked RR> the help and it was anything but. It was documented here or there, but perhaps it vanished when OpenStep became OSX? Anyway, it is a list of commands which, even if running, don't mark the window they were run from as active ("unsaved"). Terminal would warn you with any other running command that "closing will terminate the process....". The term "activity monitor" comes from the fact that to be able to do so, Terminal has to monitor activity of all commands, run from the shell inside. --- Ondra Cada OCSoftware: ocs@ocs.cz http://www.ocs.cz 2K Development: o.cada@2kdevelopment.cz http://www.2kdevelopment.cz private ondra@ocs.cz http://www.ocs.cz/oc From epeyton at epicware.com Sat Feb 2 05:43:00 2002 From: epeyton at epicware.com (Eric Peyton) Date: Thu Nov 3 12:29:11 2005 Subject: separately mounted user directories In-Reply-To: Message-ID: <8BB47AC4-17E2-11D6-8182-003065CBD1E2@epicware.com> Yeah - I'm interested as well. I have been running with "split" out home directories (Mine is in a separate partition I call HomeDir) for probably longer than anyone has (minimally since before DP3, probably longer) ... and have run into no problems with anything looking in the wrong location. Eric On Saturday, February 2, 2002, at 03:55 AM, r00t wrote: > > On Saturday, February 2, 2002, at 08:18 , Scott Anguish wrote: >> unfortunately, this doesn't seem to cut it for everything.. a >> number of apps are still looking into /Users/sanguish for my stuff.. >> and it isn't there.. it's annoying enough that I've about gone back to >> just putting everything into /Users again > > Hey Scott, > Which apps, if you don't mind me asking. I moved accounts to different > disks and hadn't seen a problem though - to be fair - I placed aliases > rather than links in appropriate places. I'd like to see if my setup > works with all apps - I hate to see what would happen if it didn't... > > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin From sb.list at sb.org Sat Feb 2 07:31:00 2002 From: sb.list at sb.org (Stonewall Ballard) Date: Thu Nov 3 12:29:11 2005 Subject: Cron and applescript In-Reply-To: <20020201234415-r01010800-9e23fd7c-0922-010c@localhost> Message-ID: On 2/1/02 11:44 PM, "Christian Smith" wrote: > On 2/1/02 at 4:10 PM, dan@powermax.com (Daniel C. Stillwaggon) wrote: > >> I've been having a devil of a time with cron and applescript today. >> When calling an applescript from cron I reliably (meaning every time) >> get an error returned that "application X got an error: application >> not running (-600)". In this particular case application X is >> Filemaker, but the same results occured with the Finder. This is >> observable on two different machines running 10.1.2. Has anyone else >> observed this? (the scripts run perfectly when run by hand, btw) > > I believe you can not run scripts from cron which interact with > applications running in the user space. > Not so. I run AppleScript apps from cron every day. One kills Entourage before a backup, another restarts Entourage in the morning, and a third changes my desktop wallpaper periodically. - Stoney From wjcheeseman at earthlink.net Sat Feb 2 09:05:01 2002 From: wjcheeseman at earthlink.net (Bill Cheeseman) Date: Thu Nov 3 12:29:11 2005 Subject: Cron and applescript In-Reply-To: Message-ID: on 02-02-02 10:28 AM, Stonewall Ballard at sb.list@sb.org wrote: >> I believe you can not run scripts from cron which interact with >> applications running in the user space. >> > > Not so. I run AppleScript apps from cron every day. One kills Entourage > before a backup, another restarts Entourage in the morning, and a third > changes my desktop wallpaper periodically. He meant using cron to tell a third-party application, not having root privileges, to do something. -- Bill Cheeseman - wjcheeseman@earthlink.net Quechee Software, Quechee, Vermont, USA http://www.quecheesoftware.com The AppleScript Sourcebook - http://www.AppleScriptSourcebook.com Vermont Recipes - http://www.stepwise.com/Articles/VermontRecipes Croquet Club of Vermont - http://members.valley.net/croquetvermont From jearle at mac.com Sat Feb 2 09:37:00 2002 From: jearle at mac.com (Jared ''Danger'' Earle) Date: Thu Nov 3 12:29:11 2005 Subject: Cron and applescript In-Reply-To: Message-ID: <64CD19E6-1803-11D6-BE66-000A2791CF7C@mac.com> On Saturday, February 2, 2002, at 04:28 , Stonewall Ballard wrote: > Not so. I run AppleScript apps from cron every day. [...] and a third > changes my desktop wallpaper periodically. I would like a copy of this script. -- Jared Earle, Nightfall Games, jared@23x.net - http://www.23x.net "There is no SPORK" From mbartosh at mac.com Sat Feb 2 09:47:12 2002 From: mbartosh at mac.com (Michael Bartosh) Date: Thu Nov 3 12:29:11 2005 Subject: SquirrelMail for Mac OS X In-Reply-To: <4697FEA8-17C4-11D6-B5A0-0003934471CC@his.com> References: <4697FEA8-17C4-11D6-B5A0-0003934471CC@his.com> Message-ID: At 4:48 AM -0500 2/2/02, Bill Whitacre wrote: >Does anyone know where to find some instructions [detailed or >otherwise] on how to install & configure SquirrelMail under MacOSX? SM is just php. I tried it out a couple of months ago and got it to work. no big problems stick out in my mind. Go ahead and try it, and if you have issues send them to the list. Have you deployed SM before? It is pretty cool. Later- -- http://www.4am-media.com Mac OS X Consulting and Training Michael Bartosh mbartosh@4am-media.com 303.517.0272 Denver, CO "The surest way to corrupt a youth is to instruct him to hold in higher regard those who think alike than those who think differently." - -- Nietzsche Think Different. From sb.list at sb.org Sat Feb 2 10:00:02 2002 From: sb.list at sb.org (Stonewall Ballard) Date: Thu Nov 3 12:29:11 2005 Subject: Cron and applescript In-Reply-To: <64CD19E6-1803-11D6-BE66-000A2791CF7C@mac.com> Message-ID: On 2/2/02 12:36 PM, "Jared ''Danger'' Earle" wrote: > On Saturday, February 2, 2002, at 04:28 , Stonewall Ballard wrote: >> Not so. I run AppleScript apps from cron every day. [...] and a third >> changes my desktop wallpaper periodically. > > I would like a copy of this script. tell application "Finder" set pics to files in folder "your-path-to-Desktop Pictures" set pic to item (random number from 1 to length of pics) of pics set desktop picture to pic end tell From mbartosh at mac.com Sat Feb 2 10:07:00 2002 From: mbartosh at mac.com (Michael Bartosh) Date: Thu Nov 3 12:29:12 2005 Subject: Cron and applescript In-Reply-To: References: <20020201234415-r01010800-9e23fd7c-0922-010c@localhost> Message-ID: At 5:18 AM -0500 2/2/02, Robert C Jacobson wrote: > >Chris is correct. You can get around it using a third-party >scheduling app (most are for Classic, AFAIK). Here's some relevant >info from the applescript-users list, from Apple engineering: > >>You're seeing a security "feature." It has to do with Mach >>messages, which form the guts of Apple Events on Mac OS X. For >>security reasons, processes in Mach are segregated into "process >>groups", and a process in one group is not allowed to send messages >>to a process in a different group. Because cron gets launched at >>boot time, it's in root's process group, while every application >>launched by your login (including the Finder) is in your process >>group. Therefore, a script run by cron can't talk to any >>application that you launched. There's something of a bug in >>AppleScript here, too -- at its level, it can see the application, >>so it tells the Apple Event Manager to send it a message, and you >>get a surprising error. It's not clear what the truly correct >>solution is here -- there are valid security reasons for keeping >>the process group restrictions in place. In the meantime, what can >>you do? Well, scripting additions should still work, so you can use >>those. cron unfortunately makes sure that only one instance of cron >>is ever running at once, so you can't launch your own personal >>cron, though if you're feeling extra studly, you could get the >>source for cron (it is open, after all) and modify it >>appropriately. --Chris Nebel AppleScript Engineering I'd look a cronix; It lets you set personal crontabs that run as you. http://www.versiontracker.com/moreinfo.fcgi?id=9478&db=mac a comment on the pasted page says that it will easily run AppleScripts. -mab -- http://www.4am-media.com Mac OS X Consulting and Training Michael Bartosh mbartosh@4am-media.com 303.517.0272 Denver, CO "The surest way to corrupt a youth is to instruct him to hold in higher regard those who think alike than those who think differently." - -- Nietzsche Think Different. From rpeskin at rlpcon.com Sat Feb 2 10:46:00 2002 From: rpeskin at rlpcon.com (Richard Peskin) Date: Thu Nov 3 12:29:12 2005 Subject: separately mounted user directories In-Reply-To: <7ED5D535-17B5-11D6-92EB-003065C77D64@digifix.com> Message-ID: <16A1F06A-180D-11D6-8869-000393639B02@rlpcon.com> The real interesting issue is just what these apps (like MSWord) are doing that prevents them from being able to follow normal links or file system mounts. I suspect that they assume HFS file structure and only follow paths from the "System Volume", rather than follow paths from root. --dick peskin On Saturday, February 2, 2002, at 03:18 AM, Scott Anguish wrote: > unfortunately, this doesn't seem to cut it for everything.. a > number of apps are still looking into /Users/sanguish for my stuff.. > and it isn't there.. it's annoying enough that I've about gone back to > just putting everything into /Users again > Richard L. Peskin, RLP Consulting, Londonderry, VT http://www.rlpcon.com http://www.caip.rutgers.edu/~peskin -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 796 bytes Desc: not available Url : /mailman/archive/macosx-admin/attachments/20020202/cd02e739/attachment.bin From joerg.preuss at jmpreuss-edv.de Sat Feb 2 11:25:04 2002 From: joerg.preuss at jmpreuss-edv.de (=?ISO-8859-1?Q?J=F6rg_Preu=DF?=) Date: Thu Nov 3 12:29:12 2005 Subject: Stickies File Seems To Have Disappeared In-Reply-To: <6BBF4F5E-1663-11D6-9913-0030654777A6@adolos.co.uk> Message-ID: <94799814-1812-11D6-8473-0030654D9456@jmpreuss-edv.de> Am Donnerstag den, 31. Januar 2002, um 16:58, schrieb Stuart Roebuck: > Is there some problem accessing files during the login process or soon > after? I noticed something similar. Directly after login the system has to do some things and is quite busy. It takes some time till started apps are doing there jobs. Even the sticky.app. The icon is already in place and has stopped to jump but there seems no action from sticky.app. I remember that I tried to access the sticky.app while it did not react... ??? Joerg --- www : http://www.jmpreuss-edv.de email: joerg.preuss@jmpreuss-edv.de joerg@preuss.info icq: 10469889 From chris at ucfed.ucf.edu Sat Feb 2 11:50:03 2002 From: chris at ucfed.ucf.edu (chris rank) Date: Thu Nov 3 12:29:12 2005 Subject: (no subject) Message-ID: Hi, First off great work guys...I am really excited about all of the changes and improvements made over the last few years. I have been running 2.0.7 as a PDC for almost 18 months now and it has been great. I have a new problem that I searched the lists for and have now come to you directly because it is nowhere to be found in any discussions that anyone has had. I think that my problem is unique. Yea! I am sure that is exciting. Ok, Here is the scoop. I have 2.2.1a build on a current build of Apple's MacOS X Server ( http://www.apple.com/macosx/server ) Ok, this system comes with a binary preinstalled and working with encryption. I have it working and have now figured out how to make the sucker into a PDC just like my 2.0.7 box. Here is the difference. My 2.0.7 box has a standard build of SaMBa with a smbpasswd file and everything. The difference here is that Apple has built the authentication into the app and a small config gui called radmin. Now I have figured out how to get the stupid gui to overwrite my conf file, but what I haven't been able to get around is this, the widows machine gives me a pretty strange error when I try and add an account: The account you are attempting to use is a machine account. Try using your Global Administrator account or and account with proper privileges. Huh? I am using the root account. When I type in the wrong password I get a proper bad password error. So clearly the win2k machine is receiving some sort of response from the server, but the server is not allowing the machine account to be created because it is convinced that it is an unprivileged user and tells the 2k machine that the root account does not have enough privileges. Talk about pissing you off! So then I tried to create an smbpasswd file, added the root account properly and got the same error. I am a pretty seasoned samba veteran, but this one has me stumped. Here is what I would love to see. If someone has a fix for this, please send it to me so that I can work around this and have my nice shiny new PDC working. If this is a new bug that Apple has introduced because of some kind of proprietary whackness, let me know that to so that the samba folks can contact Apple and have them fix their code. Also if Apple doesn't comply with the samba team then we can put pressure on them from the community to comply because of their use of an open source project. Apple has contributed greatly to the community and I know that they should be responsive. One other thing though, I couldn't find the source code that they used to create the new binaries. I know that they released some, but I can no longer find it on the Darwin site. So any comments or fixes for this would be greatly appreciated. Thanks! -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 2843 bytes Desc: not available Url : /mailman/archive/macosx-admin/attachments/20020202/f0eed429/attachment.bin From mike at blakeley.com Sat Feb 2 12:39:00 2002 From: mike at blakeley.com (Michael Blakeley) Date: Thu Nov 3 12:29:12 2005 Subject: folder imaging script In-Reply-To: <200202022001.g12K1HS28528@lists.omnigroup.com> References: <200202022001.g12K1HS28528@lists.omnigroup.com> Message-ID: I was doing my monthly backup yesterday, and found that my home directory has gotten too big to simply drag onto a CDR anymore (yeah, I'm a pack rat). Since I didn't want to throw anything away, I thought I'd simply make a compressed image of my home directory, and archive that onto CDR. But... Apple Disk Copy on OS X doesn't seem to support the old OS9 "Image from Folder" command. So I took a look at the man page for hdiutil - it has an example at the end that demonstrates imaging a folder, but doesn't compress it, and anyway the example doesn't actually work. So I wrote a little script that does, and I hope it's useful to others. I've made it available at http://www.blakeley.com/resources/image-folder.sh Use it at your own risk, but it works for me. -- Michael Blakeley mike@blakeley.com Performance Analysis for Internet Technologies From vallon at mindspring.com Sat Feb 2 12:43:02 2002 From: vallon at mindspring.com (Justin Vallon) Date: Thu Nov 3 12:29:12 2005 Subject: [Summary] Deploying Mac OS X - Idle and ByHost (CFPreferences Current host) In-Reply-To: Message-ID: <6A59FC3C-181D-11D6-B0C6-003065C2230E@bluejay.vallon.net> I think you may have "localhost" entries for things that you "preferenced" while your hostname was "localhost". You will probably notice that all the localhost files are older than all of your "hostname" files. So, you would just have to name your machines "localhost". :-) To the original poster: You may be going about this the wrong way. If there is anything in the preferences folder that is host-specific, then if you were to put those Users' accounts on a shared disk, each machine would have different preferences. Is it possible to put non-ByHost entries in the Preferences folder? Would those preferences be used if no specific-ByHost preference is found? On Friday, February 1, 2002, at 11:35 PM, Michael Blakeley wrote: > At 12:01 -0800 2002-02-01, macosx-admin-request@omnigroup.com wrote: >> From: James Reynolds >> Subject: [Summary] Deploying Mac OS X - Idle and ByHost (CFPreferences >> Current host) >> >> >Issue 2: >>> There is a folder located at ~/Library/Preferences/ByHost/ that is >>> causing me quite a bit of trouble. Preferences in this folder >>> contain some form of the internet address for the Mac. I want to >>> create custom images of this Mac OS X to distribute to other >>> computers. However, because of this folder, I am unable to just >>> image a hard disk and stamp it out. I have to go and change the >>> contents of the ByHost folder, something that I do not want to do, >> >especially for about 300 macs. > > Looking at my own setup, I seem to have duplicate ByHost files for > my actual hostname, for localhost, and for my MAC (ethernet) > address - no doubt because I've mucked around with /etc/hostconfig. > My most recent plist files all key off of the current hostname. > > But the interesting thing, to me, is that the ByHosts key isn't > always the MAC address. Perhaps you could simply change the hostname > to 'localhost' (/etc/hostconfig) on your master, verify that your > ByHosts key has changed to 'localhost', and distribute that way? > > -- Michael Blakeley mike@blakeley.com > > Performance Analysis for Internet Technologies > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > > -Justin vallon@mindspring.com From sb.list at sb.org Sat Feb 2 13:05:01 2002 From: sb.list at sb.org (Stonewall Ballard) Date: Thu Nov 3 12:29:12 2005 Subject: Cron and applescript In-Reply-To: Message-ID: On 2/2/02 1:06 PM, "Michael Bartosh" wrote: > At 5:18 AM -0500 2/2/02, Robert C Jacobson wrote: > I'd look a cronix; It lets you set personal crontabs that run as you. > > http://www.versiontracker.com/moreinfo.fcgi?id=9478&db=mac > > a comment on the pasted page says that it will easily run AppleScripts. I switched to using cronix when it came out. Perhaps that's why I don't have problems. There doesn't appear to be anything special about AppleScripts. They have to be saved as applications in order to run. - Stoney From me at RichRamos.com Sat Feb 2 13:34:00 2002 From: me at RichRamos.com (Rich Ramos) Date: Thu Nov 3 12:29:12 2005 Subject: PPP automatic up/down and iTools (IMAP) mail account interfere? Message-ID: <2619796.1012656277@localhost> > > That system has a mac.com mail account (that is IMAP I think). And the > following behaviour occurs: as soon as the system after 15 minutes of > inactivity shuts down the connection (or when the connection is torn down by > me on purpose through the menu bar), somehow Mail.app gets triggered to to > something. As a result, a new connection is built whenever the link goes > down. Note: in Mail.app I have set 'get new mail' to collecting *by hand* so > it is not the automatic collection of new mail that is playing a role here. > > Can people confirm this behaviour or is there something I should set up > differently? Sorry to be writting so late on this, but I didn't see anyone else answer the question yet, so I thought I would put in my $.02. If the problem is solved then sorry. First, you have to remember that an IMAP account is quite different than a POP account. In IMAP everything is stored on the IMAP server, so whenever you want to do anything (not just check for new mail) the IMAP client has to get the data from the server (like contents of a mailbox or an already ready email). The benefit of this is so you can use any IMAP client anywhere on the net and have access to the SAME DATA EVERYWHERE (try jumping from host to host with a POP account, doesn't work). The drawback is that you usually need to be connected to the net at all times. I say usually because some IMAP clients do better than others at localhost caching (or synchronizing) of data and you might not need to go to the net quite as much, but that is dependant on the client. I don't use Mail.app, but I did just do some quick playing around with it to look at your problem. Given that fact, this is just some quick suggestions, but I default to more knowledgeable Mail.app people. If you want Mail.app to truly not go to the network, you will need to use it in 'offline' mode. In the mailbox menu you will see a 'Go Online/Offline' and 'Take "hostname" Online/Offline'. Use that to take it offline so that it won't connect to the net. Now how good of a job does it do with local caching, I don't know. You might not have access to much, if any of your email, while you are offline, but it will stop the problem that you described above. -Rich -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 229 bytes Desc: not available Url : /mailman/archive/macosx-admin/attachments/20020202/732e3b6f/attachment.bin From sherlock at rna.nl Sat Feb 2 14:49:00 2002 From: sherlock at rna.nl (Gerben Wierda) Date: Thu Nov 3 12:29:12 2005 Subject: PPP automatic up/down and iTools (IMAP) mail account interfere? In-Reply-To: <2619796.1012656277@localhost> Message-ID: Thanks for the explanation. Well, that shows how stupid Apple has been by making IMAP the default for iTools mail accounts. It's a real Catch-22, as soon as you disconnect your dialup account, Mail.app starts doing some synching with the IMAP server. This action immediately reconnects your dialup account. In other words, as long as Mail.app is running, you cannot disconnect your computer, even if you have set all kind of server actions to manual. I created a POP account instead and deleted the IMP account. I wonder, did they not test this on a dialup account *at all*? I am quite pissed, because I have an 81 year old mother who is starting with a Mac running Mac OS X 10.1.2 and she is *bombarded* by error/warning panels which are all completely unnecessary. And I have to try to help her through the phone at 100mi distance. After I switched to the POP account I turned on automatic dialup on TCP/IP traffic again. Then when Mail.app tries to deliver mail or get mail when the link is down, you get warning messages where you can only click OK that complain that DNS fails to resolve the SMTP or POP host. But it complains immediately while a PPP link takes some time to get established. Result: warnings for the user which are unnecessary and confusing as hell to 'grandma'-types. Really, did they never test this???? The last disaster was that it was impossible to turn the system off. The system complained that Mail.app was stopping the shutdown process but the "Force Quit" panel only showed only Finder and Internet Connect. Mail was running though, but trying to quit it failed in all ways. Since this is an iBook, removing the plug doesn't even work. In the end we got the system to *crash* (I hope, she got a blue screen and then the system seemed to turn itself off) by force-quitting the Finder. Now I hope the next boot will work. Probably the reason Mail.app would not die was because of the 'locked mailbox' bug that has been in Mail.app for quite a while now. Shutdown and let the system kill Mail.app and you have a big chance that Mail.app will start complaining th enext time you try to use the 'deleted items' folder. Luckily for you that panel will be hidden behind your other windows 50% of the time which is really intuitive for grandma... This is so far not the experience I was expecting from Apple. I *really* hope someone at Apple is reading this negative press because this experience is *worse* than a decently configured Windows system and it needs to be fixed yesterday (as this is absolutely *basic*). Sorry, but I am extremely pissed because I never suspected that basic stuff like this would be so user unfriendly and so stupidly implemented. And I have an extreme dislike for Windows so this is not easy for me to say. G PS. You want another fine little bug that confuses the hell out of nontechnical users? Type in any cocoa app (Mail.app will do) "fine" and try to move back with the cursor keys to position yourself between the f and the i (for instance to delete the f and replace it with another character). Yes that is right. You get a nice ligature, but it is impossible to get between the two characters of the ligature. OK, so you go to the left of the f and use forward delete. Sure, it would have been just one more keystroke, but the solution wont't always work (an iBook does not have that key...). From frjo at pobox.com Sat Feb 2 15:10:01 2002 From: frjo at pobox.com (Fredrik Jonsson) Date: Thu Nov 3 12:29:12 2005 Subject: Make a user not show up in the login panel Message-ID: Hi, Can anyone tell me how to make a user not show up in the login panel in Mac OS X. I have some friends that I have set up accounts for so they can log in via SSH and access some shared folders via File Sharing. I would like these accounts to not show up when I log in to my system. I have some "users" installed by Fink, mysql etc., that behave like this so it seems to be possible. TIA Regards, Fredrik Jonsson -- Web site: XNS Name: =Fredrik From lee.henderson at micrin.com Sat Feb 2 16:27:01 2002 From: lee.henderson at micrin.com (Lee Henderson) Date: Thu Nov 3 12:29:12 2005 Subject: Samba In-Reply-To: Message-ID: <9364401B-183C-11D6-9CA6-00306541DA9A@micrin.com> On Saturday, February 2, 2002, at 01:49 PM, chris rank wrote: > If this is a new bug that Apple has introduced because of some kind of > proprietary whackness, let me know that to so that the samba folks can > contact Apple and have them fix their code. Also if Apple doesn't > comply with the samba team then we can put pressure on them from the > community to comply because of their use of an open source project. > Apple has contributed greatly to the community and I know that they > should be responsive. One other thing though, I couldn't find the > source code that they used to create the new binaries. I know that > they released some, but I can no longer find it on the Darwin site. So > any comments or fixes for this would be greatly appreciated. Thanks! Well I really don't have a specific answer as to your inability to add machines to the domain. 100% compatible PDC (as opposed to BDC) support has been elusive in Samba. I think folks who buy the os x server package would rather it just work with the NetInfo users & groups, instead of maintaining a smbpasswd file as well. Maybe you can do both on the same samba server? I dunno. Their changes are actually posted in their nearly-public CVS server, which you can access at http://anoncvs.opensource.apple.com/cvs/ I believe you have to agree to the license and register with them to get access. From justin at mac.com Sat Feb 2 16:48:00 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:12 2005 Subject: OSX Server and Cisco In-Reply-To: Message-ID: <8462058A-183F-11D6-9EDE-00306544D642@mac.com> On Friday, February 1, 2002, at 07:42 AM, Perbix, Michael wrote: > The only thing is that the Apple SE working with me said that the Mac > OSX > server NEEDS to be on Autonegotiate on both ends. I went from 80Kbps > (Helios Lan test) to 8Mbps 8-). This is currently the only way to get Mac OS X to behave correctly. > Now the question that I have. Is there a terminal command that allows > me to > lock the Macintosh NIC in OSX to a given speed/duplex. I know there is > nothing for MacOS9 other than the unsupported extensions however in OSX > there should be a Terminal command at least? No? Not necessarily (there need not be a command to do everything you want to do; some things may be handled exclusively with the GUI). However, for this particular job, the 'ifconfig' command should work. However, it doesn't affect the currently shipping network drivers from Apple (I can't tell you whether third party drivers are affected; although I suspect they wouldn't, since the example drivers don't). The command ifconfig DEV media 100BaseTX should force the device DEV to operate in 100BaseTX mode; it should not negotiate speed. The command ifconfig DEV mediaopt full-duplex should force the device DEV to operate in full-duplex mode, and again, it should not negotiate duplex-ness. This will be fixed in an upcoming release. As always, no one can say when that is. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | If you're not confused, | You're not paying attention *--------------------------------------*-------------------------------* From justin at mac.com Sat Feb 2 16:58:02 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:12 2005 Subject: I broke the binary [CVS?] In-Reply-To: Message-ID: On Tuesday, January 29, 2002, at 05:17 AM, OSX-admin wrote: >> It's possible that the binary is cached, and that any attempt to run >> something that sounds vaguely the same will get run into that error. >> I'd try rebooting and see what the result is. If that fixes it, file a >> bug. If not, then there's really a bug. Let us know. >> > > No it's worse then that. I must have gotten mixed up and copied the > Linux > whois over the OS X whois because as soon as I replaced it with the one > Fabien Roy emailed me in another response on this thread it worked. > > Are you guys telling me that someone re-wrote (ported) every Unix > binary to > Linux. They didn't just get Linux to run Unix software somehow? Wow! Well, it isn't the binaries that get ported; it's the source. To some extent, Linux handles a lot of the current source base just fine. Much of the work to keep specific commands running on various platforms is handled by the group or individual that maintains it, together with help from individuals who want to use the command on other platforms. It's the "open source" way. > FreeBSD has this cool thing called "cvsup" that is a repository of the > current (and experimental for the brave) FreeBSD distribution. You just > run > a little script and it gets what you want. Now if Apple had this for OS > X I > could have fixed this whois in a snap. Can we get one of these > repositories > for OS X? Maybe there is one at darwin somewhere? or Maybe Apple is > afraid > of the trouble it would cause. 'cvsup' is just one of many ways to access a CVS repository. Apple has an analogous mechanism available (see http://www.opensource.apple.com). It's the Darwin website. > And that brings to mind, what if I had copied the whois binary from a > FreeBSD machine? Precisely the same thing that happened when you copied the binary from the Linux machine. Some systems, or versions of systems, support executing binaries from other (versions of other) systems. You can, for example, run some binaries from some Linux systems on some freebsd systems. Whether it works depends on the various versions of the various pieces of the systems involved. There's also the minor subtlety of processor and machine architecture to worry about. For Mac OS X/Darwin, the answer is simple: it won't work, so don't do it. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | Men are from Earth. | Women are from Earth. | Deal with it. *--------------------------------------*-------------------------------* From jwelch at aer.com Sat Feb 2 17:57:13 2002 From: jwelch at aer.com (John C. Welch) Date: Thu Nov 3 12:29:12 2005 Subject: PPP automatic up/down and iTools (IMAP) mail account interfere? In-Reply-To: Message-ID: On 02/02/2002 17:39, "Gerben Wierda" wrote: > Thanks for the explanation. > > > > Well, that shows how stupid Apple has been by making IMAP the default > for iTools mail accounts. It's a real Catch-22, as soon as you > disconnect your dialup account, Mail.app starts doing some synching with > the IMAP server. This action immediately reconnects your dialup account. > In other words, as long as Mail.app is running, you cannot disconnect > your computer, even if you have set all kind of server actions to > manual. I created a POP account instead and deleted the IMP account. That's a limitation in Mail.app then. Not all IMAP clients are as limited as Mail.app. As well, for dial up, IMAP is actually *better* than POP, as you aren't forced to download all parts of all messages. I can get the headers for 3000 messages in about 35 seconds on a 33.6 connection with a good IMAP client. Can you do the same with POP? Doubtful. > > I wonder, did they not test this on a dialup account *at all*? I am > quite pissed, because I have an 81 year old mother who is starting with > a Mac running Mac OS X 10.1.2 and she is *bombarded* by error/warning > panels which are all completely unnecessary. And I have to try to help > her through the phone at 100mi distance. Right. And so you tell her, "Grammy, just make sure you quit your email program before you disconnect"/ I agree that the PPP setup and service in OS X has issues that need to get fixed, but they are totally unrelated to IMAP. john From root at nimug.org Sat Feb 2 18:54:00 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:12 2005 Subject: OSX Server and Cisco In-Reply-To: <8462058A-183F-11D6-9EDE-00306544D642@mac.com> Message-ID: <18CA7E87-1851-11D6-906C-0030656A00AC@nimug.org> On Sunday, February 3, 2002, at 12:46 , Justin C. Walker wrote: > > On Friday, February 1, 2002, at 07:42 AM, Perbix, Michael wrote: > >> The only thing is that the Apple SE working with me said that the Mac >> OSX >> server NEEDS to be on Autonegotiate on both ends. I went from 80Kbps >> (Helios Lan test) to 8Mbps 8-). > > This is currently the only way to get Mac OS X to behave correctly. Maybe you should mention the model of switch too. I've used my Pismo with 10+ models of 100BT switches from various vendors and not seen any problems (then again, I was also involved in the internal product introduction for my employers switches and used my Pismo as a portable benchmarking machine) Keeping a note of models that provide inconsistent results is a good thing. -- From macosx at randys.org Sat Feb 2 19:15:59 2002 From: macosx at randys.org (../randy) Date: Thu Nov 3 12:29:12 2005 Subject: Make a user not show up in the login panel In-Reply-To: Message-ID: Change their UID. I think anything that is not used already and is below 500 will not show up in the login window...at least it works on my machine that way. - randy > From: Fredrik Jonsson > Date: Sun, 3 Feb 2002 00:09:35 +0100 > To: macosx-admin@omnigroup.com > Subject: Make a user not show up in the login panel > > Hi, > > Can anyone tell me how to make a user not show up in the login panel > in Mac OS X. > > I have some friends that I have set up accounts for so they can log > in via SSH and access some shared folders via File Sharing. I would > like these accounts to not show up when I log in to my system. > > I have some "users" installed by Fink, mysql etc., that behave like > this so it seems to be possible. > > TIA > > Regards, > Fredrik Jonsson > > -- > Web site: > XNS Name: =Fredrik > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > From jpb at ApesSeekingKnowledge.net Sun Feb 3 08:52:49 2002 From: jpb at ApesSeekingKnowledge.net (Joe Block) Date: Thu Nov 3 12:29:12 2005 Subject: PPP automatic up/down and iTools (IMAP) mail account interfere? In-Reply-To: <2619796.1012656277@localhost> Message-ID: <31BA63AC-18BF-11D6-BB6C-000393102F9E@ApesSeekingKnowledge.net> On Saturday, February 2, 2002, at 02:24 , Rich Ramos wrote: > >> >> That system has a mac.com mail account (that is IMAP I think). And the >> following behaviour occurs: as soon as the system after 15 minutes of >> inactivity shuts down the connection (or when the connection is torn >> down by >> me on purpose through the menu bar), somehow Mail.app gets triggered >> to to >> something. As a result, a new connection is built whenever the link >> goes >> down. Note: in Mail.app I have set 'get new mail' to collecting *by >> hand* so >> it is not the automatic collection of new mail that is playing a role >> here. >> >> Can people confirm this behaviour or is there something I should set up >> differently? > > Sorry to be writting so late on this, but I didn't see anyone else > answer the question yet, so I thought I would put in my $.02. If the > problem is solved then sorry. > > First, you have to remember that an IMAP account is quite different > than a POP account. In IMAP everything is stored on the IMAP server, > so whenever you want to do anything (not just check for new mail) the > IMAP client has to get the data from the server (like contents of a > mailbox or an already ready email). The benefit of this is so you can > use any IMAP client anywhere on the net and have access to the SAME > DATA EVERYWHERE (try jumping from host to host with a POP account, > doesn't work). The drawback is that you usually need to be connected > to the net at all times. I say usually because some IMAP clients do > better than others at localhost caching (or synchronizing) of data and > you might not need to go to the net quite as much, but that is > dependant on the client. I had a similar problem on my TiBook. I had rules that sorted mail from various lists into different mailboxes, which worked well, except that Mail.app doesn't seem to update it's local cache of a mailbox unless you actually open the mailbox. What made it really frustrating was that it would show me that I had X number of new messages in a box, and if I'd try to open it while away from the network, I wouldn't be able to read the new messages. What I did to fix the synchronization issues on my TiBook was to run imapd locally. I have all my rules that sort things into mailboxes sort them into the imap account local to the tibook, and I have an IMAP account in Mail.app that contacts 127.0.0.1, so it doesn't matter if I'm on a network or not, Mail.app can still refresh it's cache. Every so often I back up the local imap spool to my server using rsync, and things work well. jpb -- Joe Block Transported to a surreal landscape, a young girl kills the first woman she meets and then teams up with three complete strangers to kill again. - Marin County newspaper's TV listing for The Wizard of Oz From alex at lassoguru.com Sun Feb 3 09:50:01 2002 From: alex at lassoguru.com (Alex Pilson) Date: Thu Nov 3 12:29:12 2005 Subject: inetd.conf changes Message-ID: OS X 10.1.2 inetd.conf How come every time I restart my machine stuff I have commented out returns to be uncommented? I want the POP and IMAP to commented all the time, so it doesn't start up. I have Communigate Pro running instead. Does anyone know how to make the inted.conf changes permanent? -- :::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Alex Pilson Interactive Developer Lasso Programmer 404.728.4417 From taz at univits.se Sun Feb 3 10:08:01 2002 From: taz at univits.se (Mikael Moreira) Date: Thu Nov 3 12:29:12 2005 Subject: OmniWeb command line. Message-ID: Im sorry if this documented somewhere, but Im having a hard time finding it. Is there a way to open a URL from the command line with OmniWeb? /Micke From njriley at uiuc.edu Sun Feb 3 10:45:15 2002 From: njriley at uiuc.edu (Nicholas Riley) Date: Thu Nov 3 12:29:12 2005 Subject: OmniWeb command line. In-Reply-To: References: Message-ID: <20020203184302.GA1217575@uiuc.edu> On Sun, Feb 03, 2002 at 06:07:17PM +0100, Mikael Moreira wrote: > > Im sorry if this documented somewhere, but Im having a hard time finding > it. > > Is there a way to open a URL from the command line with OmniWeb? Not specifically with OmniWeb, but you can use my 'launch' tool to open URLs from the command line with the helper app you've configured in Internet Config. (don't use the installer, it's broken) If you want to open a URL with a different browser (say, if IE is your default browser), you might have luck with using osascript to run a one-line AppleScript. -- =Nicholas Riley | Pablo Research Group, Department of Computer Science and Medical Scholars Program, University of Illinois at Urbana-Champaign From leonvs at occam.com Sun Feb 3 11:37:03 2002 From: leonvs at occam.com (Leon Towns-von Stauber) Date: Thu Nov 3 12:29:12 2005 Subject: OSX Server and Cisco In-Reply-To: Message-ID: <510782FD-18DD-11D6-B481-003065A76B44@occam.com> > Now the question that I have. Is there a terminal command that allows > me to > lock the Macintosh NIC in OSX to a given speed/duplex. I know there is > nothing for MacOS9 other than the unsupported extensions however in OSX > there should be a Terminal command at least? No? I believe I've figured out the syntax: ifconfig en0 mediaopt full-duplex but it doesn't actually do anything for me. And if I try the following: ifconfig en0 media 100baseTX I receive an error: ifconfig: SIOCSIFMEDIA: Operation not supported This behavior is regardless of whether the interface is up or down. ------------------------------------------------------------- Leon Towns-von Stauber http://www.occam.com/leonvs/ Amazon.com, UNIX Systems Engineer "We have not come to save you, but you will not die in vain!" From rpeskin at rlpcon.com Sun Feb 3 11:57:01 2002 From: rpeskin at rlpcon.com (Richard Peskin) Date: Thu Nov 3 12:29:12 2005 Subject: lost bundle info Message-ID: <147A7051-18E0-11D6-AF8F-000393639B02@rlpcon.com> I have found that (under some circumstances) I lose bundle information associated with Cocoa applications when I copy them across file systems using "ditto -rsrc .....". For example a copy of myApp.app shows up in the target file system as a Contents folder (containing the usual things found in the myApp.app folder). I thought that Cocoa apps don't use resource forks, and that the extension (.app) was sufficient to tell the Finder to look in the resources file (inside Contents). The shell also shows only the target Contents directory, not the expected enclosing myApp.app directory. What happens that the enclosing myApp.app folder is lost? --dick peskin Richard L. Peskin, RLP Consulting, Londonderry, VT http://www.rlpcon.com http://www.caip.rutgers.edu/~peskin -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 824 bytes Desc: not available Url : /mailman/archive/macosx-admin/attachments/20020203/e2708b5f/attachment.bin From ocs at ocs.cz Sun Feb 3 12:03:04 2002 From: ocs at ocs.cz (Ondra Cada) Date: Thu Nov 3 12:29:12 2005 Subject: lost bundle info In-Reply-To: <147A7051-18E0-11D6-AF8F-000393639B02@rlpcon.com> References: <147A7051-18E0-11D6-AF8F-000393639B02@rlpcon.com> Message-ID: <200202031956.AA09103@ocs.cz> Richard, >>>>>> Richard Peskin (RP) wrote at Sun, 3 Feb 2002 14:56:14 -0500: RP> What happens that the enclosing myApp.app folder is lost? Don't you happen to call "ditto Foo.app somewhere"? Ditto does *not* append the source name to the target automatically like cp does, so you need to use something like "ditto Foo.app somewhere/Foo.app". --- Ondra Cada OCSoftware: ocs@ocs.cz http://www.ocs.cz 2K Development: o.cada@2kdevelopment.cz http://www.2kdevelopment.cz private ondra@ocs.cz http://www.ocs.cz/oc From njriley at uiuc.edu Sun Feb 3 12:06:06 2002 From: njriley at uiuc.edu (Nicholas Riley) Date: Thu Nov 3 12:29:12 2005 Subject: lost bundle info In-Reply-To: <147A7051-18E0-11D6-AF8F-000393639B02@rlpcon.com> References: <147A7051-18E0-11D6-AF8F-000393639B02@rlpcon.com> Message-ID: <20020203200453.GA1276732@uiuc.edu> On Sun, Feb 03, 2002 at 02:56:14PM -0500, Richard Peskin wrote: > I have found that (under some circumstances) I lose bundle > information associated with Cocoa applications when I copy them across > file systems using "ditto -rsrc .....". For example a copy of myApp.app > shows up in the target file system as a Contents folder (containing > the usual things found in the myApp.app folder). I thought that Cocoa > apps don't use resource forks, and that the extension (.app) was > sufficient to tell the Finder to look in the resources file (inside > Contents). The shell also shows only the target Contents directory, not > the expected enclosing myApp.app directory. > What happens that the enclosing myApp.app folder is lost? This is the way ditto behaves. It's not like tar, cp, mv, etc. You need to include the name of the enclosing folder in the destination path. % mkdir testdir1 % touch testdir1/blah % mkdir testdir2 % ditto testdir1 testdir2 % ls -l testdir2 total 0 -rw------- 1 nicholas wheel 0 Feb 3 14:04 blah -- =Nicholas Riley | Pablo Research Group, Department of Computer Science and Medical Scholars Program, University of Illinois at Urbana-Champaign From fabienlroy at mac.com Sun Feb 3 12:36:00 2002 From: fabienlroy at mac.com (Fabien Roy) Date: Thu Nov 3 12:29:12 2005 Subject: inetd.conf changes In-Reply-To: Message-ID: <6A93F924-18E5-11D6-B09B-000393658196@mac.com> chmod 444 /etc/inetd.conf On Sunday, February 3, 2002, at 09:49 AM, Alex Pilson wrote: > OS X 10.1.2 > inetd.conf > > How come every time I restart my machine stuff I have commented out > returns to be uncommented? > > I want the POP and IMAP to commented all the time, so it doesn't start > up. I have Communigate Pro running instead. Does anyone know how to > make the inted.conf changes permanent? From macosx at randys.org Sun Feb 3 13:20:57 2002 From: macosx at randys.org (../randy) Date: Thu Nov 3 12:29:12 2005 Subject: inetd.conf changes In-Reply-To: Message-ID: Maybe you have 'MAILSERVER=-YES-' in your '/etc/hostconfig' file? I dunno...this sounds a bit odd. - randy > From: Alex Pilson > Date: Sun, 3 Feb 2002 12:49:34 -0500 > To: Mac OS X Admins > Subject: inetd.conf changes > > OS X 10.1.2 > inetd.conf > > How come every time I restart my machine stuff I have commented out > returns to be uncommented? > > I want the POP and IMAP to commented all the time, so it doesn't > start up. I have Communigate Pro running instead. Does anyone know > how to make the inted.conf changes permanent? > -- > :::::::::::::::::::::::::::::::::::::::::::::::::::::::::: > Alex Pilson > Interactive Developer > Lasso Programmer > 404.728.4417 > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > From sherlock at rna.nl Sun Feb 3 14:34:00 2002 From: sherlock at rna.nl (Gerben Wierda) Date: Thu Nov 3 12:29:12 2005 Subject: PPP automatic up/down and iTools (IMAP) mail account interfere? In-Reply-To: Message-ID: <91E1EFEE-18F5-11D6-8E62-0003930AD8A4@rna.nl> On Sunday, February 3, 2002, at 02:55 , John C. Welch wrote: > Right. And so you tell her, "Grammy, just make sure you quit your email > program before you disconnect"/ Absolutely not. Grandma should not be aware of connecting or disconnecting, she should only be using Mail. That should be invisible for her. "Dial on demand", "not dial under grandma-control" ;-) G From mike at caisys.co.uk Sun Feb 3 14:37:01 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:12 2005 Subject: Finder replacements [was Re: Stickies File Seems To Have Disappeared] In-Reply-To: References: Message-ID: <10202031900.AA03046@gandalf.caisys.co.uk> Jose Pedro Sousa do Amaral wrote: > On a different note, someone (I believe it was Ondra Cada) suggested > that I could replace the Finder with another file manager. You can do this, and for the last week or two I've had Finder replaced by SNAX to see how it works. I can't honestly identify any specific advantages over simply having SNAX running and keeping the Finder hidden, except the warm feeling I get from knowing I've taken a positive step to relegate the Finder to a subsidiary role. Disadvantages are: (1) there a few things only the Finder can do for you, like built-in CD burning. (2) other Get Info packages (like SNAX's built-in Get Info, and XRay and SuperGetInfo) have different functionality over Finder's own, better in many respects, but not a complete replacement. (3) some applications, trying to interact with the filesystem, will launch Finder.app instead of using the loginwindow default for Finder -- indeed, SNAX itself launches Finder to do some things, like gather info about a file for its built-in Get Info. (4) it's a good idea to add the Quit item to Finder's application menu ("defaults write com.apple.finder QuitMenuItem Enabled") so you can launch and quit it like any normal app. (5) You don't get your desktop icons. Some of these, no doubt, may yet be implemented in finder replacements. > Is there a place with reviews of alternative file managers for MOSX? Don't know of one specifically, but there are reviews (well, user feedback) for the software listed at versiontracker.com, which can provide a guide. > Is this a true replacement, i.e., having the system launch the new > file manager instead of the Finder, or instead the new file manager > runs along with the Finder? Thank you. Yes, subject to my comments above, it's a true replacement. For example, the replacement app gets the 'Relaunch' button in the Force Quit panel, instead of Finder. /mike From mike at caisys.co.uk Sun Feb 3 14:37:19 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:12 2005 Subject: NetInfo Mgr question In-Reply-To: <8AC508F6-174A-11D6-88D3-0030656A00AC@nimug.org> References: <8AC508F6-174A-11D6-88D3-0030656A00AC@nimug.org> Message-ID: <10202032207.AA03093@gandalf.caisys.co.uk> An answer and a question... r00t wrote: > On Friday, February 1, 2002, at 07:23 , Richard Peskin wrote: > > > I have a server and client with duplicate user accounts. (rpeskin > > and root exist on both, with both having admin group membership). > > NetInfoManager on the server will not allow writes to the netinfo > > database by rpeskin, and will not allow root to open the NetInfo > > application at all. The console message says: > > 2002-02-01 14:12:09.809 NetInfo Manager[882] Could not find image > > named `delete'. > > Feb 1 14:12:41 pbook netinfod local[218]: Remote user rpeskin may > > not modify directory 154 > > Is this a NetInfoManager problem, or do I have a corrupt ni.db, or > > am I missing something else here? > > This is a bit like NIS. > > There are remote (local) users and there are NIS (network) users. The > local users cannot modify anything on the NIS while there are NIS > users who can log into local machines. The problem here is that your > usernames are the same and we use usernames to log into machines. IMHO, this last comment is a red herring. You can have the same username on different hosts and should still be able to modify NI entries in one database from a different host. Disclaimer: I'm not a NetInfo guru, but I have been using it for quite a few years, and have (almost) always managed to get it to do what I want. If what follows is incorrect in any respect, I apologise and hope someone more knowledgeable will correct me. Three things I'm pretty sure of: (1) When you authenticate in NetInfo Manager in order to change a remote database, you are authenticating on the host that database resides on. You therefore need to authenticate as an admin user _on that host_ (or as root). In your case, you say 'rpeskin' is an admin user on both your server and client machines, so that should be OK. (2) You can only modify a database remotely from another machine if that machine is within a network identified on the database as a 'trusted_network' (this is a property of the root directory of a database). Have you set up a 'trusted_networks' property and given it a value? (3) the message "NetInfo Manager: Could not find image named `delete'" is nothing to do with authentication. It happens when you open a database, and looks like a UI programming/configuration error. It's not serious in practice. Now, let me try to work out what you're saying: (1) "NetInfoManager on the server will not allow writes to the netinfo database by rpeskin, .... The console message says: Feb 1 14:12:41 pbook netinfod local[218]: Remote user rpeskin may not modify directory 154" You're saying you start NetInfo Manager on your server. It opens the local database by default -- is that the database you're referring to? Or its parent? Or do you mean you open the local database on the client from the server (ie Domain -> Open By Tag -> host: (client's host name), tag: local)? or what? Anyway, then you authenticate ("Click the lock to make changes"), and your authentication is accepted. You make a change. When you try to save the change, NetInfo Manager says you can't. I've seen this (authenticate, make a change, then get a message saying you don't have permissions to modify the directory). It meant I'd authenticated as a user who doesn't have admin/root permissions on the host where the database resides. (2) "... and will not allow root to open the NetInfo application at all" Don't understand what you mean. You log in as root and can't start NetInfo Manager? Now, here's where I have a problem myself. My NetInfo server's on a NeXT machine. From a client running Mac OS X 10.1.2, I can open both the network (root, master) and local databases on the server, and edit them. No prob. BUT I can't open the local NetInfo databases on OS X 10.1.2 hosts, either from the NeXT or from another OS X host, either using NetInfoManager (I get messages on the (NeXT or Mac) console saying "NetInfo connection failed for server xx.xx.xx.xx/local") or the command-line (nidump eventually gives up with "nidump: fatal error: Communication failure"). I've got my "trusted_network" properties set up. Anyone got any ideas what _I'm_ missing? Not sure how much this helps. /mike -- Mike Elston | CaiSys _|> consultant | NeXT, MacOS, Unix, CAI From mike at caisys.co.uk Sun Feb 3 14:38:02 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:12 2005 Subject: separately mounted user directories In-Reply-To: <7ED5D535-17B5-11D6-92EB-003065C77D64@digifix.com> References: <7ED5D535-17B5-11D6-92EB-003065C77D64@digifix.com> Message-ID: <10202032231.AA03107@gandalf.caisys.co.uk> Scott Anguish wrote: > On Friday, February 1, 2002, at 02:57 AM, Paul Lynch wrote: > > On Friday, February 1, 2002, at 04:49 am, Richard Peskin wrote: > > > >> Would I be better off to link directly to separately mounted user > >> directories. That is, leave /Users on the root disk, and link home > >> directories to the separate disk? E.g. /Users/rpeskin --> > >> /Volumes/rpeskin, rather than /Users --> /Volumes/Users? > > > > The best solution is to edit the /users/rpeskin/home property in > > netinfo from /Users/rpeskin to /Volumes/rpeskin. I believe this has > > come up several times before. > > > > unfortunately, this doesn't seem to cut it for everything.. a > number of apps are still looking into /Users/sanguish for my stuff.. > and it isn't there.. it's annoying enough that I've about gone back > to just putting everything into /Users again True, unfortunately. Perhaps the best solution is belt-and-braces: do as Paul suggests (efficient), and add a symbolic link /Users/rpeskin --> /Volumes/rpeskin (safe). That works. /mike From sanguish at digifix.com Sun Feb 3 14:46:00 2002 From: sanguish at digifix.com (Scott Anguish) Date: Thu Nov 3 12:29:12 2005 Subject: separately mounted user directories In-Reply-To: <10202032231.AA03107@gandalf.caisys.co.uk> Message-ID: <9C959C06-18F7-11D6-B41A-000393120A7C@digifix.com> unfortunately then you need to worry about idiotic .pkg installers taking out the link. On Sunday, February 3, 2002, at 05:31 PM, Mike Elston wrote: >> unfortunately, this doesn't seem to cut it for everything.. a >> number of apps are still looking into /Users/sanguish for my stuff.. >> and it isn't there.. it's annoying enough that I've about gone back >> to just putting everything into /Users again > > True, unfortunately. Perhaps the best solution is belt-and-braces: > do as Paul suggests (efficient), and add a symbolic link > /Users/rpeskin --> /Volumes/rpeskin (safe). That works. From sherlock at rna.nl Sun Feb 3 16:05:59 2002 From: sherlock at rna.nl (Gerben Wierda) Date: Thu Nov 3 12:29:12 2005 Subject: Your advice needed: removing stale Mail locks Message-ID: Stale Mail.app locks appear when Mail.app is forced to quit by shutdown or logout. Sometimes they appear even when a normal quit has been performed. They are a nuisance. I wrote a small StartupItem to clear the locks at boot time (when it is safe to do so), The script says: #!/bin/sh . /etc/rc.common ## # Clean up stale lock files on boot ## if [ "$1" == "start" ] then dirs=`nidump passwd / | sed 's/:[^:]*$//' | sed 's/.*://'` for i in $dirs do dir="$i/Library/Mail" if [ -d "$dir" ] then find "$dir" -fstype local -name .lock -exec rm -f {} \; fi done fi And the StartupParameters are: { Description = "Remove Stale Locks"; Provides = ("RSL"); Requires = ("Netinfo"); Preference = "None"; Messages = { start = "Removing Stale Locks"; stop = ""; restart = ""; }; } Are there any problems with this approach? I only remove files from local file systems (thus not over the network) when I am booting and when I am booting there should not be anyone holding a valid lock, should there? Any caveats? G From peterf at semiotx.com Sun Feb 3 17:20:59 2002 From: peterf at semiotx.com (Peter Fraterdeus) Date: Thu Nov 3 12:29:12 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes Message-ID: OSX 10.1.2 excess kernel task >80% and weird freezes I'm getting this behavior on the tiBook since updating to 10.1.2 Anybody else running into this? Symptoms are spinning cursor, non-responsive app, although I can still switch to another app, at least intitially. It seems to get worse if I force quit the affected app. Also unable to wake from sleep consistently. There have been a number of times that the machine apparently just shut down in sleep, and I had to power up from scratch. I haven't seen anything like this since 10.0.4 was released. Is 10.1.2 a step backwards??? Please cc to my eMail [peterf<@>mac.com] if you've run into this, or heard of any solutions! Many thanks Peter -- AzByCx DwEvFu GtHsIr JqKpLo MnNmOl PkQjRi ShTgUf VeWdXc YbZa& @ Peter Fraterdeus http://www.midsummernightstamps.com www.semiotx.com Magical Images from the Moon's Garden! If liberty means anything at all, it means the right to tell people what they do not want to hear.--George Orwell MacOSX * Apache * PHP * mySQL * Linux * Typography * Web Design Buckminster Fuller Institute * www.bfi.org * Design Revolution! From me at RichRamos.com Sun Feb 3 17:24:00 2002 From: me at RichRamos.com (Rich Ramos) Date: Thu Nov 3 12:29:12 2005 Subject: PPP automatic up/down and iTools (IMAP) mail account interfere? In-Reply-To: References: Message-ID: <3605178.1012764199@[10.0.1.2]> Alright, I will be the first to say that Apple has made some bad decisions in the past, but I think you may be coming down on them a little hard on this one. First, using IMAP as part of iTools is not inconsistent with how the iTools services are to be used. The design of iTools is to be server based services. I.E. all the data associated with iTools services is stored on the iTools servers. So, having email stored on the server rather than the client fits in with that. If you want to be upset at Apple for something in this case, it mostly just not setting the proper expectations for how the new services in iTools (including email) are suppose to work. This is not something that is limited to just Apple though. Most tech companies today are very guilty of this. Things change at a very rapid pace and tech companies do not do a good job of setting expectations of how new features and services are suppose to work. Obviously, your expectations are such that if you tell your email client to check email manually you believe it will not connect to the Internet for other things. However, in using your Mail.app, you may have to readjust your thinking. With IMAP this is not a valid assumption. However, Mail.app does give you online and offline modes. Did you experiment with putting the Mail.app in offline mode to see if that would stop if from connecting? In my brief tests this stopped it from connecting to the Net. -Rich --- Original --- From: Gerben Wierda To: Rich Ramos CC: macosx-admin@omnigroup.com Date: 2/2/02 11:39 PM +0100 Subject: Re: PPP automatic up/down and iTools (IMAP) mail account interfere? > Thanks for the explanation. > > > > Well, that shows how stupid Apple has been by making IMAP the default for > iTools mail accounts. It's a real Catch-22, as soon as you disconnect your > dialup account, Mail.app starts doing some synching with the IMAP server. > This action immediately reconnects your dialup account. In other words, as > long as Mail.app is running, you cannot disconnect your computer, even if you > have set all kind of server actions to manual. I created a POP account > instead and deleted the IMP account. > > I wonder, did they not test this on a dialup account *at all*? I am quite > pissed, because I have an 81 year old mother who is starting with a Mac > running Mac OS X 10.1.2 and she is *bombarded* by error/warning panels which > are all completely unnecessary. And I have to try to help her through the > phone at 100mi distance. > > After I switched to the POP account I turned on automatic dialup on TCP/IP > traffic again. Then when Mail.app tries to deliver mail or get mail when the > link is down, you get warning messages where you can only click OK that > complain that DNS fails to resolve the SMTP or POP host. But it complains > immediately while a PPP link takes some time to get established. Result: > warnings for the user which are unnecessary and confusing as hell to > 'grandma'-types. Really, did they never test this???? > > The last disaster was that it was impossible to turn the system off. The > system complained that Mail.app was stopping the shutdown process but the > "Force Quit" panel only showed only Finder and Internet Connect. Mail was > running though, but trying to quit it failed in all ways. Since this is an > iBook, removing the plug doesn't even work. In the end we got the system to > *crash* (I hope, she got a blue screen and then the system seemed to turn > itself off) by force-quitting the Finder. Now I hope the next boot will work. > Probably the reason Mail.app would not die was because of the 'locked > mailbox' bug that has been in Mail.app for quite a while now. Shutdown and > let the system kill Mail.app and you have a big chance that Mail.app will > start complaining th enext time you try to use the 'deleted items' folder. > Luckily for you that panel will be hidden behind your other windows 50% of > the time which is really intuitive for grandma... > > This is so far not the experience I was expecting from Apple. > > I *really* hope someone at Apple is reading this negative press because this > experience is *worse* than a decently configured Windows system and it needs > to be fixed yesterday (as this is absolutely *basic*). Sorry, but I am > extremely pissed because I never suspected that basic stuff like this would > be so user unfriendly and so stupidly implemented. And I have an extreme > dislike for Windows so this is not easy for me to say. > > G > > PS. You want another fine little bug that confuses the hell out of > nontechnical users? Type in any cocoa app (Mail.app will do) "fine" and try > to move back with the cursor keys to position yourself between the f and the > i (for instance to delete the f and replace it with another character). Yes > that is right. You get a nice ligature, but it is impossible to get between > the two characters of the ligature. OK, so you go to the left of the f and > use forward delete. Sure, it would have been just one more keystroke, but the > solution wont't always work (an iBook does not have that key...). > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 229 bytes Desc: not available Url : /mailman/archive/macosx-admin/attachments/20020203/6cdcb3a8/attachment.bin From jearle at mac.com Sun Feb 3 17:30:01 2002 From: jearle at mac.com (Jared ''Danger'' Earle) Date: Thu Nov 3 12:29:12 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: Message-ID: On Monday, February 4, 2002, at 02:20 , Peter Fraterdeus wrote: > OSX 10.1.2 excess kernel task >80% and weird freezes > [snippage] > ]I haven't seen anything like this since 10.0.4 was released. Is 10.1.2 a > step backwards??? I wouldn't place the blame on 10.2.1 just yet because this is the first I' ve heard of it. What else are you doing? Are you on a windows network? -- Jared Earle, Nightfall Games, jared@23x.net - http://www.23x.net "So long, and thanks for all the SPORK" From peterf at semiotx.com Sun Feb 3 17:37:00 2002 From: peterf at semiotx.com (Peter Fraterdeus) Date: Thu Nov 3 12:29:12 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: References: Message-ID: >On Monday, February 4, 2002, at 02:20 , Peter Fraterdeus wrote: >>OSX 10.1.2 excess kernel task >80% and weird freezes >>[snippage] >>]I haven't seen anything like this since 10.0.4 was released. Is 10.1.2 a step backwards??? > >I wouldn't place the blame on 10.2.1 just yet because this is the first I' >ve heard of it. What else are you doing? Are you on a windows network? Hi, Jared Nope, no windows network at all. This is on a 400 G4 Titanium Powerbook, 768 MB RAM I've got a beta Wacom driver, and Retrospect, but I've had that since October, and had no trouble until recently???? At first I thought it was related to a new 512MB I installed, because I had these 'no wake up' things happening, but now I can see the kernel task is at the top of the list when the cpu load goes over the top. A few minutes ago, the CPU % reported by top for the 0 kernel task went up to 107%... thanks! Peter >-- > Jared Earle, Nightfall Games, jared@23x.net - http://www.23x.net > "So long, and thanks for all the SPORK" -- AzByCx DwEvFu GtHsIr JqKpLo MnNmOl PkQjRi ShTgUf VeWdXc YbZa& @ Peter Fraterdeus http://www.midsummernightstamps.com www.semiotx.com Magical Images from the Moon's Garden! If liberty means anything at all, it means the right to tell people what they do not want to hear.--George Orwell MacOSX * Apache * PHP * mySQL * Linux * Typography * Web Design Buckminster Fuller Institute * www.bfi.org * Design Revolution! If you have a free web email account put "{README}" in your sub- ject line, or my filters will trash your message. This includes yahoo, hotmail, netscape, msn, excite, etc. From macosx at randys.org Sun Feb 3 17:37:14 2002 From: macosx at randys.org (../randy) Date: Thu Nov 3 12:29:12 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: References: Message-ID: <53791.63.192.100.4.1012786568.squirrel@webmail.troikaweb.com> Well...I've had this Quicksilver machine since about september and it still doesn'tsleep correctly. no matter what I do, the machine just shuts itself down after about5 minutes of sleep time... -- randy Peter Fraterdeus said: > OSX 10.1.2 excess kernel task >80% and weird freezes > > I'm getting this behavior on the tiBook since updating to 10.1.2 > > Anybody else running into this? > > Symptoms are spinning cursor, non-responsive app, although I can still > switch to another app, at least intitially. It seems to get worse if I > force quit the affected app. Also unable to wake from sleep > consistently. There have been a number of times that the machine > apparently just shut down in sleep, and I had to power up from scratch. > > I haven't seen anything like this since 10.0.4 was released. Is 10.1.2 > a step backwards??? > > Please cc to my eMail [peterf<@>mac.com] if you've run into this, or > heard of any solutions! > > Many thanks > > Peter > > > > -- > AzByCx DwEvFu GtHsIr JqKpLo MnNmOl PkQjRi ShTgUf VeWdXc YbZa& @ > > Peter Fraterdeus http://www.midsummernightstamps.com > www.semiotx.com Magical Images from the Moon's Garden! > > If liberty means anything at all, it means the right to tell people > what they do not want to hear.--George Orwell > > MacOSX * Apache * PHP * mySQL * Linux * Typography * Web Design > Buckminster Fuller Institute * www.bfi.org * Design Revolution! > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin .../randy From christos at dynamic.net.au Sun Feb 3 17:37:32 2002 From: christos at dynamic.net.au (Chris Kakris) Date: Thu Nov 3 12:29:12 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: Message-ID: Yes I have had this happen to my tiBook 10.1.2 as well. However it only seems to happen when the laptop has been idle and the screen saver is running. Happens once every couple of months so it's not a show stopper. But this should not happen at all. On Monday, February 4, 2002, at 12:20 , Peter Fraterdeus wrote: > OSX 10.1.2 excess kernel task >80% and weird freezes > > I'm getting this behavior on the tiBook since updating to 10.1.2 > > Anybody else running into this? > > Symptoms are spinning cursor, non-responsive app, although I > can still switch to another app, at least intitially. It seems > to get worse if I force quit the affected app. Also unable to > wake from sleep consistently. There have been a number of times > that the machine apparently just shut down in sleep, and I had > to power up from scratch. > > I haven't seen anything like this since 10.0.4 was released. Is > 10.1.2 a step backwards??? > > Please cc to my eMail [peterf<@>mac.com] if you've run into > this, or heard of any solutions! > > Many thanks > > Peter From jearle at mac.com Sun Feb 3 17:50:00 2002 From: jearle at mac.com (Jared ''Danger'' Earle) Date: Thu Nov 3 12:29:12 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: Message-ID: <74F5ECE4-1911-11D6-A583-000A2791CF7C@mac.com> On Monday, February 4, 2002, at 02:36 , Peter Fraterdeus wrote: > At first I thought it was related to a new 512MB I installed, because I > had these 'no wake up' things happening, but now I can see the kernel > task is at the top of the list when the cpu load goes over the top. Have you tried it without the 512Mb RAM and seen if it does the same thing? Did the problem exist before you added the RAM? -- Jared Earle, Nightfall Games, jared@23x.net - http://www.23x.net "I do not like SPORKs, Sam-I-Am" From peterf at semiotx.com Sun Feb 3 18:07:00 2002 From: peterf at semiotx.com (Peter Fraterdeus) Date: Thu Nov 3 12:29:12 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: <74F5ECE4-1911-11D6-A583-000A2791CF7C@mac.com> References: <74F5ECE4-1911-11D6-A583-000A2791CF7C@mac.com> Message-ID: I'm a bit suspicious of iPhoto, actually. I'm going to forgo iPhoto for the next couple of days, and see if that helps! I have also noted the same thing on my G4 tower, so I don't think it's related to the RAM. P P At 2:49 AM +0100 2/4/02, Jared ''Danger'' Earle wrote: >On Monday, February 4, 2002, at 02:36 , Peter Fraterdeus wrote: >>At first I thought it was related to a new 512MB I installed, because I had these 'no wake up' things happening, but now I can see the kernel task is at the top of the list when the cpu load goes over the top. > >Have you tried it without the 512Mb RAM and seen if it does the same thing? > Did the problem exist before you added the RAM? > >-- > Jared Earle, Nightfall Games, jared@23x.net - http://www.23x.net > "I do not like SPORKs, Sam-I-Am" -- AzByCx DwEvFu GtHsIr JqKpLo MnNmOl PkQjRi ShTgUf VeWdXc YbZa& @ Peter Fraterdeus http://www.midsummernightstamps.com www.semiotx.com Magical Images from the Moon's Garden! If liberty means anything at all, it means the right to tell people what they do not want to hear.--George Orwell MacOSX * Apache * PHP * mySQL * Linux * Typography * Web Design Buckminster Fuller Institute * www.bfi.org * Design Revolution! If you have a free web email account put "{README}" in your sub- ject line, or my filters will trash your message. This includes yahoo, hotmail, netscape, msn, excite, etc. From bdezendorf at aus.ac.ae Sun Feb 3 20:50:07 2002 From: bdezendorf at aus.ac.ae (Breandan Dezendorf) Date: Thu Nov 3 12:29:12 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: Message-ID: <8FE6E664-192A-11D6-A5CC-0003930405C0@aus.ac.ae> I have seen the same problem on my tiBook (500mhz, 384 MB RAM.) Running Mac OS X Server 10.1.2. I have seen the problem 3 times in the past 5 weeks, (and if I remember correctly) it usually happens when the 'Book falls asleep during heavy load (running, say three fink processes), but it has not happened enough for me to say anything for certain about the cause. I don't think it is classic, because I have not run classic mode since upgrading to 10.1.2. All of my RAM is stock from Apple, as are the rest of of the system components. The only thing I have added to the mix is an Airport card. I had thought it was a user error on my part, but if others have seen the same thing... Breandan Dezendorf Macintosh Network Engineer American University of Sharjah On Monday, February 4, 2002, at 05:36 AM, Chris Kakris wrote: > Yes I have had this happen to my tiBook 10.1.2 as well. However it > only seems to happen when the laptop has been idle and the screen > saver is running. Happens once every couple of months so it's not > a show stopper. But this should not happen at all. > > > On Monday, February 4, 2002, at 12:20 , Peter Fraterdeus wrote: > >> OSX 10.1.2 excess kernel task >80% and weird freezes >> >> I'm getting this behavior on the tiBook since updating to 10.1.2 >> >> Anybody else running into this? >> >> Symptoms are spinning cursor, non-responsive app, although I can still >> switch to another app, at least intitially. It seems to get worse if I >> force quit the affected app. Also unable to wake from sleep consistently. >> There have been a number of times that the machine apparently just shut >> down in sleep, and I had to power up from scratch. >> >> I haven't seen anything like this since 10.0.4 was released. Is 10.1.2 a >> step backwards??? >> >> Please cc to my eMail [peterf<@>mac.com] if you've run into this, or >> heard of any solutions! >> >> Many thanks >> >> Peter > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > > From jwelch at aer.com Sun Feb 3 20:57:02 2002 From: jwelch at aer.com (John C. Welch) Date: Thu Nov 3 12:29:12 2005 Subject: PPP automatic up/down and iTools (IMAP) mail account interfere? In-Reply-To: <91E1EFEE-18F5-11D6-8E62-0003930AD8A4@rna.nl> Message-ID: On 02/03/2002 17:30, "Gerben Wierda" wrote: >> Right. And so you tell her, "Grammy, just make sure you quit your email >> program before you disconnect"/ > > Absolutely not. Grandma should not be aware of connecting or > disconnecting, she should only be using Mail. That should be invisible > for her. "Dial on demand", "not dial under grandma-control" ;-) I agree. But since it doesn't work that way at the moment, and Grandma's are not, as a rule, stupid, then you work around existing limitations, or put her on 9 where PPP works better. john -- I'm listening to What Would Happen by Meredith Brooks off of From justin at mac.com Sun Feb 3 20:58:03 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:12 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: Message-ID: On Sunday, February 3, 2002, at 05:36 PM, Peter Fraterdeus wrote: >> On Monday, February 4, 2002, at 02:20 , Peter Fraterdeus wrote: >>> OSX 10.1.2 excess kernel task >80% and weird freezes >>> [snippage] >>> ]I haven't seen anything like this since 10.0.4 was released. Is >>> 10.1.2 a step backwards??? >> >> I wouldn't place the blame on 10.2.1 just yet because this is the >> first I' >> ve heard of it. What else are you doing? Are you on a windows network? > > Hi, Jared > > Nope, no windows network at all. > This is on a 400 G4 Titanium Powerbook, 768 MB RAM > > I've got a beta Wacom driver, and Retrospect, but I've had that since > October, and had no trouble until recently???? > > At first I thought it was related to a new 512MB I installed, because I > had these 'no wake up' things happening, but now I can see the kernel > task is at the top of the list when the cpu load goes over the top. A > few minutes ago, the CPU % reported by top for the 0 kernel task went > up to 107%... > Is there anything of interest in the log file (/var/log/system.log, or perhaps others in the same directory)? Check time stamps for the time you see the kernel task usage peak. Regards, Justin -- /~\ The ASCII Justin C. Walker, Curmudgeon-at-Large \ / Ribbon Campaign X Help cure HTML Email / \ From jwelch at aer.com Sun Feb 3 21:37:01 2002 From: jwelch at aer.com (John C. Welch) Date: Thu Nov 3 12:29:12 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: Message-ID: On 02/03/2002 20:20, "Peter Fraterdeus" wrote: > OSX 10.1.2 excess kernel task >80% and weird freezes > > I'm getting this behavior on the tiBook since updating to 10.1.2 > > Anybody else running into this? > > Symptoms are spinning cursor, non-responsive app, although I can still switch > to another app, at least intitially. It seems to get worse if I force quit the > affected app. Also unable to wake from sleep consistently. There have been a > number of times that the machine apparently just shut down in sleep, and I had > to power up from scratch. > > I haven't seen anything like this since 10.0.4 was released. Is 10.1.2 a step > backwards??? Did you install any of the Palm betas? john -- I'm listening to What Would Happen by Meredith Brooks off of From taylor at intuitive.com Sun Feb 3 22:00:08 2002 From: taylor at intuitive.com (Dave Taylor) Date: Thu Nov 3 12:29:12 2005 Subject: [X-Admin]Re: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: Message-ID: Peter, can you open up a Terminal and run: top -ulw | head -20 Then mail us the output? It'll look like this: Processes: 40 total, 2 running, 38 sleeping... 126 threads 21:55:11 Load Avg: 0.61, 0.56, 0.53 CPU usage: 0.0% user, 100.0% sys, 0.0% idle SharedLibs: num = 88, resident = 21.1M code, 1.24M data, 5.36M LinkEdit MemRegions: num = 3278, resident = 262M + 8.65M private, 89.5M shared PhysMem: 41.7M wired, 113M active, 350M inactive, 505M used, 6.84M free VM: 2.12G + 42.2M 4730(4730) pageins, 485(485) pageouts PID COMMAND %CPU TIME #TH #PRTS #MREGS RPRVT RSHRD RSIZE VSIZE 312 Microsoft 0.0% 48:34.97 3 109 338 25.7M 41.8M 40.2M 140M 242 Microsoft 0.0% 45:11.81 8 128 318 22.9M 21.8M 33.9M 128M 68 Window Man 0.0% 28:27.87 3 191 150 1.23M 32.1M 33.1M 80.2M 313 Virtual PC 0.0% 21:49.24 9 116 279 142M 13.2M 149M 230M 404 Internet E 0.0% 10:33.24 9 128 279 33.7M 15.5M 42.9M 129M 318 iTunes 0.0% 9:20.19 8 128 223 7.29M 10.4M 11.5M 88.3M 0 kernel_tas 0.0% 3:15.12 25 0 - - - 32.5M 430M 237 SystemUISe 0.0% 0:53.91 4 120 155 2.60M 6.23M 4.39M 80.6M 243 Microsoft 0.0% 0:36.81 2 72 116 5.38M 9.57M 6.64M 82.5M 240 Palm Deskt 0.0% 0:29.76 1 47 52 628K 4.76M 1.60M 71.3M 66 ATSServer 0.0% 0:13.14 1 39 92 892K 4.19M 3.96M 33.0M 235 Finder 0.0% 0:08.30 2 81 129 8.48M 10.9M 14.6M 88.8M Dave Taylor Mac & Unix guy From leif.carlsson at trifolium.se Mon Feb 4 01:25:01 2002 From: leif.carlsson at trifolium.se (Leif Carlsson) Date: Thu Nov 3 12:29:12 2005 Subject: OSX as a graphical-terminalserver? Message-ID: <948179373leif.carlsson@trifolium.se> ------------------------------------------------------------------------------------------ Excuse this (stupid?) question, but I wonder: Is there any chance you could ever use a OSX-machine as a graphical-terminalserver? I would like to be able to log in a few remote machines that would each get their own graphical environment, preferably Aqua, on the "terminalserver" machine. I use Timbuktu to speed up a 4D "remote" session over an ISDN connection but you can only run one client on one machine at a time. I've used X-terminal client-server a long time ago but never reflected over if it was possible to run multiple machines off one "client" (I suppose you can because you can have several windows open at one time???). Any ideas? Speed restrictions? -- Regards Leif Carlsson, Systemconsultant, Trifolium System AB ------------------------------------------------------------------------------------------ From Neil.Laubenthal at osd.mil Mon Feb 4 04:52:00 2002 From: Neil.Laubenthal at osd.mil (Laubenthal, Neil, CTR, OSD-C3I) Date: Thu Nov 3 12:29:12 2005 Subject: Cron and applescript Message-ID: <8B0A34361237D4118C4E009027E59FA305CE2A7F@osdn5.osd.mil> ChangeDesktop . . . available on www.versiontracker.com does this nicely. It's not a script (I used to use a freeware one of those but it wasn't a real 'random' selection for desktop) but rather a prefs app and a daemon. Works very nicely . . . freeware . . . scans folders recursively . . . and has a 'don't repeat pictures until all have been used' preference. Currently at v1.3.1 I think; have had zero problems with it. Neil D. Laubenthal, Senior Network Security Administrator RBIS, Ltd C3I SCI Technical Support Team Lead On Saturday, February 2, 2002, at 04:28 , Stonewall Ballard wrote: > Not so. I run AppleScript apps from cron every day. [...] and a third > changes my desktop wallpaper periodically. I would like a copy of this script. -- Jared Earle, Nightfall Games, jared@23x.net - http://www.23x.net "There is no SPORK" From mike at caisys.co.uk Mon Feb 4 04:55:00 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:12 2005 Subject: separately mounted user directories In-Reply-To: <9C959C06-18F7-11D6-B41A-000393120A7C@digifix.com> References: <9C959C06-18F7-11D6-B41A-000393120A7C@digifix.com> Message-ID: <10202041213.AA04098@gandalf.caisys.co.uk> Scott wrote: > unfortunately then you need to worry about idiotic .pkg installers > taking out the link. That hasn't happened to me (well, not links in /Users, anyway :-) Do you mean Apple .pkg's? Or 3rd-party ones? /mike From sanguish at digifix.com Mon Feb 4 05:00:03 2002 From: sanguish at digifix.com (Scott Anguish) Date: Thu Nov 3 12:29:12 2005 Subject: separately mounted user directories In-Reply-To: <10202041213.AA04098@gandalf.caisys.co.uk> Message-ID: Apple's .pkg abomination... On Monday, February 4, 2002, at 07:13 AM, Mike Elston wrote: > Scott wrote: >> unfortunately then you need to worry about idiotic .pkg installers >> taking out the link. > > That hasn't happened to me (well, not links in /Users, anyway :-) > Do you mean Apple .pkg's? Or 3rd-party ones? > > /mike From jwelch at aer.com Mon Feb 4 07:15:59 2002 From: jwelch at aer.com (John C. Welch) Date: Thu Nov 3 12:29:12 2005 Subject: OSX as a graphical-terminalserver? In-Reply-To: <948179373leif.carlsson@trifolium.se> Message-ID: On 02/04/2002 04:23, "Leif Carlsson" wrote: > Excuse this (stupid?) question, but I wonder: > > Is there any chance you could ever use a OSX-machine as a > graphical-terminalserver? > > I would like to be able to log in a few remote machines that would each get > their own graphical environment, preferably Aqua, on the "terminalserver" > machine. > > I use Timbuktu to speed up a 4D "remote" session over an ISDN connection but > you can only run one client on one machine at a time. > > I've used X-terminal client-server a long time ago but never reflected over > if it was possible to run multiple machines off one "client" (I suppose you > can because you can have several windows open at one time???). At the moment, no. Although Quartz is a window server -client system, it is only doing local clients. From what I've gotten out of some conversation, the capability is certainly there, it's just not been a priority. Although, if enough people were to point out that it should be, along with dollar figures on how many more Mac OS X boxes they'd buy with this capability, that would probably help convince Apple to make it a priorty... john -- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf." - George Orwell From sherlock at rna.nl Mon Feb 4 07:20:58 2002 From: sherlock at rna.nl (Gerben Wierda) Date: Thu Nov 3 12:29:12 2005 Subject: lpr print problem since 10.1.2: confirmation? Message-ID: <8CFE9785-1982-11D6-A9ED-0003930AD8A4@rna.nl> Since upgrading to 10.1.2 when I print to a lpd queue on my lpd server, I can only have one print job at the time. When I send a second job, I get (on the server) a waring "lpd[pid] tfA001host: file exists". Can someone confirm this? Though it seems strange to me, does it indeed have to do with Mac OS X? Thanks, G From justin at mac.com Mon Feb 4 07:24:01 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:12 2005 Subject: OSX as a graphical-terminalserver? In-Reply-To: <948179373leif.carlsson@trifolium.se> Message-ID: <173626A6-1983-11D6-8C8A-00306544D642@mac.com> On Monday, February 4, 2002, at 01:23 AM, Leif Carlsson wrote: > ------------------------------------------------------------------------------------------ > > Excuse this (stupid?) question, but I wonder: > > Is there any chance you could ever use a OSX-machine as a > graphical-terminalserver? > > I would like to be able to log in a few remote machines that would each > get their own graphical environment, preferably Aqua, on the > "terminalserver" machine. No. It sounds as if you are talking about something akin to X's "server model", whereby the app can run on a remote system, but display on your local system (the local system runs the 'server'). Aqua doesn't support this kind of operation. > I use Timbuktu to speed up a 4D "remote" session over an ISDN > connection but you can only run one client on one machine at a time. > > I've used X-terminal client-server a long time ago but never reflected > over if it was possible to run multiple machines off one "client" (I > suppose you can because you can have several windows open at one > time???). As above. > Any ideas? What you want to do is not possible with Aqua, but it can be done with X(11), which is available and works with Mac OS X. > Speed restrictions? Max posted speed: 0 bits per second :-}. Regards, Justin -- /~\ The ASCII Justin C. Walker, Curmudgeon-at-Large \ / Ribbon Campaign X Help cure HTML Email / \ From ocs at ocs.cz Mon Feb 4 08:22:00 2002 From: ocs at ocs.cz (Ondra Cada) Date: Thu Nov 3 12:29:12 2005 Subject: OSX as a graphical-terminalserver? In-Reply-To: <173626A6-1983-11D6-8C8A-00306544D642@mac.com> References: <173626A6-1983-11D6-8C8A-00306544D642@mac.com> Message-ID: <200202041615.AA09959@ocs.cz> Justin, >>>>>> Justin C. Walker (JCW) wrote at Mon, 4 Feb 2002 07:23:07 -0800: JCW> >I would like to be able to log in a few remote machines that would each JCW> >get their own graphical environment, preferably Aqua, on the JCW> >"terminalserver" machine. If I understand correctly, it's the plain old NSHosting: running an application so that it connects to _other machine's_ window server to provide GUI there. Just like telnet, but with GUI ;) Used to work perfectly with NeXTStep and then Mac OS X Server 1. JCW> No. It sounds as if you are talking about something akin to X's "server JCW> model", whereby the app can run on a remote system, but display on your JCW> local system (the local system runs the 'server'). Aqua doesn't support JCW> this kind of operation. Actually, AFAIK, it has nothing to do with Aqua. The problem is the new Quartz window server, which for some godforsaken reason can't serve more different users at once (actually, it can serve exactly two, one plain user, and root). That's a reason (I don't know whether the reason or just one of them) why NSHosting does not exist anymore. But cheer up, we have the genie effect and shadows instead! :( --- Ondra Cada OCSoftware: ocs@ocs.cz http://www.ocs.cz 2K Development: o.cada@2kdevelopment.cz http://www.2kdevelopment.cz private ondra@ocs.cz http://www.ocs.cz/oc From ryan.suarez at sheridanc.on.ca Mon Feb 4 08:56:00 2002 From: ryan.suarez at sheridanc.on.ca (Ryan Suarez) Date: Thu Nov 3 12:29:12 2005 Subject: Make a user not show up in the login panel References: <200202032101.g13L1pO01857@lists.omnigroup.com> Message-ID: <3C5EBCF9.B09BF089@sheridanc.on.ca> Hi Fredrik, This doc shows how to disable the last logged in username from showing up on the login screen. "http://www.macosxlabs.org/documentation/hard_disk_maintenance/configuration/config.html#DisableUNameDisplay" This is preferrable to using UIDs less than 500. Ryan > > --__--__-- > > Message: 12 > Date: Sat, 02 Feb 2002 19:14:49 -0800 > Subject: Re: Make a user not show up in the login panel > From: "../randy" > To: MacOS Admin > > Change their UID. I think anything that is not used already and is below 500 > will not show up in the login window...at least it works on my machine that > way. > > - randy > > > From: Fredrik Jonsson > > Date: Sun, 3 Feb 2002 00:09:35 +0100 > > To: macosx-admin@omnigroup.com > > Subject: Make a user not show up in the login panel > > > > Hi, > > > > Can anyone tell me how to make a user not show up in the login panel > > in Mac OS X. > > > > I have some friends that I have set up accounts for so they can log > > in via SSH and access some shared folders via File Sharing. I would > > like these accounts to not show up when I log in to my system. > > > > I have some "users" installed by Fink, mysql etc., that behave like > > this so it seems to be possible. > > > > TIA > > > > Regards, > > Fredrik Jonsson > > > > -- > > Web site: > > XNS Name: =Fredrik > > _______________________________________________ > > MacOSX-admin mailing list > > MacOSX-admin@omnigroup.com > > http://www.omnigroup.com/mailman/listinfo/macosx-admin > > From root at nimug.org Mon Feb 4 09:52:44 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:12 2005 Subject: NetInfo Mgr question In-Reply-To: <10202032207.AA03093@gandalf.caisys.co.uk> Message-ID: On Sunday, February 3, 2002, at 10:07 , Mike Elston wrote: > An answer and a question... > >> The problem here is that your >> usernames are the same and we use usernames to log into machines. > > IMHO, this last comment is a red herring. You can have the same > username on different hosts and should still be able to modify NI > entries in one database from a different host. I have no problem with that. How does the machine differentiate between local user accounts and remote NetInfo-served user accounts? The text I used for reference didn't touch on this but then I suppose it's common sense....it just does. > Disclaimer: I'm not a NetInfo guru, but I have been using it for > quite a few years, and have (almost) always managed to get it to do > what I want. If what follows is incorrect in any respect, I apologise > and hope someone more knowledgeable will correct me. I'm waiting with bated breath. Spill, guru! > Three things I'm pretty sure of: > (1) When you authenticate in NetInfo Manager in order to change a > remote database, you are authenticating on the host that database > resides on. You therefore need to authenticate as an admin user _on > that host_ (or as root). > In your case, you say 'rpeskin' is an admin user on both your server > and client machines, so that should be OK. > > You're saying you start NetInfo Manager on your server. It opens the > local database by default -- is that the database you're referring > to? Or its parent? Or do you mean you open the local database on the > client from the server (ie Domain -> Open By Tag -> host: (client's > host name), tag: local)? or what? Having read up a bit over the weekend I now understand the way the domains thing work which is a good bit different to NIS. Remember that to authenticate the parent domain from the client would mean opening the domain in NetInfo Manager and authenticating using the username and password on the NetInfo server rather than the local one. I have a personal preference to keep the usernames separate. Maybe Mr Peskin can keep us informed. NetInfo deserves a "Missing Manual" book all to itself! > Now, here's where I have a problem myself. My NetInfo server's on a > NeXT machine. From a client running Mac OS X 10.1.2, I can open both > the network (root, master) and local databases on the server, and edit > them. No prob. > > BUT I can't open the local NetInfo databases on OS X 10.1.2 hosts, > either from the NeXT or from another OS X host, either using > NetInfoManager (I get messages on the (NeXT or Mac) console saying > "NetInfo connection failed for server xx.xx.xx.xx/local") or the > command-line (nidump eventually gives up with "nidump: fatal error: > Communication failure"). I've got my "trusted_network" properties set > up. Anyone got any ideas what _I'm_ missing? It is entirely possible that they have changed things while leaving the 10.1.2 client backwards compatible. Does it need anything like RPC? The 10.1.2 doesn't ship with RPC stuff and no GUI to add it - it's something needed in NIS (AFAICR...it was a long time ago) From root at nimug.org Mon Feb 4 09:53:07 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:12 2005 Subject: quota Message-ID: I know that quotas are disabled on OSX but can be enabled thru the GUI in OSX Server. Anyone got any suggestions on how to set a quota on a "folder" - specifically a shared access folder - accessed by a group? From Robert.Jacobson at gsfc.nasa.gov Mon Feb 4 10:00:16 2002 From: Robert.Jacobson at gsfc.nasa.gov (Robert C Jacobson) Date: Thu Nov 3 12:29:12 2005 Subject: OmniWeb command line. In-Reply-To: <20020203184302.GA1217575@uiuc.edu> References: <20020203184302.GA1217575@uiuc.edu> Message-ID: Omniweb is supposedly scriptable (I don't have it to test with.. yet). The osascript one-liner should work. For IE: # osascript tell application "Internet Explorer" to OpenURL "http://slashdot.org" works. But I guess that's a lot of typing. :-/ At 12:43 PM -0600 2/3/02, Nicholas Riley wrote: >On Sun, Feb 03, 2002 at 06:07:17PM +0100, Mikael Moreira wrote: >> >> Im sorry if this documented somewhere, but Im having a hard time finding >> it. >> >> Is there a way to open a URL from the command line with OmniWeb? > >Not specifically with OmniWeb, but you can use my 'launch' tool to >open URLs from the command line with the helper app you've configured >in Internet Config. > > > >(don't use the installer, it's broken) > >If you want to open a URL with a different browser (say, if IE is your >default browser), you might have luck with using osascript to run a >one-line AppleScript. > >-- >=Nicholas Riley | > Pablo Research Group, Department of Computer Science and > Medical Scholars Program, University of Illinois at Urbana-Champaign -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Robert Jacobson Robert.Jacobson@gsfc.nasa.gov BS, Aeronautical Engineering Univ. of Md., College Park Flight Ops. Team - SOlar Heliospheric Observatory (SOHO) From fabienlroy at mac.com Mon Feb 4 10:20:58 2002 From: fabienlroy at mac.com (fabienlroy@mac.com) Date: Thu Nov 3 12:29:13 2005 Subject: List and explanations of errors Message-ID: Is there a docoment/web site whe I can get numerical error number to plain text translation. I am sick of the following: -------------- next part -------------- A non-text attachment was scrubbed... Name: pastedGraphic.tiff Type: image/tiff Size: 14938 bytes Desc: not available Url : /mailman/archive/macosx-admin/attachments/20020204/61f248b8/pastedGraphic.tiff From root at nimug.org Mon Feb 4 10:25:59 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:13 2005 Subject: OmniWeb command line. In-Reply-To: Message-ID: <3D3C40D2-199C-11D6-A2CE-0030656A00AC@nimug.org> On Monday, February 4, 2002, at 05:57 , Robert C Jacobson wrote: > > > Omniweb is supposedly scriptable (I don't have it to test with.. yet). > The osascript one-liner should work. > > For IE: > # osascript > tell application "Internet Explorer" to OpenURL "http://slashdot.org" > > > works. But I guess that's a lot of typing. :-/ Create the various .webloc or .url files open -a /Applications/Omniweb.app www.apple.com.webloc should then work. It works on my system where IE5 is, at the moment, the default browser. Otherwise you'd omit the -a /path/to/application.app But it doesn't if Omniweb is already launched. I guess it might be a slight pref change somewhere in my system. -- From mbartosh at mac.com Mon Feb 4 10:44:08 2002 From: mbartosh at mac.com (Michael Bartosh) Date: Thu Nov 3 12:29:13 2005 Subject: NetInfo Mgr question In-Reply-To: References: Message-ID: At 5:51 PM +0000 2/4/02, r00t wrote: >I have no problem with that. How does the machine differentiate >between local user accounts and remote NetInfo-served user accounts? >The text I used for reference didn't touch on this but then I >suppose it's common sense....it just does. NetInfo searches from the bottom up. If the uname exists locally, that instance will be used to log in, regardless of if it exists in a higher domain. However (I believe I saw this question somewhare) non-local users can be added to the local admin group. -- http://www.4am-media.com Mac OS X Consulting and Training Michael Bartosh mbartosh@4am-media.com 303.517.0272 Denver, CO "The surest way to corrupt a youth is to instruct him to hold in higher regard those who think alike than those who think differently." - -- Nietzsche Think Different. From justin at mac.com Mon Feb 4 11:35:01 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:13 2005 Subject: OSX as a graphical-terminalserver? In-Reply-To: <200202041615.AA09959@ocs.cz> Message-ID: <305CC6CF-19A6-11D6-8C8A-00306544D642@mac.com> On Monday, February 4, 2002, at 08:15 AM, Ondra Cada wrote: > Justin, > >>>>>>> Justin C. Walker (JCW) wrote at Mon, 4 Feb 2002 07:23:07 -0800: > JCW> >I would like to be able to log in a few remote machines that > would each > JCW> >get their own graphical environment, preferably Aqua, on the > JCW> >"terminalserver" machine. I didn't write the above, just for the record... > If I understand correctly, it's the plain old NSHosting: running an > application so that it connects to _other machine's_ window server to > provide > GUI there. Just like telnet, but with GUI ;) Used to work perfectly with > NeXTStep and then Mac OS X Server 1. That's correct, and it worked with Mac OS X Server 1.x because the windowing model didn't undergo any significant changes from NextStep/OpenStep to "Rhapsody". The windowing model is brand new, and does not support the server model > JCW> No. It sounds as if you are talking about something akin to X's > "server > JCW> model", whereby the app can run on a remote system, but display on > your > JCW> local system (the local system runs the 'server'). Aqua doesn't > support > JCW> this kind of operation. > > Actually, AFAIK, it has nothing to do with Aqua. The problem is the new > Quartz window server, Yup; I was not very precise here. > which for some godforsaken reason can't serve more > different users at once (actually, it can serve exactly two, one plain > user, > and root). That's a reason (I don't know whether the reason or just one > of > them) why NSHosting does not exist anymore. Hyperbole aside, it probably isn't supported because it isn't of interest for Apple's chosen market. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | It's not whether you win or lose... | It's whether *I* win or lose. *--------------------------------------*-------------------------------* From justin at mac.com Mon Feb 4 11:50:01 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:13 2005 Subject: NetInfo Mgr question In-Reply-To: Message-ID: <2C7482F1-19A8-11D6-8C8A-00306544D642@mac.com> On Monday, February 4, 2002, at 09:51 AM, r00t wrote: > > On Sunday, February 3, 2002, at 10:07 , Mike Elston wrote: > >> An answer and a question... > [snip] > > It is entirely possible that they have changed things while leaving the > 10.1.2 client backwards compatible. > > Does it need anything like RPC? The 10.1.2 doesn't ship with RPC stuff > and no GUI to add it - it's something needed in NIS (AFAICR...it was a > long time ago) Just a quick comment on this last: 10.1.2 does indeed ship with RPC. I don't know where you got this idea, but look in /System/Library/StartupItems/Portmap. It's normally not enabled on the client, but if you want to act as a Netinfo server, it will (should) be enabled. If you want to serve NFS, you need to set RPCSERVER=-YES- in /etc/hostconfig. I think that since 10.1 or 10.1.1, Mac OS X's netinfo setup does not use nibindd by default (only enabling it if you are in a netinfo network), and has netinfod binding only to the loopback address (for security). Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | If you're not confused, | You're not paying attention *--------------------------------------*-------------------------------* From justin at mac.com Mon Feb 4 11:51:00 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:13 2005 Subject: List and explanations of errors In-Reply-To: Message-ID: <683181EE-19A8-11D6-8C8A-00306544D642@mac.com> On Monday, February 4, 2002, at 10:20 AM, fabienlroy@mac.com wrote: > Is there a docoment/web site whe I can get numerical error number to > plain text translation. > I am sick of the following: I'll bet not. I generally get more information from /var/log/syslog, or one of the other logs in the system. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | When LuteFisk is outlawed | Only outlaws will have | LuteFisk *--------------------------------------*-------------------------------* From shoop at iWiring.Net Mon Feb 4 11:54:02 2002 From: shoop at iWiring.Net (Dan Shoop) Date: Thu Nov 3 12:29:13 2005 Subject: OSX as a graphical-terminalserver? In-Reply-To: <948179373leif.carlsson@trifolium.se> References: <948179373leif.carlsson@trifolium.se> Message-ID: At 10:23 AM +0100 02/04/02, Leif Carlsson wrote: >------------------------------------------------------------------------------------------ > >Excuse this (stupid?) question, but I wonder: > >Is there any chance you could ever use a OSX-machine as a >graphical-terminalserver? > >I would like to be able to log in a few remote machines that would >each get their own graphical environment, preferably Aqua, on the >"terminalserver" machine. > >I use Timbuktu to speed up a 4D "remote" session over an ISDN >connection but you can only run one client on one machine at a time. > >I've used X-terminal client-server a long time ago but never >reflected over if it was possible to run multiple machines off one >"client" (I suppose you can because you can have several windows >open at one time???). Yes, X-Windows is a perfect fit, it can easily provide multiple GUI sessions, that's its design. Tenon packages it as xTools or you can just build and install it yourself of use fink. Your nomenclature is a bit backwards though with regard to X11. The X server is what the user runs on their display device, and the applications are clients that write to that display. -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From peterf at semiotx.com Mon Feb 4 13:40:59 2002 From: peterf at semiotx.com (Peter Fraterdeus) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird Message-ID: At 1:02 PM -0800 2/4/02, macosx-admin-request@omnigroup.com wrote: >Subject: Re: [X-Admin]Re: OSX 10.1.2 excess kernel task >80% and weird > freezes >From: Dave Taylor >To: Mac OS X Admin >Organization: Intuitive Systems - www.intuitive.com > >Peter, can you open up a Terminal and run: > > top -ulw | head -20 > >Then mail us the output? It'll look like this: > ... Hi Dave Ah, well, the last time it did this thing, I tried to do exactly that, in fact, as I said, I was running top -u and couldn't do a Copy because of the CPU load. The cursor just kept on spinnin' I've not run iPhoto since the last restart, and haven't had any trouble for ah, 20 hours and 41 minutes... P. -- AzByCx DwEvFu GtHsIr JqKpLo MnNmOl PkQjRi ShTgUf VeWdXc YbZa& @ Peter Fraterdeus http://www.midsummernightstamps.com www.semiotx.com Magical Images from the Moon's Garden! If liberty means anything at all, it means the right to tell people what they do not want to hear.--George Orwell From peterf at semiotx.com Mon Feb 4 13:42:04 2002 From: peterf at semiotx.com (Peter Fraterdeus) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird In-Reply-To: <200202042102.g14L2EO25806@lists.omnigroup.com> References: <200202042102.g14L2EO25806@lists.omnigroup.com> Message-ID: >...> > > I haven't seen anything like this since 10.0.4 was released. Is 10.1.2 a step >> backwards??? > >Did you install any of the Palm betas? > >john Ah yeahp... Is there an issue with this??? Thanks! PF -- AzByCx DwEvFu GtHsIr JqKpLo MnNmOl PkQjRi ShTgUf VeWdXc YbZa& @ Peter Fraterdeus http://www.midsummernightstamps.com www.semiotx.com Magical Images from the Moon's Garden! If liberty means anything at all, it means the right to tell people what they do not want to hear.--George Orwell From root at nimug.org Mon Feb 4 14:22:02 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:13 2005 Subject: NetInfo Mgr question In-Reply-To: Message-ID: <52B9A922-19BD-11D6-A2CE-0030656A00AC@nimug.org> On Monday, February 4, 2002, at 06:43 , Michael Bartosh wrote: > At 5:51 PM +0000 2/4/02, r00t wrote: >> I have no problem with that. How does the machine differentiate >> between local user accounts and remote NetInfo-served user accounts? >> The text I used for reference didn't touch on this but then I suppose >> it's common sense....it just does. > > NetInfo searches from the bottom up. If the uname exists locally, that > instance will be used to log in, regardless of if it exists in a higher > domain. Would that explain why Richard was having the problem that his rpeskin account was not able to modify the parent domain as it was only a member of the local one? > However (I believe I saw this question somewhare) non-local users can > be added to the local admin group. Thank the lord I hear someone is writing a book. From root at nimug.org Mon Feb 4 14:25:02 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:13 2005 Subject: NetInfo Mgr question In-Reply-To: <2C7482F1-19A8-11D6-8C8A-00306544D642@mac.com> Message-ID: On Monday, February 4, 2002, at 07:48 , Justin C. Walker wrote: >> Does it need anything like RPC? The 10.1.2 doesn't ship with RPC stuff >> and no GUI to add it - it's something needed in NIS (AFAICR...it was a >> long time ago) > > Just a quick comment on this last: 10.1.2 does indeed ship with RPC. I > don't know where you got this idea, but look in > /System/Library/StartupItems/Portmap. I was really referring to the ability to switch it on in the GUI. If it's not available in the GUI then it's not readily apparent. > It's normally not enabled on the client, but if you want to act as a > Netinfo server, it will (should) be enabled. If you want to serve NFS, > you need to set RPCSERVER=-YES- in /etc/hostconfig. > I think that since 10.1 or 10.1.1, Mac OS X's netinfo setup does not > use nibindd by default (only enabling it if you are in a netinfo > network), and has netinfod binding only to the loopback address (for > security). Wanna explain this a bit more Justin? I'm interested. -- From mbartosh at mac.com Mon Feb 4 14:29:01 2002 From: mbartosh at mac.com (Michael Bartosh) Date: Thu Nov 3 12:29:13 2005 Subject: NetInfo Mgr question In-Reply-To: <52B9A922-19BD-11D6-A2CE-0030656A00AC@nimug.org> References: <52B9A922-19BD-11D6-A2CE-0030656A00AC@nimug.org> Message-ID: At 10:19 PM +0000 2/4/02, r00t wrote: >>NetInfo searches from the bottom up. If the uname exists locally, >>that instance will be used to log in, regardless of if it exists in >>a higher domain. > >Would that explain why Richard was having the problem that his >rpeskin account was not able to modify the parent domain as it was >only a member of the local one? Probably, although I can't say for sure without digging into the thread. > >>However (I believe I saw this question somewhare) non-local users >>can be added to the local admin group. > >Thank the lord I hear someone is writing a book. Honestly, I've never found it to be too unclear. Next to other directory services, NetInfo is pretty simple. -- http://www.4am-media.com Mac OS X Consulting and Training Michael Bartosh mbartosh@4am-media.com 303.517.0272 Denver, CO "The surest way to corrupt a youth is to instruct him to hold in higher regard those who think alike than those who think differently." - -- Nietzsche Think Different. From root at nimug.org Mon Feb 4 14:41:13 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:13 2005 Subject: NetInfo Mgr question In-Reply-To: Message-ID: <12F0E700-19C0-11D6-A2CE-0030656A00AC@nimug.org> On Monday, February 4, 2002, at 10:28 , Michael Bartosh wrote: >> Thank the lord I hear someone is writing a book. > > Honestly, I've never found it to be too unclear. Next to other > directory services, NetInfo is pretty simple. Judging by Apple's documentation (three web pages), there's definitely more to it. Things that keep me awake at night: Machine groups Lookupd Secure authentication Lookupd User and Group quotas Lookupd It's certainly more friendly than NIS but the documentation eeds work. From jwelch at aer.com Mon Feb 4 15:02:00 2002 From: jwelch at aer.com (John C. Welch) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird In-Reply-To: Message-ID: On 02/04/2002 16:41, "Peter Fraterdeus" wrote: >>> I haven't seen anything like this since 10.0.4 was released. Is 10.1.2 a >>> step >>> backwards??? >> >> Did you install any of the Palm betas? >> >> john > > Ah yeahp... > > Is there an issue with this??? > > Thanks! Try deleting palm, and the hotsync kernel extension...that fixed it for me. john -- "The only easy day was yesterday." US Navy SEALs From christos at dynamic.net.au Mon Feb 4 15:09:01 2002 From: christos at dynamic.net.au (Chris Kakris) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird In-Reply-To: Message-ID: <13F8364F-19C4-11D6-9FD7-00039312A65C@dynamic.net.au> On Tuesday, February 5, 2002, at 10:01 , John C. Welch wrote: > > Try deleting palm, and the hotsync kernel extension...that > fixed it for me. I was having these problems even before I installed the Palm software. From alex at lassoguru.com Mon Feb 4 17:19:09 2002 From: alex at lassoguru.com (Alex Pilson) Date: Thu Nov 3 12:29:13 2005 Subject: Port redirecting in Apache In-Reply-To: <13F8364F-19C4-11D6-9FD7-00039312A65C@dynamic.net.au> References: <13F8364F-19C4-11D6-9FD7-00039312A65C@dynamic.net.au> Message-ID: Does anyone know if this is possible; I have a subdomain (mail.domain.com) mapped to the IP that is the same IP as the server (domain.com). Web server is port 80 and the sub domain is the webmail domain that runs on port 8100, Is there a way for Apache to redirect a request from mail.domain.com to mail.domain.com:8100? Otherwise you can view the main web site domain with mail.domain.com, not a big deal, I just want this to be clean. Any help would be appreciated. -- <----------------------------------------> \\--\\--\\--\\-\\--\\--\\-\\--\\--\\--// Alex Pilson Interactive Developer alex@lassoguru.com 404.728.4417 404.642.8225 CELL \\--\\--\\--\\-\\--\\--\\-\\--\\--\\--// <----------------------------------------> From justin at mac.com Mon Feb 4 17:22:02 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:13 2005 Subject: NetInfo Mgr question In-Reply-To: Message-ID: <8FD0F425-19D6-11D6-8C8A-00306544D642@mac.com> On Monday, February 4, 2002, at 02:22 PM, r00t wrote: > > On Monday, February 4, 2002, at 07:48 , Justin C. Walker wrote: > >>> Does it need anything like RPC? The 10.1.2 doesn't ship with RPC >>> stuff and no GUI to add it - it's something needed in NIS >>> (AFAICR...it was a long time ago) >> >> Just a quick comment on this last: 10.1.2 does indeed ship with RPC. >> I don't know where you got this idea, but look in >> /System/Library/StartupItems/Portmap. > > I was really referring to the ability to switch it on in the GUI. If > it's not available in the GUI then it's not readily apparent. Don't know enough about this to say; if you find yourself in a netinfo world, can't you instruct NetInfo Manager to find a parent? I'd think that would enable RPC. >> It's normally not enabled on the client, but if you want to act as a >> Netinfo server, it will (should) be enabled. If you want to serve >> NFS, you need to set RPCSERVER=-YES- in /etc/hostconfig. > >> I think that since 10.1 or 10.1.1, Mac OS X's netinfo setup does not >> use nibindd by default (only enabling it if you are in a netinfo >> network), and has netinfod binding only to the loopback address (for >> security). > > Wanna explain this a bit more Justin? I'm interested. Before The Change, both nibindd and netinfod ran by default, and both registered for RPC on all interfaces. For the 99% case, this is overkill, and also opens a port on all your interfaces, which some consider a security risk that's unwarranted, especially if not using netinfo for other than local (on-this-host) operation. Now, nibindd doesn't run unless (I think) you are a server, or possibly, if you are connected to a remote parent. If you are running local-only, netinfod runs on its own (which accounts for the "can't find nibindd" squawking that sometimes shows up in the logs), and only binds on the loopback address (127.0.0.1) which is not visible from your external interface (try 'nmap your-external-interface' and 'nmap 127.0.0.1'). If this doesn't answer your question, let me know. I can weasle-word it from here. Regards, Justin -- /~\ The ASCII Justin C. Walker, Curmudgeon-at-Large \ / Ribbon Campaign X Help cure HTML Email / \ From shoop at iWiring.Net Mon Feb 4 17:50:02 2002 From: shoop at iWiring.Net (Dan Shoop) Date: Thu Nov 3 12:29:13 2005 Subject: Port redirecting in Apache In-Reply-To: References: <13F8364F-19C4-11D6-9FD7-00039312A65C@dynamic.net.au> Message-ID: At 8:17 PM -0500 02/04/02, Alex Pilson wrote: >Does anyone know if this is possible; > >I have a subdomain (mail.domain.com) mapped to the IP that is the >same IP as the server (domain.com). Web server is port 80 and the >sub domain is the webmail domain that runs on port 8100, Is there a >way for Apache to redirect a request from mail.domain.com to >mail.domain.com:8100? Otherwise you can view the main web site >domain with mail.domain.com, not a big deal, I just want this to be >clean. Sure. Just create a virtual host, mail.domain.com:80 and specify a redirect rule to take them to mail.domain:8100 when it's hit. But why not just run the webmail on port 80 to begin with? Apache can sense the virtual host name mail.domain.com and route to that virtual host as opposed to any others running on the same machine. www.domain.com and domain.com can all point to different places. Set up your server so that virtual hosts are used everything and just put a splash screen and clickable directory on xxx.xxx.xxx.xxx:80 to trap for anyone who specifies the URL by IP address or doesn't support the HOST header. -- -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 shoop@mac.com (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From justin at mac.com Mon Feb 4 18:14:01 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:13 2005 Subject: OSX Server and Cisco In-Reply-To: <510782FD-18DD-11D6-B481-003065A76B44@occam.com> Message-ID: On Sunday, February 3, 2002, at 11:36 AM, Leon Towns-von Stauber wrote: >> Now the question that I have. Is there a terminal command that allows >> me to >> lock the Macintosh NIC in OSX to a given speed/duplex. I know there is >> nothing for MacOS9 other than the unsupported extensions however in OSX >> there should be a Terminal command at least? No? > > I believe I've figured out the syntax: > > ifconfig en0 mediaopt full-duplex > > but it doesn't actually do anything for me. And if I try the > following: > > ifconfig en0 media 100baseTX > > I receive an error: > > ifconfig: SIOCSIFMEDIA: Operation not supported Yup; this is not supported. I don't know if my last mail on this subject made it, but there are problems (I think) in both the IONetworkingFamily and Apple network drivers that cause these commands to misfire. Fixes are underway for both, to handle both issues (media and mediaopt). Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | If you're not confused, | You're not paying attention *--------------------------------------*-------------------------------* From alex at lassoguru.com Mon Feb 4 18:14:17 2002 From: alex at lassoguru.com (Alex Pilson) Date: Thu Nov 3 12:29:13 2005 Subject: Port redirecting in Apache In-Reply-To: References: <13F8364F-19C4-11D6-9FD7-00039312A65C@dynamic.net.au> Message-ID: At 8:49 PM -0500 2/4/02, Dan Shoop wrote: >At 8:17 PM -0500 02/04/02, Alex Pilson wrote: >>Does anyone know if this is possible; >> >>I have a subdomain (mail.domain.com) mapped to the IP that is the >>same IP as the server (domain.com). Web server is port 80 and the >>sub domain is the webmail domain that runs on port 8100, Is there a >>way for Apache to redirect a request from mail.domain.com to >>mail.domain.com:8100? Otherwise you can view the main web site >>domain with mail.domain.com, not a big deal, I just want this to be >>clean. > >Sure. > >Just create a virtual host, mail.domain.com:80 and specify a >redirect rule to take them to mail.domain:8100 when it's hit. I didn't want to have dummy virtual hosts in my iTools admin...but this would work. > >But why not just run the webmail on port 80 to begin with? Apache >can sense the virtual host name mail.domain.com and route to that >virtual host as opposed to any others running on the same machine. >www.domain.com and domain.com can all point to different places. Set >up your server so that virtual hosts are used everything and just >put a splash screen and clickable directory on xxx.xxx.xxx.xxx:80 to >trap for anyone who specifies the URL by IP address or doesn't >support the HOST header. I have Communigate Pro running on the same server, so anything that has a domain name and requests port 80, Apache will server up the main domain name. I am looking into mod_rewrite. -- <----------------------------------------> \\--\\--\\--\\-\\--\\--\\-\\--\\--\\--// Alex Pilson Interactive Developer alex@lassoguru.com 404.728.4417 404.642.8225 CELL \\--\\--\\--\\-\\--\\--\\-\\--\\--\\--// <----------------------------------------> From peterf at semiotx.com Mon Feb 4 18:30:58 2002 From: peterf at semiotx.com (Peter Fraterdeus) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: <8FE6E664-192A-11D6-A5CC-0003930405C0@aus.ac.ae> References: <8FE6E664-192A-11D6-A5CC-0003930405C0@aus.ac.ae> Message-ID: Just prior to this incident, I launched iPhoto, which worked fine for quite a while. However, I attempted to start a Classic app, and Classic hung before the 'desktop' appeared. Also, attempting to quit iPhoto started the familiar spinning cursor... The system.log at the time of the last incident: Feb 4 18:09:57 localhost mach_kernel: AppleNMI unmask NMI Feb 4 18:09:57 localhost mach_kernel: ************An SCC Error Occurred 0x7C Feb 4 18:09:57 localhost mach_kernel: ************An SCC Error Occurred 0x7C Feb 4 18:09:57 localhost mach_kernel: ADB present:8c Feb 4 18:09:57 localhost mach_kernel: ************An SCC Error Occurred 0x7C Feb 4 18:10:00 localhost last message repeated 43 times Feb 4 18:10:00 localhost CRON[16879]: (root) CMD ( /sw/sbin/anacron -s) Feb 4 18:10:00 localhost anacron[16880]: Anacron 2.3 started on 2002-02-04 Feb 4 18:10:00 localhost anacron[16880]: Normal exit (0 jobs run) Feb 4 18:10:06 localhost mach_kernel: ************An SCC Error Occurred 0x7C Feb 4 18:10:40 localhost last message repeated 98 times Feb 4 18:12:45 localhost last message repeated 350 times Feb 4 18:13:05 localhost last message repeated 69 times .... iPhoto was working OK for this whole time, but failed on Quit There are none of these errors in the log prior to the time that iPhoto launched! Feb 4 19:30:20 localhost mach_kernel: ************An SCC Error Occurred 0x7C Feb 4 19:30:51 localhost last message repeated 86 times Feb 4 19:32:55 localhost last message repeated 348 times I then put the system to sleep (closed the top) and on reopening, found that the machine was powered-down. Normal restart--no problem But what the heck is ************An SCC Error Occurred 0x7C ???? PF At 8:49 AM +0400 2/4/02, Breandan Dezendorf wrote: > I have seen the same problem on my tiBook (500mhz, 384 MB RAM.) Running Mac OS X Server 10.1.2. I have seen the problem 3 times in the past 5 weeks, (and if I remember correctly) it usually happens when the 'Book falls asleep during heavy load (running, say three fink processes), but it has not happened enough for me to say anything for certain about the cause. > I don't think it is classic, because I have not run classic mode since upgrading to 10.1.2. > All of my RAM is stock from Apple, as are the rest of of the system components. The only thing I have added to the mix is an Airport card. > > I had thought it was a user error on my part, but if others have seen the same thing... > >Breandan Dezendorf > > Macintosh Network Engineer >American University of Sharjah > >On Monday, February 4, 2002, at 05:36 AM, Chris Kakris wrote: > >>Yes I have had this happen to my tiBook 10.1.2 as well. However it >>only seems to happen when the laptop has been idle and the screen >>saver is running. Happens once every couple of months so it's not >>a show stopper. But this should not happen at all. >> >> >>On Monday, February 4, 2002, at 12:20 , Peter Fraterdeus wrote: >> >>>OSX 10.1.2 excess kernel task >80% and weird freezes >>> >>>I'm getting this behavior on the tiBook since updating to 10.1.2 >>> >>>Anybody else running into this? >>> >>>Symptoms are spinning cursor, non-responsive app, although I can still switch to another app, at least intitially. It seems to get worse if I force quit the affected app. Also unable to wake from sleep consistently. >>> There have been a number of times that the machine apparently just shut down in sleep, and I had to power up from scratch. >>> >>>I haven't seen anything like this since 10.0.4 was released. Is 10.1.2 a step backwards??? >>> >>>Please cc to my eMail [peterf<@>mac.com] if you've run into this, or heard of any solutions! >>> >>>Many thanks >>> >>>Peter >> >>_______________________________________________ >>MacOSX-admin mailing list >>MacOSX-admin@omnigroup.com >>http://www.omnigroup.com/mailman/listinfo/macosx-admin From justin at mac.com Mon Feb 4 18:47:19 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: Message-ID: <7354FBC0-19E2-11D6-8C8A-00306544D642@mac.com> On Monday, February 4, 2002, at 06:27 PM, Peter Fraterdeus wrote: > > > Just prior to this incident, I launched iPhoto, which worked fine for > quite a while. However, I attempted to start a Classic app, and Classic > hung before the 'desktop' appeared. > > Also, attempting to quit iPhoto started the familiar spinning cursor... > > The system.log at the time of the last incident: > > Feb 4 18:09:57 localhost mach_kernel: AppleNMI unmask NMI > Feb 4 18:09:57 localhost mach_kernel: ************An SCC Error > Occurred 0x7C > Feb 4 18:09:57 localhost mach_kernel: ************An SCC Error > Occurred 0x7C > [snip] > Feb 4 18:13:05 localhost last message repeated 69 times > .... > > iPhoto was working OK for this whole time, but failed on Quit > There are none of these errors in the log prior to the time that iPhoto > launched! [snip] > I then put the system to sleep (closed the top) and on reopening, found > that the machine was powered-down. > > Normal restart--no problem > > But what the heck is > > ************An SCC Error Occurred 0x7C At a guess, SCC is the serial interface. Are you using PPP? I don't recall from the thread what hardware you are using. I also wonder what the NMI msg is all about as well. Are you enabling debugging with the boot-args trick? Since you're using iPhoto, I'd guess this is 10.1.2; is that correct? Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | Men are from Earth. | Women are from Earth. | Deal with it. *--------------------------------------*-------------------------------* From jwelch at aer.com Mon Feb 4 19:19:01 2002 From: jwelch at aer.com (John C. Welch) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: <7354FBC0-19E2-11D6-8C8A-00306544D642@mac.com> Message-ID: On 02/04/2002 21:45, "Justin C. Walker" wrote: > At a guess, SCC is the serial interface. Are you using PPP? I don't > recall from the thread what hardware you are using. > > I also wonder what the NMI msg is all about as well. Are you enabling > debugging with the boot-args trick? > > Since you're using iPhoto, I'd guess this is 10.1.2; is that correct? > > Regards, Hmmm...because I didn't have this problem after iPhoto. I DID have it big time with the Palm betas, and yanking the Hot Sync kext fixed it for me. So this would seem to point at another issue that is in common with both apps. john -- "First there...that others may live." USAF 720th Special Tactics Group From rcerny at dataline.cz Mon Feb 4 23:00:59 2002 From: rcerny at dataline.cz (Robert Cerny) Date: Thu Nov 3 12:29:13 2005 Subject: List and explanations of errors In-Reply-To: Message-ID: <03A75B9E-1A06-11D6-A804-0003935401DA@dataline.cz> Hi, I suppose that if you get DesktopPrinting.h or such from carbon SDK you will find _some_ kind of explanation. Robert On Monday, February 4, 2002, at 07:20 , fabienlroy@mac.com wrote: > Is there a docoment/web site whe I can get numerical error number to > plain text translation. > I am sick of the following: > From chris at improbable.org Mon Feb 4 23:30:01 2002 From: chris at improbable.org (Chris Adams) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: <7354FBC0-19E2-11D6-8C8A-00306544D642@mac.com> Message-ID: <0A8BCF62-1A0A-11D6-A1E0-0003931044DC@improbable.org> On Monday, February 4, 2002, at 06:45 , Justin C. Walker wrote: > On Monday, February 4, 2002, at 06:27 PM, Peter Fraterdeus wrote: >> Feb 4 18:09:57 localhost mach_kernel: ************An SCC Error >> Occurred 0x7C >> Feb 4 18:09:57 localhost mach_kernel: ************An SCC Error >> Occurred 0x7C > > At a guess, SCC is the serial interface. Are you using PPP? I don't > recall from the thread what hardware you are using. Is this by any chance a powerbook? I got thousands of those when the IR port was configured on my PB G4/400 with the Palm HotSync software listening. Disabling the IR port fixed it. Chris From gupi at mac.com Tue Feb 5 00:15:01 2002 From: gupi at mac.com (Gunter Piringer) Date: Thu Nov 3 12:29:13 2005 Subject: OSX as a graphical-terminalserver? Message-ID: <5CF3C03F-1A10-11D6-8364-003065552850@mac.com> On Montag, Februar 4, 2002, at 08:53 Uhr, Dan Shoop wrote: > At 10:23 AM +0100 02/04/02, Leif Carlsson wrote: >> ------------------------------------------------------------------------------------------ >> >> Excuse this (stupid?) question, but I wonder: >> >> Is there any chance you could ever use a OSX-machine as a >> graphical-terminalserver? >> >> I would like to be able to log in a few remote machines that would >> each get their own graphical environment, preferably Aqua, on the >> "terminalserver" machine. >> >> I use Timbuktu to speed up a 4D "remote" session over an ISDN >> connection but you can only run one client on one machine at a time. >> >> I've used X-terminal client-server a long time ago but never >> reflected over if it was possible to run multiple machines off one >> "client" (I suppose you can because you can have several windows open >> at one time???). > > Yes, X-Windows is a perfect fit, it can easily provide multiple GUI > sessions, that's its design. Tenon packages it as xTools or you can > just build and install it yourself of use fink. > > Your nomenclature is a bit backwards though with regard to X11. The X > server is what the user runs on their display device, and the > applications are clients that write to that display. > No, X-Windows is not a perfect fit because you will not (as far as i can imagine) use Mac OS applications as 4D with it. X-Win can only handle clients compiled for X-Win. I think, you will be stuck with Timbuktu. Yours, gupi -- Gunter Piringer User Interface Designer From lists at colorremedies.com Tue Feb 5 00:32:00 2002 From: lists at colorremedies.com (Chris Murphy) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes Message-ID: <20020205083030.HBNN7443.rwcrmhc54.attbi.com@[192.168.70.4]> Peter Fraterdeus >OSX 10.1.2 excess kernel task >80% and weird freezes > >I'm getting this behavior on the tiBook since updating to 10.1.2 > >Anybody else running into this? You have different hardware and system versions than I had with this problem, but the same symptom exactly. Mine occured on a Quicksilver G4 867Mhz upon upgrading to OS X 10.1 and waking from sleep. Upon wake from sleep *and* Classic running, kernel task would shoot way high until it was difficult or impossible to reboot, even remotely. Going back to 10.04 solved the problem. What I concluded was that Apple introduced a bug in their CD-ROM KEXT in 10.1 as it applied to a particular model of CD-ROM drive. Mine came with a LITE-ON drive. I took it to a dealer and had the drive replaced and fortunately the replacement was not LITE-ON but rather a SONY and with 10.1 the problem didn't occur, so problem solved. >I haven't seen anything like this since 10.0.4 was released. Is 10.1.2 a >step backwards??? I suspect that 10.1.2 has introduced a new KEXT that is incompatible with some piece of hardware on your computer; or 10.1.2 has rendered a 3rd party KEXT incompatible. If I had to guess, either the CD-ROM or DVD-ROM drive, or perhaps you have a PC Card in your machine? Chris Murphy Color Remedies (tm) Boulder, CO 303-415-9932 From lists at colorremedies.com Tue Feb 5 00:37:00 2002 From: lists at colorremedies.com (Chris Murphy) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes Message-ID: <20020205083534.HCKT7443.rwcrmhc54.attbi.com@[192.168.70.4]> Peter Fraterdeus writes: >I've got a beta Wacom driver, and Retrospect, but I've had that since >October, and had no trouble until recently???? I'll put money on the beta Wacom driver being it and 10.1.2 introduced an incompatibility with the beta driver. I would yank it and look for a new one. How you yank it without resorting to a 3rd party GUI tool (like XRay) I'm not sure since it's in the admin unaccessible /System folder. I usually resort to the command line and just rm -R the KEXT. If you aren't into the CLI, use XRay to temporarily change the group write permission on the Extensions folder to be writable, then you can nuke the beta KEXT. Alternatively you could install a more recent version if available which should overwrite the existing one. >A few >minutes ago, the CPU % reported by top for the 0 kernel task went up to >107%... Same problem I had. Strange that you'd get 107% CPU on a machine with one CPU though. Chris Murphy Color Remedies (tm) Boulder, CO 303-415-9932 From lists at colorremedies.com Tue Feb 5 00:42:00 2002 From: lists at colorremedies.com (Chris Murphy) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes Message-ID: <20020205084111.KSTN10199.rwcrmhc53.attbi.com@[192.168.70.4]> "../randy" writes: >Well...I've had this Quicksilver machine since about september and it >still doesn'tsleep correctly. no matter what I do, the machine just shuts >itself down >after about5 minutes of sleep time... What does Apple say about this Randy? I suspect some unique piece of hardware on your machine that's causing this. On my QuickSilver 867Mhz, I have always been able to sleep and retain sleep without shutdown, even multiple times over the course of days (7 days uptime is the record thus far). Sleep is still flakey with OS X. Previously I mentioned that 10.1 introduced a KEXT conflict with my LITE-ON drive that caused the same symptom Peter reports which is the subject of this thread. 10.1.2 introduced a wake from sleep bug that a.) kills all sound and b.) occasionally when sound has been killed and I use the sound buttons, the loginwindow process dies taking all of my applications and data with it. The criticism I have for Apple is not that new bugs are being introduced with OS X, but that they take a long time to fix them. They should be identifying bugs that result in lost data (and sleep bugs often qualify) and get x.x.y releases out ASAP similar to how they were responsive with the Installer and Security Updates. Chris Murphy Color Remedies (tm) Boulder, CO 303-415-9932 From dez at mac.com Tue Feb 5 02:31:01 2002 From: dez at mac.com (Derek Chesterfield) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: Message-ID: <670AEC0B-1A23-11D6-95F2-003065D5CF7C@mac.com> Well, Hot Sync is presumably using the serial as well, so maybe this SCC problem IS the same as your problem? On Tuesday, February 5, 2002, at 03:18 am, John C. Welch wrote: > yanking the Hot Sync kext fixed it for me. So > this would seem to point at another issue that is in common with both > apps From dez at mac.com Tue Feb 5 02:42:00 2002 From: dez at mac.com (Derek Chesterfield) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: <20020205083030.HBNN7443.rwcrmhc54.attbi.com@[192.168.70.4]> Message-ID: On Tuesday, February 5, 2002, at 08:30 am, Chris Murphy wrote: > I suspect that 10.1.2 has introduced a new KEXT that is incompatible > with > some piece of hardware on your computer I think the common thread in all these kernel task problems is KEXTs. This is the downside to the hybrid kernel architecture in Mac OS X (where device drives run in the kernel space, instead of a 'pure' microkernel running drivers in user space). I have seen this problem on a couple of occasions, both times after using IrDA for PPP. From gerry at currysystems.com Tue Feb 5 04:33:00 2002 From: gerry at currysystems.com (Gerry Curry) Date: Thu Nov 3 12:29:13 2005 Subject: Newbie Question In-Reply-To: <200202042102.g14L2DO25798@lists.omnigroup.com> Message-ID: I am sick and tired of having my server disappear every time my Mac goes to sleep. My server is a Linux box running Netatalk. Is there a way to mount the shared volume in such a way that it always stays mounted? I tried mounting it as an NFS share but that doesn't seem to "stick" either. Gerry Curry Curry Systems & Consulting 546 Cedar Lake Rd, R.R. 1 South Ohio, NS, B0W 3E0 phone (902) 649-2368 fax (902) 649-3191 gerry@currysystems.com www.currysystems.com Authorized Apple Canada Value Added Reseller Netopia VAR Dantz Partner Apple Developer Connection From ntorda at nhgri.nih.gov Tue Feb 5 06:49:01 2002 From: ntorda at nhgri.nih.gov (Neil Torda) Date: Thu Nov 3 12:29:13 2005 Subject: OSX as a graphical-terminalserver? In-Reply-To: <5CF3C03F-1A10-11D6-8364-003065552850@mac.com> Message-ID: <628A7CC6-1A47-11D6-BC2F-003065B893D0@nhgri.nih.gov> You might also try VNC. It allows you to get your aqua interface on another computer (any computer with a vnc client, including wintel) Unfortunately, it only serves the running desktop, so no multiple users can connect with their own seperate desktop. It is much like timbuktu, but free. It is pretty cool in that you can run the VNC server on pretty much any platform, and run the client on pretty much any platform. Have your work windows gui on your TiBook, or have your os x desktop on your friends pc...etc. neil On Tuesday, February 5, 2002, at 03:14 AM, Gunter Piringer wrote: > On Montag, Februar 4, 2002, at 08:53 Uhr, Dan Shoop wrote: > >> At 10:23 AM +0100 02/04/02, Leif Carlsson wrote: >>> > ------------------------------------------------------------------------ > ------------------ >>> >>> Excuse this (stupid?) question, but I wonder: >>> >>> Is there any chance you could ever use a OSX-machine as a >>> graphical-terminalserver? >>> >>> I would like to be able to log in a few remote machines that would >>> each get their own graphical environment, preferably Aqua, on the >>> "terminalserver" machine. >>> >>> I use Timbuktu to speed up a 4D "remote" session over an ISDN >>> connection but you can only run one client on one machine at a time. >>> >>> I've used X-terminal client-server a long time ago but never >>> reflected over if it was possible to run multiple machines off one >>> "client" (I suppose you can because you can have several windows open > >>> at one time???). >> >> Yes, X-Windows is a perfect fit, it can easily provide multiple GUI >> sessions, that's its design. Tenon packages it as xTools or you can >> just build and install it yourself of use fink. >> >> Your nomenclature is a bit backwards though with regard to X11. The X >> server is what the user runs on their display device, and the >> applications are clients that write to that display. >> > No, X-Windows is not a perfect fit because you will not (as far as i can > > imagine) use Mac OS applications as 4D with it. X-Win can only handle > clients compiled for X-Win. I think, you will be stuck with Timbuktu. > > Yours, gupi > -- > Gunter Piringer > User Interface Designer > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > > Neil A. Torda Digicon Mac Team Leader National Human Genome Research Institute ntorda@nhgri.nih.gov From k.w.f.wik at usit.uio.no Tue Feb 5 08:59:00 2002 From: k.w.f.wik at usit.uio.no (Klaus Wik) Date: Thu Nov 3 12:29:13 2005 Subject: Using "-LogoutHook" to reset a "guest" user account In-Reply-To: <6DAE6BC2-DAF2-11D5-AF3D-0030657473EE@elliston.net> References: <6DAE6BC2-DAF2-11D5-AF3D-0030657473EE@elliston.net> Message-ID: The original thread concerned using -LogoutHook in /etc/ttys or defaults to add cleanup functions. After a bit of testing it seems that the document System Overview is horribly outdated in all manners when it comes to the loginwindow app. I did a strings loginwindow | grep Hook and found LoginHook LogoutHook loginHook logoutHook doLogoutHook doLoginHook DebugHook This should show that LogoutHook is at least implemented in code. And a DebugHook... I have to try that one. So boldly I continue with other options. HostName same string grep etc for Host loginHostName _copyAutoLaunchedPathsforAnyUserCurrentHost: _copyAutoLaunchedPathsforCurrentUserAnyHost: _copyAutoLaunchedPathsforCurrentUserCurrentHost: ie no parameter HostName. No wonder that didn't work. Perhaps I should try loginHostName? I checked for Name as well and find a ComputerName... unfortunately that didn't do anything that I could see, neither in &etc&ttys or in defaults.. So I continue my quest with strings, narrowing down on grep '^[A-Z]' , concentrating on capitalized strings, and one of the things I find is something that looks like an error message: Stop trying to quit loginwindow!!!! ;) And something that look like other, unmentioned options: LoginUI SHOWFULLNAME Authenticator System ComputerName DryRun PowerOffDisabled LoginHook LogoutHook LoginApp Oh well, I have mentioned the lack of quality to some local Apple employees and they have forwarded my request for valid information. Lets see what happens ;) (Wonder what will happen if I pass the option DryRun...*poof*) -- ___________________________________________________________________ | Klaus Wik | Center for Information Technology Services | | University of Oslo | Office: 3127 Comp.Sci. building | ------ Visit USIT's macpages: http://mac.uio.no ------------------- From taylor at intuitive.com Tue Feb 5 09:08:00 2002 From: taylor at intuitive.com (Dave Taylor) Date: Thu Nov 3 12:29:13 2005 Subject: Enabling line printer "lpr"? Message-ID: I read the man pages and it seems to me that it shouldn't be too hard to enable command line users to print within OS X. The key seems to be within the /etc/printcap file, where the only entry by default is: lp|local line printer:\ :lp=/dev/lp:sd=/var/spool/output/lpd:lf=/var/log/lpd-errs: I have three printers hooked up to my system, one addressable by IP, and two that are AppleTalk over Ethernet. Any and all suggestions for connecting these or configuring /etc/printcap to work with these would be MOST appreciated! Note the following results from lpc: lpc> restart all lp: cannot open lock file lp: couldn't start daemon lpc> status lp: queuing is enabled printing is enabled 2 entries in spool area printer idle lpc> quit Thanks. Dave Taylor Mac & Unix guy ps: I'm working on an OS X book for O'Reilly and would like to find a few OS X experts who can offer sage advice off-list. If you're interested, please let me know privately. Thanks! From mbartosh at mac.com Tue Feb 5 10:08:01 2002 From: mbartosh at mac.com (Michael Bartosh) Date: Thu Nov 3 12:29:13 2005 Subject: Using "-LogoutHook" to reset a "guest" user account In-Reply-To: References: <6DAE6BC2-DAF2-11D5-AF3D-0030657473EE@elliston.net> Message-ID: At 5:58 PM +0100 2/5/02, Klaus Wik wrote: >The original thread concerned using -LogoutHook in /etc/ttys or >defaults to add cleanup functions. > >After a bit of testing it seems that the document System Overview is >horribly outdated in all manners when it comes to the loginwindow >app. > >I did a strings loginwindow | grep Hook and found >LoginHook >LogoutHook >loginHook >logoutHook >doLogoutHook >doLoginHook >DebugHook > >This should show that LogoutHook is at least implemented in code. >And a DebugHook... I have to try that one. LogoutHook is broken. You can use LoginHook, though, to recreate the home dir every time a user logs in. I use ditto. -mab -- http://www.4am-media.com Mac OS X Consulting and Training Michael Bartosh mbartosh@4am-media.com 303.517.0272 Denver, CO "The surest way to corrupt a youth is to instruct him to hold in higher regard those who think alike than those who think differently." - -- Nietzsche Think Different. From fabienlroy at mac.com Tue Feb 5 10:12:02 2002 From: fabienlroy at mac.com (fabienlroy@mac.com) Date: Thu Nov 3 12:29:13 2005 Subject: List and explanations of errors In-Reply-To: <03A75B9E-1A06-11D6-A804-0003935401DA@dataline.cz> Message-ID: <7A36A2D4-1A63-11D6-95BE-000393030CD8@mac.com> This must be a joke: > cat /Developer/Headers/FlatCarbon/DesktopPrinting.h > > #warning DesktopPrinting.h is not available on Mac OS X On Monday, February 4, 2002, at 11:00 PM, Robert Cerny wrote: > Hi, > I suppose that if you get DesktopPrinting.h or such from carbon SDK you > will find _some_ kind of explanation. > > Robert > --- Fabien Roy Senior Software Engineer Tyrell Software Corporation 949 458-1911 ext 4 PGP Public Key From rforno at infowarrior.org Tue Feb 5 10:17:11 2002 From: rforno at infowarrior.org (Richard Forno) Date: Thu Nov 3 12:29:13 2005 Subject: Newbie Question In-Reply-To: Message-ID: Why not turn off the energy saver setting on the Mac server so it never goes to sleep? rf > From: Gerry Curry > Date: Tue, 05 Feb 2002 08:21:44 -0400 > To: > Subject: Newbie Question > > I am sick and tired of having my server disappear every time my Mac goes to > sleep. My server is a Linux box running Netatalk. Is there a way to mount > the shared volume in such a way that it always stays mounted? I tried > mounting it as an NFS share but that doesn't seem to "stick" either. > > Gerry Curry > Curry Systems & Consulting > 546 Cedar Lake Rd, R.R. 1 > South Ohio, NS, B0W 3E0 > phone (902) 649-2368 fax (902) 649-3191 > gerry@currysystems.com > www.currysystems.com > > Authorized Apple Canada > Value Added Reseller > > Netopia VAR > Dantz Partner > Apple Developer Connection > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > From doyle at aps.org Tue Feb 5 10:54:02 2002 From: doyle at aps.org (Mark Doyle) Date: Thu Nov 3 12:29:13 2005 Subject: Trouble connecting to server via SSH Message-ID: Greetings, Back on Jan 23, Giuliano Gavazzi wrote: > Isn't this a lookupd related problem? If you have initially started a > daemon from the console (read: from Terminal.app) it will have > inherited the wrong bootstrap context, then, once you log out, the > daemon will go out of context and lose its ability to perform > queries. I am not sure how the control panel works, but if you want to > start any daemon from the command line, you must do it by logging in > remotely first (or logging in as >console at the GUI); this is > obviously unfeasable for sshd if it isn't running already. > > I think the log entries related to this are: > > bootstrap_look_up() failed (ipc/send) invalid destination port Found this searching in the archives for the list. I forgot about this and got caught by this when I restarted ssh earlier this week. Anyway, I was wondering is there a way to start daemons from the command line that doesn't suffer from this shortcoming or is this an unavoidable "feature"? Cheers, Mark From s.mecklenburg at t-online.de Tue Feb 5 11:15:01 2002 From: s.mecklenburg at t-online.de (Sebastian Mecklenburg) Date: Thu Nov 3 12:29:13 2005 Subject: i want to zip Library! Message-ID: <7470EEC1-1A6A-11D6-B1CB-0030656368A8@t-online.de> arhg, this drives me mad. i copied my home directory to a backup disc and i want to compress some of the larger directories in it. but i can't compress the "Library" directory. i enter $> zip -r Library.zip Library/ in the terminal, press enter and nothing happens. i mean, a new line is inserted into the terminal window and thats it. after a few minutes i do ctrl-c because i think there's no use of waiting any longer and i get ^C zip error: Interrupted (aborting) zipping other directories is no problem. what to do? regards sebastian mecklenburg -- sebastian mecklenburg | Early to rise, early to bed, sebi@cyte.de | makes a man healthy, wealthy and dead. http://sebi.cyte.de | (Terry Pratchett, paraphrasing James Thurber) From jearle at mac.com Tue Feb 5 11:32:00 2002 From: jearle at mac.com (Jared ''Danger'' Earle) Date: Thu Nov 3 12:29:13 2005 Subject: i want to zip Library! In-Reply-To: <7470EEC1-1A6A-11D6-B1CB-0030656368A8@t-online.de> Message-ID: On Tuesday, February 5, 2002, at 07:59 , Sebastian Mecklenburg wrote: > arhg, this drives me mad. i copied my home directory to a backup disc and > i want to compress some of the larger directories in it. but i can't > compress the "Library" directory. i enter > > $> zip -r Library.zip Library/ > > in the terminal, press enter and nothing happens. i mean, a new line is > inserted into the terminal window and thats it. after a few minutes i do > ctrl-c because i think there's no use of waiting any longer and i get > > ^C zip error: Interrupted (aborting) > > zipping other directories is no problem. what to do? Wait. Then wait some more. Continue waiting... Then you'll have it. You may have to wait up to an hour, or even more. When you have typed your command, open a new Terminal window and type 'top -u -s5' and look what the top item on the list is. See? zip is running. I suspect the problem is because it's recompressing compressed mail folders, it'll take time. -- Jared Earle, Nightfall Games, jared@23x.net - http://www.23x.net "So long, and thanks for all the SPORK" From joel at powermac.demon.co.uk Tue Feb 5 11:52:28 2002 From: joel at powermac.demon.co.uk (Joel Smith) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: <20020205084111.KSTN10199.rwcrmhc53.attbi.com@[192.168.70.4]> References: <20020205084111.KSTN10199.rwcrmhc53.attbi.com@[192.168.70.4]> Message-ID: On Tuesday, February 5, 2002, at 08:30 am, Chris Murphy wrote: >I suspect that 10.1.2 has introduced a new KEXT that is incompatible with >some piece of hardware on your computer I have had a call outstanding with Apple support since 30/11/01. The symptoms I see are that when I try to put my PB Ti 500 to sleep, the login process and sometimes the kernel process will grab all available CPU. It can take 10-15 minutes to go to sleep, and when I try and wake up, it can take an age to wake up again. The odd thing is that if I reboot the machine, it will sleep and wake near instantaneously. It is something that seems to "rot" over time. I also get the SystemUIServer crashing a lot, which generates crash logs like: Date/Time: 2002-02-03 17:58:11 +0000 OS Version: 10.1.2 (Build 5P48) Command: SystemUIServer PID: 1236 Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_PROTECTION_FAILURE (0x0002) at 0x00000000 Thread 0: #0 0x7016652c in CFArrayGetCount #1 0x002b802c in -[BatteryExtra updateTimer:] #2 0x708d06e8 in __NSFireTimer #3 0x70196cd0 in __CFRunLoopDoTimer #4 0x7017c258 in __CFRunLoopRun #5 0x701b7100 in CFRunLoopRunSpecific #6 0x7017b8e0 in CFRunLoopRunInMode #7 0x7312cccc in RunEventLoopInModeUntilEventArrives #8 0x7313fe60 in ReceiveNextEventCommon #9 0x73171120 in BlockUntilNextEventMatchingListInMode #10 0x70bd70b8 in _DPSNextEvent #11 0x70bfe5d8 in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] #12 0x70c23468 in -[NSApplication run] #13 0x00003bfc in 0x3bfc #14 0x00003ac8 in 0x3ac8 #15 0x000038f8 in 0x38f8 Thread 1: #0 0x70000978 in mach_msg_overwrite_trap #1 0x70005a04 in mach_msg #2 0x7017bf98 in __CFRunLoopRun #3 0x701b7100 in CFRunLoopRunSpecific #4 0x7017b8e0 in CFRunLoopRunInMode #5 0x7061be08 in XIOAudioDeviceManager::NotificationThread(XIOAudioDeviceManager *) #6 0x706141c0 in CAPThread::Entry(CAPThread *) #7 0x7002054c in _pthread_body Thread 2: #0 0x700252fc in select #1 0x701955fc in __CFSocketManager #2 0x7002054c in _pthread_body PPC Thread State: srr0: 0x7016652c srr1: 0x0000f030 vrsave: 0x00000000 xer: 0x20000020 lr: 0x701664fc ctr: 0x701664e8 mq: 0x00000000 r0: 0x00061880 r1: 0xbfffebd0 r2: 0x00373344 r3: 0x00000000 r4: 0x00000003 r5: 0x00000024 r6: 0x0000002c r7: 0x00000e03 r8: 0x00000000 r9: 0x80160780 r10: 0x00000000 r11: 0x002bc024 r12: 0x701664e8 r13: 0x00000000 r14: 0x00000036 r15: 0x011e6a80 r16: 0x011e6ab0 r17: 0xbfffee90 r18: 0x00c65460 r19: 0x00004e07 r20: 0x00000000 r21: 0x0000001c r22: 0x70004234 r23: 0x700042c8 r24: 0x00000004 r25: 0x000003a4 r26: 0x70002d84 r27: 0x70002e10 r28: 0x00000000 r29: 0xbfffef00 r30: 0x00000000 r31: 0x00000001 ********** This seems to be related in some way (and since it is mentioning KERN_PROTECTION_FAILURE seems to point the finger at some kernel issue). I have phoned Apple numerous times since, but have just been told that they are still working on it and will phone me back (but I'm not holding my breath). Cheers, Joel -- Joel Smith 22 Springfield Way Pateley Bridge Tel: +44 1423 711229 Mobile: +44 7768 803758 N.Yorks HG3 5PA Fax: +44 870 1617192 From lists at colorremedies.com Tue Feb 5 12:04:01 2002 From: lists at colorremedies.com (Chris Murphy) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes Message-ID: <20020205200241.UJXS26243.rwcrmhc51.attbi.com@[192.168.70.4]> FWIW, this problem was reported on MacFixIt yesterday with a followup today from a Powerbook G3 user who solved his problem by removing his CD drive. I'm starting to smell a rat, and the rat is a bad CD/DVD KEXT. Anyone having this problem should disable their CD/DVD drive and see if that solves your problem. Chris Murphy Color Remedies (tm) Boulder, CO 303-415-9932 From alex at raftis.net Tue Feb 5 12:26:00 2002 From: alex at raftis.net (Alex Raftis) Date: Thu Nov 3 12:29:13 2005 Subject: List and explanations of errors Message-ID: <79D355D4-1A76-11D6-BF48-000393196340@raftis.net> > Is there a docoment/web site whe I can get numerical error number to > plain text translation. > I am sick of the following: Generally speaking, keep this site book marked: http://www.usc.edu/isd/doc/os/mac/consult/oserrors.html It list a good number of all the Mac numerical codes which Apple should be translating to plain text before a user ever sees them. However, the error you encountered is not in this list. However, search the Apple Developer archives, error "-9621" seems to indicate a network communication failure. Here's a link to read more: http://www.opensource.apple.com/bugs/X/AppleTalk/2725920.html I hope this helps, Alex Raftis --- alex@raftis.net From s.mecklenburg at t-online.de Tue Feb 5 15:48:01 2002 From: s.mecklenburg at t-online.de (Sebastian Mecklenburg) Date: Thu Nov 3 12:29:13 2005 Subject: i want to zip Library! In-Reply-To: Message-ID: <8DD71CC7-1A92-11D6-9D29-0030656368A8@t-online.de> On Tuesday, February 5, 2002, at 08:30 PM, Jared ''Danger'' Earle wrote: > On Tuesday, February 5, 2002, at 07:59 , Sebastian Mecklenburg wrote: >> arhg, this drives me mad. i copied my home directory to a backup disc >> and i want to compress some of the larger directories in it. but i >> can't compress the "Library" directory. i enter >> >> $> zip -r Library.zip Library/ >> >> in the terminal, press enter and nothing happens. i mean, a new line >> is inserted into the terminal window and thats it. after a few minutes >> i do ctrl-c because i think there's no use of waiting any longer and i >> get >> >> ^C zip error: Interrupted (aborting) >> >> zipping other directories is no problem. what to do? > > Wait. Then wait some more. Continue waiting... Then you'll have it. You > may have to wait up to an hour, or even more. > > When you have typed your command, open a new Terminal window and type > 'top -u -s5' and look what the top item on the list is. See? zip is > running. > > I suspect the problem is because it's recompressing compressed mail > folders, it'll take time. yuck! i just came home after starting the zip command 3 hours ago. you are right, it starts compressing after some time... but it follows the links, and in the "Favorites" directory there was a link to the home directory (i didn't put it there, must be there by default). i can hear my hard disk suffer (it _is_ busy)! there are things like adding: Library/Favorites/Home/Library/Favorites/Home/Library/Favorites/Home/Library/ Favorites/Home/Library/Favorites/Home/Documents/development/ogl_testbed/Planets Folder/ in the terminal. i don't think this would have stopped by itself. i guess i'll try it again tomorrow with zip -y again ;-) btw, where does zip store it's temp files? it's not /var/tmp. i might want to check there... btw2, zip is still busy "aborting" (since 20 minutes) regards sebastian mecklenburg -- sebastian mecklenburg | Early to rise, early to bed, sebi@cyte.de | makes a man healthy, wealthy and dead. http://sebi.cyte.de | (Terry Pratchett, paraphrasing James Thurber) From joel at powermac.demon.co.uk Tue Feb 5 16:33:00 2002 From: joel at powermac.demon.co.uk (Joel Smith) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: <20020205200241.UJXS26243.rwcrmhc51.attbi.com@[192.168.70.4]> References: <20020205200241.UJXS26243.rwcrmhc51.attbi.com@[192.168.70.4]> Message-ID: At 1:02 pm -0700 5/2/02, Chris Murphy wrote: >FWIW, this problem was reported on MacFixIt yesterday with a followup >today from a Powerbook G3 user who solved his problem by removing his CD >drive. I'm starting to smell a rat, and the rat is a bad CD/DVD KEXT. > >Anyone having this problem should disable their CD/DVD drive and see if >that solves your problem. > How do you do this with a Ti PB? Are you suggesting opening it up and disconnecting the CD drive, or is there an easier (less drastic) way? In a similar vein, does anyone else get a hang for around 5 seconds if they accidentally hit the CD eject button (which on the Ti is annoyingly next to the delete key) even with no CD loaded? Cheers, Joel -- Joel Smith 22 Springfield Way Pateley Bridge Tel: +44 1423 711229 Mobile: +44 7768 803758 N.Yorks HG3 5PA Fax: +44 870 1617192 From justin at mac.com Tue Feb 5 16:44:01 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: Message-ID: <66C2806E-1A9A-11D6-9A56-00306544D642@mac.com> On Tuesday, February 5, 2002, at 04:32 PM, Joel Smith wrote: > At 1:02 pm -0700 5/2/02, Chris Murphy wrote: >> FWIW, this problem was reported on MacFixIt yesterday with a followup >> today from a Powerbook G3 user who solved his problem by removing his >> CD >> drive. I'm starting to smell a rat, and the rat is a bad CD/DVD KEXT. >> >> Anyone having this problem should disable their CD/DVD drive and see if >> that solves your problem. >> > > How do you do this with a Ti PB? Are you suggesting opening it up and > disconnecting the CD drive, or is there an easier (less drastic) way? > In a similar vein, does anyone else get a hang for around 5 seconds if > they accidentally hit the CD eject button (which on the Ti is > annoyingly next to the delete key) even with no CD loaded? On the second question, you may be running into the infamous 'dallasDriver == NULL' problem. Check your syslog to see if this is mentioned. It's known and a fix is in the works. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | When LuteFisk is outlawed | Only outlaws will have | LuteFisk *--------------------------------------*-------------------------------* From peterf at semiotx.com Tue Feb 5 17:06:00 2002 From: peterf at semiotx.com (Peter Fraterdeus) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes In-Reply-To: <200202052102.g15L24k22142@lists.omnigroup.com> References: <200202052102.g15L24k22142@lists.omnigroup.com> Message-ID: Greetings all-- >... >... >Message: 15 >Date: Mon, 4 Feb 2002 18:45:44 -0800 >Subject: Re: OSX 10.1.2 excess kernel task >80% and weird freezes >From: "Justin C. Walker" >To: macosx-admin@omnigroup.com > >...> >> But what the heck is >> >> ************An SCC Error Occurred 0x7C > >At a guess, SCC is the serial interface. Are you using PPP? I don't >recall from the thread what hardware you are using. > >I also wonder what the NMI msg is all about as well. Are you enabling >debugging with the boot-args trick? Nope, no fancy pants stuff at all ;-) > >Since you're using iPhoto, I'd guess this is 10.1.2; is that correct? Yes. Correct. >Regards, > >Justin > >...--__--__--... > >On 02/04/2002 21:45, "Justin C. Walker" wrote: >... > > Since you're using iPhoto, I'd guess this is 10.1.2; is that correct? >> >> Regards, > > >Hmmm...because I didn't have this problem after iPhoto. I DID have it big >time with the Palm betas, and yanking the Hot Sync kext fixed it for me. So >this would seem to point at another issue that is in common with both apps. > >john > >... John, I'll check this out. >--__--__-- > >Message: 18 >Date: Mon, 4 Feb 2002 23:29:08 -0800 >Subject: Re: OSX 10.1.2 excess kernel task >80% and weird freezes >From: Chris Adams >To: MacOSX-Admin > >On Monday, February 4, 2002, at 06:45 , Justin C. Walker wrote: >> On Monday, February 4, 2002, at 06:27 PM, Peter Fraterdeus wrote: >>> Feb 4 18:09:57 localhost mach_kernel: ************An SCC Error >>> Occurred 0x7C >>> Feb 4 18:09:57 localhost mach_kernel: ************An SCC Error >>> Occurred 0x7C >> >> At a guess, SCC is the serial interface. Are you using PPP? I don't >> recall from the thread what hardware you are using. > >Is this by any chance a powerbook? I got thousands of those when the IR >port was configured on my PB G4/400 with the Palm HotSync software >listening. Disabling the IR port fixed it. > >Chris It is indeed a PB G4/400. Thanks for that tip, Chris I have disabled the IR port, and will see how that affects things. >... >Message: 20 >Subject: re: OSX 10.1.2 excess kernel task >80% and weird freezes >Date: Tue, 5 Feb 2002 01:30:30 -0700 >From: Chris Murphy >To: "omniadmin" > >Peter Fraterdeus > >>OSX 10.1.2 excess kernel task >80% and weird freezes >> >>I'm getting this behavior on the tiBook since updating to 10.1.2 >> >>Anybody else running into this? > >You have different hardware and system versions than I had with this >problem, but the same symptom exactly. Mine occured on a Quicksilver G4 >867Mhz upon upgrading to OS X 10.1 and waking from sleep. Upon wake from >sleep *and* Classic running, kernel task would shoot way high until it >was difficult or impossible to reboot, even remotely. Going back to 10.04 >solved the problem. As I may have said before (or after, the digest is time confusing!), I didn't see this specific behavior until the last weeks. It may well have been the Palm beta that triggers it. Perhaps iPhoto's polling the USB ports for cameras is creating a conflict with HotSync. > >>A few >>minutes ago, the CPU % reported by top for the 0 kernel task went up to >>107%... > >Same problem I had. Strange that you'd get 107% CPU on a machine with one >CPU though. Yah, no kiddin' ;'-) But hey, who knows what the boys/girls in Cupertino are cookin' up! > >Chris Murphy >Color Remedies (tm) >Boulder, CO >303-415-9932 > >... >occasionally when sound has been killed and I use the sound buttons, the >loginwindow process dies taking all of my applications and data with it. Damn. I hate it when that happens! >The criticism I have for Apple is not that new bugs are being introduced >with OS X, but that they take a long time to fix them. They should be >identifying bugs that result in lost data (and sleep bugs often qualify) >and get x.x.y releases out ASAP similar to how they were responsive with >the Installer and Security Updates. Well, it may be that they're stumped by it. Witness the ongoing problems with Adobe's InDesign 2 installer... There are a lot of pretty smart folks working hard on this stuff, no doubt! >... >To: "John C. Welch" >From: Derek Chesterfield > >Well, Hot Sync is presumably using the serial as well, so maybe this SCC >problem IS the same as your problem? > >On Tuesday, February 5, 2002, at 03:18 am, John C. Welch wrote: > >> yanking the Hot Sync kext fixed it for me. So >> this would seem to point at another issue that is in common with both >> apps Yeah. Looks like a good idea. >...--__--__-- > >Message: 35 >Date: Tue, 5 Feb 2002 19:51:47 +0000 >To: Chris Murphy , > "omniadmin" >From: Joel Smith >Subject: Re: OSX 10.1.2 excess kernel task >80% and weird freezes > >On Tuesday, February 5, 2002, at 08:30 am, Chris Murphy wrote: > >>I suspect that 10.1.2 has introduced a new KEXT that is incompatible with >>some piece of hardware on your computer > >I have had a call outstanding with Apple support since 30/11/01. The >symptoms I see are that when I try to put my PB Ti 500 to sleep, the >login process and sometimes the kernel process will grab all >available CPU. It can take 10-15 minutes to go to sleep, and when I >try and wake up, it can take an age to wake up again. > >The odd thing is that if I reboot the machine, it will sleep and wake >near instantaneously. It is something that seems to "rot" over time. >.... Indeed. Something fishy in Denmark ;-) >This seems to be related in some way (and since it is mentioning >KERN_PROTECTION_FAILURE seems to point the finger at some kernel >issue). I have phoned Apple numerous times since, but have just been >told that they are still working on it and will phone me back (but >I'm not holding my breath). > >Cheers, > >Joel >-- > >Joel Smith >22 Springfield Way >Pateley Bridge Tel: +44 1423 711229 Mobile: +44 7768 803758 >N.Yorks HG3 5PA Fax: +44 870 1617192 Thanks to all for your ideas and hints. This list is invaluable... as long as it stays free of {$FIRESTARTER} ;-) Ciao PF -- AzByCx DwEvFu GtHsIr JqKpLo MnNmOl PkQjRi ShTgUf VeWdXc YbZa&@ Peter Fraterdeus, peterf@semiotx.com -:- peterf@mac.com The losers in the War on Terrorism will be the Free and their dissent.--PF Those who desire to give up freedom in order to gain security, will not have, nor do they deserve, either one.--Benjamin Franklin A free society is one where it is safe to be unpopular.--Adlai Stevenson From lists at colorremedies.com Tue Feb 5 17:59:02 2002 From: lists at colorremedies.com (Chris Murphy) Date: Thu Nov 3 12:29:13 2005 Subject: OSX 10.1.2 excess kernel task >80% and weird freezes Message-ID: <20020206015757.DRCX10199.rwcrmhc53.attbi.com@[192.168.70.4]> Joel Smith (joel@powermac.demon.co.uk) writes: >How do you do this with a Ti PB? Are you suggesting opening it up and >disconnecting the CD drive, or is there an easier (less drastic) way? Don't know, and no. But if you can figure it out, give it a shot. It might be easier to locate the KEXT related to CD/DVD support and temporarily disable it and see if that solves the problem, rather than resorting to physically disconnecting the drive. >In a similar vein, does anyone else get a hang for around 5 seconds >if they accidentally hit the CD eject button (which on the Ti is >annoyingly next to the delete key) even with no CD loaded? It sounds like a CD/DVD KEXT problem to me. I only had unresponsive CD eject key behavior with the LITE-ON drive post 10.1 update (going back to 10.0.4 solved it, and so did replacing the drive with a Sony under warranty so I could use 10.1). Chris Murphy Color Remedies (tm) Boulder, CO 303-415-9932 From stl at supertronic.it Wed Feb 6 02:33:02 2002 From: stl at supertronic.it (Stefano Lesandrini) Date: Thu Nov 3 12:29:13 2005 Subject: I can't mount hfs+ CDs or images (.DMG) References: <7470EEC1-1A6A-11D6-B1CB-0030656368A8@t-online.de> Message-ID: <3C610610.7020804@supertronic.it> Suddendly my system (MacOS X 10.1.2) isn't able to mount hfs+ CDs or disk images (of HFS+ CDS) I always get this message that reads: "You have inserted a disk containing no volumes that Mac OS X can read. To use the unreadable volumes, click Initialize. To continue with the disk inserted, click Continue." I have three options: , and If I click nothing happens; the CD/image isn't mounted A bit deeper, this is the console's report after I tryed to mount a hfs+ CD: ---- begin of of console output ------- localhost /sbin/autodisksmount[103]: DiskVolume_mount_foreign: There is a filesystem error with the device disk disk1s1s7 which was attempting to mount at /Volumes/AppleCare Diagnostic CD localhost /sbin/autodisksmount[103]: disk1s1s7 ??? hfs no no AppleCare Diagnostic CD [not mounted ... ----- end of of console output -------- But if I launch Disk Utility, I can see that the CD lists on the left column and now Console says: ---- begin of of console output ------- Disk Utility[1550]: Returned an error on device check... Disk Utility[1550]: Device disk1 = 0 Disk Utility[1550]: Returned an error on statu check = 14040 ... ----- end of of console output -------- The result is that I can't mount that or other HFS+ CDs or disk images (Otherwise I can mount macOS Standard CDs) Any suggestions? TYVM in advance, /STEVE From stl at supertronic.it Wed Feb 6 02:48:00 2002 From: stl at supertronic.it (Stefano Lesandrini) Date: Thu Nov 3 12:29:13 2005 Subject: I can't mount hfs+ CDs or images (.DMG) Message-ID: <3C61099C.7030908@supertronic.it> Suddendly my system (MacOS X 10.1.2) isn't able to mount hfs+ CDs or disk images (of HFS+ CDS) I always get this message that reads: "You have inserted a disk containing no volumes that Mac OS X can read. To use the unreadable volumes, click Initialize. To continue with the disk inserted, click Continue." I have three options: , and If I click nothing happens; the CD/image isn't mounted A bit deeper, this is the console's report after I tryed to mount a hfs+ CD: ---- begin of of console output ------- localhost /sbin/autodisksmount[103]: DiskVolume_mount_foreign: There is a filesystem error with the device disk disk1s1s7 which was attempting to mount at /Volumes/AppleCare Diagnostic CD localhost /sbin/autodisksmount[103]: disk1s1s7 ??? hfs no no AppleCare Diagnostic CD [not mounted ... ----- end of of console output -------- But if I launch Disk Utility, I can see that the CD lists on the left column and now Console says: ---- begin of of console output ------- Disk Utility[1550]: Returned an error on device check... Disk Utility[1550]: Device disk1 = 0 Disk Utility[1550]: Returned an error on statu check = 14040 ... ----- end of of console output -------- The result is that I can't mount that or other HFS+ CDs or disk images (Otherwise I can mount macOS Standard CDs) Any suggestions? TYVM in advance, /STEVE From root at nimug.org Wed Feb 6 02:57:00 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:13 2005 Subject: I can't mount hfs+ CDs or images (.DMG) In-Reply-To: <3C610610.7020804@supertronic.it> Message-ID: <0DA38CD6-1AF0-11D6-9668-0030656A00AC@nimug.org> On Wednesday, February 6, 2002, at 10:31 , Stefano Lesandrini wrote: > Suddendly my system (MacOS X 10.1.2) > isn't able to mount hfs+ CDs or disk images (of HFS+ CDS) > > I always get this message that reads: > "You have inserted a disk containing no volumes > that Mac OS X can read. To use the unreadable > volumes, click Initialize. To continue with the > disk inserted, click Continue." Which hardware are you using? (I had something similar with my Powerbook G3 FireWire) From stl at supertronic.it Wed Feb 6 03:05:01 2002 From: stl at supertronic.it (Stefano Lesandrini) Date: Thu Nov 3 12:29:13 2005 Subject: I can't mount hfs+ CDs or images (.DMG) References: <0DA38CD6-1AF0-11D6-9668-0030656A00AC@nimug.org> Message-ID: <3C610D57.20308@supertronic.it> A Powerbook G4/256MB/20GB w/MacOS X 10.1.2 Build 5P48 /Steve r00t wrote: > > On Wednesday, February 6, 2002, at 10:31 , Stefano Lesandrini wrote: > >> Suddendly my system (MacOS X 10.1.2) >> isn't able to mount hfs+ CDs or disk images (of HFS+ CDS) >> >> I always get this message that reads: >> "You have inserted a disk containing no volumes >> that Mac OS X can read. To use the unreadable >> volumes, click Initialize. To continue with the >> disk inserted, click Continue." > > > Which hardware are you using? > (I had something similar with my Powerbook G3 FireWire) > > > > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > From alex at lassoguru.com Wed Feb 6 06:12:01 2002 From: alex at lassoguru.com (Alex Pilson) Date: Thu Nov 3 12:29:13 2005 Subject: Limiting FTP space to upload to In-Reply-To: <66C2806E-1A9A-11D6-9A56-00306544D642@mac.com> References: <66C2806E-1A9A-11D6-9A56-00306544D642@mac.com> Message-ID: Is there way to limit a user to a certain amount of space in his FTP account? Say I have user I want to set a limit of 100megs of server space, how can an admin go about doing something like that? OS X 10.1.2 iTools 6.5 -- :::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Alex Pilson Interactive Developer Lasso Programmer 404.728.4417 From mike at caisys.co.uk Wed Feb 6 06:23:17 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:13 2005 Subject: Newbie Question In-Reply-To: References: Message-ID: <10202061049.AA07402@gandalf.caisys.co.uk> Gerry Curry wrote: > I am sick and tired of having my server disappear every time my Mac > goes to sleep. My server is a Linux box running Netatalk. Is there a > way to mount the shared volume in such a way that it always stays > mounted? I tried mounting it as an NFS share but that doesn't seem to > "stick" either. I too have regular problems with access to NFS mounts disappearing -- not just after sleep, but after periods of inactivity on the remote mounts too. It's most obvious in Finder, which insists the mount is a link which no longer exists; sometime Navigation Services (Open/Save panels) have the same problem. But the mount is in fact still there; often relaunching the Finder (or other app) is enough to reactivate the mount; sometimes the remote mounts reappear but all folders within them are "links which no longer exist" (I forget the exact message), and a second relaunch is necessary. It's most irritating. OTOH I've never actually lost an NFS mount (such that I had to reboot or anything as drastic as that). PowerMac G4 AGP/ OS X 10.1.2/ fileserver is a NeXT running NS3.3. Not sure if this addresses your problem. /mike -- Mike Elston | CaiSys _|> consultant | NeXT, MacOS, Unix, CAI From ocs at ocs.cz Wed Feb 6 07:14:10 2002 From: ocs at ocs.cz (Ondra Cada) Date: Thu Nov 3 12:29:13 2005 Subject: Newbie Question In-Reply-To: <10202061049.AA07402@gandalf.caisys.co.uk> References: <10202061049.AA07402@gandalf.caisys.co.uk> Message-ID: <200202061502.AA12013@ocs.cz> Mike, >>>>>> Mike Elston (ME) wrote at Wed, 6 Feb 2002 10:49:10 GMT: ME> I too have regular problems with access to NFS mounts disappearing -- not ME> just after sleep, but after periods of inactivity on the remote mounts ME> too. Do you use automount? It indeed unmounts/remounts on demand, just see "man automount"! If you want your NFS mounts to stick, just mount them explicitly (mount -t nfs exportname mountpoint). --- Ondra Cada OCSoftware: ocs@ocs.cz http://www.ocs.cz 2K Development: o.cada@2kdevelopment.cz http://www.2kdevelopment.cz private ondra@ocs.cz http://www.ocs.cz/oc From shoop at iWiring.Net Wed Feb 6 11:20:31 2002 From: shoop at iWiring.Net (Dan Shoop) Date: Thu Nov 3 12:29:13 2005 Subject: OSX as a graphical-terminalserver? In-Reply-To: <5CF3C03F-1A10-11D6-8364-003065552850@mac.com> References: <5CF3C03F-1A10-11D6-8364-003065552850@mac.com> Message-ID: At 9:14 AM +0100 02/05/02, Gunter Piringer wrote: >On Montag, Februar 4, 2002, at 08:53 Uhr, Dan Shoop wrote: > >>At 10:23 AM +0100 02/04/02, Leif Carlsson wrote: >>>------------------------------------------------------------------------------------------ >>> >>>Excuse this (stupid?) question, but I wonder: >>> >>>Is there any chance you could ever use a OSX-machine as a >>>graphical-terminalserver? >>> >>>I would like to be able to log in a few remote machines that would >>>each get their own graphical environment, preferably Aqua, on the >>>"terminalserver" machine. >>> >>>I use Timbuktu to speed up a 4D "remote" session over an ISDN >>>connection but you can only run one client on one machine at a >>>time. >>> >>>I've used X-terminal client-server a long time ago but never >>>reflected over if it was possible to run multiple machines off one >>>"client" (I suppose you can because you can have several windows >>>open at one time???). >> >>Yes, X-Windows is a perfect fit, it can easily provide multiple GUI >>sessions, that's its design. Tenon packages it as xTools or you can >>just build and install it yourself of use fink. >> >>Your nomenclature is a bit backwards though with regard to X11. The >>X server is what the user runs on their display device, and the >>applications are clients that write to that display. >> >No, X-Windows is not a perfect fit because you will not (as far as i >can imagine) use Mac OS applications as 4D with it. X-Win can only >handle clients compiled for X-Win. I think, you will be stuck with >Timbuktu. Of course X11 does not run Aqua, but the poster didn't specify this was a requirement, they said "preferably aqua". Nor did the say that running Carbon or Cocoa apps was a requirement. Timbuktu just remotely mirrors a existing, single login session on the console device, it doesn't permit multiple users at the same time. I have no clue about X-Win, but don't even see how it allpies. -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From nikoniko at adaptory.com Wed Feb 6 11:40:02 2002 From: nikoniko at adaptory.com (Nikolaos Nikou) Date: Thu Nov 3 12:29:13 2005 Subject: configure http proxy Message-ID: <3C6187A0.8090601@adaptory.com> I was wondering if anyone knows how to configure Apples www server as a proxy with user accounts. Right now we are using it as a proxy with no authedication but we would like to add authedication for all the users. thank you nn From scott at maxify.com Wed Feb 6 11:44:02 2002 From: scott at maxify.com (Scott Stevenson) Date: Thu Nov 3 12:29:13 2005 Subject: I can't mount hfs+ CDs or images (.DMG) In-Reply-To: <3C610610.7020804@supertronic.it> Message-ID: On Wednesday, February 6, 2002, at 02:31 AM, Stefano Lesandrini wrote: > I always get this message that reads: > "You have inserted a disk containing no volumes > that Mac OS X can read. To use the unreadable > volumes, click Initialize. To continue with the > disk inserted, click Continue." I think I vaguely remember this happening on older versions of Mac OS X. For some reason, it seemed to be connected with /etc/hostconfig getting thrashed. Does that file look normal? It should consist of about 28 lines of configuration options. - Scott -- Scott Stevenson http://wildtofu.com/ http://maxify.com/ AIM: TwoTsInScott From seconline at yahoo.com Wed Feb 6 13:37:01 2002 From: seconline at yahoo.com (no one) Date: Thu Nov 3 12:29:14 2005 Subject: Mac Address List Message-ID: <20020206213633.86511.qmail@web12206.mail.yahoo.com> Hello Everyone, Anyone know of a tool which would do a ping sweep and give me a list of valid MAC (NIC) addresses mapped to those ip's ? Thanks, I __________________________________________________ Do You Yahoo!? Send FREE Valentine eCards with Yahoo! Greetings! http://greetings.yahoo.com From justin at mac.com Wed Feb 6 15:01:07 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:14 2005 Subject: Mac Address List In-Reply-To: <20020206213633.86511.qmail@web12206.mail.yahoo.com> Message-ID: On Wednesday, February 6, 2002, at 01:36 PM, no one wrote: > Hello Everyone, > > Anyone know of a tool which would do a ping sweep > and give me a list of valid MAC (NIC) addresses mapped > to those ip's ? You can try 'nmap' (see http://www.nmap.org). You will not get a list of MAC addresses unless you are on the same subnet as the addresses you are 'pinging', since the MAC headers are not "routed". The 'arp' command gives you the known MAC addresses on your system. These are command-line tools. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | When LuteFisk is outlawed | Only outlaws will have | LuteFisk *--------------------------------------*-------------------------------* From snowcrazy2 at mac.com Wed Feb 6 16:17:12 2002 From: snowcrazy2 at mac.com (Michael Maskalans) Date: Thu Nov 3 12:29:14 2005 Subject: Mac Address List In-Reply-To: Message-ID: On Wednesday, February 6, 2002, at 05:42 PM, Justin C. Walker wrote: > *This message was transferred with a trial version of CommuniGate(tm) > Pro* > > On Wednesday, February 6, 2002, at 01:36 PM, no one wrote: > >> Hello Everyone, >> >> Anyone know of a tool which would do a ping sweep >> and give me a list of valid MAC (NIC) addresses mapped >> to those ip's ? > > You can try 'nmap' (see http://www.nmap.org). You will not get a list > of MAC addresses unless you are on the same subnet as the addresses you > are 'pinging', since the MAC headers are not "routed". The 'arp' > command gives you the known MAC addresses on your system. These are > command-line tools. there is also a utility called ettercap that will do the same, along with a load of sniffing options. dangerous in the wrong hands, interesting in the right.... -- Michael Maskalans Phone: 612/618-4652 Fax: 954/697-0487 Member, Apple Solution Experts Apple Campus Rep Twin Cities, MN Rochester, NY From root at nimug.org Wed Feb 6 17:39:01 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:14 2005 Subject: Mac Address List In-Reply-To: <20020206213633.86511.qmail@web12206.mail.yahoo.com> Message-ID: <48D8FF18-1B6B-11D6-BEEB-0030656A00AC@nimug.org> On Wednesday, February 6, 2002, at 09:36 , no one wrote: > Hello Everyone, > > Anyone know of a tool which would do a ping sweep > and give me a list of valid MAC (NIC) addresses mapped > to those ip's ? Grab iNetTools from Wildpackets.com. Or nmap. Or shell script it. Perform the sweep. Execute following command in Terminal arp -a > ~/Desktop/MAC_list.txt Woohoo! From neill at his.com Wed Feb 6 19:08:01 2002 From: neill at his.com (Neil Laubenthal) Date: Thu Nov 3 12:29:14 2005 Subject: Mac Address List In-Reply-To: <20020206213633.86511.qmail@web12206.mail.yahoo.com> References: <20020206213633.86511.qmail@web12206.mail.yahoo.com> Message-ID: At 13:36 -0800 2/6/02, no one wrote: >Hello Everyone, > > Anyone know of a tool which would do a ping sweep >and give me a list of valid MAC (NIC) addresses mapped >to those ip's ? > It's not an X tool . . . but Northern Utilities will do this on NT or W2K quite nicely . . . as well as all sorts of other useful network sniffing. There's a tool available for linux that also does it . . . that should be pretty easy to recompile; but the name of it escapes me right now. -- =================================================================== Neil There are only three kinds of stress . . . your basic nuclear stress, cooking stress, and Asshole stress. All of the three are related . . . the key is Jello. From mass at cocco.it Thu Feb 7 00:49:03 2002 From: mass at cocco.it (Antonio Cocco) Date: Thu Nov 3 12:29:14 2005 Subject: Multiple IP's Message-ID: Hi All I have a Quicksilver 733/G4 with Mac Os X Server 10.1.2 with an added network card. The built in ethernet card is on a local static IP address (192.168.xxx.xxx) and the added ethernet card is on external static IP directly on the internet (212.xxx.xxx.xxx). Is there a way to let all the services, except web and mail services, respond only to built in card, while the web ad mail services respond only to the external card? Please help. Antonio Cocco -- Antonio Cocco G.G.G. Srl Via Tanucci 91 81110 Caserta - Italy Ph. +39-0823-322755 Fax +39-0823-322068 From jonas at zeus.rug.ac.be Thu Feb 7 02:48:01 2002 From: jonas at zeus.rug.ac.be (Jonas Maebe) Date: Thu Nov 3 12:29:14 2005 Subject: configure http proxy In-Reply-To: <3C6187A0.8090601@adaptory.com> Message-ID: <09298938-1BB8-11D6-ACE2-003065D3FF28@zeus.rug.ac.be> On woensdag, februari 6, 2002, at 08:44 , Nikolaos Nikou wrote: > Right now we are using it as a proxy with no authedication but we would > like to add authedication for all the users. As long as it's configured that way, please configure your firewall so that it only allows connections to it from within your own network (Mac OS X's built-in firewall, ipfw, can handle that fine). The reason is that spammers nowadays often tunnel their smtp connections to open relays through unsecured http and socks proxies, so they become virtually untraceable that way. Jonas From justin at mac.com Thu Feb 7 08:09:00 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:14 2005 Subject: Multiple IP's In-Reply-To: Message-ID: On Thursday, February 7, 2002, at 12:48 AM, Antonio Cocco wrote: > Hi All > > > I have a Quicksilver 733/G4 with Mac Os X Server 10.1.2 with an added > network card. The built in ethernet card is on a local static IP > address (192.168.xxx.xxx) and the added ethernet card is on external > static IP directly on the internet (212.xxx.xxx.xxx). > Is there a way to let all the services, except web and mail services, > respond only to built in card, while the web ad mail services respond > only to the external card? Darwin/Mac OS X cannot currently be configured in this way. You can set up some individual services (like web/apache; check the included documentation) to answer requests only for certain addresses, but not every service provides this capability. I don't know if you can set up mail service that way. You should look into "xinetd", a replacement for the version of 'inetd' that is shipped with Mac OS X. The former will allow you to selectively bind individual services to a subset of the addresses used by your system. This only works, of course, for services that support and are supported by inetd. Regards, Justin -- /~\ The ASCII Justin C. Walker, Curmudgeon-at-Large \ / Ribbon Campaign X Help cure HTML Email / \ From mbartosh at mac.com Thu Feb 7 08:22:00 2002 From: mbartosh at mac.com (Michael Bartosh) Date: Thu Nov 3 12:29:14 2005 Subject: Multiple IP's In-Reply-To: References: Message-ID: At 8:08 AM -0800 2/7/02, Justin C. Walker wrote: >On Thursday, February 7, 2002, at 12:48 AM, Antonio Cocco wrote: > >>Hi All >> >> >>I have a Quicksilver 733/G4 with Mac Os X Server 10.1.2 with an >>added network card. The built in ethernet card is on a local static >>IP address (192.168.xxx.xxx) and the added ethernet card is on >>external static IP directly on the internet (212.xxx.xxx.xxx). >>Is there a way to let all the services, except web and mail >>services, respond only to built in card, while the web ad mail >>services respond only to the external card? > >Darwin/Mac OS X cannot currently be configured in this way. You can >set up some individual services (like web/apache; check the included >documentation) to answer requests only for certain addresses, but >not every service provides this capability. I don't know if you can >set up mail service that way. > >You should look into "xinetd", a replacement for the version of >'inetd' that is shipped with Mac OS X. The former will allow you to >selectively bind individual services to a subset of the addresses >used by your system. This only works, of course, for services that >support and are supported by inetd. If he's running Mac OS X Server, he can set up IP Filter to meet the above requirements. -mab -- http://www.4am-media.com Mac OS X Consulting and Training Michael Bartosh mbartosh@4am-media.com 303.517.0272 Denver, CO "The surest way to corrupt a youth is to instruct him to hold in higher regard those who think alike than those who think differently." - -- Nietzsche Think Different. From justin at mac.com Thu Feb 7 08:44:01 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:14 2005 Subject: Multiple IP's In-Reply-To: Message-ID: On Thursday, February 7, 2002, at 08:21 AM, Michael Bartosh wrote: > At 8:08 AM -0800 2/7/02, Justin C. Walker wrote: >> On Thursday, February 7, 2002, at 12:48 AM, Antonio Cocco wrote: >> >>> Hi All >>> >>> >>> I have a Quicksilver 733/G4 with Mac Os X Server 10.1.2 with an added >>> network card. The built in ethernet card is on a local static IP >>> address (192.168.xxx.xxx) and the added ethernet card is on external >>> static IP directly on the internet (212.xxx.xxx.xxx). >>> Is there a way to let all the services, except web and mail services, >>> respond only to built in card, while the web ad mail services >>> respond only to the external card? >> >> Darwin/Mac OS X cannot currently be configured in this way. You can >> set up some individual services (like web/apache; check the included >> documentation) to answer requests only for certain addresses, but not >> every service provides this capability. I don't know if you can set >> up mail service that way. >> >> You should look into "xinetd", a replacement for the version of >> 'inetd' that is shipped with Mac OS X. The former will allow you to >> selectively bind individual services to a subset of the addresses used >> by your system. This only works, of course, for services that support >> and are supported by inetd. > > If he's running Mac OS X Server, he can set up IP Filter to meet the > above requirements. You mean by filtering on specific ports? I hadn't thought of that. If so, he can even do this with Mac OS X NotServer, right (since ipfw/IPFirewall is part of the base)? Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | When LuteFisk is outlawed | Only outlaws will have | LuteFisk *--------------------------------------*-------------------------------* From mbartosh at mac.com Thu Feb 7 08:58:22 2002 From: mbartosh at mac.com (Michael Bartosh) Date: Thu Nov 3 12:29:14 2005 Subject: Multiple IP's In-Reply-To: References: Message-ID: At 8:43 AM -0800 2/7/02, Justin C. Walker wrote: >You mean by filtering on specific ports? I hadn't thought of that. >If so, he can even do this with Mac OS X NotServer, right (since >ipfw/IPFirewall is part of the base)? True, but he said he was running Mac OS X Server :-) At 8:08 AM -0800 2/7/02, Justin C. Walker wrote: >On Thursday, February 7, 2002, at 12:48 AM, Antonio Cocco wrote: > >>Hi All >> >I have a Quicksilver 733/G4 with Mac Os X Server 10.1.2 ...bad phrasing on my part. (if, since... whatever) -- http://www.4am-media.com Mac OS X Consulting and Training Michael Bartosh mbartosh@4am-media.com 303.517.0272 Denver, CO "The surest way to corrupt a youth is to instruct him to hold in higher regard those who think alike than those who think differently." - -- Nietzsche Think Different. From justin at mac.com Thu Feb 7 09:01:03 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:14 2005 Subject: Multiple IP's In-Reply-To: Message-ID: <292EA6C0-1BEC-11D6-9A56-00306544D642@mac.com> On Thursday, February 7, 2002, at 08:57 AM, Michael Bartosh wrote: > At 8:43 AM -0800 2/7/02, Justin C. Walker wrote: >> You mean by filtering on specific ports? I hadn't thought of that. If >> so, he can even do this with Mac OS X NotServer, right (since >> ipfw/IPFirewall is part of the base)? > > True, but he said he was running Mac OS X Server :-) OK, I'm off to find caffeine. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | It's not whether you win or lose... | It's whether *I* win or lose. *--------------------------------------*-------------------------------* From jeff at praeclara.com Thu Feb 7 10:24:32 2002 From: jeff at praeclara.com (Jeff Hergan) Date: Thu Nov 3 12:29:14 2005 Subject: auto-ban scripts question Message-ID: The following is a message that I sent to a different list, but maybe you can help. The scenario is that I built proftpd from the latest stable source on OS X 10.1.2. I want a script that will automatically ban people who hammer the ftp site. I have included such a script below--it was written by an acquaintance. The details of the problem follow. Thanks for any help. I know nothing about perl. Jeff > > I'm having a problem getting this script (included below) to actually > ban people. > Do any of you run OS X and an auto-ban script? > Do you have tips for someone who knows nothing about perl? > > First of all, my build of proftpd doesn't seem to have a proftpd.log > I checked in /var/log and /usr/local/var. /usr/local/var/ has a proftpd > directory in it and a proftpd.pid file. But the /usr/local/var/proftpd > directory doesn't seem to have a single log. Instead it has: > > proftpd-21368 proftpd-306 proftpd-318 proftpd-328 > proftpd-21376 proftpd-308 proftpd-322 proftpd-331 > proftpd-297 proftpd-315 proftpd-325 proftpd-inetd > > I'm not quite sure what these are, but here's what they contain-- > > [dsl092-133-095:/Users/jeff] root# more > /usr/local/var/proftpd/proftpd-21368 > ???? > > > > > S??ftpuserproftpd: ftpuser - jp.bio.pitt.edu: RETR > /GD/gd88-09-15.shnf/gd88-09-1 > 5d1/gd88-09-15d1t06.shndz?%`jp.bio.pitt.edu > [136.142.141.62]/GD/gd88-09-15.shnf/ > gd88-09-15d2 > > So there doesn't seem to be a date or time included.... > > Also, when I start the autoban.pl script, I get the following error: > > Name "main::pid" used only once: possible typo at /Users/jeff/ban.pl > line 16. > > In light of the lack of a proftpd.log, I directed the perl script to > tail /var/log/secure.log. An example of an entry of that log follows: > > Thu Feb 7 10:05:39 2002 343 pc-80-195-32-222-ed.blueyonder.co.uk > 6840320 /Users > /ftpuser/GD/gd69-12-07.shnf/gd69-12-07d2t2.shn b _ o r ftpuser ftp 0 * i > > I don't what other info to add. I do have ipfw. And when I manually > type in the actual ipfw ban command (/sbin/ipfw add 40 deny tcp from > xxx.xxx.xxx.xxx to 66.92.133.95) it works, adding a rule to my > firewall. When I start the script, it gives the error detailed above, > but it still shows up as running when I do a > ps ax. Ity just doesn't ban anyone--I tested it by asking a friend to > hammer me--no results--no new rule added when I do: ipfw show. > > Can anybody help with this? > > Thanks, > Jeff > > >> >> #!/usr/bin/perl -w >> # autoban.pl >> # autoban script for etree servers >> # By Kael Fischer >> # >> # Part of the etree automation tools project >> # eat.sourceforge.org >> >> select(STDOUT); $| = 1; # make unbuffered >> >> # open logfile >> open LOG, "tail -f /usr/local/var/proftp.log |"; >> SESSION: while () { >> >> >> ($mmm, $dd, $hhmmss, undef, $pid, undef, $host) = split ' '; >> ($hh,$mm,$ss) = split ':', $hhmmss; >> $host =~ /\[(\d+\.\d+\.\d+\.\d+)\]/; >> $ip = $1; >> # exempt local hosts >> next SESSION if($ip =~ /216.103.105.21/ || >> $ip =~ /192.168.0.\d+/ || >> $ip =~ /128.32.253.\d+/); >> >> >> # arrays keep track of connection times >> OPENED: if ($_ =~ /FTP session opened\.$/) { >> if(defined($t1{$ip})) { >> $t2{$ip} = $t1{$ip}; >> } >> >> if(defined($t0{$ip})) { >> $t1{$ip} = $t0{$ip}; >> } >> >> $t0{$ip} = [$mmm, $dd, $hh, $mm, $ss]; >> >> # too much work to calculate the retyr interval if not the same day or >> hour >> next SESSION if(!defined($t1{$ip}) || !defined($t2{$ip})); >> >> >> next SESSION if ($t2{$ip}[1] ne $t0{$ip}[1] || >> $t2{$ip}[0] ne $t0{$ip}[0]); >> >> #calculate the retry delay in seconds >> $double_retry = ($t0{$ip}[2]*3600 + >> $t0{$ip}[3]*60 + >> $t0{$ip}[4])-($t2{$ip}[2]*3600 + >> $t2{$ip}[3]*60 + >> $t2{$ip}[4] ); >> # print this for a retry log >> print "\t$ip\t$double_retry\n"; >> >> # if 2 retrys (3 connections) in less than XXX seconds ban them >> if ($double_retry < 400 ) { >> system("/sbin/ipfw add 40 deny tcp from $ip to > HERE>"); >> } >> next SESSION; >> } >> >> # also ban them if the are using the old login info for my site >> NOUSER: if ($_ =~ /no such user \'etree\'$/ || >> $_ =~ /no such user \'anonymous\'$/) { >> if (!defined $nu_tries{$ip}) { >> $nu_tries{$ip} = 1; >> next SESSION; >> } >> >> $nu_tries{$ip}++; >> if ($nu_tries{$ip} > 2) { >> $nu_tries{$ip} = 0; >> print "\t$ip\t3 etree attempts\n"; >> system("/sbin/ipfw add 40 deny tcp from $ip to > HERE>"); >> } >> next SESSION; >> } >> } > _______________________________________________ > Jeffrey P. Hergan, Ph.D Adjunct Professor of Philosophy Saint Xavier University Chicago From greg at ThermOptics.co.uk Thu Feb 7 10:33:02 2002 From: greg at ThermOptics.co.uk (Greg Freeman) Date: Thu Nov 3 12:29:14 2005 Subject: Mail->import Eudora Message-ID: <53041AAB-1BF8-11D6-9134-0050E4E60657@ThermOptics.co.uk> Hi If I try importing mailboxes from Eudora into Mail, it seems to change the messages that were sent from Eudora in the process. It modifies the message sent date to the current date and removes the To: header totally. This is inconvenient for keeping my mails as records. Is this a bug with the import interpreter or is there a work around? Logic From shoop at iWiring.Net Thu Feb 7 11:03:00 2002 From: shoop at iWiring.Net (Dan Shoop) Date: Thu Nov 3 12:29:14 2005 Subject: Multiple IP's In-Reply-To: References: Message-ID: At 8:08 AM -0800 02/07/02, Justin C. Walker wrote: >On Thursday, February 7, 2002, at 12:48 AM, Antonio Cocco wrote: > >>Hi All >> >> >>I have a Quicksilver 733/G4 with Mac Os X Server 10.1.2 with an >>added network card. The built in ethernet card is on a local static >>IP address (192.168.xxx.xxx) and the added ethernet card is on >>external static IP directly on the internet (212.xxx.xxx.xxx). >>Is there a way to let all the services, except web and mail >>services, respond only to built in card, while the web ad mail >>services respond only to the external card? > >Darwin/Mac OS X cannot currently be configured in this way. You can >set up some individual services (like web/apache; check the included >documentation) to answer requests only for certain addresses, but >not every service provides this capability. I don't know if you can >set up mail service that way. As pointed out, it's easy to configure Apache to listen only to certain ports. MailService under OS X Server isn't well documented so it's hard to tell if it's possible to configure it this way or not. Sendmail can be configured this way, and OS X Server can be configured to use sendmail instead (if I read the docs right). Also, exim and postfix can both do this better than sendmail, and both are drop in replacements fro sendmail. You can just install them and set a symlink from sendmail to exim or postfix and OS X Server (and anything else) will be none the wiser. >You should look into "xinetd", a replacement for the version of >'inetd' that is shipped with Mac OS X. The former will allow you to >selectively bind individual services to a subset of the addresses >used by your system. This only works, of course, for services that >support and are supported by inetd. A bit of overkill. -- -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 shoop@mac.com (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From shoop at iWiring.Net Thu Feb 7 11:16:01 2002 From: shoop at iWiring.Net (Dan Shoop) Date: Thu Nov 3 12:29:14 2005 Subject: Limiting FTP space to upload to In-Reply-To: References: <66C2806E-1A9A-11D6-9A56-00306544D642@mac.com> Message-ID: At 9:11 AM -0500 02/06/02, Alex Pilson wrote: >Is there way to limit a user to a certain amount of space in his FTP >account? Say I have user I want to set a limit of 100megs of server >space, how can an admin go about doing something like that? Use ProFTPd instead. The sample config files show how to implement this. -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From mgraham at aquaflo.com Thu Feb 7 11:18:01 2002 From: mgraham at aquaflo.com (Marley Graham) Date: Thu Nov 3 12:29:14 2005 Subject: Modem use in Classic applications In-Reply-To: <431D154E-1BF4-11D6-B779-0050E4D0642C@aquaflo.com> Message-ID: <149B8D9A-1BFF-11D6-B779-0050E4D0642C@aquaflo.com> Trying to use a terminal emulation program in Classic mode, I get an error: "Sorry - serial port selected is not available." I can dial out undernOS X by setting the modem in Network preferences. Is there a way to configure the system to accept dialout requests from a Classic application? Marley Graham From root at nimug.org Thu Feb 7 11:25:01 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:14 2005 Subject: Multiple IP's In-Reply-To: Message-ID: <342B0F40-1BE7-11D6-BB82-0030656A00AC@nimug.org> On Thursday, February 7, 2002, at 04:08 , Justin C. Walker wrote: > > On Thursday, February 7, 2002, at 12:48 AM, Antonio Cocco wrote: > >> Hi All >> >> >> I have a Quicksilver 733/G4 with Mac Os X Server 10.1.2 with an added >> network card. The built in ethernet card is on a local static IP >> address (192.168.xxx.xxx) and the added ethernet card is on external >> static IP directly on the internet (212.xxx.xxx.xxx). >> Is there a way to let all the services, except web and mail services, >> respond only to built in card, while the web ad mail services respond >> only to the external card? > > Darwin/Mac OS X cannot currently be configured in this way. You can > set up some individual services (like web/apache; check the included > documentation) to answer requests only for certain addresses, but not > every service provides this capability. I don't know if you can set up > mail service that way. Would ipfw not manage this? I've done something similar on unix before using filters. You can also spend a bit of time and manually configure the routing table. From jeff at praeclara.com Thu Feb 7 11:29:39 2002 From: jeff at praeclara.com (Jeff Hergan) Date: Thu Nov 3 12:29:14 2005 Subject: auto-ban scripts question In-Reply-To: Message-ID: Silly me. I solved the problem by adding this line to proftpd's config file: SystemLog /usr/local/var/proftp.log and then making the appropriate adjustment in the script. Maybe this will help others who want to run the script. Thanks for nuthin' ;-) Jeff On Thursday, February 7, 2002, at 12:22 PM, Jeff Hergan wrote: > The following is a message that I sent to a different list, but maybe > you can help. The scenario is that I built proftpd from the latest > stable source on OS X 10.1.2. I want a script that will automatically > ban people who hammer the ftp site. I have included such a script > below--it was written by an acquaintance. > > The details of the problem follow. Thanks for any help. > I know nothing about perl. > > Jeff > > >> >> I'm having a problem getting this script (included below) to actually >> ban people. >> Do any of you run OS X and an auto-ban script? >> Do you have tips for someone who knows nothing about perl? >> >> First of all, my build of proftpd doesn't seem to have a proftpd.log >> I checked in /var/log and /usr/local/var. /usr/local/var/ has a >> proftpd >> directory in it and a proftpd.pid file. But the /usr/local/var/proftpd >> directory doesn't seem to have a single log. Instead it has: >> >> proftpd-21368 proftpd-306 proftpd-318 proftpd-328 >> proftpd-21376 proftpd-308 proftpd-322 proftpd-331 >> proftpd-297 proftpd-315 proftpd-325 proftpd-inetd >> >> I'm not quite sure what these are, but here's what they contain-- >> >> [dsl092-133-095:/Users/jeff] root# more >> /usr/local/var/proftpd/proftpd-21368 >> ???? >> >> >> >> >> S??ftpuserproftpd: ftpuser - jp.bio.pitt.edu: RETR >> /GD/gd88-09-15.shnf/gd88-09-1 >> 5d1/gd88-09-15d1t06.shndz?%`jp.bio.pitt.edu >> [136.142.141.62]/GD/gd88-09-15.shnf/ >> gd88-09-15d2 >> >> So there doesn't seem to be a date or time included.... >> >> Also, when I start the autoban.pl script, I get the following error: >> >> Name "main::pid" used only once: possible typo at /Users/jeff/ban.pl >> line 16. >> >> In light of the lack of a proftpd.log, I directed the perl script to >> tail /var/log/secure.log. An example of an entry of that log follows: >> >> Thu Feb 7 10:05:39 2002 343 pc-80-195-32-222-ed.blueyonder.co.uk >> 6840320 /Users >> /ftpuser/GD/gd69-12-07.shnf/gd69-12-07d2t2.shn b _ o r ftpuser ftp >> 0 * i >> >> I don't what other info to add. I do have ipfw. And when I manually >> type in the actual ipfw ban command (/sbin/ipfw add 40 deny tcp from >> xxx.xxx.xxx.xxx to 66.92.133.95) it works, adding a rule to my >> firewall. When I start the script, it gives the error detailed above, >> but it still shows up as running when I do a >> ps ax. Ity just doesn't ban anyone--I tested it by asking a friend to >> hammer me--no results--no new rule added when I do: ipfw show. >> >> Can anybody help with this? >> >> Thanks, >> Jeff >> >> >>> >>> #!/usr/bin/perl -w >>> # autoban.pl >>> # autoban script for etree servers >>> # By Kael Fischer >>> # >>> # Part of the etree automation tools project >>> # eat.sourceforge.org >>> >>> select(STDOUT); $| = 1; # make unbuffered >>> >>> # open logfile >>> open LOG, "tail -f /usr/local/var/proftp.log |"; >>> SESSION: while () { >>> >>> >>> ($mmm, $dd, $hhmmss, undef, $pid, undef, $host) = split ' '; >>> ($hh,$mm,$ss) = split ':', $hhmmss; >>> $host =~ /\[(\d+\.\d+\.\d+\.\d+)\]/; >>> $ip = $1; >>> # exempt local hosts >>> next SESSION if($ip =~ /216.103.105.21/ || >>> $ip =~ /192.168.0.\d+/ || >>> $ip =~ /128.32.253.\d+/); >>> >>> >>> # arrays keep track of connection times >>> OPENED: if ($_ =~ /FTP session opened\.$/) { >>> if(defined($t1{$ip})) { >>> $t2{$ip} = $t1{$ip}; >>> } >>> >>> if(defined($t0{$ip})) { >>> $t1{$ip} = $t0{$ip}; >>> } >>> >>> $t0{$ip} = [$mmm, $dd, $hh, $mm, $ss]; >>> >>> # too much work to calculate the retyr interval if not the same day or >>> hour >>> next SESSION if(!defined($t1{$ip}) || !defined($t2{$ip})); >>> >>> >>> next SESSION if ($t2{$ip}[1] ne $t0{$ip}[1] || >>> $t2{$ip}[0] ne $t0{$ip}[0]); >>> >>> #calculate the retry delay in seconds >>> $double_retry = ($t0{$ip}[2]*3600 + >>> $t0{$ip}[3]*60 + >>> $t0{$ip}[4])-($t2{$ip}[2]*3600 + >>> $t2{$ip}[3]*60 + >>> $t2{$ip}[4] ); >>> # print this for a retry log >>> print "\t$ip\t$double_retry\n"; >>> >>> # if 2 retrys (3 connections) in less than XXX seconds ban them >>> if ($double_retry < 400 ) { >>> system("/sbin/ipfw add 40 deny tcp from $ip to >> HERE>"); >>> } >>> next SESSION; >>> } >>> >>> # also ban them if the are using the old login info for my site >>> NOUSER: if ($_ =~ /no such user \'etree\'$/ || >>> $_ =~ /no such user \'anonymous\'$/) { >>> if (!defined $nu_tries{$ip}) { >>> $nu_tries{$ip} = 1; >>> next SESSION; >>> } >>> >>> $nu_tries{$ip}++; >>> if ($nu_tries{$ip} > 2) { >>> $nu_tries{$ip} = 0; >>> print "\t$ip\t3 etree attempts\n"; >>> system("/sbin/ipfw add 40 deny tcp from $ip to >> HERE>"); >>> } >>> next SESSION; >>> } >>> } >> _______________________________________________ >> Jeffrey P. Hergan, Ph.D Adjunct Professor of Philosophy Saint Xavier University Chicago > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > From lists at mostrom.pp.se Thu Feb 7 12:01:44 2002 From: lists at mostrom.pp.se (Jan Erik =?iso-8859-1?Q?Mostr=F6m?=) Date: Thu Nov 3 12:29:14 2005 Subject: Beep sound slow Message-ID: <20020207210010-a01050002-32271243-1012-0110@195.163.231.21> One thing that irritates me with OS X is that every time my Mac wants to beep, OS X starts spinning the cursor and it takes 2-3 seconds before the sounds come. It's impossible to use command/file completion in tcsh without going crazy, waiting for the sound each time I press tab. Does anyone know why OS X does this (and even better how I can fix it) I'm running 10.1.2 on a Titanium jem -- Jan Erik Mostr?m jem@mostrom.pp.se www.mostrom.pp.se From alex at lassoguru.com Thu Feb 7 12:08:04 2002 From: alex at lassoguru.com (Alex Pilson) Date: Thu Nov 3 12:29:14 2005 Subject: Limiting FTP space to upload to In-Reply-To: References: <66C2806E-1A9A-11D6-9A56-00306544D642@mac.com> Message-ID: At 2:15 PM -0500 2/7/02, Dan Shoop wrote: >At 9:11 AM -0500 02/06/02, Alex Pilson wrote: >>Is there way to limit a user to a certain amount of space in his >>FTP account? Say I have user I want to set a limit of 100megs of >>server space, how can an admin go about doing something like that? > >Use ProFTPd instead. The sample config files show how to implement this. I found the optional module. BUT couldn't I just use quotas? -- :::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Alex Pilson Interactive Developer Lasso Programmer 404.728.4417 From mass at cocco.it Thu Feb 7 12:36:05 2002 From: mass at cocco.it (Antonio Cocco) Date: Thu Nov 3 12:29:14 2005 Subject: Multiple IP's In-Reply-To: References: Message-ID: Thank You all for the answers. Dan, the problem is that the external IP does not respond to any query (e.g. typing the IP address of the machine generates in a browser no answer with connection error). Pinging with IPnet monitor (I'm testing it very good products) says that ping is administratively prohibited. Thank you. Antonio Cocco >At 8:08 AM -0800 02/07/02, Justin C. Walker wrote: >>On Thursday, February 7, 2002, at 12:48 AM, Antonio Cocco wrote: >> >>>Hi All >>> >>> >>>I have a Quicksilver 733/G4 with Mac Os X Server 10.1.2 with an >>>added network card. The built in ethernet card is on a local >>>static IP address (192.168.xxx.xxx) and the added ethernet card is >>>on external static IP directly on the internet (212.xxx.xxx.xxx). >>>Is there a way to let all the services, except web and mail >>>services, respond only to built in card, while the web ad mail >>>services respond only to the external card? >> >>Darwin/Mac OS X cannot currently be configured in this way. You >>can set up some individual services (like web/apache; check the >>included documentation) to answer requests only for certain >>addresses, but not every service provides this capability. I don't >>know if you can set up mail service that way. > >As pointed out, it's easy to configure Apache to listen only to certain ports. > >MailService under OS X Server isn't well documented so it's hard to >tell if it's possible to configure it this way or not. > >Sendmail can be configured this way, and OS X Server can be >configured to use sendmail instead (if I read the docs right). > >Also, exim and postfix can both do this better than sendmail, and >both are drop in replacements fro sendmail. You can just install >them and set a symlink from sendmail to exim or postfix and OS X >Server (and anything else) will be none the wiser. > >>You should look into "xinetd", a replacement for the version of >>'inetd' that is shipped with Mac OS X. The former will allow you >>to selectively bind individual services to a subset of the >>addresses used by your system. This only works, of course, for >>services that support and are supported by inetd. > >A bit of overkill. >-- > >-dhan > >------------------------------------------------------------------------ >Dan Shoop 127 East Prospect Street >Consulting Internet Architect Waldwick, NJ 07463 >shoop@iwiring.net (201) 679-7329 >shoop@mac.com (707) 667-7866 (fax) > >pgp public key available on the canonical key servers >pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B > >"Sadly, text alone cannot convey the depths of my sarcasm." >_______________________________________________ >MacOSX-admin mailing list >MacOSX-admin@omnigroup.com >http://www.omnigroup.com/mailman/listinfo/macosx-admin -- _______________________________ To do is to be. -Descartes To be is to do. -Voltaire Do be do be do. -Frank Sinatra I drive way too fast to worry about cholesterol. ----------------------------------------------------------------- Hiroshima '45, Chernobyl '86, Windows '98. Think Different. ----------------------------------------------------------------- From janos.lobb at yale.edu Thu Feb 7 13:03:17 2002 From: janos.lobb at yale.edu (=?ISO-8859-1?Q?J=E1nos_L=F6bb?=) Date: Thu Nov 3 12:29:14 2005 Subject: NT share crash causes OSX to become unstable Message-ID: Hi, I have an NT share mounted via AppleTalk on my OSX 10.1.2 box. The NT machine crashed "unexpectedly" which caused all my Classic applications to freeze. I could get out from some OSX applications like Textedit, but some others like iTune and the Finder just gave me the spinning beachball effect. Console behaved the same when I wanted to look the log. I could bring to front the "Force Quit.." box by the key combination, but as soon as clicked on one the whole machine became frozen, so I had to restart. /I was unable to remote login from another machine/. Here it is what I found in /var/system.log around crash time: Feb 7 14:55:09 localhost /sbin/autodiskmount[129]: (DiskArbitrationServerMain.c:3872) mach_msg failed: {0x10004003} (ipc/rcv) timed out Feb 7 14:55:09 localhost /sbin/autodiskmount[129]: (DiskArbitrationServerMain.c:237) received unrecognized message (id=0x41) on notify port Feb 7 14:55:24 localhost /sbin/autodiskmount[129]: (DiskArbitrationServerMain.c:3872) mach_msg failed: {0x10004003} (ipc/rcv) timed out Feb 7 14:55:29 localhost /sbin/autodiskmount[129]: (DiskArbitrationServerMain.c:237) received unrecognized message (id=0x41) on notify port Feb 7 15:20:55 localhost syslogd: restart J?nos From justin at mac.com Thu Feb 7 13:14:01 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:14 2005 Subject: Beep sound slow In-Reply-To: <20020207210010-a01050002-32271243-1012-0110@195.163.231.21> Message-ID: <6848C4E5-1C0F-11D6-9A56-00306544D642@mac.com> On Thursday, February 7, 2002, at 12:00 PM, Jan Erik Mostr?m wrote: > One thing that irritates me with OS X is that every time my Mac wants to > beep, OS X starts spinning the cursor and it takes 2-3 seconds before > the > sounds come. It's impossible to use command/file completion in tcsh > without > going crazy, waiting for the sound each time I press tab. > > Does anyone know why OS X does this (and even better how I can fix it) > > I'm running 10.1.2 on a Titanium It only does this because you are running 10.1.2 on a Titanium. AFAIK, there's no fix available. Apple knows of the problem, and is working on it. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | When LuteFisk is outlawed | Only outlaws will have | LuteFisk *--------------------------------------*-------------------------------* From justin at mac.com Thu Feb 7 13:16:01 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:14 2005 Subject: Multiple IP's In-Reply-To: <342B0F40-1BE7-11D6-BB82-0030656A00AC@nimug.org> Message-ID: On Thursday, February 7, 2002, at 08:24 AM, r00t wrote: > > On Thursday, February 7, 2002, at 04:08 , Justin C. Walker wrote: > >> >> On Thursday, February 7, 2002, at 12:48 AM, Antonio Cocco wrote: >> >>> Hi All >>> >>> >>> I have a Quicksilver 733/G4 with Mac Os X Server 10.1.2 with an added >>> network card. The built in ethernet card is on a local static IP >>> address (192.168.xxx.xxx) and the added ethernet card is on external >>> static IP directly on the internet (212.xxx.xxx.xxx). >>> Is there a way to let all the services, except web and mail services, >>> respond only to built in card, while the web ad mail services >>> respond only to the external card? >> >> Darwin/Mac OS X cannot currently be configured in this way. You can >> set up some individual services (like web/apache; check the included >> documentation) to answer requests only for certain addresses, but not >> every service provides this capability. I don't know if you can set >> up mail service that way. > > Would ipfw not manage this? I've done something similar on unix before > using filters. > You can also spend a bit of time and manually configure the routing > table. Yup. It's already been noticed. Regards, Justin -- /~\ The ASCII Justin C. Walker, Curmudgeon-at-Large \ / Ribbon Campaign X Help cure HTML Email / \ From jonb at wetafx.co.nz Thu Feb 7 13:39:44 2002 From: jonb at wetafx.co.nz (jon bowen) Date: Thu Nov 3 12:29:14 2005 Subject: Beep sound slow References: <6848C4E5-1C0F-11D6-9A56-00306544D642@mac.com> Message-ID: <3C62F3B3.98EBC92B@wetafx.co.nz> "Justin C. Walker" wrote: > > On Thursday, February 7, 2002, at 12:00 PM, Jan Erik Mostr?m wrote: > > > sounds come. It's impossible to use command/file completion in tcsh > > without > > going crazy, waiting for the sound each time I press tab. ... meanwhile until fixed setenv nobeep will switch off shell beeping altogether. Some terminals might also support "visual bell"s which interpret \07 as a flash to the screen, xwsh under irix does, don't know what else ... somehow I think Terminal.app will support dolby5.1 before it supports visual beeping though. You can selectively switch off just tab / match beeping with the matchbeep env var setenv matchbeep never jon -- Feb 01 10:57:58 NOTICE unexpected maitre-d first-strike nuclear launch From cwolf at mac.com Thu Feb 7 13:45:03 2002 From: cwolf at mac.com (Christopher Wolf) Date: Thu Nov 3 12:29:14 2005 Subject: Beep sound slow In-Reply-To: <3C62F3B3.98EBC92B@wetafx.co.nz> Message-ID: There's also a preference in Terminal (under emulation) which will let you turn off beeping (but there is no visual beep yet.) - Chris On Thursday, February 7, 2002, at 04:37 PM, jon bowen wrote: > "Justin C. Walker" wrote: >> >> On Thursday, February 7, 2002, at 12:00 PM, Jan Erik Mostr?m wrote: >> >>> sounds come. It's impossible to use command/file completion in tcsh >>> without >>> going crazy, waiting for the sound each time I press tab. > ... > > meanwhile until fixed > > setenv nobeep > > will switch off shell beeping altogether. Some terminals might also > support "visual bell"s which interpret \07 as a flash to the screen, > xwsh under irix does, don't know what else ... somehow I think > Terminal.app will support dolby5.1 before it supports visual beeping > though. You can selectively switch off just tab / match beeping with > the matchbeep env var > > setenv matchbeep never > > jon > > -- > Feb 01 10:57:58 NOTICE unexpected maitre-d first-strike nuclear > launch > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin From frjo at pobox.com Thu Feb 7 14:25:02 2002 From: frjo at pobox.com (Fredrik Jonsson) Date: Thu Nov 3 12:29:14 2005 Subject: Make a user not show up in the login panel In-Reply-To: <200202032101.g13L1tO01901@lists.omnigroup.com> References: <200202032101.g13L1tO01901@lists.omnigroup.com> Message-ID: macosx@randys.org 2002-02-02 19.14 -0800 wrote: > > Can anyone tell me how to make a user not show up in the login panel > > in Mac OS X. >> >> I have some friends that I have set up accounts for so they can log >> in via SSH and access some shared folders via File Sharing. I would > > like these accounts to not show up when I log in to my system. > >Change their UID. I think anything that is not used already and is below 500 >will not show up in the login window...at least it works on my machine that >way. Sounded good but unfortunately it doesn't work for me. I have tried with many different UID and GID without luck. A blank password is not the answer either. I tried to make all the setting the same as for the users mysql, postfix etc installed by Fink but there be some key setting missing. Anyone has any ideas? Regards, Fredrik Jonsson From david at idiomatrix.com Thu Feb 7 16:31:39 2002 From: david at idiomatrix.com (David Herren) Date: Thu Nov 3 12:29:14 2005 Subject: Beep sound slow In-Reply-To: <20020207210010-a01050002-32271243-1012-0110@195.163.231.21> Message-ID: <03C823E4-1C2B-11D6-A92F-003065BAB892@idiomatrix.com> This only happens to me on my Titanium if the hard drive has spun down... On Thursday, February 7, 2002, at 03:00 PM, Jan Erik Mostr?m wrote: > One thing that irritates me with OS X is that every time my Mac wants to > beep, OS X starts spinning the cursor and it takes 2-3 seconds before the > sounds come. It's impossible to use command/file completion in tcsh > without > going crazy, waiting for the sound each time I press tab. > > Does anyone know why OS X does this (and even better how I can fix it) > > I'm running 10.1.2 on a Titanium /david -- david herren, shoreham, vermont, usa Hey Osama! Allah would like a word with you... From macosx at randys.org Thu Feb 7 16:43:01 2002 From: macosx at randys.org (../randy) Date: Thu Nov 3 12:29:14 2005 Subject: Ices Message-ID: Anyone get iceS to build on OS X ...I have icecast running currently, but I guess (and this is from someone on irc.openprojects.net #icecast) that iceS is better? In any case, here is the error I get on 'make' -- /bin/sh ./libtool --mode=compile cc -DHAVE_CONFIG_H -I. -I. -I. -O20 -g -O2 -c sock.c cc -DHAVE_CONFIG_H -I. -I. -I. -O20 -g -O2 -c sock.c -o sock.o cc: unrecognized option `-O20' sock.c:34: header file 'sys/poll.h' not found cpp-precomp: warning: errors during smart preprocessing, retrying in basic mode make[4]: *** [sock.lo] Error 1 make[3]: *** [all-recursive] Error 1 make[2]: *** [all-recursive-am] Error 2 make[1]: *** [all-recursive] Error 1 make: *** [all-recursive-am] Error 2 -- Anyone, anyone... TIA, - randy From justin at mac.com Thu Feb 7 16:50:02 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:14 2005 Subject: Ices In-Reply-To: Message-ID: On Thursday, February 7, 2002, at 04:42 PM, ../randy wrote: > Anyone get iceS to build on OS X ...I have icecast running currently, > but I > guess (and this is from someone on irc.openprojects.net #icecast) that > iceS > is better? > > In any case, here is the error I get on 'make' > > -- > /bin/sh ./libtool --mode=compile cc -DHAVE_CONFIG_H -I. -I. -I. > -O20 -g > -O2 -c sock.c > cc -DHAVE_CONFIG_H -I. -I. -I. -O20 -g -O2 -c sock.c -o sock.o > cc: unrecognized option `-O20' > sock.c:34: header file 'sys/poll.h' not found > cpp-precomp: warning: errors during smart preprocessing, retrying in > basic > mode > make[4]: *** [sock.lo] Error 1 > make[3]: *** [all-recursive] Error 1 > make[2]: *** [all-recursive-am] Error 2 > make[1]: *** [all-recursive] Error 1 > make: *** [all-recursive-am] Error 2 poll.h id not present on Mac OS X (and hence, the poll(2) call is likewise). Regards, Justin -- /~\ The ASCII Justin C. Walker, Curmudgeon-at-Large \ / Ribbon Campaign X Help cure HTML Email / \ From macosx at randys.org Thu Feb 7 16:55:01 2002 From: macosx at randys.org (../randy) Date: Thu Nov 3 12:29:14 2005 Subject: Ices In-Reply-To: Message-ID: Drats...any workarounds? Thanks - randy > From: "Justin C. Walker" > Date: Thu, 7 Feb 2002 16:49:04 -0800 > To: MacOS Admin > Subject: Re: Ices > > > On Thursday, February 7, 2002, at 04:42 PM, ../randy wrote: > >> Anyone get iceS to build on OS X ...I have icecast running currently, >> but I >> guess (and this is from someone on irc.openprojects.net #icecast) that >> iceS >> is better? >> >> In any case, here is the error I get on 'make' >> >> -- >> /bin/sh ./libtool --mode=compile cc -DHAVE_CONFIG_H -I. -I. -I. >> -O20 -g >> -O2 -c sock.c >> cc -DHAVE_CONFIG_H -I. -I. -I. -O20 -g -O2 -c sock.c -o sock.o >> cc: unrecognized option `-O20' >> sock.c:34: header file 'sys/poll.h' not found >> cpp-precomp: warning: errors during smart preprocessing, retrying in >> basic >> mode >> make[4]: *** [sock.lo] Error 1 >> make[3]: *** [all-recursive] Error 1 >> make[2]: *** [all-recursive-am] Error 2 >> make[1]: *** [all-recursive] Error 1 >> make: *** [all-recursive-am] Error 2 > > poll.h id not present on Mac OS X (and hence, the poll(2) call is > likewise). > > Regards, > > Justin > > -- > /~\ The ASCII Justin C. Walker, Curmudgeon-at-Large > \ / Ribbon Campaign > X Help cure HTML Email > / \ > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > From justin at mac.com Thu Feb 7 17:07:01 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:14 2005 Subject: Ices In-Reply-To: Message-ID: On Thursday, February 7, 2002, at 04:53 PM, ../randy wrote: > Drats...any workarounds? First, you could try just commenting out the inclusion of that file and see if there are complaints. If that doesn't work, I believe (don't quote me on this) that replacing poll() with select() is fairly straightforward. It will, of course, take learning about both (see a recent FreeBSD system; or check the FreeBSD site for man pages). Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | Men are from Earth. | Women are from Earth. | Deal with it. *--------------------------------------*-------------------------------* From macosx at randys.org Thu Feb 7 17:15:12 2002 From: macosx at randys.org (../randy) Date: Thu Nov 3 12:29:14 2005 Subject: Ices In-Reply-To: Message-ID: Thanks for the point in the right direction... And yeah, I tried comenting out that line in sock.c but I got some other errors...probably relating to poll.h but I can't remember. Thanks again - randy > From: "Justin C. Walker" > Date: Thu, 7 Feb 2002 17:05:31 -0800 > To: MacOS Admin > Subject: Re: Ices > > > On Thursday, February 7, 2002, at 04:53 PM, ../randy wrote: > >> Drats...any workarounds? > > First, you could try just commenting out the inclusion of that file and > see if there are complaints. > > If that doesn't work, I believe (don't quote me on this) that replacing > poll() with select() is fairly straightforward. It will, of course, > take learning about both (see a recent FreeBSD system; or check the > FreeBSD site for man pages). > > Regards, > > Justin > > -- > Justin C. Walker, Curmudgeon-At-Large * > Institute for General Semantics | Men are from Earth. > | Women are from Earth. > | Deal with it. > *--------------------------------------*-------------------------------* > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > From shoop at iWiring.Net Thu Feb 7 17:27:01 2002 From: shoop at iWiring.Net (Dan Shoop) Date: Thu Nov 3 12:29:14 2005 Subject: Limiting FTP space to upload to In-Reply-To: References: <66C2806E-1A9A-11D6-9A56-00306544D642@mac.com> Message-ID: At 3:05 PM -0500 02/07/02, Alex Pilson wrote: >At 2:15 PM -0500 2/7/02, Dan Shoop wrote: >>At 9:11 AM -0500 02/06/02, Alex Pilson wrote: >>>Is there way to limit a user to a certain amount of space in his >>>FTP account? Say I have user I want to set a limit of 100megs of >>>server space, how can an admin go about doing something like that? >> >>Use ProFTPd instead. The sample config files show how to implement this. > >I found the optional module. BUT couldn't I just use quotas? The ftp daemon may create processes with owners that quota's don't apply too. -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From shoop at iWiring.Net Thu Feb 7 17:28:00 2002 From: shoop at iWiring.Net (Dan Shoop) Date: Thu Nov 3 12:29:14 2005 Subject: Multiple IP's In-Reply-To: References: Message-ID: At 9:35 PM +0100 02/07/02, Antonio Cocco wrote: >Thank You all for the answers. > >Dan, the problem is that the external IP does not respond to any >query (e.g. typing the IP address of the machine generates in a >browser no answer with connection error). I'm guessing that's because the primary ethernet interface is your non-routable one, and Apache bind to the primary by default. -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From justin at mac.com Thu Feb 7 17:39:01 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:14 2005 Subject: Multiple IP's In-Reply-To: Message-ID: <7A4F395E-1C34-11D6-9A56-00306544D642@mac.com> On Thursday, February 7, 2002, at 05:27 PM, Dan Shoop wrote: > At 9:35 PM +0100 02/07/02, Antonio Cocco wrote: >> Thank You all for the answers. >> >> Dan, the problem is that the external IP does not respond to any query >> (e.g. typing the IP address of the machine generates in a browser no >> answer with connection error). > > I'm guessing that's because the primary ethernet interface is your > non-routable one, and Apache bind to the primary by default. 'lsof' is your friend. As root, run it, and look for the process name of interest (httpd, here). The 'inet' entries will tell the tale: httpd 283 root 16u inet 0x012b523c 0t0 TCP grinch:80 (LISTEN) httpd 289 www 16u inet 0x012b523c 0t0 TCP grinch:80 (LISTEN) httpd 345 www 16u inet 0x012b523c 0t0 TCP grinch:80 (LISTEN) httpd 346 www 16u inet 0x012b523c 0t0 TCP grinch:80 (LISTEN) httpd 347 www 16u inet 0x012b523c 0t0 TCP grinch:80 (LISTEN) httpd 348 www 16u inet 0x012b523c 0t0 TCP grinch:80 (LISTEN) Using '-n' will get you the raw IP address instead of the host name. In this case, I have apache binding to the address on my internal interface, so any attempt to get at it from the external interface will fail. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | When LuteFisk is outlawed | Only outlaws will have | LuteFisk *--------------------------------------*-------------------------------* From emoy at apple.com Thu Feb 7 17:50:01 2002 From: emoy at apple.com (Edward Moy) Date: Thu Nov 3 12:29:14 2005 Subject: Ices In-Reply-To: Message-ID: <08296BF9-1C36-11D6-8426-003065ED53B2@apple.com> When porting other Unix programs, I've run into a similar problem with poll vs. select. In my case, it was a matter of editing the config.cache (assuming Ices uses configure) and removing the define that uses poll instead of select. You may have to track through configure and/or config. log to find out how it is deciding between poll and select. If poll is hard-coded, then it is probably much more work. Using select is fairly cryptic for the first-timer. Try grep-ping through the source for "select" and if it is there, see if there is a define flag that will activate it. -------------------------------------------------------------------------- Edward Moy Apple Computer, Inc. emoy@apple.com (This message is from me as a reader of this list, and not a statement from Apple.) On Thursday, February 7, 2002, at 05:13 PM, ../randy wrote: > Thanks for the point in the right direction... > > And yeah, I tried comenting out that line in sock.c but I got some other > errors...probably relating to poll.h but I can't remember. > > Thanks again > - randy > >> From: "Justin C. Walker" >> Date: Thu, 7 Feb 2002 17:05:31 -0800 >> To: MacOS Admin >> Subject: Re: Ices >> >> >> On Thursday, February 7, 2002, at 04:53 PM, ../randy wrote: >> >>> Drats...any workarounds? >> >> First, you could try just commenting out the inclusion of that file and >> see if there are complaints. >> >> If that doesn't work, I believe (don't quote me on this) that replacing >> poll() with select() is fairly straightforward. It will, of course, >> take learning about both (see a recent FreeBSD system; or check the >> FreeBSD site for man pages). >> >> Regards, >> >> Justin >> >> -- >> Justin C. Walker, Curmudgeon-At-Large * >> Institute for General Semantics | Men are from Earth. >> | Women are from Earth. >> | Deal with it. >> *--------------------------------------*-------------------------------* >> >> _______________________________________________ >> MacOSX-admin mailing list >> MacOSX-admin@omnigroup.com >> http://www.omnigroup.com/mailman/listinfo/macosx-admin >> > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin From shoop at iWiring.Net Thu Feb 7 20:07:01 2002 From: shoop at iWiring.Net (Dan Shoop) Date: Thu Nov 3 12:29:14 2005 Subject: Multiple IP's In-Reply-To: <7A4F395E-1C34-11D6-9A56-00306544D642@mac.com> References: <7A4F395E-1C34-11D6-9A56-00306544D642@mac.com> Message-ID: At 5:37 PM -0800 02/07/02, Justin C. Walker wrote: >httpd 283 root 16u inet 0x012b523c 0t0 TCP >grinch:80 (LISTEN) grinch? Someone's using my machine names again... -dhan From justin at mac.com Thu Feb 7 20:45:59 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:14 2005 Subject: Multiple IP's In-Reply-To: Message-ID: <9815716C-1C4E-11D6-9A56-00306544D642@mac.com> On Thursday, February 7, 2002, at 08:06 PM, Dan Shoop wrote: > At 5:37 PM -0800 02/07/02, Justin C. Walker wrote: >> httpd 283 root 16u inet 0x012b523c 0t0 TCP >> grinch:80 (LISTEN) > > grinch? Someone's using my machine names again... That explains why I only see every other packet ... [the name goes on the inside, not the outside, of my net] Cheers... -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | It's not whether you win or lose... | It's whether *I* win or lose. *--------------------------------------*-------------------------------* From Paul_Lynch at plsys.co.uk Thu Feb 7 21:42:01 2002 From: Paul_Lynch at plsys.co.uk (Paul Lynch) Date: Thu Nov 3 12:29:14 2005 Subject: Make a user not show up in the login panel In-Reply-To: Message-ID: <7544B1D7-1C56-11D6-9E53-003065F88A86@plsys.co.uk> On Thursday, February 7, 2002, at 10:10 pm, Fredrik Jonsson wrote: > macosx@randys.org 2002-02-02 19.14 -0800 wrote: > >> > Can anyone tell me how to make a user not show up in the login panel >> > in Mac OS X. >>> >>> I have some friends that I have set up accounts for so they can log >>> in via SSH and access some shared folders via File Sharing. I would >> > like these accounts to not show up when I log in to my system. > I tried to make all the setting the same as for the users mysql, > postfix etc installed by Fink but there be some key setting missing. Have you checked the afpuser_aliases directory in netinfo? It looks as if members of this folder are treated specially and appear in the login panel list. Paul -- http://www.plsys.co.uk From lists at colorremedies.com Thu Feb 7 23:30:58 2002 From: lists at colorremedies.com (Chris Murphy) Date: Thu Nov 3 12:29:14 2005 Subject: Modem use in Classic applications Message-ID: <20020208073010.YIAX2951.rwcrmhc53.attbi.com@[192.168.70.4]> Marley Graham writes: > "Sorry - serial port selected is not available." AFAIK, there is no serial support at all in the Classic environment. I personally would not be surprised if there are no plans to do so. It's been almost a year since OS X came out and the reasons for needing serial support in Classic are increasingly greater the farther back in time you go. Chris Murphy Color Remedies (tm) Boulder, CO 303-415-9932 From mike at caisys.co.uk Thu Feb 7 23:40:00 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:14 2005 Subject: Newbie Question In-Reply-To: <200202061502.AA12013@ocs.cz> References: <10202061049.AA07402@gandalf.caisys.co.uk> <200202061502.AA12013@ocs.cz> Message-ID: <10202072045.AA10429@gandalf.caisys.co.uk> Thanks Ondra You wrote: > >>>>>> Mike Elston (ME) wrote at Wed, 6 Feb 2002 10:49:10 GMT: > ME> I too have regular problems with access to NFS mounts > ME> disappearing -- not just after sleep, but after periods of > ME> inactivity on the remote mounts too. > > Do you use automount? It indeed unmounts/remounts on demand, just see > "man automount"! Yes, I know automount unmounts after a specified idle time. And that you need to read the symlink to remount the remote fs. The problem is that Finder doesn't appear to know that (unlike Workspace Manager). When I click on an idle (automounted) NFS mount point in Finder, I expect it to trigger the mount; equally, when just displaying a folder containing one or more NFS mount points, I expect it to know they are remote mount points, but I _don't_ expect it to trigger them. If Finder (and Nav Services) understood automount points and behaved correctly, we wouldn't have these problems (would we?). > If you want your NFS mounts to stick, just mount them explicitly > (mount -t nfs exportname mountpoint). Is this what you do? I agree this should work, but wouldn't I have to remove the exported directories from the NetInfo network master's mounts directory (which would mean they wouldn't mount automatically on my TiBook when it's on my subnet)? Or not run automount at all? What happens if automount tries to mount an already mounted FS? (It would help if the man entry for automount were uptodate -- anyone know what the '-static' map does?) /mike From lists at mostrom.pp.se Fri Feb 8 01:10:01 2002 From: lists at mostrom.pp.se (Jan Erik =?iso-8859-1?Q?Mostr=F6m?=) Date: Thu Nov 3 12:29:14 2005 Subject: Print Center and lpd Message-ID: <20020208100949-a01050002-1cf8ddf9-1012-0110@130.239.41.117> If I set up a printer to use LPD printing, is there some way where the user look at the queue, remove jobs, etc using the GUI? Right now the jobs are spooled to the print server and the users have to log on to the unix host to do this. jem -- Jan Erik Mostr?m jem@mostrom.pp.se www.mostrom.pp.se From dave at difference.com.au Fri Feb 8 01:10:58 2002 From: dave at difference.com.au (David Cake) Date: Thu Nov 3 12:29:14 2005 Subject: Ices In-Reply-To: References: Message-ID: At 4:42 PM -0800 7/2/02, ../randy scribbled: >Anyone get iceS to build on OS X ...I have icecast running currently, but I >guess (and this is from someone on irc.openprojects.net #icecast) that iceS >is better? > >In any case, here is the error I get on 'make' You need a patch (as justin said, you need to replace poll() calls with select(). I know the patch has been created and submitted to the iceS people, by someone involved in one of our projects (we use libshout from iceS in the open source SndKit, which we use a quite a bit). I don't know if its made it into iceS cvs yet, but I can send you the patch. Cheers David From lists at logicunited.com Fri Feb 8 02:39:01 2002 From: lists at logicunited.com (Dominik Westner) Date: Thu Nov 3 12:29:14 2005 Subject: PB Ti667 and Apple USB mouse will lock up system after a while Message-ID: <02691D90-1C80-11D6-8EF3-000393823B30@logicunited.com> Finally I figured out why my new PB Ti667 will totally lock up after an hour of usage: it's the external Apple USB mouse!!! I don't understand why, but at work I use a MS USB mouse, which works great. At home I have an Apple USB mouse and it will lock up my system after a while (can't start any new apps, no kernel panic, some already started apps will still work, you have to force reboot). If I don't attach the mouse the system runs smoothly with no problems. So, is this a know bug, does anybody else experience the same? Thanks Dominik From Frank.Knobloch at carbon-logistics.de Fri Feb 8 03:00:57 2002 From: Frank.Knobloch at carbon-logistics.de (Frank Knobloch) Date: Thu Nov 3 12:29:14 2005 Subject: CD Writer Questions (Hardware) Message-ID: <0BF8D88D-1C83-11D6-87C1-003065E09B30@carbon-logistics.de> Dear all, all our machines are based on the G4/400 series. So they don't have a CDW. Our question is now. What kind of CD Writers can be used (externally) that are supported by Mac OS X. It should be as simple as possible and if known in practice cheap solutions. Thanks in advance... Frank From greer at mrctr.upmc.edu Fri Feb 8 04:34:01 2002 From: greer at mrctr.upmc.edu (Phil Greer) Date: Thu Nov 3 12:29:14 2005 Subject: Make a user not show up in the login panel In-Reply-To: <7544B1D7-1C56-11D6-9E53-003065F88A86@plsys.co.uk> Message-ID: On 2/8/02 12:41 AM, "Paul Lynch" wrote: > > On Thursday, February 7, 2002, at 10:10 pm, Fredrik Jonsson wrote: > >> macosx@randys.org 2002-02-02 19.14 -0800 wrote: >> >>>> Can anyone tell me how to make a user not show up in the login panel >>>> in Mac OS X. >>>> >>>> I have some friends that I have set up accounts for so they can log >>>> in via SSH and access some shared folders via File Sharing. I would >>>> like these accounts to not show up when I log in to my system. > >> I tried to make all the setting the same as for the users mysql, >> postfix etc installed by Fink but there be some key setting missing. > > Have you checked the afpuser_aliases directory in netinfo? It looks as > if members of this folder are treated specially and appear in the login > panel list. > > Paul > -- > http://www.plsys.co.uk > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > Is it not an option to make the login window display login and password entry fields as the option under the login system pref panel? -Phil Greer From Don.Rainwater at UC.Edu Fri Feb 8 06:10:58 2002 From: Don.Rainwater at UC.Edu (Don Rainwater) Date: Thu Nov 3 12:29:14 2005 Subject: PB Ti667 and Apple USB mouse will lock up system after a while In-Reply-To: <02691D90-1C80-11D6-8EF3-000393823B30@logicunited.com> Message-ID: <8DEFCD17-1C9D-11D6-BDCF-00039342653E@UC.Edu> I saw something similar just last night. I also have a TiPB, although mine is a little older. I regularly use a USB mouse (Kensington, I think) with it, but I usually connect it after the system is up and I'm already logged in. It takes a few seconds for the system to recognize the new mouse, but that's expected. Last night, I connected the mouse just after I heard the startup chimes. I walked into the next room for a couple of minutes and, when I returned, the system was still sitting there with the happy Mac and the colored beach ball on the screen. After a few more minutes of that (I was watching JAG on TiVo), I unplugged the mouse, let the system finish booting, then reconnected the mouse and all was fine. I didn't feel like experimenting with it at the time, but maybe I'll test it a little. There are, of course, some differences. We have different mice, different TiPB models, and I think I have the Kensington MouseWorks software installed. On Friday, February 8, 2002, at 05:38 AM, Dominik Westner wrote: > Finally I figured out why my new PB Ti667 will totally lock up after an > hour of usage: it's the external Apple USB mouse!!! > > I don't understand why, but at work I use a MS USB mouse, which works > great. At home I have an Apple USB mouse and it will lock up my system > after a while (can't start any new apps, no kernel panic, some already > started apps will still work, you have to force reboot). > > If I don't attach the mouse the system runs smoothly with no problems. > > So, is this a know bug, does anybody else experience the same? -- Don Rainwater, Technology Manager Don.Rainwater@UC.Edu UCit Educational Services University of Cincinnati From contact at nickshanks.com Fri Feb 8 06:12:01 2002 From: contact at nickshanks.com (Nicholas Shanks) Date: Thu Nov 3 12:29:14 2005 Subject: NetInfo host resolution woes Message-ID: <5D58AE48-1C9D-11D6-8729-0005020F149E@nickshanks.com> I think it was the recent upgrade to 10.1.2 that did it, but I was no longer able to use NetInfo for hostname resolution. I created the /locations/lookupd/hosts domain and set it to { CacheAgent, FFAgent, NIAgent, DNSAgent } I changed NETINFOSERVER=-AUTOMATIC- to NETINFOSERVER=-YES- as nibindd was not present when listing running processes. I then restarted my machine. Name resolution via nslookup still goes to my ISP's DNS servers, but OmniWeb is able to resolve hosts correctly (I have name-based virtual hosts set up in apache). 1) Why does nslookup go straight to the DNS server? there's no "man nslookup"!! 2) I'm worried that the automatic setting was not starting up nibindd. The only other machines on the LAN are my neighbour's Windows box and my router (which does DHCP for 192.168 addresses). Anyone have any ideas on this? Nicholas Shanks -- http://nickshanks.com/ From willscheidegger at mac.com Fri Feb 8 07:12:00 2002 From: willscheidegger at mac.com (Ulrich Scheidegger) Date: Thu Nov 3 12:29:15 2005 Subject: Since MacOS X Server 10.1.2 all Websites on port 16080 Message-ID: <0FEA7800-1CA6-11D6-874B-00039344BA8C@mac.com> List, We recently updated our MacOS X Server to 10.1.2. Every since all static pages are being served under port 16080, which is (as far as I know) the performance cache. Now i noticed that you can now turn on/off the performance cache on a per virtual domain basis, which is a good thing. All domains with performance cache enabled are on port 16080, all others on 80. Can someone give me a fix for this? Do I need to turn of the performance cache on all sites? Thanks for your help! Will From mbartosh at mac.com Fri Feb 8 08:58:00 2002 From: mbartosh at mac.com (Michael Bartosh) Date: Thu Nov 3 12:29:15 2005 Subject: NetInfo host resolution woes In-Reply-To: <5D58AE48-1C9D-11D6-8729-0005020F149E@nickshanks.com> References: <5D58AE48-1C9D-11D6-8729-0005020F149E@nickshanks.com> Message-ID: At 2:08 PM +0000 2/8/02, Nicholas Shanks wrote: >1) Why does nslookup go straight to the DNS server? there's no "man >nslookup"!! nslookup (AFAIK) has always gone straight to the DNS Server listed in /etc/reslov.conf (which is created in mac OS X by configd). >2) I'm worried that the automatic setting was not starting up >nibindd. The only other machines on the LAN are my neighbour's >Windows box and my router (which does DHCP for 192.168 addresses). >Anyone have any ideas on this? nibindd does not start by default in 10.1, unless you're binding to a NetInfo server. You don't need nibind for the behavior you describe. -- http://www.4am-media.com Mac OS X Consulting and Training Michael Bartosh mbartosh@4am-media.com 303.517.0272 Denver, CO "The surest way to corrupt a youth is to instruct him to hold in higher regard those who think alike than those who think differently." - -- Nietzsche Think Different. From xah at xahlee.org Fri Feb 8 09:23:01 2002 From: xah at xahlee.org (Xah Lee) Date: Thu Nov 3 12:29:15 2005 Subject: net traffic & disk monitors... Message-ID: <5DB4B302-1CB8-11D6-9DB9-0050E46E5F09@xahlee.org> * is there a utility like the cpu monitor that i can monitor net traffic? how about disk and memory activity? Xah xah@xahlee.org http://xahlee.org/PageTwo_dir/more.html From jeff at praeclara.com Fri Feb 8 09:30:59 2002 From: jeff at praeclara.com (Jeff Hergan) Date: Thu Nov 3 12:29:15 2005 Subject: net traffic & disk monitors... In-Reply-To: <5DB4B302-1CB8-11D6-9DB9-0050E46E5F09@xahlee.org> Message-ID: <76D5472B-1CB9-11D6-B04A-003065BC510E@praeclara.com> There's a simple app called Net Monitor that I use. It doesn't give much info though--just total upstream and downstream currently being used. Jeff On Friday, February 8, 2002, at 11:22 AM, Xah Lee wrote: > * is there a utility like the cpu monitor that i can monitor net > traffic? how about disk and memory activity? > > Xah > xah@xahlee.org > http://xahlee.org/PageTwo_dir/more.html > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > > Jeffrey P. Hergan, Ph.D Adjunct Professor of Philosophy Saint Xavier University Chicago From epeyton at epicware.com Fri Feb 8 09:34:00 2002 From: epeyton at epicware.com (Eric Peyton) Date: Thu Nov 3 12:29:15 2005 Subject: net traffic & disk monitors... In-Reply-To: <5DB4B302-1CB8-11D6-9DB9-0050E46E5F09@xahlee.org> Message-ID: There are quite a few on versiontracker. Eric On Friday, February 8, 2002, at 11:22 AM, Xah Lee wrote: > * is there a utility like the cpu monitor that i can monitor net > traffic? how about disk and memory activity? > > Xah > xah@xahlee.org > http://xahlee.org/PageTwo_dir/more.html > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin From justin at mac.com Fri Feb 8 09:35:59 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:15 2005 Subject: net traffic & disk monitors... In-Reply-To: <5DB4B302-1CB8-11D6-9DB9-0050E46E5F09@xahlee.org> Message-ID: <3592E0B0-1CBA-11D6-9A56-00306544D642@mac.com> On Friday, February 8, 2002, at 09:22 AM, Xah Lee wrote: > * is there a utility like the cpu monitor that i can monitor net > traffic? how about disk and memory activity? Try 'top -d'. This will give you disk activity, network activity (although I don't think it knows about PPP), and memory use. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | It's not whether you win or lose... | It's whether *I* win or lose. *--------------------------------------*-------------------------------* From root at nimug.org Fri Feb 8 09:41:33 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:15 2005 Subject: NetInfo host resolution woes In-Reply-To: Message-ID: On Friday, February 8, 2002, at 04:57 , Michael Bartosh wrote: > At 2:08 PM +0000 2/8/02, Nicholas Shanks wrote: >> 1) Why does nslookup go straight to the DNS server? there's no "man >> nslookup"!! > > nslookup (AFAIK) has always gone straight to the DNS Server listed in > /etc/reslov.conf (which is created in mac OS X by configd). I was under the impression that it stood for "name server lookup". >> 2) I'm worried that the automatic setting was not starting up nibindd. >> The only other machines on the LAN are my neighbour's Windows box and >> my router (which does DHCP for 192.168 addresses). Anyone have any >> ideas on this? > > nibindd does not start by default in 10.1, unless you're binding to a > NetInfo server. You don't need nibind for the behavior you describe. If you are worried about it then run a DNS server locally. Some routers do it and it's pretty trivial to set up in OSX. From root at nimug.org Fri Feb 8 09:43:00 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:15 2005 Subject: net traffic & disk monitors... In-Reply-To: <5DB4B302-1CB8-11D6-9DB9-0050E46E5F09@xahlee.org> Message-ID: On Friday, February 8, 2002, at 05:22 , Xah Lee wrote: > * is there a utility like the cpu monitor that i can monitor net > traffic? how about disk and memory activity? Yes, search for it on versiontracker. The one I use is Network statistics dockling but there are others. From mass at cocco.it Fri Feb 8 09:46:00 2002 From: mass at cocco.it (Antonio Cocco) Date: Thu Nov 3 12:29:15 2005 Subject: Multiple IP's In-Reply-To: <7A4F395E-1C34-11D6-9A56-00306544D642@mac.com> References: <7A4F395E-1C34-11D6-9A56-00306544D642@mac.com> Message-ID: Thank you all for answers. I need some help on how to bind services on a particular network interface. Also I need to know man entries for 'isof' and related commands. Many thanks. Antonio Cocco >On Thursday, February 7, 2002, at 05:27 PM, Dan Shoop wrote: > >>At 9:35 PM +0100 02/07/02, Antonio Cocco wrote: >>>Thank You all for the answers. >>> >>>Dan, the problem is that the external IP does not respond to any >>>query (e.g. typing the IP address of the machine generates in a >>>browser no answer with connection error). >> >>I'm guessing that's because the primary ethernet interface is your >>non-routable one, and Apache bind to the primary by default. > >'lsof' is your friend. As root, run it, and look for the process >name of interest (httpd, here). The 'inet' entries will tell the >tale: > >httpd 283 root 16u inet 0x012b523c 0t0 TCP >grinch:80 (LISTEN) >httpd 289 www 16u inet 0x012b523c 0t0 TCP >grinch:80 (LISTEN) >httpd 345 www 16u inet 0x012b523c 0t0 TCP >grinch:80 (LISTEN) >httpd 346 www 16u inet 0x012b523c 0t0 TCP >grinch:80 (LISTEN) >httpd 347 www 16u inet 0x012b523c 0t0 TCP >grinch:80 (LISTEN) >httpd 348 www 16u inet 0x012b523c 0t0 TCP >grinch:80 (LISTEN) > >Using '-n' will get you the raw IP address instead of the host name. >In this case, I have apache binding to the address on my internal >interface, so any attempt to get at it from the external interface >will fail. > >Regards, > >Justin > >-- >Justin C. Walker, Curmudgeon-At-Large * >Institute for General Semantics | When LuteFisk is outlawed > | Only outlaws will have > | LuteFisk >*--------------------------------------*-------------------------------* > >_______________________________________________ >MacOSX-admin mailing list >MacOSX-admin@omnigroup.com >http://www.omnigroup.com/mailman/listinfo/macosx-admin -- Antonio Cocco G.G.G. Srl Via Tanucci 91 81110 Caserta - Italy Ph. +39-0823-322755 Fax +39-0823-322068 From justin at mac.com Fri Feb 8 09:48:00 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:15 2005 Subject: NetInfo host resolution woes In-Reply-To: <5D58AE48-1C9D-11D6-8729-0005020F149E@nickshanks.com> Message-ID: On Friday, February 8, 2002, at 06:08 AM, Nicholas Shanks wrote: > I think it was the recent upgrade to 10.1.2 that did it, but I was no > longer able to use NetInfo for hostname resolution. > > I created the /locations/lookupd/hosts domain and set it to > { CacheAgent, FFAgent, NIAgent, DNSAgent } > I changed NETINFOSERVER=-AUTOMATIC- to NETINFOSERVER=-YES- as nibindd > was not present when listing running processes. > I then restarted my machine. > > Name resolution via nslookup still goes to my ISP's DNS servers, but > OmniWeb is able to resolve hosts correctly (I have name-based virtual > hosts set up in apache). > > 1) Why does nslookup go straight to the DNS server? there's no "man > nslookup"!! 'nslookup' bypasses whatever mechanism the host uses for name resolution and does all the work itself (i.e., it creates its own DNS packets and sends them to a nameserver; it knows nothing of lookupd and netinfo). This makes it a good tool for diagnosing DNS problems, and avoids resolver problems (which is the intent). > 2) I'm worried that the automatic setting was not starting up nibindd. > The only other machines on the LAN are my neighbour's Windows box and > my router (which does DHCP for 192.168 addresses). Anyone have any > ideas on this? I'm not sure exactly when this came in , but nibindd is now only run when you want to find a parent in a netinfo network. If that's not you, change things back the way they were. You don't need nibindd. It's this way on 10.1.1, FWIW. You certainly should be able to get name resolution from netinfo (put the names and addresses in /machines). Did you change the default lookup order to get internal names resolved? You may be having trouble with your change to the netinfo environment (requiring nibindd). Regards, Justin -- /~\ The ASCII Justin C. Walker, Curmudgeon-at-Large \ / Ribbon Campaign X Help cure HTML Email / \ From taylor at intuitive.com Fri Feb 8 09:58:01 2002 From: taylor at intuitive.com (Dave Taylor) Date: Thu Nov 3 12:29:15 2005 Subject: [X-Admin]Print Center and lpd In-Reply-To: <20020208100949-a01050002-1cf8ddf9-1012-0110@130.239.41.117> Message-ID: > If I set up a printer to use LPD printing, is there some way where the user > look at the queue, remove jobs, etc using the GUI? > > Right now the jobs are spooled to the print server and the users have to log > on to the unix host to do this. Nope. As far as I can figure, the print queue for lpr, the print queue for atprint, and the print queue for Print Center are all completely independent of each other. Oy, what a mess printing is (as usual in Unix, alas. It's the one area in Unix that was never really well designed, IMO). Dave Taylor Author: "Learning Mac OS X Unix" for O'Reilly [forthcoming] From mike at pinataperspective.com Fri Feb 8 09:58:45 2002 From: mike at pinataperspective.com (Mike Friedman) Date: Thu Nov 3 12:29:15 2005 Subject: CD Writer Questions (Hardware) In-Reply-To: <0BF8D88D-1C83-11D6-87C1-003065E09B30@carbon-logistics.de> Message-ID: <568AD028-1CBD-11D6-BA9B-003065EF6F90@pinataperspective.com> I bought a firewire drive from SmartDisk, and it's great. Doesn't even require power (gets power through the Firewire cable) and works out of the box with OSX. An absolute no brainer. You should be able to install an IDE drive internally, but it's more complicated. And if you just have one CD-RW drive, Firewire is great, since you just take it to the next machine where you need it, plug it in, and voila. On Friday, February 8, 2002, at 03:00 AM, Frank Knobloch wrote: > Dear all, > > all our machines are based on the G4/400 series. > So they don't have a CDW. Our question is now. > What kind of CD Writers can be used (externally) > that are supported by Mac OS X. It should be > as simple as possible and if known in practice > cheap solutions. > > Thanks in advance... > > Frank > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin From justin at mac.com Fri Feb 8 10:40:58 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:15 2005 Subject: [X-Admin]Print Center and lpd In-Reply-To: Message-ID: <41B60711-1CC3-11D6-9A56-00306544D642@mac.com> On Friday, February 8, 2002, at 09:56 AM, Dave Taylor wrote: >> If I set up a printer to use LPD printing, is there some way where the >> user >> look at the queue, remove jobs, etc using the GUI? >> >> Right now the jobs are spooled to the print server and the users have >> to log >> on to the unix host to do this. > > Nope. As far as I can figure, the print queue for lpr, the print queue > for > atprint, and the print queue for Print Center are all completely > independent > of each other. Oy, what a mess printing is (as usual in Unix, alas. > It's the > one area in Unix that was never really well designed, IMO). In the For What It's Worth department, 'atprint' doesn't queue; it contacts the remote printer (which could, one guesses, be itself a queue(r)) directly, and blasts bits at it, once it gets the go-ahead. 'Blast', in AppleTalk, is of course, a figure of speech. Regards, Justin -- /~\ The ASCII Justin C. Walker, Curmudgeon-at-Large \ / Ribbon Campaign X Help cure HTML Email / \ From justin at mac.com Fri Feb 8 10:54:04 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:15 2005 Subject: Multiple IP's In-Reply-To: Message-ID: <1E9DA16E-1CC5-11D6-9A56-00306544D642@mac.com> On Friday, February 8, 2002, at 09:44 AM, Antonio Cocco wrote: > Thank you all for answers. > > I need some help on how to bind services on a particular network > interface. This is the question you asked originally, right? The answers you've received have indicated, more or less, what you need to do. There is no single thing to do to bind services to an interface. It depends on the service. For Apache (web server) you need to review the documentation that comes on the system (or at http://www.apache.org). For most others, you have a couple of choices: - learn about, and install, xinetd, which lets you do this for services that inetd can handle (see /etc/inetd.conf) - learn about, and use, a firewall app (like brickhouse) that lets you configure the built-in Mac OS X firewall mechanism and have it reject/drop requests for services (by port) on those interfaces that you do not want to support The documentation or man pages for individual services/daemons may tell you other ways to do this, but it will be a per-service thing. > Also I need to know man entries for 'isof' and related commands. This is as easy as typing 'man lsof' (not 'isof') or whatever command you are interested in. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | When LuteFisk is outlawed | Only outlaws will have | LuteFisk *--------------------------------------*-------------------------------* From fabienlroy at mac.com Fri Feb 8 11:15:02 2002 From: fabienlroy at mac.com (fabienlroy@mac.com) Date: Thu Nov 3 12:29:15 2005 Subject: PB Ti667 and Apple USB mouse will lock up system after a while In-Reply-To: <02691D90-1C80-11D6-8EF3-000393823B30@logicunited.com> Message-ID: <13B48C5C-1CC8-11D6-9A5A-000393030CD8@mac.com> On my older Ti 500 MHz I do not experience the problem at all. This could be a faulty mouse. Try to borrow another one and test. Fabien. On Friday, February 8, 2002, at 02:38 AM, Dominik Westner wrote: > Finally I figured out why my new PB Ti667 will totally lock up after an > hour of usage: it's the external Apple USB mouse!!! > > I don't understand why, but at work I use a MS USB mouse, which works > great. At home I have an Apple USB mouse and it will lock up my system > after a while (can't start any new apps, no kernel panic, some already > started apps will still work, you have to force reboot). > > If I don't attach the mouse the system runs smoothly with no problems. > > So, is this a know bug, does anybody else experience the same? > > Thanks > > > Dominik > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > > --- Fabien Roy Senior Software Engineer Tyrell Software Corporation 949 458-1911 ext 4 PGP Public Key From lists at wiltgen.net Fri Feb 8 12:03:26 2002 From: lists at wiltgen.net (Charles Wiltgen) Date: Thu Nov 3 12:29:15 2005 Subject: Printer sharing? In-Reply-To: <53041AAB-1BF8-11D6-9134-0050E4E60657@ThermOptics.co.uk> Message-ID: Hello, I've been trying to find a solution that would allow Mac OS X users to print to an Epson inkjet printer connected to a Windows machine (which is shared with other Windows users), but I haven't been successful. Any pointers are appreciated. -- Charles Wiltgen From dale at databright.com Fri Feb 8 12:47:01 2002 From: dale at databright.com (Dale Schell) Date: Thu Nov 3 12:29:15 2005 Subject: Apple Events Message-ID: Group, I am attempting to send apple events from OSX to an OS 9.2.1 machine via TCP/IP. Is it even possible? What I ultimately want is to be able to open a socket with php and send them through there. Anyone have any ideas/resources to allow this to be done? Dale Schell DataBright Management Systems From boonstb at cmg.FCNBD.COM Fri Feb 8 13:45:02 2002 From: boonstb at cmg.FCNBD.COM (Brian Boonstra) Date: Thu Nov 3 12:29:15 2005 Subject: Printer sharing? In-Reply-To: References: Message-ID: <200202082144.PAA10413@wo1203.cmg.FCNBD.COM> Charles wrote: > I've been trying to find a solution that would allow Mac OS X users to > print to an Epson inkjet printer connected to a Windows machine (which is > shared with other Windows users), but I haven't been successful. > > Any pointers are appreciated. The easiest thing to do, if the other computers are running sufficiently advanced Windows, is to set them up to do "Unix Print Services" (or something with a name very like that). It's built in to Win2000 I know, and into XP and late versions of NT I think. Pay attention to the share name, but essentially this makes them share the printer using an LPD daemon that Unix (including OSX) understands just fine. I share an old Postscript DECLaser1152 that way. Note that I had to manually install the PPD for a printer that old. Brian From chrisanders at mac.com Fri Feb 8 19:10:58 2002 From: chrisanders at mac.com (Chris Anders) Date: Thu Nov 3 12:29:15 2005 Subject: net traffic & disk monitors... In-Reply-To: <3592E0B0-1CBA-11D6-9A56-00306544D642@mac.com> Message-ID: <8A158E51-1D0A-11D6-938A-0003934F84D8@mac.com> On Friday, February 8, 2002, at 06:35 PM, Justin C. Walker wrote: > Try 'top -d'. This will give you disk activity, network activity > (although I don't think it knows about PPP), and memory use. Justin, thanks for this advice. I wasn't aware of that option. Can I use it with multiple network interfaces ? It doesn't seem to be aware of my airport card, too... Chris From kef_list at ibacom.es Sat Feb 9 03:02:00 2002 From: kef_list at ibacom.es (Kefauver, Charles) Date: Thu Nov 3 12:29:15 2005 Subject: xyz2: ssh bus error. In-Reply-To: References: Message-ID: Although ssh is working fine, each time I log in, /var/log/system.log, after the normal logging of IP and username, shows this: Feb 8 15:35:01 servername WindowServer[68]: _CGXGetDisplayShmem: Unauthorized user Feb 8 15:35:01 servername /usr/libexec/CrashReporter: Failed writing crash report: /private/var/tmp/klist.crash.log klist.crash.log is an empty file. Also, when I disconnect from ssh with the "exit" command, I get: logout Bus error Connection to servername.ibacom.es closed. Instead of just logout Connection to servername.ibacom.es closed. Does anyone know what can cause this? I haven't noticed any consecuences, but I don't like seeing "crash reports" in my logs... Thanks, Charles From jpb at ApesSeekingKnowledge.net Sat Feb 9 06:54:00 2002 From: jpb at ApesSeekingKnowledge.net (Joe Block) Date: Thu Nov 3 12:29:15 2005 Subject: (no subject) Message-ID: On Friday, February 8, 2002, at 12:56 , Dave Taylor wrote: >> If I set up a printer to use LPD printing, is there some way where the >> user >> look at the queue, remove jobs, etc using the GUI? >> >> Right now the jobs are spooled to the print server and the users have >> to log >> on to the unix host to do this. > > Nope. As far as I can figure, the print queue for lpr, the print queue > for > atprint, and the print queue for Print Center are all completely > independent > of each other. Oy, what a mess printing is (as usual in Unix, alas. > It's the > one area in Unix that was never really well designed, IMO). It sucks, it just sucks less than the alternatives :-) I had a lot of good luck at my old job running CUPS on my debian linux box, and then accessing the queues via lpr from my OSX box. CUPS makes it easy to do remote queue management via a web browser. jpb -- Joe Block I love the way Microsoft follows standards. In much the same manner that fish follow migrating caribou. - Paul Tomblin From jpb at ApesSeekingKnowledge.net Sat Feb 9 06:59:01 2002 From: jpb at ApesSeekingKnowledge.net (Joe Block) Date: Thu Nov 3 12:29:15 2005 Subject: Printer sharing? In-Reply-To: Message-ID: <7853A79A-1D6D-11D6-9E1D-000393102F9E@ApesSeekingKnowledge.net> On Friday, February 8, 2002, at 03:00 , Charles Wiltgen wrote: > Hello, > > I've been trying to find a solution that would allow Mac OS X users to > print > to an Epson inkjet printer connected to a Windows machine (which is > shared > with other Windows users), but I haven't been successful. A friend of mine used CUPS + ghostscript to render postscript output to something his epson would understand, then smbprint from the linux box running CUPS to spool it to the windows machine. You may be able to get CUPS to build on OSX, I know ghostscript builds (it's in fink). ghostscript doesn't support all epson inkjets though, you'll have to see whether the printer you're using is a supported model. jpb -- Joe Block Laws that forbid the carrying of arms disarm only those who are neither inclined nor determined to commit crimes. Such laws make things worse for the assaulted and better for the assailants; they serve rather to encourage than to prevent homicides, for an unarmed man may be attacked with greater confidence than an armed man. -Thomas Jefferson, 1764 From ocs at ocs.cz Sat Feb 9 09:04:00 2002 From: ocs at ocs.cz (Ondra Cada) Date: Thu Nov 3 12:29:15 2005 Subject: Newbie Question In-Reply-To: <10202072045.AA10429@gandalf.caisys.co.uk> References: <10202061049.AA07402@gandalf.caisys.co.uk> <200202061502.AA12013@ocs.cz> <10202072045.AA10429@gandalf.caisys.co.uk> Message-ID: <200202091656.AA02094@ocs.cz> Mike, >>>>>> Mike Elston (ME) wrote at Thu, 7 Feb 2002 20:45:53 GMT: ME> >ME> I too have regular problems with access to NFS mounts ME> >ME> disappearing -- not just after sleep, but after periods of ME> >ME> inactivity on the remote mounts too. ME> > ME> >Do you use automount? It indeed unmounts/remounts on demand, just see ME> >"man automount"! ME> ME> Yes, I know automount unmounts after a specified idle time. And that you ME> need to read the symlink to remount the remote fs. The problem is that ME> Finder doesn't appear to know that (unlike Workspace Manager). ... ME> If Finder (and Nav Services) understood automount points and behaved ME> correctly, we wouldn't have these problems (would we?). Yep, Finder is a piece of c...arbon. ME> >If you want your NFS mounts to stick, just mount them explicitly ME> >(mount -t nfs exportname mountpoint). ME> ME> Is this what you do? Yep (still alas having problems with quite non-deterministic way of exporting NFS from OSX :( ). ME> I agree this should work, but wouldn't I have to ME> remove the exported directories from the NetInfo network master's mounts ME> directory Well, I keep them there, but make sure I don't access the appropriate mounpoints -- automount therefore keeps still, and no problems occur. (Inicidentally, SO FAR AS I UNDERSTAND NFS, no proble should occur even if I used them, since multiple mount should work nicely; it does not for me here -- I guess it's a local problem rather than a generic behaviour, though). ME> (which would mean they wouldn't mount automatically on my ME> TiBook when it's on my subnet)? You can move the mounts from the root domain to the TiBook's one, of course. ME> Or not run automount at all? What happens ME> if automount tries to mount an already mounted FS? Here, nothing's mounted (the original manual mount keeps working). I think the proper behaviour though is that it should just mount twice. --- Ondra Cada OCSoftware: ocs@ocs.cz http://www.ocs.cz 2K Development: o.cada@2kdevelopment.cz http://www.2kdevelopment.cz private ondra@ocs.cz http://www.ocs.cz/oc From justin at mac.com Sat Feb 9 09:43:01 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:15 2005 Subject: xyz2: ssh bus error. In-Reply-To: Message-ID: <4FAD3AB4-1D84-11D6-9A56-00306544D642@mac.com> On Saturday, February 9, 2002, at 03:01 AM, Kefauver, Charles wrote: > Although ssh is working fine, each time I log in, /var/log/system.log, > after the normal logging of IP and username, shows this: > > > Feb 8 15:35:01 servername WindowServer[68]: _CGXGetDisplayShmem: > Unauthorized user > Feb 8 15:35:01 servername /usr/libexec/CrashReporter: Failed writing > crash report: /private/var/tmp/klist.crash.log > > > klist.crash.log is an empty file. > > Also, when I disconnect from ssh with the "exit" command, I get: > > logout > Bus error > Connection to servername.ibacom.es closed. This is a known problem with the tcsh setup. There is a bogus kerberos command in the logout script (the last item there). Remove that command. It was discussed either on this list or one of the Darwin lists; look for mail from Marshall Vale at MIT. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | If you're not confused, | You're not paying attention *--------------------------------------*-------------------------------* From scott at maxify.com Sat Feb 9 10:15:00 2002 From: scott at maxify.com (Scott Stevenson) Date: Thu Nov 3 12:29:15 2005 Subject: PB Ti667 and Apple USB mouse will lock up system after a while In-Reply-To: <8DEFCD17-1C9D-11D6-BDCF-00039342653E@UC.Edu> Message-ID: On Friday, February 8, 2002, at 06:10 AM, Don Rainwater wrote: > Last night, I connected the mouse just after I heard the startup > chimes. I walked into the next room for a couple of minutes and, when > I returned, the system was still sitting there with the happy Mac and > the colored beach ball on the screen. After a few more minutes of that > (I was watching JAG on TiVo), I unplugged the mouse, let the system > finish booting Maybe it's me being paranoid, but I don't think it's necessarily such a great idea to plug devices in as the machine is booting. How is the OS supposed to load drivers in that state? - Scott From sherlock at rna.nl Sat Feb 9 10:34:01 2002 From: sherlock at rna.nl (Gerben Wierda) Date: Thu Nov 3 12:29:15 2005 Subject: Best firewall config program Message-ID: What - in the opinion of this crowd - is the best FireWall configuring application for Mac OS X? Thanks, G From crasmen at free.fr Sun Feb 10 05:22:01 2002 From: crasmen at free.fr (Corentin =?iso-8859-1?Q?Cras=2DM=E9neur?=) Date: Thu Nov 3 12:29:15 2005 Subject: Mail->import Eudora Message-ID: At 18:27 +0000 7/02/02, Greg Freeman wrote: >If I try importing mailboxes from Eudora into Mail, it seems to >change the messages that were sent from Eudora in the process. It >modifies the message sent date to the current date and removes the >To: header totally. This is inconvenient for keeping my mails as >records. > >Is this a bug with the import interpreter or is there a work around? I think you should take a look at "Eudora Mailbox Cleaner". You'll find it on versiontracker ( http://www.versiontracker.com/ ). If I quite remember, it prepares your Eudora mailboxes to be imported in Mail. Corentin From nikoniko at adaptory.com Sun Feb 10 05:25:58 2002 From: nikoniko at adaptory.com (Nikolaos Nikou) Date: Thu Nov 3 12:29:15 2005 Subject: configure http proxy References: <09298938-1BB8-11D6-ACE2-003065D3FF28@zeus.rug.ac.be> Message-ID: <3C665322.6030804@adaptory.com> Ok but how can I configure that in MacOSX and say all incoming traffic from the internet to port 80 will be for the domains we serve and all incoming traffic from the internet to port 80 will be for proxy. there is no such configuration option on the www server. nn Jonas Maebe wrote: > > On woensdag, februari 6, 2002, at 08:44 , Nikolaos Nikou wrote: > >> Right now we are using it as a proxy with no authedication but we >> would like to add authedication for all the users. > > > As long as it's configured that way, please configure your firewall so > that it only allows connections to it from within your own network > (Mac OS X's built-in firewall, ipfw, can handle that fine). The reason > is that spammers nowadays often tunnel their smtp connections to open > relays through unsecured http and socks proxies, so they become > virtually untraceable that way. > > > Jonas > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > From root at nimug.org Sun Feb 10 05:34:01 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:15 2005 Subject: configure http proxy In-Reply-To: <3C665322.6030804@adaptory.com> Message-ID: On Sunday, February 10, 2002, at 11:01 , Nikolaos Nikou wrote: > Ok but how can I configure that in MacOSX and say > all incoming traffic from the internet to port 80 will be for the > domains we serve > and > all incoming traffic from the internet to port 80 will be for proxy. Now you've lost me. You want all incoming traffic from the internet on port 80 to go both to proxy and be for the domains you serve... The "domains you serve" bit is a given (you're unlikely to get traffic for domains you don't serve) so all you want is to proxy all incoming traffic? > there is no such configuration option on the www server. http://www.apache.org/ -- From jonas at zeus.rug.ac.be Sun Feb 10 07:59:09 2002 From: jonas at zeus.rug.ac.be (Jonas Maebe) Date: Thu Nov 3 12:29:15 2005 Subject: configure http proxy In-Reply-To: <3C665322.6030804@adaptory.com> Message-ID: On Sun, 10 Feb 2002, Nikolaos Nikou wrote: > Ok but how can I configure that in MacOSX and say all incoming traffic > from the internet to port 80 will be for the domains we serve and all > incoming traffic from the internet to port 80 will be for proxy. there > is no such configuration option on the www server. Do you mean you want to run two services on port 80, both the webserver and the proxy? That's not possible, you have to run them on two different ports. Normally, port 8080 is used for http proxies. Then you can configure ipfw (using firewalk/brickhouse/command line/...) so that it blocks all access from ip'soutside your domain to port 8080 of the computer on which the proxy is running (except if it's an estanblished connection, since otherwise noone will be able to replay to your proxy :) Jonas From shoop at iWiring.Net Sun Feb 10 13:15:59 2002 From: shoop at iWiring.Net (Dan Shoop) Date: Thu Nov 3 12:29:15 2005 Subject: Best firewall config program In-Reply-To: References: Message-ID: At 7:20 PM +0100 02/09/02, Gerben Wierda wrote: >What - in the opinion of this crowd - is the best FireWall >configuring application for Mac OS X? BBEdit -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From joel at powermac.demon.co.uk Sun Feb 10 14:19:00 2002 From: joel at powermac.demon.co.uk (Joel Smith) Date: Thu Nov 3 12:29:15 2005 Subject: Modem use in Classic applications In-Reply-To: <20020208073010.YIAX2951.rwcrmhc53.attbi.com@[192.168.70.4]> References: <20020208073010.YIAX2951.rwcrmhc53.attbi.com@[192.168.70.4]> Message-ID: At 12:30 am -0700 8/2/02, Chris Murphy wrote: >Marley Graham writes: > > >> "Sorry - serial port selected is not available." > >AFAIK, there is no serial support at all in the Classic environment. I >personally would not be surprised if there are no plans to do so. It's >been almost a year since OS X came out and the reasons for needing serial >support in Classic are increasingly greater the farther back in time you >go. > Sorry Chris, but this isn't completely accurate. I regularly use the Keyspan USB serial adapter from within Classic. However, this is slightly different since USB devices are supported from within Classic, and this is a USB device offering a serial connection. I am unable to use the serial device in Classic and MOSX at the same time. If I load the kernel drivers for MOSX, then Classic can't access the serial device. However, if I leave the OSX drivers out, then Classic can operate it fine (with the Classic drivers loaded). However, it is true that Classic is unable to access the modem port as a serial device. This is because Classic is unable to directly access the hardware, which is what is required to access a modem as a serial device. The USB device is different, as it is not directly accessing the USB hardware on the Mac, but rather using the USB protocol to access the device. If you need to access a modem as a serial device from within classic, you could do so using a USB serial adapter and an external modem, or possibly by using an external USB modem. Cheers, Joel -- Joel Smith 22 Springfield Way Pateley Bridge Tel: +44 1423 711229 Mobile: +44 7768 803758 N.Yorks HG3 5PA Fax: +44 870 1617192 From alex at lassoguru.com Sun Feb 10 17:09:02 2002 From: alex at lassoguru.com (Alex Pilson) Date: Thu Nov 3 12:29:15 2005 Subject: Best firewall config program In-Reply-To: References: Message-ID: At 4:15 PM -0500 2/10/02, Dan Shoop wrote: >At 7:20 PM +0100 02/09/02, Gerben Wierda wrote: >>What - in the opinion of this crowd - is the best FireWall >>configuring application for Mac OS X? > >BBEdit That is good! I would agree but I think he may have wanted a GUI version. What about BrickHouse? -- <----------------------------------------> \\--\\--\\--\\-\\--\\--\\-\\--\\--\\--// Alex Pilson Interactive Developer alex@lassoguru.com 404.728.4417 404.642.8225 CELL \\--\\--\\--\\-\\--\\--\\-\\--\\--\\--// <----------------------------------------> From bdezendorf at aus.ac.ae Sun Feb 10 21:30:01 2002 From: bdezendorf at aus.ac.ae (Breandan Dezendorf) Date: Thu Nov 3 12:29:15 2005 Subject: Best firewall config program In-Reply-To: Message-ID: <4E61AD13-1EB0-11D6-97EC-0003930405C0@aus.ac.ae> I have found Brickhouse to be a solid product, and the developer is quick to answer email. One note of warning: On Mac OS X Server, the default firewall is set to block all incoming traffic. It is also turned off. When Brickhouse activates the firewall and adds rules, it does not see the default "Block Everything" rule... took a while to figure out what the problem was. You need to log into "Server Admin.app" and delete the rule, or change it, and then run Brickhouse. On Monday, February 11, 2002, at 05:08 AM, Alex Pilson wrote: > At 4:15 PM -0500 2/10/02, Dan Shoop wrote: >> At 7:20 PM +0100 02/09/02, Gerben Wierda wrote: >>> What - in the opinion of this crowd - is the best FireWall configuring >>> application for Mac OS X? >> >> BBEdit > > That is good! I would agree but I think he may have wanted a GUI version. > What about BrickHouse? > Breandan Dezendorf Macintosh Network Engineer American University of Sharjah From brent at baton.phys.lsu.edu Sun Feb 10 21:44:01 2002 From: brent at baton.phys.lsu.edu (Brent Neal) Date: Thu Nov 3 12:29:15 2005 Subject: Best firewall config program In-Reply-To: References: Message-ID: >At 7:20 PM +0100 02/09/02, Gerben Wierda wrote: >>What - in the opinion of this crowd - is the best FireWall >>configuring application for Mac OS X? > >BBEdit > >-dhan BBEdit?! Feh. You must be joking. Vi or nothing at all! I used Brickhouse at first to generate a basic configuration, and edited it manually after that, since I needed to do funny things like restrict access to a subnet (i.e. 123.123.123.123:255.255.252.0) and at the time Brickhouse wouldn't handle anything that exotic. I think has since been rectified, but I've not really needed to tinker with my firewall since then. I do recommend BrickHouse though, if you don't want to do the "studly" (insert Tim Allen noises here) thing and build your firewall.conf by hand. And I also use BBEdit - it's probably the single most useful (and used) piece of software on my machine. :) B -- Brent Neal Concurrent Computing Laboratory for Materials Simulations Dept. of Physics - Dept. of Computer Science Louisiana State University From stuart.roebuck at adolos.co.uk Mon Feb 11 01:07:01 2002 From: stuart.roebuck at adolos.co.uk (Stuart Roebuck) Date: Thu Nov 3 12:29:15 2005 Subject: Best firewall config program In-Reply-To: Message-ID: <8748A244-1ECE-11D6-B369-0030654777A6@adolos.co.uk> On Monday, February 11, 2002, at 05:41 am, Brent Neal wrote: >> At 7:20 PM +0100 02/09/02, Gerben Wierda wrote: >>> What - in the opinion of this crowd - is the best FireWall configuring >>> application for Mac OS X? >> >> BBEdit >> >> -dhan > > > BBEdit?! Feh. You must be joking. Vi or nothing at all! Please be careful about your tagging, this email gave me a parsing error! If you're using a tag on it's own the forward slash should come after the tag name, e.g.: Stuart. :-) Public Key - 1024D/88DD65AF 2001-11-23 Stuart Roebuck (Adolos) Key fingerprint = 89D9 E405 F8B1 9B22 0FA2 F2C1 9E57 5AB1 88DD 65AF ------------------------------------------------------------------------- Stuart Roebuck stuart.roebuck@adolos.com Systems Architect Java, XML, MacOS X, XP, etc. ADOLOS From merlyn at stonehenge.com Mon Feb 11 03:43:00 2002 From: merlyn at stonehenge.com (Randal L. Schwartz) Date: Thu Nov 3 12:29:15 2005 Subject: Best firewall config program In-Reply-To: <8748A244-1ECE-11D6-B369-0030654777A6@adolos.co.uk> References: <8748A244-1ECE-11D6-B369-0030654777A6@adolos.co.uk> Message-ID: >>>>> "Stuart" == Stuart Roebuck writes: >> BBEdit?! Feh. You must be joking. Vi or nothing at all! Stuart> Please be careful about your tagging, this email gave me a parsing error! Stuart> If you're using a tag on it's own the forward slash should come after Stuart> the tag name, e.g.: Stuart> Stuart. Stuart> :-) You shouldn't be parsing a MIME type of text/plain! You're as bad as a M$ product! :-) -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! From nikoniko at adaptory.com Mon Feb 11 08:25:01 2002 From: nikoniko at adaptory.com (Nikolaos Nikou) Date: Thu Nov 3 12:29:15 2005 Subject: configure http proxy References: Message-ID: <3C67DE06.4080804@adaptory.com> Ok, but there is noway to configure either users for the proxy or the proxy port. the only option available on the web server is if you want to enable the proxy and the size and location of the cache. I tried to connect to the 8080 port of our server but it doesn't respond but the 80 works ok as a proxy. Jonas Maebe wrote: > >On Sun, 10 Feb 2002, Nikolaos Nikou wrote: > >>Ok but how can I configure that in MacOSX and say all incoming traffic >>from the internet to port 80 will be for the domains we serve and all >>incoming traffic from the internet to port 80 will be for proxy. there >>is no such configuration option on the www server. >> > >Do you mean you want to run two services on port 80, both the webserver >and the proxy? That's not possible, you have to run them on two different >ports. Normally, port 8080 is used for http proxies. Then you can >configure ipfw (using firewalk/brickhouse/command line/...) so that it >blocks all access from ip'soutside your domain to port 8080 of the >computer on which the proxy is running (except if it's an estanblished >connection, since otherwise noone will be able to replay to your proxy :) > > >Jonas > >_______________________________________________ >MacOSX-admin mailing list >MacOSX-admin@omnigroup.com >http://www.omnigroup.com/mailman/listinfo/macosx-admin > -------------- next part -------------- An HTML attachment was scrubbed... URL: /mailman/archive/macosx-admin/attachments/20020211/0dc2b11e/attachment.html From taz at univits.se Mon Feb 11 10:10:01 2002 From: taz at univits.se (Mikael Moreira) Date: Thu Nov 3 12:29:15 2005 Subject: Grab app. In-Reply-To: <3C67DE06.4080804@adaptory.com> Message-ID: I know there is a way to change the default format that the Grab application uses to take screenshots, but I just can't remember what it was. Could someone help me refresh my memory? /Micke From shoop at iWiring.Net Mon Feb 11 11:14:00 2002 From: shoop at iWiring.Net (Dan Shoop) Date: Thu Nov 3 12:29:15 2005 Subject: Best firewall config program In-Reply-To: <8748A244-1ECE-11D6-B369-0030654777A6@adolos.co.uk> References: <8748A244-1ECE-11D6-B369-0030654777A6@adolos.co.uk> Message-ID: At 9:05 AM +0000 02/11/02, Stuart Roebuck wrote: >On Monday, February 11, 2002, at 05:41 am, Brent Neal wrote: > >>>At 7:20 PM +0100 02/09/02, Gerben Wierda wrote: >>>>What - in the opinion of this crowd - is the best FireWall >>>>configuring application for Mac OS X? >>> >>>BBEdit >>> >>>-dhan >> >> >>BBEdit?! Feh. You must be joking. Vi or nothing at all! > >Please be careful about your tagging, this email gave me a parsing error! > >If you're using a tag on it's own the forward slash should come >after the tag name, e.g.: You're thinking XML. Other DTDs don't necessarily subscribe to that notion. -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From ncarey at speakeasy.org Mon Feb 11 13:20:58 2002 From: ncarey at speakeasy.org (Nicholas Katz Carey) Date: Thu Nov 3 12:29:15 2005 Subject: Printer sharing? In-Reply-To: Message-ID: <111E8850-1F35-11D6-832E-000A27956EF2@speakeasy.org> On Friday, February 8, 2002, at 12:00 PM, Charles Wiltgen wrote: > Hello, > > I've been trying to find a solution that would allow Mac OS X users to > print > to an Epson inkjet printer connected to a Windows machine (which is shared > with other Windows users), but I haven't been successful. IF the Micro$oft box is running Windows NT/2000 SERVER, it should come with Macintosh File/Print Services. Theoretically, it should allow Mac boxen to see/use the printers attached to the windows box. I don't know if it is OS X aware, tho. Also, you will need to do a custom install to install the Mac File/Print Services. It's not part of the default install. From Frank.Knobloch at carbon-logistics.de Tue Feb 12 00:08:00 2002 From: Frank.Knobloch at carbon-logistics.de (Frank Knobloch) Date: Thu Nov 3 12:29:15 2005 Subject: Prefered Place for License Keys (Confused about Omni) Message-ID: <84EB176C-1F8F-11D6-8F7D-003065E09B30@carbon-logistics.de> Dear all, i don't know if the policy is responsible for confusing me. I just get a trial lic-key of OmniGroup for OmniOutliner. This is installed in /Network/Library/Application Support/Omni Group/.. The lic-keys for Omniweb and Omnigraffle are placed in /Network/Library/SoftwareLicenses. My experience says that the Omnigroup is the one of the best companies for Mac OS. This ist not only based on their products (small, functional, good, easy, KISS). Furthermore it's based on how they use the policy of Mac OS X. And now i'm interested if there is a suggested place for license files from Apple and this is switched from PB to 10.0 to 10.1. It would be interesting for the administration of course. Thanks Frank From marcel at metaobject.com Tue Feb 12 01:50:59 2002 From: marcel at metaobject.com (Marcel Weiher) Date: Thu Nov 3 12:29:15 2005 Subject: [BUG][workaround]All Cocoa apps crash in open/save panel Message-ID: Hi folks, just got my new G4 and moved all my stuff over, and all of the sudden all of the Cocoa apps crash when trying to show an open or save panel. Here's the backtrace: #0 0x70162b70 in CFGetAllocator () #1 0x7017da38 in CFURLCopyFileSystemPath () #2 0x70c58b84 in FSRefToPath () #3 0x70c55b08 in -[NSHFSContainer _getHiddenList] () #4 0x70c5197c in -[NSHFSContainer initWithRef:containerType:] () #5 0x70c81358 in +[NSHFSContainer rootContainer] () #6 0x70d68198 in -[NSSavePanel browser:numberOfRowsInColumn:] () #7 0x70cc8e74 in -[NSBrowser addColumn] () #8 0x70cca828 in -[NSBrowser loadColumnZero] () #9 0x70d65568 in -[NSSavePanel _initializePanel:path:name:relativeToWindow:] () #10 0x70d667cc in -[NSSavePanel _runModal:forDirectory:file:relativeToWindow:] () #11 0x70d66cb8 in -[NSSavePanel _runModalForDirectory:file:relativeToWindow:] () #12 0x70d6a728 in -[NSSavePanel runModal] () #13 0x00007720 in ?? () #14 0x0000754c in ?? () #15 0x00007514 in ?? () #16 0x70833b28 in -[NSObject performSelector:withObject:] () #17 0x70c94698 in -[NSApplication sendAction:to:from:] () #18 0x70bf9d7c in -[NSMenu performActionForItemAtIndex:] () #19 0x70c1d638 in -[NSCarbonMenuImpl performActionWithHighlightingForItemAtIndex:] () #20 0x70c7c3c4 in -[NSMenu performKeyEquivalent:] () I did edit the '.hidden' file in the root directory, but it looks just the same as the one on my other machine. Hmm...so I delete the .hidden file and everything seems fine again. Strange, Marcel -- Marcel Weiher Metaobject Software Technologies marcel@metaobject.com www.metaobject.com Metaprogramming for the Graphic Arts. HOM, IDEAs, MetaAd etc. From rcerny at dataline.cz Tue Feb 12 06:20:59 2002 From: rcerny at dataline.cz (Robert Cerny) Date: Thu Nov 3 12:29:15 2005 Subject: Changing default creation mask Message-ID: Hi folks, I suppose the answer is very easy but I can't find it. I'm on OS X Client and need to change a default creation mask for new files. I thought that I can simply use umask UNIX commands, but it looks like it's valid just for files created from Terminal. Any ideas? Thanks Robert From perbix at lmsd.org Tue Feb 12 06:45:01 2002 From: perbix at lmsd.org (Michael Perbix) Date: Thu Nov 3 12:29:15 2005 Subject: Broadband utility Message-ID: There is a great little utility on Versiontracker that optimizes your TCP/IP settings for better throughput. You could do this yourself, however this just makes it easy. Have a look. It is called Broadband Optimizer. I used DSL Reports (we are on a 6Mbps T3 so your milage may vary) and before I got 2823 down and 2181 up. Afterwards I got 4794 down and 2564 up. Big difference. Also netowrk operations in general feel snappier. -Mike From ryan.suarez at sheridanc.on.ca Tue Feb 12 08:59:09 2002 From: ryan.suarez at sheridanc.on.ca (Ryan Suarez) Date: Thu Nov 3 12:29:15 2005 Subject: netinfo root domain Message-ID: <3C694985.27795A28@sheridanc.on.ca> Hello, I have a simple netinfo root domain setup. The osx 10.1.2 clients retrieve account information from the osx 10.1.2 parent netinfo database. On the parent, account information is retrieved from an external ldap server if no information is found locally (debian linux box, running Netscapes Directory Server 5.2). My question: How do I setup the netinfo hierarchy to propagate ldap accounts from the ldap box -> to the parent -> down to the clients? Thanks in advance, Ryan From mike at caisys.co.uk Tue Feb 12 10:22:18 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:15 2005 Subject: Beep sound slow In-Reply-To: <6848C4E5-1C0F-11D6-9A56-00306544D642@mac.com> References: <6848C4E5-1C0F-11D6-9A56-00306544D642@mac.com> Message-ID: <10202121549.AA17804@gandalf.caisys.co.uk> > It only does this because you are running 10.1.2 on a Titanium. > AFAIK, there's no fix available. Apple knows of the problem, and > is working on it. No such problem on my new TiBook. I notice it's loaded with build 5P63 of 10.1.2 (when I updated my PowerMac to 10.1.2 I got 5P48). /mike From mike at caisys.co.uk Tue Feb 12 10:22:41 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:15 2005 Subject: Best firewall config program In-Reply-To: References: Message-ID: <10202121734.AA17846@gandalf.caisys.co.uk> Alex Pilson wrote: > At 4:15 PM -0500 2/10/02, Dan Shoop wrote: > >At 7:20 PM +0100 02/09/02, Gerben Wierda wrote: > >>What - in the opinion of this crowd - is the best FireWall > >>configuring application for Mac OS X? > > > >BBEdit > > That is good! I would agree but I think he may have wanted a GUI > version. What about BrickHouse? Brickhouse is solid. Someone mentioned the 'block all' problem on OS X Server, don't overlook that. I tried Asbestos, too (is it still around?) but BH is much more configurable and solid. Does it do permanent nat/ipfw yet? (haven't looked to see if there's a new version that does). If you've got complex requirements, you may need to use emacs (or, if you must, BBEDit, or even vi or TextEdit) to tune the firewall. Can anyone recommend the best text on configuring firewalls, nat/ipfw, tcpd, etc etc? (My knowledge is _very_ outadate :-/ ) /mike From mike at caisys.co.uk Tue Feb 12 10:23:02 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:15 2005 Subject: NetInfo host resolution woes In-Reply-To: References: Message-ID: <10202121706.AA17824@gandalf.caisys.co.uk> Justin Walker wrote: > On Friday, February 8, 2002, at 06:08 AM, Nicholas Shanks wrote: > > > I think it was the recent upgrade to 10.1.2 that did it, but I was > > no longer able to use NetInfo for hostname resolution. > > > > I created the /locations/lookupd/hosts domain and set it to > > { CacheAgent, FFAgent, NIAgent, DNSAgent } > > I changed NETINFOSERVER=-AUTOMATIC- to NETINFOSERVER=-YES- as > > nibindd was not present when listing running processes. > > I then restarted my machine. > > > > Name resolution via nslookup still goes to my ISP's DNS servers, > > but OmniWeb is able to resolve hosts correctly (I have name-based > > virtual hosts set up in apache). > > > > 1) Why does nslookup go straight to the DNS server? there's no "man > > nslookup"!! > > 'nslookup' bypasses whatever mechanism the host uses for name > resolution and does all the work itself (i.e., it creates its own DNS > packets and sends them to a nameserver; it knows nothing of lookupd > and netinfo). This makes it a good tool for diagnosing DNS problems, > and avoids resolver problems (which is the intent). This may be the explanation of my problem with Mail.app. I have a mailserver on my network, and Mail is configured to use it for outgoing mail. This works fine except when I'm connected to the internet (I only have a dialup connection). In this case, Mail tries to resolve the name of the local mailserver by contacting my ISP's DNS server(s), and complains it can't find the mailserver. (On the command line, the local mailserver is visible, ie ping can resolve the name fine. All the hosts on my network are defined in the parent domain's /machines directory.) I don't really want to have to run my own nameserver... Is there a better solution? Or is it a bug in Mail,app? > > 2) I'm worried that the automatic setting was not starting up > > nibindd. The only other machines on the LAN are my neighbour's > > Windows box and my router (which does DHCP for 192.168 addresses). > > Anyone have any ideas on this? > > I'm not sure exactly when this came in , but nibindd is now only run > when you want to find a parent in a netinfo network. If that's not > you, change things back the way they were. You don't need nibindd. > It's this way on 10.1.1, FWIW. If NETINFOSERVER=-AUTOMATIC-, nibindd will only start if (1) there's an ni database on the machine other than 'local', and/or (2) the local database has a trusted_networks property with a non-loopback value (ie, not 127.x.x.x) There's no need for nibindd otherwise. You can be on a network *and* bind into a parent domain *without* nibindd running (using broadcast or anonymous binding). (Of course, without the 'trusted_networks' property, you can only administer the local database from the local machine.) > You certainly should be able to get name resolution from netinfo (put > the names and addresses in /machines). Did you change the default > lookup order to get internal names resolved? You may be having > trouble with your change to the netinfo environment (requiring > nibindd). -- Mike Elston | CaiSys _|> consultant | NeXT, MacOS, Unix, CAI Tel: +44 (0)20 7987 0581 Fax: +44 (0)20 7987 8870 Mobile: 07973 622902 Email: mike@caisys.co.uk (incl. NeXTMail and MIME) mde@mac.com (incl. NeXTMail, MIME and HTML) "Some people say Windows users have an inferiority complex. That's not true. It's not a complex." From mike at caisys.co.uk Tue Feb 12 10:23:34 2002 From: mike at caisys.co.uk (Mike Elston) Date: Thu Nov 3 12:29:15 2005 Subject: automount [was: Re: Newbie Question] In-Reply-To: <200202091656.AA02094@ocs.cz> References: <10202061049.AA07402@gandalf.caisys.co.uk> <200202061502.AA12013@ocs.cz> <10202072045.AA10429@gandalf.caisys.co.uk> <200202091656.AA02094@ocs.cz> Message-ID: <10202121721.AA17831@gandalf.caisys.co.uk> Thanks Ondra You wrote: > ME> >If you want your NFS mounts to stick, just mount them explicitly > ME> >(mount -t nfs exportname mountpoint). > ME> > ME> Is this what you do? > > Yep (still alas having problems with quite non-deterministic way of > exporting NFS from OSX :( ). And you mount them when? in StartUpItems? > ME> I agree this should work, but wouldn't I have to > ME> remove the exported directories from the NetInfo network master's > mounts ME> directory > > Well, I keep them there, but make sure I don't access the appropriate > mounpoints -- automount therefore keeps still, and no problems occur. Mmm, don't like that :-) > (Inicidentally, SO FAR AS I UNDERSTAND NFS, no proble should occur > even if I used them, since multiple mount should work nicely; it does > not for me here -- I guess it's a local problem rather than a generic > behaviour, though). I don't like the idea of multiple mount... > ME> (which would mean they wouldn't mount automatically on my > ME> TiBook when it's on my subnet)? > > You can move the mounts from the root domain to the TiBook's one, of > course. True. Unsatisfying (they should only be available when the 'book is on the root domain's network, of course). > ME> Or not run automount at all? What happens > ME> if automount tries to mount an already mounted FS? > > Here, nothing's mounted (the original manual mount keeps working). I > think the proper behaviour though is that it should just mount twice. I just wonder if automount's -static map is meant to implement this. Just can't find anything documented about it anywhere... /mike -- Mike Elston | CaiSys _|> consultant | NeXT, MacOS, Unix, CAI From chad+macosx at objectwerks.com Tue Feb 12 11:50:40 2002 From: chad+macosx at objectwerks.com (Chad Leigh -- ObjectWerks Inc.) Date: Thu Nov 3 12:29:15 2005 Subject: Airport channels under OS X Message-ID: <93588F9C-1FF1-11D6-8728-0003931BED80@objectwerks.com> Hi I have a US iBook (2001 ice 500mhz) with US OS X. The 2.4ghz range for 802.11b is divided into 14 channels. 1-11 are used in the US. 1-13, I think, in Europe, and 14 is used in Japan. I'd like to be able to use my airport card when I travel to Japan and my inlaws or to my old stomping grounds in Germany. Is there a way to get the US Airport card and OS X to allow use of the higher level channels? Right now, the Airport driver doesn't notice the higher channels. Thanks for any info best Chad From ROB.BUSHMAN at asu.edu Tue Feb 12 12:11:00 2002 From: ROB.BUSHMAN at asu.edu (Rob Bushman) Date: Thu Nov 3 12:29:15 2005 Subject: Automatic login to iDisk? Message-ID: Is it possible to have an iDisk mount automatically at startup? ----------------------- Rob Bushman Manager of Instructional Technology ASSET - KAET http://www.asset.asu.edu/ Arizona State University (480) 727-7497 rob.bushman@asu.edu "We are analog beings trapped in a digital world, and the worst part is, we did it to ourselves." - Donald A. Norman (The Invisible Computer) -------------- next part -------------- An HTML attachment was scrubbed... URL: /mailman/archive/macosx-admin/attachments/20020212/2994189f/attachment.html From ocs at ocs.cz Tue Feb 12 12:29:03 2002 From: ocs at ocs.cz (Ondra Cada) Date: Thu Nov 3 12:29:15 2005 Subject: automount [was: Re: Newbie Question] In-Reply-To: <10202121721.AA17831@gandalf.caisys.co.uk> References: <10202061049.AA07402@gandalf.caisys.co.uk> <200202061502.AA12013@ocs.cz> <10202072045.AA10429@gandalf.caisys.co.uk> <200202091656.AA02094@ocs.cz> <10202121721.AA17831@gandalf.caisys.co.uk> Message-ID: <200202122022.AA05270@ocs.cz> Mike, >>>>>> Mike Elston (ME) wrote at Tue, 12 Feb 2002 17:21:06 GMT: ME> >Yep (still alas having problems with quite non-deterministic way of ME> >exporting NFS from OSX :( ). ME> ME> And you mount them when? in StartUpItems? Manually. I reboot seldom enough that it is the lest annoyance ;) Otherwise, I would either use SI, or -- as I am used to for years -- I would go unixy instead of macy and add it directly to the rc script ;) --- Ondra Cada OCSoftware: ocs@ocs.cz http://www.ocs.cz 2K Development: o.cada@2kdevelopment.cz http://www.2kdevelopment.cz private ondra@ocs.cz http://www.ocs.cz/oc From Albert-Lunde at northwestern.edu Tue Feb 12 12:53:06 2002 From: Albert-Lunde at northwestern.edu (Albert Lunde) Date: Thu Nov 3 12:29:15 2005 Subject: Best firewall config program In-Reply-To: <10202121734.AA17846@gandalf.caisys.co.uk> References: <10202121734.AA17846@gandalf.caisys.co.uk> Message-ID: At 5:34 PM +0000 2/12/02, Mike Elston wrote: [...] >If you've got complex requirements, you may need to use emacs (or, if >you must, BBEDit, or even vi or TextEdit) to tune the firewall. Does anyone have experience with "The Moose's Apprentice"? http://www.wundermoosen.com/wmMacXProducts.html#TMA It looks like it was intended to be a GUI for various system configuration files, including the firewall configuration. >Can anyone recommend the best text on configuring firewalls, >nat/ipfw, tcpd, etc etc? (My knowledge is _very_ outadate :-/ ) A very solid reference on the firewall characteristics of different protocols is Building Internet Firewalls, by Elizabeth D. Zwicky et.al. ISBN 1-56592-871-7 But it's not about any particular firewall software. It looks like the "firewall design tool" web page by Robert Ziegler http://www.linux-firewall-tools.com/linux/firewall/index.html can be used to generate code examples for ipfw. His book "Linux Firewalls" seems practical, but the examples are for ipchains or iptables, depending on the edition. -- Albert Lunde Albert-Lunde@northwestern.edu (new address) Albert-Lunde@nwu.edu (old address) From walrus at worldgate.com Tue Feb 12 13:00:02 2002 From: walrus at worldgate.com (Wallace Harshaw) Date: Thu Nov 3 12:29:15 2005 Subject: Best firewall config program In-Reply-To: <200202122104.g1CL4kk15729@lists.omnigroup.com> Message-ID: <60437CFB-1FFB-11D6-A835-0030657EC95E@worldgate.com> On Tuesday, February 12, 2002, at 02:04 PM, macosx-admin- request@omnigroup.com wrote: > Brickhouse is solid. Someone mentioned the 'block all' problem on OS > X Server, don't overlook that. > > I tried Asbestos, too (is it still around?) but BH is much more > configurable and solid. Does it do permanent nat/ipfw yet? (haven't > looked to see if there's a new version that does). I've seen no mention of FireWalk in this discussion. Does it have some flaw that I'm un-aware of? 13. Garrett's Principle Let's not mince words: you're a thief. You can walk into just about anybody's house like the door wasn't even locked. You just barge right in and start looking for stuff. Anything you can find that's not nailed down is yours to keep. You will often walk into perfect strangers' houses, lift their precious artifacts, and then chat with them like you were old neighbors as you head back out with their family heirlooms under your arm. Unfortunately, this never works in stores. From phil at tcp.net.au Tue Feb 12 14:23:04 2002 From: phil at tcp.net.au (Phil Blake) Date: Thu Nov 3 12:29:15 2005 Subject: Finding by type/creator Message-ID: Hi, How under OSX can I find by type and creator? I see there are "Advanced Options" section of Sherlock which has type and creator boxes, but you can no longer drag files onto them to use as a template. Is this a bug in Sherlock? What's the new/workaround process for finding out what type and creator a file is so you can type it into sherlock. Do I have to dig up a copy of resedit from somewhere? Thanks, Phil PS. Does anyone else find that Sherlock has an annoying fascination with the spinning beach ball? I mean sherlock just sits there for ages (sometimes 20 seconds, sometimes forever) with the ball spinning? What is this? From contact at nickshanks.com Tue Feb 12 14:48:35 2002 From: contact at nickshanks.com (Nicholas Shanks) Date: Thu Nov 3 12:29:15 2005 Subject: Finding by type/creator In-Reply-To: Message-ID: <33D3B1DC-200A-11D6-A937-0005020F149E@nickshanks.com> On Tuesday, February 12, 2002, at 10:22 pm, Phil Blake wrote: > What's the new/workaround process for finding out what type and creator a > file is so you can type it into sherlock. Do I have to dig up a copy of > resedit from somewhere? You can use two Apple-provided GetFileInfo tool: /Developer/Tools/GetFileInfo, e.g. type "/Developer/Tools/GetFileInfo filename" into the terminal. May I recommend that you paste these into your terminal to make things a bit easier in future: echo 'alias getinfo /Developer/Tools/GetFileInfo' >> ~/.tcshrc echo 'alias setinfo /Developer/Tools/SetFile' >> ~/.tcshrc Apple have given them rather bizzare names (uppercase characters, inconsist), so I figured I ought to make things simpler for myself :) Nicholas Shanks -- http://nickshanks.com/ From james at mac.mlmc.utah.edu Tue Feb 12 14:57:01 2002 From: james at mac.mlmc.utah.edu (James Reynolds) Date: Thu Nov 3 12:29:15 2005 Subject: Cron for individual users Message-ID: I am having problems getting cron to work for individual users. I am trying to get cron to run for a "guest" user every 5 minutes, check if the screen saver is running, if it is, run an idle script that basically quits processes, restores defaults to guest user home directory, launches IE and launches and hides other desired applications. I can get cron to work using the crontab file located at /etc/crontab. However, when I use CronniX or > root# crontab -u guest -e and save the file, cron doesn't execute the file in my crontab. I checked the man pages, and I don't have any allow or deny files. If I understand right, the crontab files for users are stored at /var/cron/tabs/. There is a file there for my desired user. The cron line looks like: * * * * * /path/to/script I am positive the path is correct since I copied it and then 'pico " edits it. Is there something I am missing here? Another solution is if I can get the root level crontab file to execute a script with the guest user privileges because it needs to launch an applescript (saved as an application) (I don't know if that is possible). -- Thanks: James Reynolds University of Utah Student Computing Labs james@scl.utah.edu james@mail.mlmc.utah.edu 801-585-9811 From emaag at erols.com Tue Feb 12 14:57:23 2002 From: emaag at erols.com (Eric Maag) Date: Thu Nov 3 12:29:15 2005 Subject: Dialing out from CLI Message-ID: Hello, Is there a way to control the Internet Connect application from the command line (Terminal) so that I can execute a command like pppup or pppdown to have the modem dial out or hang up? Regards, Eric From mbartosh at mac.com Tue Feb 12 15:33:01 2002 From: mbartosh at mac.com (Michael Bartosh) Date: Thu Nov 3 12:29:15 2005 Subject: Finding by type/creator In-Reply-To: <33D3B1DC-200A-11D6-A937-0005020F149E@nickshanks.com> References: <33D3B1DC-200A-11D6-A937-0005020F149E@nickshanks.com> Message-ID: At 10:45 PM +0000 2/12/02, Nicholas Shanks wrote: >Apple have given them rather bizzare names (uppercase characters, >inconsist), so I figured I ought to make things simpler for myself :) Actually, Apple is fairly consistent with the use of upper case names. They tend to be user proprietary cli commands- AppleSystemProfiler, GetFileInfo, etc. -- http://www.4am-media.com Mac OS X Consulting and Training Michael Bartosh mbartosh@4am-media.com 303.517.0272 Denver, CO "The surest way to corrupt a youth is to instruct him to hold in higher regard those who think alike than those who think differently." - -- Nietzsche Think Different. From me at RichRamos.com Tue Feb 12 15:45:59 2002 From: me at RichRamos.com (Rich Ramos) Date: Thu Nov 3 12:29:15 2005 Subject: Finding by type/creator In-Reply-To: References: <33D3B1DC-200A-11D6-A937-0005020F149E@nickshanks.com> Message-ID: <2069066.1013535882@[0.0.0.0]> And if you are on HFS+, you don't need to honor the case (ala that long long thread we had a little while ago, ugh). I.E. when you type: 'getfileinfo' it will execute the program 'GetFileInfo' Granted, 'getinfo' is simpler yet, but 'setinfo' vs. 'setfile' is really no diff... -Rich --- Original --- From: Michael Bartosh To: Nicholas Shanks , Omni Admin Date: 2/12/02 4:33 PM -0700 Subject: Re: Finding by type/creator At 10:45 PM +0000 2/12/02, Nicholas Shanks wrote: > Apple have given them rather bizzare names (uppercase characters, > inconsist), so I figured I ought to make things simpler for myself :) Actually, Apple is fairly consistent with the use of upper case names. They tend to be user proprietary cli commands- AppleSystemProfiler, GetFileInfo, etc. -- http://www.4am-media.com Mac OS X Consulting and Training Michael Bartosh mbartosh@4am-media.com 303.517.0272 Denver, CO "The surest way to corrupt a youth is to instruct him to hold in higher regard those who think alike than those who think differently." - -- Nietzsche Think Different. _______________________________________________ MacOSX-admin mailing list MacOSX-admin@omnigroup.com http://www.omnigroup.com/mailman/listinfo/macosx-admin -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 229 bytes Desc: not available Url : /mailman/archive/macosx-admin/attachments/20020212/86a66ef1/attachment.bin From me at RichRamos.com Tue Feb 12 15:51:10 2002 From: me at RichRamos.com (Rich Ramos) Date: Thu Nov 3 12:29:15 2005 Subject: Dialing out from CLI In-Reply-To: References: Message-ID: <2089922.1013536230@[0.0.0.0]> You can execute 'pppd' directly. There are several files you can modify to adjust the behaviour of pppd. Just do a 'man pppd'to see what's available. Warning, This is not an approach for people just getting used to the command line. -Rich --- Original --- From: Eric Maag To: macosx-admin@omnigroup.com Date: 2/12/02 5:57 PM -0500 Subject: Dialing out from CLI Hello, Is there a way to control the Internet Connect application from the command line (Terminal) so that I can execute a command like pppup or pppdown to have the modem dial out or hang up? Regards, Eric _______________________________________________ MacOSX-admin mailing list MacOSX-admin@omnigroup.com http://www.omnigroup.com/mailman/listinfo/macosx-admin -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 229 bytes Desc: not available Url : /mailman/archive/macosx-admin/attachments/20020212/ad0f0f60/attachment.bin From jearle at mac.com Tue Feb 12 16:10:58 2002 From: jearle at mac.com (Jared ''Danger'' Earle) Date: Thu Nov 3 12:29:15 2005 Subject: PGP keys In-Reply-To: <2089922.1013536230@[0.0.0.0]> Message-ID: <0EFB498B-2016-11D6-A792-000A2791CF7C@mac.com> On Wednesday, February 13, 2002, at 12:50 , Rich Ramos wrote: [something with a key attached] Rich, can you share your key with us in some way that's readable and installable so us casual PGP users don't get "PGP Authentication Failed" on every one of your mails? It's getting annoying and I'd hate to have to killfile you just to allow me to browse lazily... -- Jared Earle, Nightfall Games, jared@23x.net - http://www.23x.net "Life is SPORK, Highness! Anyone who says differently is selling something. " From chrisanders at mac.com Tue Feb 12 17:12:01 2002 From: chrisanders at mac.com (Chris Anders) Date: Thu Nov 3 12:29:15 2005 Subject: PGP keys In-Reply-To: <0EFB498B-2016-11D6-A792-000A2791CF7C@mac.com> Message-ID: <9C8A4ACE-201E-11D6-9099-0003934F84D8@mac.com> On Mittwoch, Februar 13, 2002, at 01:10 Uhr, Jared ''Danger'' Earle wrote: > Rich, can you share your key with us in some way that's readable and > installable so us casual PGP users don't get "PGP Authentication > Failed" on every one of your mails Find it here: http://www.keyserver.net/en/ HTH Chris From jearle at mac.com Tue Feb 12 17:38:04 2002 From: jearle at mac.com (Jared ''Danger'' Earle) Date: Thu Nov 3 12:29:15 2005 Subject: PGP keys In-Reply-To: <9C8A4ACE-201E-11D6-9099-0003934F84D8@mac.com> Message-ID: <3998B9CA-2022-11D6-A792-000A2791CF7C@mac.com> On Wednesday, February 13, 2002, at 02:11 , Chris Anders wrote: > On Mittwoch, Februar 13, 2002, at 01:10 Uhr, Jared ''Danger'' Earle > wrote: > >> Rich, can you share your key with us in some way that's readable and >> installable so us casual PGP users don't get "PGP Authentication Failed" >> on every one of your mails > > Find it here: > http://www.keyserver.net/en/ Ok, how do I get GnuPGP to look there automatically? -- Jared Earle, Nightfall Games, jared@23x.net - http://www.23x.net "Cerebus doesn't want your money, he wants your SPORK" From chrisanders at mac.com Tue Feb 12 18:07:39 2002 From: chrisanders at mac.com (Chris Anders) Date: Thu Nov 3 12:29:16 2005 Subject: PGP keys In-Reply-To: <3998B9CA-2022-11D6-A792-000A2791CF7C@mac.com> Message-ID: <56E266E8-2026-11D6-9099-0003934F84D8@mac.com> On Mittwoch, Februar 13, 2002, at 02:37 Uhr, Jared ''Danger'' Earle wrote: > Ok, how do I get GnuPGP to look there automatically? Here it is: To use a public keys server to locate or distribute your keys from GnuPG, specify the "keyserver" option in your command line or into your options file. From the command line: # ./gnupg --recv-keys --keyserver search.keyserver.net 0x81FCD7A0 From your options file ~/.gnupg/options: # This is a comment keyserver search.keyserver.net ... and then # ./gnupg --send-key 0x81FCD7A0? HTH Chris From shoop at iwiring.net Tue Feb 12 18:09:02 2002 From: shoop at iwiring.net (Dan Shoop) Date: Thu Nov 3 12:29:16 2005 Subject: Cron for individual users In-Reply-To: References: Message-ID: At 3:55 PM -0700 02/12/02, James Reynolds wrote: >I am having problems getting cron to work for individual users. I am >trying to get cron to run for a "guest" user every 5 minutes, check >if the screen saver is running, if it is, run an idle script that >basically quits processes, restores defaults to guest user home >directory, launches IE and launches and hides other desired >applications. Does "guest" have a valid shell? -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From shoop at iWiring.Net Tue Feb 12 18:11:01 2002 From: shoop at iWiring.Net (Dan Shoop) Date: Thu Nov 3 12:29:16 2005 Subject: PGP keys In-Reply-To: <0EFB498B-2016-11D6-A792-000A2791CF7C@mac.com> References: <0EFB498B-2016-11D6-A792-000A2791CF7C@mac.com> Message-ID: At 1:10 AM +0100 02/13/02, Jared ''Danger'' Earle wrote: >On Wednesday, February 13, 2002, at 12:50 , Rich Ramos wrote: >[something with a key attached] > >Rich, can you share your key with us in some way that's readable and >installable so us casual PGP users don't get "PGP Authentication >Failed" on every one of your mails? It's getting annoying and I'd >hate to have to killfile you just to allow me to browse lazily... First: Rich's message was sent in both cleartext and encoded formats. If you're mail reader can't handle that, it's broken. Second: Just go to one of the canonical key servers. And most PGP implementations already have hooks to do so. -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From jearle at mac.com Tue Feb 12 18:16:36 2002 From: jearle at mac.com (Jared ''Danger'' Earle) Date: Thu Nov 3 12:29:16 2005 Subject: PGP keys In-Reply-To: Message-ID: <7ADAF14F-2027-11D6-BC3A-000A2791CF7C@mac.com> On Wednesday, February 13, 2002, at 03:10 , Dan Shoop wrote: > First: Rich's message was sent in both cleartext and encoded formats. If > you're mail reader can't handle that, it's broken. Mail.app shows it as a MIME-Attachment. > Second: Just go to one of the canonical key servers. And most PGP > implementations already have hooks to do so. When I do it claims he has an invalid signature. -- Jared Earle, Nightfall Games, jared@23x.net - http://www.23x.net "So long, and thanks for all the SPORK" From assdog at mac.com Tue Feb 12 18:34:01 2002 From: assdog at mac.com (Matt Rehder) Date: Thu Nov 3 12:29:16 2005 Subject: Darwin StreamingServer and 10.1.2 In-Reply-To: <9C8A4ACE-201E-11D6-9099-0003934F84D8@mac.com> Message-ID: I just downloaded the source code for the DarwinStreaming server, and it fails to compile in project builder on my dp G4 500. I'd really like to be able to use this for my website, so has anyone been able to compile it on 10.1.2? thanks, -matt From macosx at randys.org Tue Feb 12 19:33:01 2002 From: macosx at randys.org (../randy) Date: Thu Nov 3 12:29:16 2005 Subject: Darwin StreamingServer and 10.1.2 In-Reply-To: References: Message-ID: <32295763.1013542303@[192.168.1.100]> Why don't you just d/l the prebuilt QTSS from Apple's site? I just installed in on 10.1.2 Client and so far, it's running. haven't tested to see that it actually streams, but so far so good. http://docs.info.apple.com/article.html?artnum=120101 enjoy - randy On 2/12/02 6:32 PM -0800, Matt Rehder had this to say: > I just downloaded the source code for the DarwinStreaming server, and it > fails to compile in project builder on my dp G4 500. I'd really like to > be able to use this for my website, so has anyone been able to compile it > on 10.1.2? > > thanks, > -matt > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin --------------- EOF --------------- ../randy sesser http://www.randys.org From assdog at mac.com Tue Feb 12 19:44:02 2002 From: assdog at mac.com (Matt Rehder) Date: Thu Nov 3 12:29:16 2005 Subject: Darwin StreamingServer and 10.1.2 In-Reply-To: <32295763.1013542303@[192.168.1.100]> Message-ID: On Tuesday, February 12, 2002, at 07:31 PM, ../randy wrote: > Why don't you just d/l the prebuilt QTSS from Apple's site? I just > installed in on 10.1.2 Client and so far, it's running. haven't tested > to see that it actually streams, but so far so good. > > http://docs.info.apple.com/article.html?artnum=120101 Hmm...what a brilliant idea. I really should have thought one. Thanks for the info, it appears to be working. -matt From shoop at iWiring.Net Tue Feb 12 19:47:01 2002 From: shoop at iWiring.Net (Dan Shoop) Date: Thu Nov 3 12:29:16 2005 Subject: PGP keys In-Reply-To: <7ADAF14F-2027-11D6-BC3A-000A2791CF7C@mac.com> References: <7ADAF14F-2027-11D6-BC3A-000A2791CF7C@mac.com> Message-ID: At 3:14 AM +0100 02/13/02, Jared ''Danger'' Earle wrote: >On Wednesday, February 13, 2002, at 03:10 , Dan Shoop wrote: >>First: Rich's message was sent in both cleartext and encoded >>formats. If you're mail reader can't handle that, it's broken. > >Mail.app shows it as a MIME-Attachment. What can I say? Eudora shows both. And if you view the message as text you see two parts. >>Second: Just go to one of the canonical key servers. And most PGP >>implementations already have hooks to do so. > >When I do it claims he has an invalid signature. Well, that's a horse of a different color. -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From kelvin_chu at mac.com Tue Feb 12 19:50:59 2002 From: kelvin_chu at mac.com (kelvin_chu@mac.com) Date: Thu Nov 3 12:29:16 2005 Subject: Fwd: [SECURITY] CERT Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations (fwd) Message-ID: Dear Fellow OSX travellers; As an avid OSX user, I'm wondering if we need to worry about this. Apple is listed as having been contacted by the Oulu Programming group, but there is a disturbing "Unknown" in the status line. I've looked at /etc/services and of course, I see... % grep snmp /etc/services snmp 161/tcp snmp 161/udp snmptrap 162/tcp snmp-trap snmptrap 162/udp snmp-trap snmp-tcp-port 1993/tcp #cisco SNMP TCP port snmp-tcp-port 1993/udp #cisco SNMP TCP port % It's easy to comment these things out and kill -HUP, but will this even work (ie do I have to do this through NetInfo)? Do we have a response as to whether OSX boxes share this vulnerability? (Practically every other vendor has this problem.) Any advice would of course be greatly appreciated. -k > Begin forwarded message: > >> ---------- Forwarded message ---------- >> Date: Tue, 12 Feb 2002 14:40:50 -0500 (EST) >> From: CERT Advisory >> To: cert-advisory@cert.org >> Subject: CERT Advisory CA-2002-03 Multiple Vulnerabilities in Many >> Implementations >> >> >> >> -----BEGIN PGP SIGNED MESSAGE----- >> >> CERT Advisory CA-2002-03: Multiple Vulnerabilities in Many >> Implementations of the Simple Network Management Protocol (SNMP) >> >> Original release date: February 12, 2002 >> Last revised: -- >> Source: CERT/CC >> >> A complete revision history can be found at the end of this file. >> >> Systems Affected >> >> Products from a very wide variety of vendors may be affected. >> See >> Vendor Information for details from vendors who have provided >> feedback >> for this advisory. >> >> In addition to the vendors who provided feedback for this >> advisory, a >> list of vendors whom CERT/CC contacted regarding these problems >> is >> available from >> http://www.kb.cert.org/vuls/id/854306 >> http://www.kb.cert.org/vuls/id/107186 >> >> Many other systems making use of SNMP may also be vulnerable but >> were >> not specifically tested. >> >> Overview >> >> Numerous vulnerabilities have been reported in multiple vendors' >> SNMP >> implementations. These vulnerabilities may allow >> unauthorized >> privileged access, denial-of-service attacks, or cause >> unstable >> behavior. If your site uses SNMP in any capacity, the >> CERT/CC >> encourages you to read this advisory and follow the advice provided >> in >> the Solution section below. >> >> In addition to this advisory, we also have an FAQ available at >> http://www.cert.org/tech_tips/snmp_faq.html >> >> I. Description >> >> The Simple Network Management Protocol (SNMP) is a widely >> deployed >> protocol that is commonly used to monitor and manage network >> devices. >> Version 1 of the protocol (SNMPv1) defines several types of >> SNMP >> messages that are used to request information or >> configuration >> changes, respond to requests, enumerate SNMP objects, and >> send >> unsolicited alerts. The Oulu University Secure Programming >> Group >> (OUSPG, http://www.ee.oulu.fi/research/ouspg/) has reported >> numerous >> vulnerabilities in SNMPv1 implementations from many different >> vendors. >> More information about SNMP and OUSPG can be found in Appendix C >> >> OUSPG's research focused on the manner in which SNMPv1 agents >> and >> managers handle request and trap messages. By applying the >> PROTOS >> c06-snmpv1 test suite >> >> (http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/0100.h >> tml) to a variety of popular SNMPv1-enabled products, the >> OUSPG >> revealed the following vulnerabilities: >> >> VU#107186 - Multiple vulnerabilities in SNMPv1 trap handling >> >> SNMP trap messages are sent from agents to managers. A trap >> message >> may indicate a warning or error condition or otherwise notify >> the >> manager about the agent's state. SNMP managers must properly >> decode >> trap messages and process the resulting data. In testing, >> OUSPG >> found multiple vulnerabilities in the way many SNMP managers >> decode >> and process SNMP trap messages. >> >> VU#854306 - Multiple vulnerabilities in SNMPv1 request handling >> >> SNMP request messages are sent from managers to agents. >> Request >> messages might be issued to obtain information from an agent or >> to >> instruct the agent to configure the host device. SNMP agents >> must >> properly decode request messages and process the resulting data. >> In >> testing, OUSPG found multiple vulnerabilities in the way many >> SNMP >> agents decode and process SNMP request messages. >> >> Vulnerabilities in the decoding and subsequent processing of >> SNMP >> messages by both managers and agents may result in >> denial-of-service >> conditions, format string vulnerabilities, and buffer overflows. >> Some >> vulnerabilities do not require the SNMP message to use the >> correct >> SNMP community string. >> >> These vulnerabilities have been assigned the CVE >> identifiers >> CAN-2002-0012 and CAN-2002-0013, respectively. >> >> II. Impact >> >> These vulnerabilities may cause denial-of-service conditions, >> service >> interruptions, and in some cases may allow an attacker to gain >> access >> to the affected device. Specific impacts will vary from product >> to >> product. >> >> III. Solution >> >> Note that many of the mitigation steps recommended below may >> have >> significant impact on your everyday network operations and/or >> network >> architecture. Ensure that any changes made based on the >> following >> recommendations will not unacceptably affect your ongoing >> network >> operations capability. >> >> Apply a patch from your vendor >> >> Appendix A contains information provided by vendors for this >> advisory. >> Please consult this appendix to determine if you need to contact >> your >> vendor directly. >> >> Disable the SNMP service >> >> As a general rule, the CERT/CC recommends disabling any service >> or >> capability that is not explicitly required, including >> SNMP. >> Unfortunately, some of the affected products exhibited >> unexpected >> behavior or denial of service conditions when exposed to the >> OUSPG >> test suite even if SNMP was not enabled. In these cases, >> disabling >> SNMP should be used in conjunction with the filtering practices >> listed >> below to provide additional protection. >> >> Ingress filtering >> >> As a temporary measure, it may be possible to limit the scope of >> these >> vulnerabilities by blocking access to SNMP services at the >> network >> perimeter. >> >> Ingress filtering manages the flow of traffic as it enters a >> network >> under your administrative control. Servers are typically the >> only >> machines that need to accept inbound traffic from the public >> Internet. >> In the network usage policy of many sites, there are few reasons >> for >> external hosts to initiate inbound traffic to machines that provide >> no >> public services. Thus, ingress filtering should be performed at >> the >> border to prohibit externally initiated inbound traffic >> to >> non-authorized services. For SNMP, ingress filtering of the >> following >> ports can prevent attackers outside of your network from >> impacting >> vulnerable devices in the local network that are not >> explicitly >> authorized to provide public SNMP services. >> >> snmp 161/udp # Simple Network Management Protocol (SNMP) >> snmp 162/udp # SNMP system management messages >> >> The following services are less common, but may be used on >> some >> affected products >> >> snmp 161/tcp # Simple Network Management >> Protocol >> (SNMP) >> snmp 162/tcp # SNMP system management messages >> smux 199/tcp # SNMP Unix Multiplexer >> smux 199/udp # SNMP Unix Multiplexer >> synoptics-relay 391/tcp # SynOptics SNMP Relay Port >> synoptics-relay 391/udp # SynOptics SNMP Relay Port >> agentx 705/tcp # AgentX >> snmp-tcp-port 1993/tcp # cisco SNMP TCP port >> snmp-tcp-port 1993/udp # cisco SNMP TCP port >> >> As noted above, you should carefully consider the impact of >> blocking >> services that you may be using. >> >> It is important to note that in many SNMP implementations, the >> SNMP >> daemon may bind to all IP interfaces on the device. This has >> important >> consequences when considering appropriate packet filtering >> measures >> required to protect an SNMP-enabled device. For example, even >> if a >> device disallows SNMP packets directed to the IP addresses of >> its >> normal network interfaces, it may still be possible to exploit >> these >> vulnerabilities on that device through the use of packets directed >> at >> the following IP addresses: >> * "all-ones" broadcast address >> * subnet broadcast address >> * any internal loopback addresses (commonly used in routers >> for >> management purposes, not to be confused with the IP stack >> loopback >> address 127.0.0.1) >> >> Careful consideration should be given to addresses of the >> types >> mentioned above by sites planning for packet filtering as part >> of >> their mitigation strategy for these vulnerabilities. >> >> Finally, sites may wish to block access to the following RPC >> services >> related to SNMP (listed as name, program ID, alternate names) >> >> snmp 100122 na.snmp snmp-cmc snmp-synoptics >> snmp-unisys >> snmp-utk >> snmpv2 100138 na.snmpv2 # SNM Version 2.2.2 >> snmpXdmid 100249 >> >> Please note that this workaround may not protect vulnerable >> devices >> from internal attacks. >> >> Filter SNMP traffic from non-authorized internal hosts >> >> In many networks, only a limited number of network management >> systems >> need to originate SNMP request messages. Therefore, it may be >> possible >> to configure the SNMP agent systems (or the network devices in >> between >> the management and agent systems) to disallow request messages >> from >> non-authorized systems. This can reduce, but not wholly eliminate, >> the >> risk from internal attacks. However, it may have detrimental >> effects >> on network performance due to the increased load imposed by >> the >> filtering, so careful consideration is required before >> implementation. >> Similar caveats to the previous workaround regarding broadcast >> and >> loopback addresses apply. >> >> Change default community strings >> >> Most SNMP-enabled products ship with default community strings >> of >> "public" for read-only access and "private" for read-write access. >> As >> with any known default access control mechanism, the >> CERT/CC >> recommends that network administrators change these community >> strings >> to something of their own choosing. However, even when >> community >> strings are changed from their defaults, they will still be passed >> in >> plaintext and are therefore subject to packet sniffing attacks. >> SNMPv3 >> offers additional capabilities to ensure authentication and privacy >> as >> described in RFC2574. >> >> Because many of the vulnerabilities identified in this advisory >> occur >> before the community strings are evaluated, it is important to >> note >> that performing this step alone is not sufficient to mitigate >> the >> impact of these vulnerabilities. Nonetheless, it should be >> performed >> as part of good security practice. >> >> Segregate SNMP traffic onto a separate management network >> >> In situations where blocking or disabling SNMP is not >> possible, >> exposure to these vulnerabilities may be limited by restricting >> all >> SNMP access to separate, isolated management networks that are >> not >> publicly accessible. Although this would ideally involve >> physically >> separate networks, that kind of separation is probably not feasible >> in >> most environments. Mechanisms such as virtual LANs (VLANs) may be >> used >> to help segregate traffic on the same physical network. Note >> that >> VLANs may not strictly prevent an attacker from exploiting >> these >> vulnerabilities, but they may make it more difficult to initiate >> the >> attacks. >> >> Another option is for sites to restrict SNMP traffic to >> separate >> virtual private networks (VPNs), which employ cryptographically >> strong >> authentication. >> >> Note that these solutions may require extensive changes to a >> site's >> network architecture. >> >> Egress filtering >> >> Egress filtering manages the flow of traffic as it leaves a >> network >> under your administrative control. There is typically limited need >> for >> machines providing public services to initiate outbound traffic to >> the >> Internet. In the case of SNMP vulnerabilities, employing >> egress >> filtering on the ports listed above at your network border can >> prevent >> your network from being used as a source for attacks on other sites. >> >> Disable stack execution >> >> Disabling executable stacks (on systems where this is >> configurable) >> can reduce the risk of "stack smashing" attacks based on >> these >> vulnerabilities. Although this does not provide 100 percent >> protection >> against exploitation of these vulnerabilities, it makes the >> likelihood >> of a successful exploit much smaller. On many UNIX systems, >> executable >> stacks can be disabled by adding the following lines to /etc/system: >> >> set noexec_user_stack = 1 set noexec_user_stack_log = 1 >> >> Note that this may go against the SPARC and Intel ABIs and can >> be >> bypassed as required in programs with mprotect(2). For the changes >> to >> take effect you will then need to reboot. >> >> Other operating systems and architectures also support the >> disabling >> of executable stacks either through native configuration parameters >> or >> via third-party software. Consult your vendor(s) for >> additional >> information. >> >> Share tools and techniques >> >> Because dealing with these vulnerabilities to systems and networks >> is >> so complex, the CERT/CC will provide a forum where administrators >> can >> share ideas and techniques that can be used to develop >> proper >> defenses. We have created an unmoderated mailing list for system >> and >> network administrators to discuss helpful techniques and tools. >> >> You can subscribe to the mailing list by sending an email message >> to >> majordomo@cert.org. In the body of the message, type >> >> subscribe snmp-forum >> >> After you receive the confirmation message, follow the instructions >> in >> the message to complete the subscription process. >> >> Appendix A. - Vendor Information >> >> This appendix contains information provided by vendors for >> this >> advisory. As vendors report new information to the CERT/CC, we >> will >> update this section and note the changes in our revision history. >> If a >> particular vendor is not listed below, we have not received >> their >> comments. >> >> AdventNet >> >> This is in reference to your notification regarding [VU#107186 >> and >> VU#854306] and OUSPG#0100. AdventNet Inc. has reproduced >> this >> behavior in their products and coded a Service Pack fix which >> is >> currently in regression testing in AdventNet Inc.'s >> Q.A. >> organization. The release of AdventNet Inc's. Service >> Pack >> correcting the behavior outlined in VU#617947, and OUSPG#0100 >> is >> scheduled to be generally available to all of AdventNet >> Inc.'s >> customers by February 20, 2002. >> >> Avaya >> >> Avaya Inc. acknowledges the potential of SNMP vulnerabilities >> and >> is >> currently investigating whether these vulnerabilities >> impact >> Avaya's products >> or solutions. No further information is available at this time. >> >> CacheFlow >> >> The purpose of this email is to advise you that CacheFlow Inc. >> has >> provided a software update. Please be advised that updated >> versions >> of the software are now available for all supported >> CacheFlow >> hardware platforms, and may be obtained by CacheFlow customers >> at >> the following URL: >> >> http://download.cacheflow.com/ >> >> The specific reference to the software update is contained within >> the >> Release Notes for CacheOS Versions 3.1.22 Release ID 17146, >> 4.0.15 >> Release ID 17148, 4.1.02 Release ID 17144 and 4.0.15 Release ID >> 17149. >> >> RELEASE NOTES FOR CACHEFLOW SERVER ACCELERATOR PRODUCTS: >> * http://download.cacheflow.com/release/SA/4.0.15/relnotes.htm >> >> RELEASE NOTES FOR CACHEFLOW CONTENT ACCELERATOR PRODUCTS: >> * http://download.cacheflow.com/release/CA/3.1.22/relnotes.htm >> * http://download.cacheflow.com/release/CA/4.0.15/relnotes.htm >> * http://download.cacheflow.com/release/CA/4.1.02/relnotes.htm >> >> * SR 1-1647517, VI 13045: This update modified a >> potential >> vulnerability by using an SNMP test tools exploit. >> >> 3Com Corporation >> >> A vulnerability to an SNMP packet with an invalid length >> community >> string has been resolved in the following products. >> Customers >> concerned about this weakness should ensure that they upgrade >> to >> the following agent versions: >> PS Hub 40 >> 2.16 is due Feb 2002 >> PS Hub 50 >> 2.16 is due Feb 2002 >> Dual Speed Hub >> 2.16 is due Jan 2002 >> Switch 1100/3300 >> 2.68 is available now >> Switch 4400 >> 2.02 is available now >> Switch 4900 >> 2.04 is available now >> WebCache1000/3000 >> 2.00 is due Jan 2002 >> >> Caldera >> >> Caldera International, Inc. has reproduced faulty behavior >> in >> Caldera SCO OpenServer 5, Caldera UnixWare 7, and Caldera Open >> UNIX >> 8. We have coded a software fix for supported versions of >> Caldera >> UnixWare 7 and Caldera Open UNIX 8 that will be available >> from >> our support site at >> http://stage.caldera.com/support/security >> immediately following the publication of this CERT >> announcement. A >> fix for supported versions of OpenServer 5 will be available >> at a >> later date. >> >> Cisco Systems >> >> Cisco Systems is addressing the vulnerabilities identified >> by >> VU#854306 and VU#107186 across its entire product line. Cisco >> will >> publish a security advisory with further details >> at >> http://www.cisco.com/go/psirt/. >> >> Compaq Computer Corporation >> >> x-ref: SSRT0779U SNMP >> At the time of writing this document, COMPAQ continues to >> evaluate >> this potential problem and when new versions of SNMP are >> available, >> COMPAQ will implement solutions based on the new code. Compaq >> will >> provide notice of any new patches as a result of that >> effort >> through standard patch notification procedures and be >> available >> from your normal Compaq Services support channel. >> >> Computer Associates >> >> Computer Associates has confirmed Unicenter vulnerability to >> the >> SNMP advisory identified by CERT notification reference >> [VU#107186 >> & VU#854306] and OUSPG#0100. We have produced >> corrective >> maintenance to address these vulnerabilities, which is in >> the >> process of publication for all applicable releases / platforms >> and >> will be offered through the CA Support site. Please contact >> our >> Technical Support organization for information >> regarding >> availability / applicability for your specific configuration(s). >> >> COMTEK Services, Inc. >> >> NMServer for AS/400 is not an SNMP master and is therefore >> not >> vulnerable. However this product requires the use of the >> AS/400 >> SNMP master agent supplied by IBM. Please refer to IBM >> for >> statements of vulnerabilities for the AS/400 SNMP master agent. >> >> NMServer for OpenVMS has been tested and has shown to >> be >> vulnerable. COMTEK Services is preparing a new release of >> this >> product (version 3.5) which will contain a fix for this >> problem. >> This new release is scheduled to be available in February >> 2002. >> Contact COMTEK Services for further information. >> >> NMServer for VOS has not as yet been tested; vulnerability of >> this >> agent is unknown. Contact for further information on the >> testing >> schedule of the VOS product. >> >> Covalent Technologies >> >> Covalent Technologies ERS (Enterprise Ready Server), Secure >> Server, >> and Conductor SNMP module are not vulnerable according to >> testing >> performed in accordance with CERT recommendations. >> Security >> information for Covalent products can be found at www.covalent.net >> >> Dartware, LLC >> >> Dartware, LLC (www.dartware.com) supplies two products that >> use >> SNMPv1 in a manager role, InterMapper and SNMP Watcher. >> These >> products are not vulnerable to the SNMP vulnerability described >> in >> [VU#854306 and VU#107186]. This statement applies to all >> present >> and past versions of these two software packages. >> >> DMH Software >> >> DMH Software is in the process of evaluating and attempting >> to >> reproduce this behavior. >> It is unclear at this point if our snmp-agent is sensitive to >> the >> tests described above. >> If any problems will be discovered, DMH Software will >> code a >> software fix. >> The release of DMH Software OS correcting the behavior outlined >> in >> VU#854306, VU#107186, and OUSPG#0100 will be generally available >> to >> all of DMH Software's customers as soon as possible. >> >> EnGarde Secure Linux >> >> EnGarde Secure Linux did not ship any SNMP packages in >> version >> 1.0.1 of our distribution, so we are not vulnerable to either bug. >> >> FreeBSD >> >> FreeBSD does not include any SNMP software by default, and so >> is >> not vulnerable. However, the FreeBSD Ports Collection contains >> the >> UCD-SNMP / NET-SNMP package. Package versions prior >> to >> ucd-snmp-4.2.3 are vulnerable. The upcoming FreeBSD 4.5 >> release >> will ship the corrected version of the UCD-SNMP / >> NET-SNMP >> package. In addition, the corrected version of the packages >> is >> available from the FreeBSD mirrors. >> >> FreeBSD has issued the following FreeBSD Security >> Advisory >> regarding the UCD-SNMP / NET-SNMP package: >> ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD- >> SA-02:09. >> snmp.asc. >> >> Hewlett-Packard Company >> >> SUMMARY - known vulnerable: >> ======================================== >> hp procurve switch 2524 >> NNM (Network Node Manager) >> JetDirect Firmware (Older versions only) >> HP-UX Systems running snmpd or OPENVIEW >> MC/ServiceGuard >> EMS >> Still under investigation: >> SNMP/iX (MPE/iX) >> ======================================== >> _________________________________________________________ >> --------------------------------------------------------- >> hp procurve switch 2524 >> --------------------------------------------------------- >> hp procurve switch 2525 (product J4813A) is vulnerable to some >> issues, patches in process. Watch for the associated HP >> Security Bulletin. >> --------------------------------------------------------- >> NNM (Network Node Manager) >> --------------------------------------------------------- >> Some problems were found in NNM product were related to >> trap handling. Patches in process. Watch for the >> associated HP Security Bulletin. >> --------------------------------------------------------- >> JetDirect Firmware (Older versions only) >> --------------------------------------------------------- >> ONLY some older versions of JetDirect Firmware are >> vulnerable to some of the issues. The older firmware >> can be upgraded in most cases, see list below. >> JetDirect Firmware Version State >> ========================== ===== >> X.08.32 and higher NOT Vulnerable >> X.21.00 and higher NOT Vulnerable >> JetDirect Product Numbers that can be freely >> upgraded to X.08.32 or X.21.00 or higher firmware. >> EIO (Peripherals Laserjet 4000, 5000, 8000, etc...) >> J3110A 10T >> J3111A 10T/10B2/LocalTalk >> J3112A Token Ring (discontinued) >> J3113A 10/100 (discontinued) >> J4169A 10/100 >> J4167A Token Ring >> MIO (Peripherals LaserJet 4, 4si, 5si, etc...) >> J2550A/B 10T (discontinued) >> J2552A/B 10T/10Base2/LocalTalk (discontinued) >> J2555A/B Token Ring (discontinued) >> J4100A 10/100 >> J4105A Token Ring >> J4106A 10T >> External Print Servers >> J2591A EX+ (discontinued) >> J2593A EX+3 10T/10B2 (discontinued) >> J2594A EX+3 Token Ring (discontinued) >> J3263A 300X 10/100 >> J3264A 500X Token Ring >> J3265A 500X 10/100 >> ---------------------------------------------------------- >> HP-UX Systems running snmpd or OPENVIEW >> ---------------------------------------------------------- >> The following patches are available now: >> PHSS_26137 s700_800 10.20 OV EMANATE14.2 Agent Consolidated >> Patch >> PHSS_26138 s700_800 11.X OV EMANATE14.2 Agent Consolidated >> Patch >> PSOV_03087 EMANATE Release 14.2 Solaris 2.X Agent Consolidated >> Patch >> All three patches are available from: >> http://support.openview.hp.com/cpe/patches/ >> In addition PHSS_26137 and PHSS_26138 will soon be available from: >> http://itrc.hp.com >> ================================================================ >> NOTE: The patches are labeled OV(Open View). However, the patches >> are also applicable to systems that are not running Open View. >> ================================================================= >> Any HP-UX 10.X or 11.X system running snmpd or snmpdm >> is >> vulnerable. >> To determine if your HP-UX system has snmpd or snmpdm installed: >> swlist -l file | grep snmpd >> If a patch is not available for your platform or you cannot >> install >> an available patch, snmpd and snmpdm can be disabled by >> removing >> their >> entries from /etc/services and removing the execute >> permissions >> from >> /usr/sbin/snmpd and /usr/sbin/snmpdm. >> ---------------------------------------------------------------- >> Investigation completed, systems vulnerable. >> ---------------------------------------------------------------- >> MC/ServiceGuard >> Event Monitoring System (EMS) >> ---------------------------------------------------------------- >> Still under investigation: >> ---------------------------------------------------------------- >> SNMP/iX (MPE/iX) >> >> Hirschmann Electronics GmbH & Co. KG >> >> Hirschmann Electronics GmbH & Co. KG supplies a broad range >> of >> networking products, some of which are affected by the >> SNMP >> vulnerabilities identified by CERT Coordination Center. The >> manner >> in which they are affected and the actions required to avoid >> being >> impacted by exploitation of these vulnerabilities, vary >> from >> product to product. Hirschmann customers may contact our >> Competence >> Center (phone +49-7127-14-1538, email: >> ans-support@nt.hirschmann.de) for additional >> information, >> especially regarding availability of latest firmware >> releases >> addressing the SNMP vulnerabilities. >> >> IBM Corporation >> >> Based upon the results of running the test suites we >> have >> determined that our version of SNMP shipped with AIX is >> NOT >> vulnerable. >> >> Innerdive Solutions, LLC >> >> Innerdive Solutions, LLC has two SNMP based products: >> 1. The "SNMP MIB Scout" >> (http://www.innerdive.com/products/mibscout/) >> 2. The "Router IP Console" >> (http://www.innerdive.com/products/ric/) >> The "SNMP MIB Scout" is not vulnerable to either bug. >> The "Router IP Console" releases prior to 3.3.0.407 are >> vulnerable. >> The release of "Router IP Console" correcting the behavior >> outlined >> in OUSPG#0100 is 3.3.0.407 and is already available on our >> site. >> Also, we will notify all our customers about this new release >> no >> later than March 5, 2002. >> >> Juniper Networks >> >> This is in reference to your notification regarding >> CAN-2002-0012 >> and CAN-2002-0013. Juniper Networks has reproduced this >> behavior >> and coded a software fix. The fix will be included in all >> releases >> of JUNOS Internet software built after January 5, 2002. >> Customers >> with current support contracts can download new software with >> the >> fix from Juniper's web site at www.juniper.net. >> Note: The behavior described in CAN-2002-0012 and CAN-2002-0013 >> can >> only be reproduced in JUNOS Internet software if certain >> tracing >> options are enabled. These options are generally not enabled >> in >> production routers. >> >> Lantronix, Inc. >> >> Lantronix is committed to resolving security issues with >> our >> products. The SNMP security bug you reported has been fixed in >> LRS >> firmware version B1.3/611(020123). >> >> Lotus Development Corporation >> >> Lotus Software evaluated the Lotus Domino Server >> for >> vulnerabilities using the test suite materials provided by OUSPG. >> This problem does not affect default installations of the >> Domino >> Server. However, SNMP agents can be installed from the CD >> to >> provide SNMP services for the Domino Server (these are located >> in >> the /apps/sysmgmt/agents directory). The optional >> platform >> specific master and encapsulator agents included with the >> Lotus >> Domino SNMP Agents for HP-UX and Solaris have been found to >> be >> vulnerable. For those platforms, customers should upgrade >> to >> version R5.0.1 a of the Lotus Domino SNMP Agents, available >> for >> download from the Lotus Knowledge Base on the IBM Support Web >> Site >> (http://www.ibm.com/software/lotus/support/). Please refer >> to >> Document #191059, "Lotus Domino SNMP Agents R5.0.1a", also in >> the >> Lotus Knowledge Base, for more details. >> >> LOGEC Systems Inc >> >> The products from LOGEC Systems are exposed to SNMP only via >> HP >> OpenView. We do not have an implementation of SNMP ourselves. >> As >> such, there is nothing in our products that would be an issue >> with >> this alert. >> >> Lucent >> >> Lucent is aware of reports that there is a vulnerability in >> certain >> implementations of the SNMP (Simple Network Management >> Protocol) >> code that is used in data switches and other hardware >> throughout >> the telecom industry. >> As soon as we were notified by CERT, we began assessing our >> product >> portfolio and notifying customers with products that might >> be >> affected. >> Our 5ESS switch and most of our optical portfolio were >> not >> affected. Our core and edge ATM switches and most of our >> edge >> access products are affected, but we have developed, tested, >> and >> deployed fixes for many of those products to our customers. >> Fixes >> for the rest of the affected product portfolio will be >> available >> shortly. >> We consider the security and reliability of our customers' >> networks >> to be one of our critical measures of success. We take >> every >> reasonable measure to ensure their satisfaction. >> In addition, we are working with customers on ways to >> further >> enhance the security they have in place today. >> >> Marconi >> >> Marconi supplies a broad range of telecommunications and >> related >> products, some of which are affected by the SNMP >> vulnerabilities >> identified here. The manner in which they are affected and >> the >> actions required (if any) to avoid being impacted by >> exploitation >> of these vulnerabilities, vary from product to product. >> Those >> Marconi customers with support entitlement may contact >> the >> appropriate Technical Assistance Center (TAC) for >> additional >> information. Those not under support entitlement may contact >> their >> sales representative. >> >> Microsoft Corporation >> >> The Microsoft Security Reponse [sic] Center has investigated >> this >> issue, and provides the following information. >> >> Summary: >> All Microsoft implementations of SNMP v1 are affected by >> the >> vulnerability. The SNMP v1 service is not installed or running >> by >> default on any version of Windows. A patch is underway to >> eliminate >> the vulnerability. In the meantime, we recommend that >> affected >> customers disable the SNMP v1 service. >> >> Details: >> An SNMP v1 service ships on the CDs for Windows 95, 98, and >> 98SE. >> It is not installed or running by default on any of >> these >> platforms. An SNMP v1 is NOT provided for Windows ME. However, >> it >> is possible that Windows 98 machines which had the >> service >> installed and were upgraded would still have the service. >> Since >> SNMP is not supported for WinME, customers in this situation >> are >> urged to remove the SNMP service. >> An SNMP v1 service is available on Windows NT 4.0 >> (including >> Terminal Server Edition) and Windows 2000 but is not installed >> or >> running by default on any of these platforms.Windows XP does >> not >> ship with an SNMP v1 service. >> >> Remediation: >> A patch is underway for the affected platforms, and will >> be >> released shortly. In the meantime, Microsoft recommends >> that >> customers who have the SNMP v1 service running disable it >> to >> protect their systems. Following are instruction for doing this: >> >> Windows 95, 98 and 98SE: >> 1. In Control Panel, double-click Network. >> 2. On the Configuration tab, select Microsoft SNMP Agent from >> the >> list of installed components. >> 3. Click Remove >> >> Check the following keys and confirm that snmp.exe is not listed. >> >> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunSer >> vices >> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run >> >> For Windows XP: >> 1. Right-click on My Computer and select Manage >> 2. Click on Services and Applications, then on Services >> 3. Location SNMP on the list of services, then select it and >> click >> Stop. >> 4. Select Startup, and click Disabled. >> 5. Click OK to close the dialoge [sic], then close the >> Computer >> Management window. >> >> For Windows NT 4.0 (including Terminal Server Edition): >> 1. Select Start, then Settings. >> 2. Select Control Panel, then click on the Services Icon >> 3. Locate SNMP on the list of services, then select it and >> click >> Stop. >> 4. Select Startup, and click Disabled. >> 5. Click OK to close the dialoge [sic], then close Control Panel >> >> Windows 2000: >> 1. Right-click on My Computer and select Manage >> 2. Click on Services and Applications, then on Services >> 3. Location SNMP on the list of services, then select it and >> click >> Stop. >> 4. Select Startup, and click Disabled. >> 5. Click OK to close the dialoge [sic], then close the >> Computer >> Management window. >> >> Multinet >> >> MultiNet and TCPware customers should contact Process Software >> to >> check for the availability of patches for this issue. A couple >> of >> minor problems were found and fixed, but there is no security >> risk >> related to the SNMP code included with either product. >> >> Netaphor >> >> NETAPHOR SOFTWARE INC. is the creator of Cyberons for Java -- >> SNMP >> Manager Toolkit and Cyberons for Java -- NMS Application >> Toolkit, >> two Java based products that may be affected by the >> SNMP >> vulnerabilities identified here. The manner in which they >> are >> affected and the actions required (if any) to avoid being >> impacted >> by exploitation of these vulnerabilities, may be obtained >> by >> contacting Netaphor via email at info@netaphor.com Customers >> with >> annual support may contact support@netaphor.com directly. Those >> not >> under support entitlement may contact Netaphor >> sales: >> sales@netaphor.com or (949) 470 7955 in USA. >> >> NetBSD >> >> NetBSD does not ship with any SNMP tools in our 'base' releases. >> We >> do provide optional packages which provide various support >> for >> SNMP. These packages are not installed by default, nor are >> they >> currently provided as an install option by the operating >> system >> installation tools. A system administrator/end-user has to >> manually >> install this with our package management tools. These SNMP >> packages >> include: >> + netsaint-plugin-snmp-1.2.8.4 (SNMP monitoring plug-in >> for >> netsaint) >> + p5-Net-SNMP-3.60 (perl5 module for SNMP queries) >> + p5-SNMP-3.1.0 (Perl5 module for interfacing to the UCD >> SNMP >> library >> + p5-SNMP_Session-0.83 (perl5 module providing >> rudimentary >> access to remote SNMP agents) >> + ucd-snmp-4.2.1 (Extensible SNMP implementation) >> (conflicts >> with ucd-snmp-4.1.2) >> + ucd-snmp-4.1.2 (Extensible SNMP implementation) >> (conflicts >> with ucd-snmp-4.2.1) >> >> We do provide a software monitoring mechanism >> called >> 'audit-packages', which allows us to highlight if a package >> with a >> range of versions has a potential vulnerability, and >> recommends >> that the end-user upgrade the packages in question. >> >> Netscape Communications Corporation >> >> Netscape continues to be committed to maintaining a high level >> of >> quality in our software and service offerings. Part of >> this >> commitment includes prompt response to security issues >> discovered >> by organizations such as the CERT Coordination Center. >> According to a recent CERT/CC advisory, The Oulu University >> Secure >> Programming Group (OUSPG) has reported numerous vulnerabilities >> in >> multiple vendor SNMPv1 implementations. These vulnerabilities >> may >> allow unauthorized privileged access, denial of service attacks, >> or >> unstable behavior. >> We have carefully examined the reported findings, performing >> the >> tests suggested by the OUSPG to determine whether Netscape >> server >> products were subject to these vulnerabilities. It was >> determined >> that several products fell into this category. As a result, we >> have >> created fixes which will resolve the issues, and these fixes >> will >> appear in future releases of our product line. To >> Netscape's >> knowledge, there are no known instances of these >> vulnerabilities >> being exploited and no customers have been affected to date. >> When such security warnings are issued, Netscape has committed >> to - >> and will continue to commit to - resolving these issues in a >> prompt >> and timely fashion, ensuring that our customers receive products >> of >> the highest quality and security. >> >> NET-SNMP >> >> All ucd-snmp version prior to 4.2.2 are susceptible to >> this >> vulnerability and users of versions prior to version 4.2.2 >> are >> encouraged to upgrade their software as soon as >> possible >> (http://www.net-snmp.org/download/). Version 4.2.2 and higher >> are >> not susceptible. >> >> Network Associates >> >> PGP is not affected, impacted, or otherwise related to this VU#. >> >> Network Computing Technologies >> >> Network Computing Technologies has reviewed the >> information >> regarding SNMP vulnerabilities and is currently investigating >> the >> impact to our products. >> >> Nokia >> >> This vulnerability is known to affect IPSO versions 3.1.3, >> 3.3, >> 3.3.1, 3.4, and 3.4.1. Patches are currently available >> for >> versions 3.3, 3.3.1, 3.4 and 3.4.1 for download from the >> Nokia >> website. In addition, version 3.4.2 shipped with the >> patch >> incorporated, and the necessary fix will be included in all >> future >> releases of IPSO. >> We recommend customers install the patch immediately or follow >> the >> recommended precautions below to avoid any potential exploit. >> If you are not using SNMP services, including Traps, simply >> disable >> the SNMP daemon to completely eliminate the >> potential >> vulnerability. >> If you are using only SNMP Traps and running Check >> Point >> FireWall-1, create a firewall policy to disallow incoming >> SNMP >> messages on all appropriate interfaces. Traps will continue to >> work >> normally. >> >> Nortel Networks >> >> The CERT Coordination Center has issued a broad based alert to >> the >> technology industry, including Nortel Networks, regarding >> potential >> security vulnerabilities identified in the Simple >> Network >> Management Protocol (SNMP), a common networking standard. >> The >> company is working with CERT and other network >> equipment >> manufacturers, the U.S. Government, service providers, and >> software >> suppliers to assess and address this issue. >> >> Novell >> >> Novell ships SNMP.NLM and SNMPLOG.NLM with NetWare 4.x, NetWare >> 5.x >> and 6.0 systems. The SNMP and SNMPLOG vulnerabilities detected >> on >> NetWare are fixed and will be available through NetWare 6 >> Support >> Pack 1 & NetWare 5.1 Support Pack 4. Support packs are available >> at >> http://support.novell.com/tools/csp/ >> >> OpenBSD >> >> OpenBSD does not ship SNMP code. >> >> Qualcomm >> >> WorldMail does not support SNMP by default, so customers who >> run >> unmodified installations are not vulnerable. >> >> Redback Networks, Inc. >> >> Redback Networks, Inc. has identified that the vulnerability >> in >> question affects certain versions of AOS software on the SMS >> 500, >> SMS 1800, and SMS 10000 platforms, and is taking the >> appropriate >> steps necessary to correct the issue. >> >> Red Hat >> >> RedHat has released a security advisiory [sic] at >> http://www.redhat.com/support/errata/RHSA-2001-163.html >> with updated versions of the ucd-snmp package for all >> supported >> releases and architectures. For more information or to download >> the >> update please visit this page. >> >> SGI >> >> SGI acknowledges the SNMP vulnerabilities reported by CERT and >> is >> currently investigating. No further information is available >> at >> this time. >> For the protection of all our customers, SGI does not >> disclose, >> discuss or confirm vulnerabilities until a full investigation >> has >> occurred and any necessary patch(es) or release streams >> are >> available for all vulnerable and supported IRIX operating >> systems. >> Until SGI has more definitive information to provide, customers >> are >> encouraged to assume all security vulnerabilities as >> exploitable >> and take appropriate steps according to local site >> security >> policies and requirements. As further information >> becomes >> available, additional advisories will be issued via the normal >> SGI >> security information distribution methods including the >> wiretap >> mailing list on http://www.sgi.com/support/security/. >> >> SNMP Research International >> >> SNMP Research has made the following vendor statement. They >> are >> likely to revise and expand the statement as the date for >> the >> public vulnerability announcement draws nearer. >> The most recent releases (15.3.1.7 and above) of all SNMP >> Research >> products address the vulnerabilities identified in the >> following >> CERT vulnerability advisories: >> VU#854306 (Multiple vulnerabilities in SNMPv1 request handling) >> VU#107186 (Multiple vulnerabilities in SNMPv1 trap handling) >> All customers who maintain a support contract have received >> either >> this release or appropriate patch sets to their 15.3 source >> code >> releases addressing these vulnerabilities. Users >> maintaining >> earlier releases should update to the current release if they >> have >> not already done so. Up-to-date information is available >> from >> support@snmp.com. >> >> Stonesoft >> >> Stonesoft's StoneGate product does not include an SNMP agent, >> and >> is therefore not vulnerable to this. Other Stonesoft's products >> are >> still under investigation. As further information >> becomes >> available, additional advisories will be available at >> http://www.stonesoft.com/support/techcenter/ >> >> Sun Microsystems, Inc. >> >> Sun's SNMP product, Solstice Enterprise Agents (SEA), >> described >> here: >> http://www.sun.com/solstice/products/ent.agents/ >> is affected by VU#854306 but not VU#107186. More specifically >> the >> main agent of SEA, snmpdx(1M), is affected on Solaris 2.6, 7, >> 8. >> Sun is currently generating patches for this issue and will >> be >> releasing a Sun Security Bulletin once the patches are >> available. >> The bulletin will be available from: >> http://sunsolve.sun.com/security. Sun patches are available >> from: >> http://sunsolve.sun.com/securitypatch. >> >> Symantec Corporation >> >> Symantec Corporation has investigated the SNMP issues identified >> by >> the OUSPG test suite and determined that Symantec products are >> not >> susceptable [sic] to these issues. >> >> TANDBERG >> >> Tandberg have run all the testcases found the PROTOS >> test-suie >> [sic], c06snmpv1: >> 1. c06-snmpv1-trap-enc-pr1.jar >> 2. c06-snmpv1-treq-app-pr1.jar >> 3. c06-snmpv1-trap-enc-pr1.jar >> 4. c06-snmpv1-req-app-pr1.jar >> The tests were run with standard delay time between the >> requests >> (100ms), but also with a delay of 1ms. The tests applies to >> all >> TANDBERG products (T500, T880, T1000, T2500, T6000 and T8000). >> The >> software tested on these products were B4.0 (our latest >> software) >> and no problems were found when running the test suite. >> >> Tivoli Systems >> >> Our analysis indicates that this vulnerability does not affect >> the >> Tivoli NetView product. >> >> Appendix B. - References >> 1. http://www.ee.oulu.fi/research/ouspg/protos/ >> 2. http://www.kb.cert.org/vuls/id/854306 >> 3. http://www.kb.cert.org/vuls/id/107186 >> 4. http://www.cert.org/tech_tips/denial_of_service.html >> 5. http://www.ietf.org/rfc/rfc1067.txt >> 6. http://www.ietf.org/rfc/rfc1089.txt >> 7. http://www.ietf.org/rfc/rfc1140.txt >> 8. http://www.ietf.org/rfc/rfc1155.txt >> 9. http://www.ietf.org/rfc/rfc1156.txt >> 10. http://www.ietf.org/rfc/rfc1215.txt >> 11. http://www.ietf.org/rfc/rfc1270.txt >> 12. http://www.ietf.org/rfc/rfc1352.txt >> >> Appendix C. - Background Information >> >> Background Information on the OUSPG >> >> OUSPG is an academic research group located at Oulu University >> in >> Finland. The purpose of this research group is to test >> software >> for vulnerabilities. >> History has shown that the techniques used by the OUSPG >> have >> discovered a large number of previously undetected problems in >> the >> products and protocols they have tested. In 2001, the >> OUSPG >> produced a comprehensive test suite for evaluating >> implementations >> of the Lightweight Directory Access Protocol (LDAP). This >> test >> suite was developed with the strategy of abusing the protocol >> in >> unsupported and unexpected ways, and it was very effective >> in >> uncovering a wide variety of vulnerabilities across >> several >> products. This approach can reveal vulnerabilities that would >> not >> manifest themselves under normal conditions. >> After completing its work on LDAP, OUSPG moved its focus >> to >> SNMPv1. As with LDAP, they designed a custom test suite, >> began >> testing a selection of products, and found a number >> of >> vulnerabilities. Because OUSPG's work on LDAP was similar >> in >> procedure to its current work on SNMP, you may wish to review >> the >> LDAP Test Suite and CERT Advisory CA-2001-18, which >> outlined >> results of application of the test suite. >> In order to test the security of protocols like SNMPv1, the >> PROTOS >> project presents a server with a wide variety of sample >> packets >> containing unexpected values or illegally formatted data. >> As a >> member of the PROTOS project consortium, the OUSPG used the >> PROTOS >> c06-snmpv1 test suite to study several implementations of >> the >> SNMPv1 protocol. Results of the test suites run against >> SNMP >> indicate that there are many different vulnerabilities on >> many >> different implementations of SNMP. >> >> Background Information on the Simple Network Management Protocol >> >> The Simple Network Management Protocol (SNMP) is the most >> popular >> protocol in use to manage networked devices. SNMP was designed >> in >> the late 80's to facilitate the exchange of management >> information >> between networked devices, operating at the application layer >> of >> the ISO/OSI model. The SNMP protocol enables network and >> system >> administrators to remotely monitor and configure devices on >> the >> network (devices such as switches and routers). Software >> and >> firmware products designed for networks often make use of the >> SNMP >> protocol. SNMP runs on a multitude of devices and >> operating >> systems, including, but not limited to, >> + Core Network Devices (Routers, Switches, Hubs, Bridges, >> and >> Wireless Network Access Points) >> + Operating Systems >> + Consumer Broadband Network Devices (Cable Modems and >> DSL >> Modems) >> + Consumer Electronic Devices (Cameras and Image Scanners) >> + Networked Office Equipment (Printers, Copiers, and >> FAX >> Machines) >> + Network and Systems Management/Diagnostic Frameworks >> (Network >> Sniffers and Network Analyzers) >> + Uninterruptible Power Supplies (UPS) >> + Networked Medical Equipment (Imaging Units and >> Oscilloscopes) >> + Manufacturing and Processing Equipment >> The SNMP protocol is formally defined in RFC1157. Quoting >> from >> that RFC: >> >> Implicit in the SNMP architectural model is a >> collection >> of network management stations and network >> elements. >> Network management stations execute >> management >> applications which monitor and control network >> elements. >> Network elements are devices such as hosts, >> gateways, >> terminal servers, and the like, which have >> management >> agents responsible for performing the network >> management >> functions requested by the network management >> stations. >> The Simple Network Management Protocol (SNMP) is used >> to >> communicate management information between the >> network >> management stations and the agents in the >> network >> elements. >> >> Additionally, SNMP is discussed in a number of other >> RFC >> documents: >> + RFC 3000 Internet Official Protocol Standards >> + RFC 1212 Concise MIB Definitions >> + RFC 1213 Management Information Base for Network >> Management >> of TCP/IP-based Internets: MIB-II >> + RFC 1215 A Convention for Defining Traps for use with >> the >> SNMP >> + RFC 1270 SNMP Communications Services >> + RFC 2570 Introduction to Version 3 of the >> Internet-standard >> Network Management Framework >> + RFC 2571 An Architecture for Describing SNMP >> Management >> Frameworks >> + RFC 2572 Message Processing and Dispatching for the >> Simple >> Network Management Protocol (SNMP) >> + RFC 2573 SNMP Applications >> + RFC 2574 User-based Security Model (USM) for version 3 of >> the >> Simple Network Management Protocol (SNMPv3) >> + RFC 2575 View-based Access Control Model (VACM) for >> the >> Simple Network Management Protocol (SNMP) >> + RFC 2576 Coexistence between Version 1, Version 2, >> and >> Version 3 of the Internet-standard Network >> Management >> Framework >> _____________________________________________________________ >> >> The CERT Coordination Center thanks the Oulu University >> Secure >> Programming Group for reporting these vulnerabilities to us, >> for >> providing detailed technical analyses, and for assisting us >> in >> preparing this advisory. We also thank Steven M. Bellovin >> (AT&T >> Labs -- Research), Wes Hardaker (Net-SNMP), Steve Moulton >> (SNMP >> Research), Tom Reddington (Bell Labs), Mike Duckett (Bell >> South), >> Rob Thomas, Blue Boar (Thievco), and the many others >> who >> contributed to this document. >> _____________________________________________________________ >> >> Feedback on this document can be directed to the authors, Ian >> A. >> Finlay, Shawn V. Hernan, Jason A. Rafail, Chad Dougherty, Allen >> D. >> Householder, Marty Lindner, and Art Manion. >> >> __________________________________________________________________ >> >> This document is available from: >> http://www.cert.org/advisories/CA-2002-03.html >> >> __________________________________________________________________ >> >> CERT/CC Contact Information >> >> Email: cert@cert.org >> Phone: +1 412-268-7090 (24-hour hotline) >> Fax: +1 412-268-6989 >> Postal address: >> CERT Coordination Center >> Software Engineering Institute >> Carnegie Mellon University >> Pittsburgh PA 15213-3890 >> U.S.A. >> >> CERT/CC personnel answer the hotline 08:00-17:00 >> EST(GMT-5) / >> EDT(GMT-4) Monday through Friday; they are on call for >> emergencies >> during other hours, on U.S. holidays, and on weekends. >> >> Using encryption >> We strongly urge you to encrypt sensitive information sent >> by >> email. Our public PGP key is available from >> http://www.cert.org/CERT_PGP.key >> If you prefer to use DES, please call the CERT hotline for >> more >> information. >> >> Getting security information >> CERT publications and other security information are available >> from our web site >> http://www.cert.org/ >> To subscribe to the CERT mailing list for advisories >> and >> bulletins, send email to majordomo@cert.org. Please include in >> the >> body of your message >> >> subscribe cert-advisory >> >> * "CERT" and "CERT Coordination Center" are registered in the >> U.S. >> Patent and Trademark Office. >> >> __________________________________________________________________ >> >> NO WARRANTY >> Any material furnished by Carnegie Mellon University and >> the >> Software Engineering Institute is furnished on an "as is" >> basis. >> Carnegie Mellon University makes no warranties of any kind, >> either >> expressed or implied as to any matter including, but not >> limited >> to, warranty of fitness for a particular purpose >> or >> merchantability, exclusivity or results obtained from use of >> the >> material. Carnegie Mellon University does not make any warranty >> of >> any kind with respect to freedom from patent, trademark, >> or >> copyright infringement. >> _____________________________________________________________ >> >> Conditions for use, disclaimers, and sponsorship information >> Copyright 2002 Carnegie Mellon University. >> >> Revision History >> >> February 12, 2002: Initial release >> >> -----BEGIN PGP SIGNATURE----- >> Version: PGP 6.5.8 >> >> iQCVAwUBPGltxKCVPMXQI2HJAQGVeAQAuHtxGBsmU5HI6PtqhpZ1rkpV+Cq3ChIU >> R1FUz4Zi2vzklH8jdXd10KqwZAPhXTPazeguhRyLVSUprMlSKqcXg3BCkH/y4WAl >> QUZ1VnQXMnMrxIJO1fv0WW0pcyM4W0iQBl0kCIlawPcjCGVniOCOr+4CE0f923wr >> uZiMJ5f2SEo= >> =h42e >> -----END PGP SIGNATURE----- >> -- Kelvin Chu (802) 656-0064 http://www.uvm.edu/~kchu/ FAX: (802) 656-0817 > From macosx at randys.org Tue Feb 12 19:55:59 2002 From: macosx at randys.org (../randy) Date: Thu Nov 3 12:29:16 2005 Subject: Darwin StreamingServer and 10.1.2 In-Reply-To: References: Message-ID: <32378061.1013543675@[192.168.1.100]> I'm streaming right now :) This is cool...shout is such a hooptie...I'll have to try this out on the server. On 2/12/02 7:43 PM -0800, Matt Rehder had this to say: > On Tuesday, February 12, 2002, at 07:31 PM, ../randy wrote: > > > Why don't you just d/l the prebuilt QTSS from Apple's site? I just > > installed in on 10.1.2 Client and so far, it's running. haven't tested > > to see that it actually streams, but so far so good. > > > > http://docs.info.apple.com/article.html?artnum=120101 > > Hmm...what a brilliant idea. I really should have thought one. Thanks > for the info, it appears to be working. > > -matt --------------- EOF --------------- ../randy sesser http://www.randys.org From assdog at mac.com Tue Feb 12 19:59:00 2002 From: assdog at mac.com (Matt Rehder) Date: Thu Nov 3 12:29:16 2005 Subject: [SECURITY] CERT Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations (fwd) In-Reply-To: Message-ID: On Tuesday, February 12, 2002, at 07:50 PM, kelvin_chu@mac.com wrote: > Dear Fellow OSX travellers; > > As an avid OSX user, I'm wondering if we need to worry about this. > Apple is listed as having been contacted by the Oulu Programming group, > but there is a disturbing "Unknown" in the status line. I've looked at > /etc/services and of course, I see... > > % grep snmp /etc/services > snmp 161/tcp > snmp 161/udp > snmptrap 162/tcp snmp-trap > snmptrap 162/udp snmp-trap > snmp-tcp-port 1993/tcp #cisco SNMP TCP port > snmp-tcp-port 1993/udp #cisco SNMP TCP port > % > > It's easy to comment these things out and kill -HUP, but will this even > work (ie do I have to do this through NetInfo)? Do we have a response > as to whether OSX boxes share this vulnerability? (Practically every > other vendor has this problem.) > > Any advice would of course be greatly appreciated. > > I'm not sure if this will affect us, but removing these from /etc/services won't work. That is consulted in single user mode, but it's easy to remove them from Netinfo. -matt From epeyton at epicware.com Tue Feb 12 20:10:58 2002 From: epeyton at epicware.com (Eric Peyton) Date: Thu Nov 3 12:29:16 2005 Subject: [SECURITY] CERT Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations (fwd) In-Reply-To: Message-ID: <85592A4D-2037-11D6-9558-003065CBD1E2@epicware.com> None of which matters since OS X does not currently have an snmp implementation. Eric On Tuesday, February 12, 2002, at 09:58 PM, Matt Rehder wrote: > On Tuesday, February 12, 2002, at 07:50 PM, kelvin_chu@mac.com wrote: > >> Dear Fellow OSX travellers; >> >> As an avid OSX user, I'm wondering if we need to worry about this. >> Apple is listed as having been contacted by the Oulu Programming >> group, but there is a disturbing "Unknown" in the status line. I've >> looked at /etc/services and of course, I see... >> >> % grep snmp /etc/services >> snmp 161/tcp >> snmp 161/udp >> snmptrap 162/tcp snmp-trap >> snmptrap 162/udp snmp-trap >> snmp-tcp-port 1993/tcp #cisco SNMP TCP port >> snmp-tcp-port 1993/udp #cisco SNMP TCP port >> % >> >> It's easy to comment these things out and kill -HUP, but will this >> even work (ie do I have to do this through NetInfo)? Do we have a >> response as to whether OSX boxes share this vulnerability? >> (Practically every other vendor has this problem.) >> >> Any advice would of course be greatly appreciated. >> >> > > I'm not sure if this will affect us, but removing these from > /etc/services won't work. That is consulted in single user mode, but > it's easy to remove them from Netinfo. > > -matt > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin From justin at mac.com Tue Feb 12 20:18:00 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:16 2005 Subject: [SECURITY] CERT Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations (fwd) In-Reply-To: Message-ID: <7AE75563-2038-11D6-9B68-00306544D642@mac.com> On Tuesday, February 12, 2002, at 07:50 PM, kelvin_chu@mac.com wrote: > Dear Fellow OSX travellers; > > As an avid OSX user, I'm wondering if we need to worry about this. > Apple is listed as having been contacted by the Oulu Programming group, > but there is a disturbing "Unknown" in the status line. I've looked at > /etc/services and of course, I see... > > % grep snmp /etc/services > snmp 161/tcp > snmp 161/udp > snmptrap 162/tcp snmp-trap > snmptrap 162/udp snmp-trap > snmp-tcp-port 1993/tcp #cisco SNMP TCP port > snmp-tcp-port 1993/udp #cisco SNMP TCP port > % > > It's easy to comment these things out and kill -HUP, but will this even > work (ie do I have to do this through NetInfo)? Do we have a response > as to whether OSX boxes share this vulnerability? (Practically every > other vendor has this problem.) > > Any advice would of course be greatly appreciated. A couple of points to consider: - Mac OS X doesn't ship with anything that uses snmp AFAIK - Whether or not anything on Mac OS X supports these services commenting them out is not likely to gain you much. I would expect at least some of that code to use IANA-assigned defaults in the absence of the mapping provided by the services file/directory (unless that code were supported through 'inetd'). - the way to prevent denial of service attacks is to prevent the service-provider code from running, or to block the specified ports with a firewall, not to remove the services mapping. - Removing the mapping might affect the operation of some other programs (e.g, one that reverses the mapping to display readable strings in place of numbers). and, of course, keep in mind that netinfo provides the mapping during normal operation. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | When LuteFisk is outlawed | Only outlaws will have | LuteFisk *--------------------------------------*-------------------------------* From james at mac.mlmc.utah.edu Tue Feb 12 20:40:58 2002 From: james at mac.mlmc.utah.edu (James Reynolds) Date: Thu Nov 3 12:29:16 2005 Subject: Cron for individual users In-Reply-To: References: Message-ID: >At 3:55 PM -0700 02/12/02, James Reynolds wrote: >>I am having problems getting cron to work for individual users. I >>am trying to get cron to run for a "guest" user every 5 minutes, >>check if the screen saver is running, if it is, run an idle script >>that basically quits processes, restores defaults to guest user >>home directory, launches IE and launches and hides other desired >>applications. > >Does "guest" have a valid shell? Hmm, you mean like the Terminal.app? No. I moved it to a folder that the guest can't read. Hmm. I didn't change /bin/sh or anthing else though. Do you think it matters? Tomorrow I will move the Terminal back and see if that helps. -- Thanks: James Reynolds University of Utah Student Computing Labs james@scl.utah.edu james@mail.mlmc.utah.edu 801-585-9811 From justin at mac.com Tue Feb 12 20:46:00 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:16 2005 Subject: Cron for individual users In-Reply-To: Message-ID: <7077436C-203C-11D6-9B68-00306544D642@mac.com> On Tuesday, February 12, 2002, at 08:40 PM, James Reynolds wrote: >> At 3:55 PM -0700 02/12/02, James Reynolds wrote: >>> I am having problems getting cron to work for individual users. I am >>> trying to get cron to run for a "guest" user every 5 minutes, check >>> if the screen saver is running, if it is, run an idle script that >>> basically quits processes, restores defaults to guest user home >>> directory, launches IE and launches and hides other desired >>> applications. >> >> Does "guest" have a valid shell? > > Hmm, you mean like the Terminal.app? No. I moved it to a folder that > the guest can't read. Hmm. I didn't change /bin/sh or anthing else > though. Do you think it matters? Tomorrow I will move the Terminal > back and see if that helps. No. Terminal.app is not a shell. To determine the 'shell' used by the 'guest' account, look at its passwd entry (e.g., "nidump . passwd"). Shells are programs like /bin/sh. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | Men are from Earth. | Women are from Earth. | Deal with it. *--------------------------------------*-------------------------------* From assdog at mac.com Tue Feb 12 20:47:01 2002 From: assdog at mac.com (Matt Rehder) Date: Thu Nov 3 12:29:16 2005 Subject: Darwin StreamingServer and 10.1.2 In-Reply-To: <32378061.1013543675@[192.168.1.100]> Message-ID: On Tuesday, February 12, 2002, at 07:54 PM, ../randy wrote: > I'm streaming right now :) > > This is cool...shout is such a hooptie...I'll have to try this out on > the server. > How are you viewing the streams? When I try and open the stream with Quicktime it says Software needed is missing. I read through the documentation, and can't figure out how to view the stream. thanks, -matt From pcoskren at mac.com Tue Feb 12 21:08:00 2002 From: pcoskren at mac.com (Patrick Coskren ) Date: Thu Nov 3 12:29:16 2005 Subject: SecurityAgent and SecurityServer Message-ID: <840831FF-203F-11D6-BE12-003065C198D4@verizon.net> Hi, I just noticed these two apps taking a not insignificant amount of memory on my system (although most of it is paged out). They are in /System/Library/CoreServices. I was just curious; does anybody know what these things do? Thanks, -Patrick From xah at xahlee.org Tue Feb 12 21:10:02 2002 From: xah at xahlee.org (Xah Lee) Date: Thu Nov 3 12:29:16 2005 Subject: perl, get file size -s doesn't work Message-ID: the -s operator in perl doesn't seems to work in Mac OS X. in fact, none of the file operators -d -s etc works. (they are all null) how to get the file size? /Developer/Tools/GetFileInfo doesn't obtain size. btw, is there man page or documentation for tools inside the /Developer/Tools? I don't seems to see any. thanks. Xah xah@xahlee.org http://xahlee.org/PageTwo_dir/more.html From justin at mac.com Tue Feb 12 21:45:01 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:16 2005 Subject: perl, get file size -s doesn't work In-Reply-To: Message-ID: <9FD6DA98-2044-11D6-9B68-00306544D642@mac.com> On Tuesday, February 12, 2002, at 09:08 PM, Xah Lee wrote: > the -s operator in perl doesn't seems to work in Mac OS X. > in fact, none of the file operators -d -s etc works. > (they are all null) > > how to get the file size? Odd. For this snippet: while (<>) { chomp; next unless -f $_; $size = -s $_; print "$_: $size\n"; } I get $ perl /tmp/f.pl /etc/motd /etc/motd: 19 $ ls -l /etc/motd -rw-r--r-- 1 root wheel 19 Sep 2 13:52 /etc/motd What doesn't work? > /Developer/Tools/GetFileInfo doesn't obtain size. > > btw, is there man page or documentation for tools inside the > /Developer/Tools? > I don't seems to see any. There is some info in /Developer/Documentation. Many of the tools are 'helpers', I think. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | It's not whether you win or lose... | It's whether *I* win or lose. *--------------------------------------*-------------------------------* From macosx at randys.org Tue Feb 12 21:50:00 2002 From: macosx at randys.org (../randy) Date: Thu Nov 3 12:29:16 2005 Subject: Darwin StreamingServer and 10.1.2 In-Reply-To: References: Message-ID: <32790751.1013550553@[192.168.1.100]> Depends on what you're streaming. If you're streaming mp3s you can't use QT player...have to use iTumes (or similar). Then connect to http://127.0.0.1:8000/ where mount is the name of the mount you assigned to the playlist you created. like this http://quandary.mine.nu:8000/electronic :) That's running icecast though with shout... - randy On 2/12/02 8:46 PM -0800, Matt Rehder had this to say: > > On Tuesday, February 12, 2002, at 07:54 PM, ../randy wrote: > > > I'm streaming right now :) > > > > This is cool...shout is such a hooptie...I'll have to try this out on > > the server. > > > > How are you viewing the streams? When I try and open the stream with > Quicktime it says Software needed is missing. I read through the > documentation, and can't figure out how to view the stream. > > thanks, > -matt --------------- EOF --------------- ../randy sesser http://www.randys.org From xah at xahlee.org Tue Feb 12 22:02:01 2002 From: xah at xahlee.org (Xah Lee) Date: Thu Nov 3 12:29:16 2005 Subject: perl, get file size -s doesn't work In-Reply-To: <9FD6DA98-2044-11D6-9B68-00306544D642@mac.com> Message-ID: <0CC27250-2047-11D6-AD4B-0050E46E5F09@xahlee.org> #!/usr/bin/perl my $ff = 'Volumes/user data/x_test/f.jpg'; my $ss = -s $ff; print "$ss"; __END__ doesn't print anything. i thought it's because it's HFS volume... (i ran your script, it output nothing. all the file testing operators all seems to return null.) my perl seems to function fine other than this. Xah xah@xahlee.org http://xahlee.org/PageTwo_dir/more.html [/Volumes/user data/download folder][Tue Feb 12,21:58:30] which perl /usr/bin/perl [/Volumes/user data/download folder][Tue Feb 12,21:58:35] perl -v This is perl, v5.6.0 built for darwin Copyright 1987-2000, Larry Wall Perl may be copied only under the terms of either the Artistic License or the GNU General Public License, which may be found in the Perl 5.0 source kit. Complete documentation for Perl, including FAQ lists, should be found on this system using `man perl' or `perldoc perl'. If you have access to the Internet, point your browser at http://www.perl.com/, the Perl Home Page. [/Volumes/user data/download folder][Tue Feb 12,21:58:37] uname -a Darwin cwang.netopia.com 5.2 Darwin Kernel Version 5.2: Fri Dec 7 21:39:35 PST 2001; root:xnu/xnu-201.14.obj~1/RELEASE_PPC Power Macintosh powerpc [xah@cwang /Volumes/user data/download folder][Tue Feb 12,21:58:44] On Tuesday, February 12, 2002, at 09:43 PM, Justin C. Walker wrote: > > On Tuesday, February 12, 2002, at 09:08 PM, Xah Lee wrote: > >> the -s operator in perl doesn't seems to work in Mac OS X. >> in fact, none of the file operators -d -s etc works. >> (they are all null) >> >> how to get the file size? > > Odd. For this snippet: > > while (<>) { > chomp; > next unless -f $_; > $size = -s $_; > print "$_: $size\n"; > } > > I get > > $ perl /tmp/f.pl > /etc/motd > /etc/motd: 19 > $ ls -l /etc/motd > -rw-r--r-- 1 root wheel 19 Sep 2 13:52 /etc/motd > > What doesn't work? > >> /Developer/Tools/GetFileInfo doesn't obtain size. >> >> btw, is there man page or documentation for tools inside the /Developer/ >> Tools? >> I don't seems to see any. > > There is some info in /Developer/Documentation. Many of the tools are > 'helpers', I think. > > Regards, > > Justin > > -- > Justin C. Walker, Curmudgeon-At-Large * > Institute for General Semantics | It's not whether you win or lose. > .. > | It's whether *I* win or lose. > *--------------------------------------*-------------------------------* > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > From justin at mac.com Tue Feb 12 22:10:59 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:16 2005 Subject: perl, get file size -s doesn't work In-Reply-To: <0CC27250-2047-11D6-AD4B-0050E46E5F09@xahlee.org> Message-ID: <3E0E6418-2048-11D6-9B68-00306544D642@mac.com> On Tuesday, February 12, 2002, at 10:00 PM, Xah Lee wrote: > #!/usr/bin/perl > my $ff = 'Volumes/user data/x_test/f.jpg'; I think this should be '/Volumes/...' See if that changes things. Your script, run verbatim, produces the same results on my system as yours. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | It's not whether you win or lose... | It's whether *I* win or lose. *--------------------------------------*-------------------------------* From njriley at uiuc.edu Tue Feb 12 22:11:25 2002 From: njriley at uiuc.edu (Nicholas Riley) Date: Thu Nov 3 12:29:16 2005 Subject: Darwin StreamingServer and 10.1.2 In-Reply-To: References: <32378061.1013543675@[192.168.1.100]> Message-ID: <20020213061019.GA22257@uiuc.edu> On Tue, Feb 12, 2002 at 08:46:29PM -0800, Matt Rehder wrote: > > On Tuesday, February 12, 2002, at 07:54 PM, ../randy wrote: > > >I'm streaming right now :) > > > >This is cool...shout is such a hooptie...I'll have to try this out on > >the server. > > > > How are you viewing the streams? When I try and open the stream with > Quicktime it says Software needed is missing. I read through the > documentation, and can't figure out how to view the stream. If it's a movie stream, make sure to use rtsp:// and not http://. This one caught me. -- =Nicholas Riley | Pablo Research Group, Department of Computer Science and Medical Scholars Program, University of Illinois at Urbana-Champaign From shoop at iWiring.Net Tue Feb 12 22:31:06 2002 From: shoop at iWiring.Net (Dan Shoop) Date: Thu Nov 3 12:29:16 2005 Subject: perl, get file size -s doesn't work In-Reply-To: <3E0E6418-2048-11D6-9B68-00306544D642@mac.com> References: <3E0E6418-2048-11D6-9B68-00306544D642@mac.com> Message-ID: At 10:09 PM -0800 02/12/02, Justin C. Walker wrote: >On Tuesday, February 12, 2002, at 10:00 PM, Xah Lee wrote: > >>#!/usr/bin/perl >>my $ff = 'Volumes/user data/x_test/f.jpg'; > >I think this should be '/Volumes/...' Unless you're already sitting in / -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From james at mac.mlmc.utah.edu Tue Feb 12 22:42:00 2002 From: james at mac.mlmc.utah.edu (James Reynolds) Date: Thu Nov 3 12:29:16 2005 Subject: Cron for individual users In-Reply-To: <7077436C-203C-11D6-9B68-00306544D642@mac.com> References: <7077436C-203C-11D6-9B68-00306544D642@mac.com> Message-ID: >On Tuesday, February 12, 2002, at 08:40 PM, James Reynolds wrote: > >>>At 3:55 PM -0700 02/12/02, James Reynolds wrote: >>>>I am having problems getting cron to work for individual users. I >>>>am trying to get cron to run for a "guest" user every 5 minutes, >>>>check if the screen saver is running, if it is, run an idle >>>>script that basically quits processes, restores defaults to guest >>>>user home directory, launches IE and launches and hides other >>>>desired applications. >>> >>>Does "guest" have a valid shell? >> >>Hmm, you mean like the Terminal.app? No. I moved it to a folder >>that the guest can't read. Hmm. I didn't change /bin/sh or anthing >>else though. Do you think it matters? Tomorrow I will move the >>Terminal back and see if that helps. > >No. Terminal.app is not a shell. To determine the 'shell' used by >the 'guest' account, look at its passwd entry (e.g., "nidump . >passwd"). Shells are programs like /bin/sh. Hmm.. I did chmod on nidump so that the guest can't run it. Would that prevent cron from knowing which shell to execute? Maybe I could specify which shell within the crontab? Would this work? * * * * * sh /path/to/script I noticed in the file /etc/crontab it looks like: 15 3 * * * root sh /etc/daily ... In all my reading about cron, I don't see anywhere where it explains the "root" or "sh". Does anyone know? If I put this in the /etc/crontab, would it execute the command in the guest user run time envirionment? * * * * * guest sh /path/to/script I tried it, but didn't get it to work. But then, I hardly understand what it is doing, so I don't know if I did something wrong, if you know what I mean. I didn't think to check the log back then. I could test it tomorrow and check the log. -- Thanks: James Reynolds University of Utah Student Computing Labs james@scl.utah.edu james@mail.mlmc.utah.edu 801-585-9811 From bdezendorf at aus.ac.ae Tue Feb 12 22:46:06 2002 From: bdezendorf at aus.ac.ae (Breandan Dezendorf) Date: Thu Nov 3 12:29:16 2005 Subject: perl, get file size -s doesn't work In-Reply-To: <0CC27250-2047-11D6-AD4B-0050E46E5F09@xahlee.org> Message-ID: <2F28B66D-204D-11D6-91AF-0003930405C0@aus.ac.ae> As a thought, and if it's an option, if you are running fink, install the "fileutils" package and then use "du" Breandan Dezendorf Macintosh Network Engineer American University of Sharjah On Wednesday, February 13, 2002, at 10:00 AM, Xah Lee wrote: > #!/usr/bin/perl > my $ff = 'Volumes/user data/x_test/f.jpg'; > my $ss = -s $ff; > print "$ss"; > __END__ > > doesn't print anything. > i thought it's because it's HFS volume... > > (i ran your script, it output nothing. all the file testing operators all > seems to return null.) > > my perl seems to function fine other than this. > > Xah > xah@xahlee.org > http://xahlee.org/PageTwo_dir/more.html > > > [/Volumes/user data/download folder][Tue Feb 12,21:58:30] > which perl > /usr/bin/perl > [/Volumes/user data/download folder][Tue Feb 12,21:58:35] > perl -v > > This is perl, v5.6.0 built for darwin > > Copyright 1987-2000, Larry Wall > > Perl may be copied only under the terms of either the Artistic License or > the > GNU General Public License, which may be found in the Perl 5.0 source kit. > > Complete documentation for Perl, including FAQ lists, should be found on > this system using `man perl' or `perldoc perl'. If you have access to the > Internet, point your browser at http://www.perl.com/, the Perl Home Page. > > [/Volumes/user data/download folder][Tue Feb 12,21:58:37] > uname -a > Darwin cwang.netopia.com 5.2 Darwin Kernel Version 5.2: Fri Dec 7 21:39: > 35 PST 2001; root:xnu/xnu-201.14.obj~1/RELEASE_PPC Power Macintosh > powerpc > [xah@cwang /Volumes/user data/download folder][Tue Feb 12,21:58:44] > > > > On Tuesday, February 12, 2002, at 09:43 PM, Justin C. Walker wrote: > >> >> On Tuesday, February 12, 2002, at 09:08 PM, Xah Lee wrote: >> >>> the -s operator in perl doesn't seems to work in Mac OS X. >>> in fact, none of the file operators -d -s etc works. >>> (they are all null) >>> >>> how to get the file size? >> >> Odd. For this snippet: >> >> while (<>) { >> chomp; >> next unless -f $_; >> $size = -s $_; >> print "$_: $size\n"; >> } >> >> I get >> >> $ perl /tmp/f.pl >> /etc/motd >> /etc/motd: 19 >> $ ls -l /etc/motd >> -rw-r--r-- 1 root wheel 19 Sep 2 13:52 /etc/motd >> >> What doesn't work? >> >>> /Developer/Tools/GetFileInfo doesn't obtain size. >>> >>> btw, is there man page or documentation for tools inside the /Developer/ >>> Tools? >>> I don't seems to see any. >> >> There is some info in /Developer/Documentation. Many of the tools are >> 'helpers', I think. >> >> Regards, >> >> Justin >> >> -- >> Justin C. Walker, Curmudgeon-At-Large * >> Institute for General Semantics | It's not whether you win or >> lose. >> .. >> | It's whether *I* win or lose. >> *--------------------------------------*-------------------------------* >> >> _______________________________________________ >> MacOSX-admin mailing list >> MacOSX-admin@omnigroup.com >> http://www.omnigroup.com/mailman/listinfo/macosx-admin >> > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > > From xah at xahlee.org Tue Feb 12 22:59:00 2002 From: xah at xahlee.org (Xah Lee) Date: Thu Nov 3 12:29:16 2005 Subject: perl, get file size -s doesn't work on jpeg files In-Reply-To: Message-ID: <0B20DFFE-204F-11D6-BE80-0050E46E5F09@xahlee.org> ok, i narrowed down the problem: perl -s doesn't work on jpg files! Xah xah@xahlee.org http://xahlee.org/PageTwo_dir/more.html From xah at xahlee.org Tue Feb 12 23:15:00 2002 From: xah at xahlee.org (Xah Lee) Date: Thu Nov 3 12:29:16 2005 Subject: my mistake [Re: perl, get file size -s doesn't work on jpeg files] In-Reply-To: <0B20DFFE-204F-11D6-BE80-0050E46E5F09@xahlee.org> Message-ID: <326A2C32-2051-11D6-BE80-0050E46E5F09@xahlee.org> sorry for the flurry of mail. my stupid mistakeS. perl -s works fine (i missed a slash among the directories, so essentially i'm querying non-existant file.). Xah From justin at mac.com Tue Feb 12 23:20:59 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:16 2005 Subject: perl, get file size -s doesn't work on jpeg files In-Reply-To: <0B20DFFE-204F-11D6-BE80-0050E46E5F09@xahlee.org> Message-ID: <250F9A08-2052-11D6-AA38-00306544D642@mac.com> On Tuesday, February 12, 2002, at 10:58 PM, Xah Lee wrote: > ok, i narrowed down the problem: > > perl -s doesn't work on jpg files! Gak. It works on my system: /tmp/f.pl Pictures/PJ2.jpg Pictures/PJ2.jpg: 45002 $ ls -l Pictures/PJ2.jpg -rw-r--r-- 1 justin staff 45002 Dec 26 16:49 Pictures/PJ2.jpg But note: $ ls -l Pictures/PJ2.jpg/rsrc -rw-r--r-- 1 justin staff 10259 Dec 26 16:49 Pictures/PJ2.jpg/rsrc Is it possible that your jpegs are all resource fork (having no idea what a Mac OS 9 program would do with a JPEG)? Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | When LuteFisk is outlawed | Only outlaws will have | LuteFisk *--------------------------------------*-------------------------------* From justin at mac.com Tue Feb 12 23:23:01 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:16 2005 Subject: my mistake [Re: perl, get file size -s doesn't work on jpeg files] In-Reply-To: <326A2C32-2051-11D6-BE80-0050E46E5F09@xahlee.org> Message-ID: <5127D6D1-2052-11D6-AA38-00306544D642@mac.com> On Tuesday, February 12, 2002, at 11:13 PM, Xah Lee wrote: > sorry for the flurry of mail. > > my stupid mistakeS. > > perl -s works fine > > (i missed a slash among the directories, so essentially i'm querying > non-existant file.). That's a relief :-}. I was beginning to think about file system bugs... Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | When LuteFisk is outlawed | Only outlaws will have | LuteFisk *--------------------------------------*-------------------------------* From justin at mac.com Tue Feb 12 23:29:01 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:16 2005 Subject: Cron for individual users In-Reply-To: Message-ID: <22391EE0-2053-11D6-AA38-00306544D642@mac.com> On Tuesday, February 12, 2002, at 10:40 PM, James Reynolds wrote: >> On Tuesday, February 12, 2002, at 08:40 PM, James Reynolds wrote: >> >>>> At 3:55 PM -0700 02/12/02, James Reynolds wrote: >>>>> I am having problems getting cron to work for individual users. I >>>>> am trying to get cron to run for a "guest" user every 5 minutes, >>>>> check if the screen saver is running, if it is, run an idle script >>>>> that basically quits processes, restores defaults to guest user >>>>> home directory, launches IE and launches and hides other desired >>>>> applications. >>>> >>>> Does "guest" have a valid shell? >>> >>> Hmm, you mean like the Terminal.app? No. I moved it to a folder >>> that the guest can't read. Hmm. I didn't change /bin/sh or anthing >>> else though. Do you think it matters? Tomorrow I will move the >>> Terminal back and see if that helps. >> >> No. Terminal.app is not a shell. To determine the 'shell' used by >> the 'guest' account, look at its passwd entry (e.g., "nidump . >> passwd"). Shells are programs like /bin/sh. > > Hmm.. I did chmod on nidump so that the guest can't run it. Would > that prevent cron from knowing which shell to execute? Maybe I could > specify which shell within the crontab? Usually, the trick is to start the script with this as the line: #!/bin/sh and then change the protections on the script to 755 (or maybe 555 if you're really paranoid). > Would this work? > > * * * * * sh /path/to/script > > I noticed in the file /etc/crontab it looks like: > > 15 3 * * * root sh /etc/daily ... > > In all my reading about cron, I don't see anywhere where it explains > the "root" or "sh". Does anyone know? A couple of points: - you need to absorb 'man 5 crontab', where the format is discussed - the format of '/etc/crontab' differs from that for the per-user crontabs (AFAIK, the difference is that the system crontab has a user name in the entry, while the user name is implicit for the per-user tabs) - In your line above, the args are from the system crontab, so: - the first 5 fields are times - the next field is the login name for the user which 'cron' will use when running this command (i.e., as if the command were run from a shell owned by that user) - the final field is the command, and consistss of everything following the initial args - so 'root' is the user who runs the command and 'sh /etc/daily' is the command being run. - scripts are best written for execution by /bin/sh - In this case, the 'sh' part of the command is superfluous, since /etc/daily begins with "#!/bin/sh". > If I put this in the /etc/crontab, would it execute the command in the > guest user run time envirionment? I should think so. The alternative would be to put * * * * * sh /path/to/script in 'guest's crontab (using the crontab command). > * * * * * guest sh /path/to/script > > I tried it, but didn't get it to work. But then, I hardly understand > what it is doing, so I don't know if I did something wrong, if you know > what I mean. I didn't think to check the log back then. I could test > it tomorrow and check the log. What's in 'script'? Also, I'd think you'd want to put a little more constraint on the time at which the script gets run; as it is, it will (try to) run every time 'cron' looks at it. One way to debug the cron job is to do something like: M H DM M DW guest sh /path/to/script > /tmp/my.output 2>&1 to see if /tmp/my.output gets created. If it does get run, you can put commands like echo "I got to XXX" >> /tmp/my.dbg.output to see what is happening inside your script. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | It's not whether you win or lose... | It's whether *I* win or lose. *--------------------------------------*-------------------------------* From shoop at iwiring.net Wed Feb 13 00:22:03 2002 From: shoop at iwiring.net (Dan Shoop) Date: Thu Nov 3 12:29:16 2005 Subject: Cron for individual users In-Reply-To: References: <7077436C-203C-11D6-9B68-00306544D642@mac.com> Message-ID: At 11:40 PM -0700 02/12/02, James Reynolds wrote: >>On Tuesday, February 12, 2002, at 08:40 PM, James Reynolds wrote: >> >>>>At 3:55 PM -0700 02/12/02, James Reynolds wrote: >>>>>I am having problems getting cron to work for individual users. >>>>>I am trying to get cron to run for a "guest" user every 5 >>>>>minutes, check if the screen saver is running, if it is, run an >>>>>idle script that basically quits processes, restores defaults to >>>>>guest user home directory, launches IE and launches and hides >>>>>other desired applications. >>>> >>>>Does "guest" have a valid shell? >>> >>>Hmm, you mean like the Terminal.app? No. I moved it to a folder >>>that the guest can't read. Hmm. I didn't change /bin/sh or >>>anthing else though. Do you think it matters? Tomorrow I will >>>move the Terminal back and see if that helps. >> >>No. Terminal.app is not a shell. To determine the 'shell' used by >>the 'guest' account, look at its passwd entry (e.g., "nidump . >>passwd"). Shells are programs like /bin/sh. > >Hmm.. I did chmod on nidump so that the guest can't run it. Huh? >Would that prevent cron from knowing which shell to execute? Shouldn't, but the question remains, does 'guest' have a shell specified in the netinfo db? If not, cron is going to fail, as will a lot of other things. > Maybe I could specify which shell within the crontab? > >Would this work? No. Not unless the user *has* a shell. >* * * * * sh /path/to/script > >I noticed in the file /etc/crontab it looks like: > >15 3 * * * root sh /etc/daily ... That command still is executed in the user's shell, here it just specifies the command executed is another shell which runs a script explicitly in that shell. Here that's most likely because tcsh is the default shell and this script mentioned is a sh script. The above cron entry executes the command 'sh /etc/daily' at 3:15 every day of every month of every weekday for the user root. That command itself launches the sh shell and executes as it's sole parameter the file /etc/daily >In all my reading about cron, I don't see anywhere where it explains >the "root" or "sh". Does anyone know? Buy Unix in Nutshell, and pick up Essential Systems Administration too while you're at it. >If I put this in the /etc/crontab, would it execute the command in >the guest user run time envirionment? > >* * * * * guest sh /path/to/script First, you you really need to read the cron and crontab man pages. The way you need to manipulate cron is via the crontab command and feeding it a file. Don't be editing the cron file itself. Users should use their own cron files, not /etc/cron. >I tried it, but didn't get it to work. But then, I hardly >understand what it is doing, so I don't know if I did something >wrong, if you know what I mean. BTW, you do know your mail host is in one of the black whole lists... -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From shoop at iwiring.net Wed Feb 13 00:23:01 2002 From: shoop at iwiring.net (Dan Shoop) Date: Thu Nov 3 12:29:16 2005 Subject: Cron for individual users In-Reply-To: References: Message-ID: At 9:40 PM -0700 02/12/02, James Reynolds wrote: >>At 3:55 PM -0700 02/12/02, James Reynolds wrote: >>>I am having problems getting cron to work for individual users. I >>>am trying to get cron to run for a "guest" user every 5 minutes, >>>check if the screen saver is running, if it is, run an idle script >>>that basically quits processes, restores defaults to guest user >>>home directory, launches IE and launches and hides other desired >>>applications. >> >>Does "guest" have a valid shell? > >Hmm, you mean like the Terminal.app? No, I mean does it have a shell defined in NetInfo (assuming you're not configured to use flat files, or NIS or something else.) >No. I moved it to a folder that the guest can't read. Hmm. I >didn't change /bin/sh or anthing else though. Do you think it >matters? Tomorrow I will move the Terminal back and see if that >helps. Moved what? -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From jonas at zeus.rug.ac.be Wed Feb 13 00:55:01 2002 From: jonas at zeus.rug.ac.be (Jonas Maebe) Date: Thu Nov 3 12:29:16 2005 Subject: Beep sound slow In-Reply-To: <10202121549.AA17804@gandalf.caisys.co.uk> Message-ID: <570D6DC8-205F-11D6-AF41-003065D3FF28@zeus.rug.ac.be> On dinsdag, februari 12, 2002, at 04:49 , Mike Elston wrote: > No such problem on my new TiBook. I notice it's loaded with build > 5P63 of 10.1.2 (when I updated my PowerMac to 10.1.2 I got 5P48). That's weird. My brother just got a new TiBook (two weeks ago) and he got 10.1.1 build 5Q49 with it (or something like that, but it was definitely 10.1.1 and 5Qsomething). Jonas From merlyn at stonehenge.com Wed Feb 13 04:35:01 2002 From: merlyn at stonehenge.com (Randal L. Schwartz) Date: Thu Nov 3 12:29:16 2005 Subject: Fwd: [SECURITY] CERT Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations (fwd) In-Reply-To: References: Message-ID: >>>>> "kelvin" == kelvin chu writes: kelvin> Dear Fellow OSX travellers; kelvin> As an avid OSX user, I'm wondering if we need to worry about this. kelvin> Apple is listed as having been contacted by the Oulu Programming kelvin> group, but there is a disturbing "Unknown" in the status line. I've kelvin> looked at /etc/services and of course, I see... kelvin> % grep snmp /etc/services kelvin> snmp 161/tcp kelvin> snmp 161/udp kelvin> snmptrap 162/tcp snmp-trap kelvin> snmptrap 162/udp snmp-trap kelvin> snmp-tcp-port 1993/tcp #cisco SNMP TCP port kelvin> snmp-tcp-port 1993/udp #cisco SNMP TCP port kelvin> % kelvin> It's easy to comment these things out and kill -HUP, but will this kelvin> even work (ie do I have to do this through NetInfo)? Do we have a kelvin> response as to whether OSX boxes share this vulnerability? kelvin> (Practically every other vendor has this problem.) As I see with "lsof -i", there's no server on those ports out of the box. Commenting them out of /etc/services is like using a felt marker to erase a phone number from the book... it doesn't stop anyone who already knows the phone number. :) If anything, you just need to make sure that no service is started, either at bootup, or from /etc/inetd.conf, that listens at those addresses. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! From jonas at zeus.rug.ac.be Wed Feb 13 04:38:01 2002 From: jonas at zeus.rug.ac.be (Jonas Maebe) Date: Thu Nov 3 12:29:16 2005 Subject: configure http proxy In-Reply-To: <3C67DE06.4080804@adaptory.com> Message-ID: <766B8F42-207E-11D6-AF41-003065D3FF28@zeus.rug.ac.be> On maandag, februari 11, 2002, at 04:06 , Nikolaos Nikou wrote: > Ok, > but there is noway to configure either users for the proxy or the proxy > port. > the only option available on the web server is if you want to enable > the proxy and the size and location of the cache. > I tried to connect to the 8080 port of our server but it doesn't > respond but the 80 works ok as a proxy. I really don't understand. Is that a webserver with a built-in proxy or what? Or is that proxy simply a performance cache that caches the documents most recently served by your server? If it's the latter, there is no security problem at all and I don't see why you would want to restrict caching to local users only... Jonas From root at nimug.org Wed Feb 13 04:53:02 2002 From: root at nimug.org (r00t) Date: Thu Nov 3 12:29:16 2005 Subject: [SECURITY] CERT Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations (fwd) In-Reply-To: Message-ID: <8E8124FF-2080-11D6-A725-0030656A00AC@nimug.org> On Wednesday, February 13, 2002, at 12:33 , Randal L. Schwartz wrote: > If anything, you just need to make sure that no service is started, > either at bootup, or from /etc/inetd.conf, that listens at those > addresses. Reading the advisory it is plain that SNMP-capable devices may be affected even if SNMP services are turned off. Best to use filters or...if ya wanna be really sure... turn the darn thing off. Ironic that a week ago I installed net-snmp BECAUSE of this. Heh heh. -- From jearle at mac.com Wed Feb 13 05:09:01 2002 From: jearle at mac.com (Jared ''Danger'' Earle) Date: Thu Nov 3 12:29:16 2005 Subject: perl, get file size -s doesn't work In-Reply-To: <0CC27250-2047-11D6-AD4B-0050E46E5F09@xahlee.org> Message-ID: On Wednesday, February 13, 2002, at 07:00 , Xah Lee wrote: > my $ff = 'Volumes/user data/x_test/f.jpg'; s/'Vo/'\/Vo/g; -- Jared Earle, Nightfall Games, jared@23x.net - http://www.23x.net "I've met the SPORK, you blasphemous lot! And you look nothing like him!" From probert at osci.qc.ca Wed Feb 13 06:19:01 2002 From: probert at osci.qc.ca (Pascal Robert) Date: Thu Nov 3 12:29:16 2005 Subject: perl, get file size -s doesn't work In-Reply-To: Message-ID: On 2/13/02 12:08 AM, "Xah Lee" wrote: > how to get the file size? I used it on Mac OS X and it works well. You can also use stat() From shoop at iwiring.net Wed Feb 13 06:34:02 2002 From: shoop at iwiring.net (Dan Shoop) Date: Thu Nov 3 12:29:16 2005 Subject: [SECURITY] CERT Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations (fwd) In-Reply-To: <8E8124FF-2080-11D6-A725-0030656A00AC@nimug.org> References: <8E8124FF-2080-11D6-A725-0030656A00AC@nimug.org> Message-ID: At 12:52 PM +0000 02/13/02, r00t wrote: >On Wednesday, February 13, 2002, at 12:33 , Randal L. Schwartz wrote: > >>If anything, you just need to make sure that no service is started, >>either at bootup, or from /etc/inetd.conf, that listens at those >>addresses. > >Reading the advisory it is plain that SNMP-capable devices may be >affected even if SNMP services are turned off. Best to use filters >or...if ya wanna be really sure... turn the darn thing off. There is SNMP support on the Airport Base station, is there not? This device could thus be affected. -dhan ------------------------------------------------------------------------ Dan Shoop 127 East Prospect Street Consulting Internet Architect Waldwick, NJ 07463 shoop@iwiring.net (201) 679-7329 (707) 667-7866 (fax) pgp public key available on the canonical key servers pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B "Sadly, text alone cannot convey the depths of my sarcasm." From mbartosh at mac.com Wed Feb 13 06:57:01 2002 From: mbartosh at mac.com (Michael Bartosh) Date: Thu Nov 3 12:29:16 2005 Subject: Cron for individual users In-Reply-To: References: Message-ID: At 9:40 PM -0700 02/12/02, James Reynolds wrote: >>No. I moved it to a folder that the guest can't read. Why would you do this? a) if a user wants to run terminal, all they have to do is find it via AppleShare somewhere b) a lot of the power that mac OS X brings to higher ed /is/ the fact that- not only is it a Mac, but that it's unix at the same time. I don't see why you'd spirit Terminal off to a hidden place. Terminal isn't a big scary dangerous thing. If you're not an administrator or root, it's not particularly dangerous at all. -- http://www.4am-media.com Mac OS X Consulting and Training Michael Bartosh mbartosh@4am-media.com 303.517.0272 Denver, CO "The surest way to corrupt a youth is to instruct him to hold in higher regard those who think alike than those who think differently." - -- Nietzsche Think Different. From abarthelemy at iph.fgov.be Wed Feb 13 07:03:00 2002 From: abarthelemy at iph.fgov.be (Alain Barthelemy) Date: Thu Nov 3 12:29:16 2005 Subject: how to enter root password Message-ID: <00364423fa9631369b6cb23f1c1ca24a3c6a80c0@iph.fgov.be> Hello, One question: I just installed MacOSX but can't access root account because the installation program "forgot" to ask me a password. I type "su" Then nothing (I did not enter a password) .... and the answer is "sorry". Thus installation program added a password to root account without warning the administrator (thus me). How can I enter a password to root account or recover it? Thank you -- Alex From james at mac.mlmc.utah.edu Wed Feb 13 07:06:02 2002 From: james at mac.mlmc.utah.edu (James Reynolds) Date: Thu Nov 3 12:29:16 2005 Subject: Cron for individual users In-Reply-To: References: Message-ID: >At 9:40 PM -0700 02/12/02, James Reynolds wrote: >>>No. I moved it to a folder that the guest can't read. > >Why would you do this? > a) if a user wants to run terminal, all they have to do is >find it via AppleShare somewhere > b) a lot of the power that mac OS X brings to higher ed /is/ >the fact that- not only is it a Mac, > but that it's unix at the same time. I don't see why you'd >spirit Terminal off to a hidden > place. >Terminal isn't a big scary dangerous thing. If you're not an >administrator or root, it's not particularly dangerous at all. I mainly did it because they are kiosk Macs. We don't want any applications other than Explorer, MSN Messenger, etc.,. I am replacing the Finder with Explorer as well. -- Thanks: James Reynolds University of Utah Student Computing Labs james@scl.utah.edu james@mail.mlmc.utah.edu 801-585-9811 From taz at univits.se Wed Feb 13 07:09:00 2002 From: taz at univits.se (Mikael Moreira) Date: Thu Nov 3 12:29:16 2005 Subject: how to enter root password In-Reply-To: <00364423fa9631369b6cb23f1c1ca24a3c6a80c0@iph.fgov.be> Message-ID: Hi Alain, Type: sudo tcsh and enter the administrator password when prompted for it. Now you are root and may do whatever you want on your system. /Micke On Wed, 13 Feb 2002, Alain Barthelemy wrote: > Hello, > > One question: > > I just installed MacOSX but can't access root account because the installation program "forgot" to ask me a password. > > I type "su" > Then nothing (I did not enter a password) > > .... and the answer is "sorry". > > Thus installation program added a password to root account without warning the administrator (thus me). > > How can I enter a password to root account or recover it? > > Thank you > > -- > Alex > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > From mvgfr at mac.com Wed Feb 13 07:16:00 2002 From: mvgfr at mac.com (Marc Farnum Rendino) Date: Thu Nov 3 12:29:16 2005 Subject: [SECURITY] CERT Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations (fwd) In-Reply-To: <7AE75563-2038-11D6-9B68-00306544D642@mac.com> References: <7AE75563-2038-11D6-9B68-00306544D642@mac.com> Message-ID: At 8:16 PM -0800 on 2/12/02, Justin C. Walker wrote: >A couple of points to consider: > - the way to prevent denial of service attacks is to prevent > the service-provider code from running, or to block the specified > ports with a firewall, not to remove the services mapping. Not "the way", "one part of the way" - attacks come from within as well, now, so blocking at the firewall does not make you safe. These days, each machine needs to be hardened and should only accept traffic on the ports in needs to. - Marc From jearle at mac.com Wed Feb 13 07:17:00 2002 From: jearle at mac.com (Jared ''Danger'' Earle) Date: Thu Nov 3 12:29:17 2005 Subject: how to enter root password In-Reply-To: <00364423fa9631369b6cb23f1c1ca24a3c6a80c0@iph.fgov.be> Message-ID: <806CDEA4-2094-11D6-B874-000A2791CF7C@mac.com> On Wednesday, February 13, 2002, at 04:08 , Alain Barthelemy wrote: > I just installed MacOSX but can't access root account because the > installation program "forgot" to ask me a password. > [snip] > Thus installation program added a password to root account without > warning the administrator (thus me). No, root doesn't currently have a password. In theory, it never needs one: You have sudo, right? Activate Root's password through "NetInfo Manager" or any UNIX workarounds you'd use normally. -- Jared Earle, Nightfall Games, jared@23x.net - http://www.23x.net "One SPORK to bring them all and in the darkness bind them." From clarkcox3 at mac.com Wed Feb 13 07:18:04 2002 From: clarkcox3 at mac.com (Clark S. Cox III) Date: Thu Nov 3 12:29:17 2005 Subject: how to enter root password In-Reply-To: <00364423fa9631369b6cb23f1c1ca24a3c6a80c0@iph.fgov.be> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, February 13, 2002, at 10:08 , Alain Barthelemy wrote: > Hello, > > One question: > > I just installed MacOSX but can't access root account because the > installation program "forgot" to ask me a password. > > I type "su" > Then nothing (I did not enter a password) > > .... and the answer is "sorry". > > Thus installation program added a password to root account without > warning the administrator (thus me). > > How can I enter a password to root account or recover it? On a default MacOSX install, there is no root password (i.e. it is not possible to log in as root, or to su to root). You can either use sudo for any tasks that you need to execute with super-user permissions, or you can give root a password. If all you want is to run a shell as root every once in a while, then you can just use: sudo tcsh which will run tcsh as root. - -- Clark S. Cox, III clarkcox3@yahoo.com http://www.whereismyhead.com/clark/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (Darwin) Comment: For info see http://www.gnupg.org iD8DBQE8aoNfd6STocYT1xURApOjAJoCRvlhvm05IrgFz3GGQff/n9R45QCfannd 4N3Log5TKuyPL0UStO/e4EA= =Jjr5 -----END PGP SIGNATURE----- From scm at comlab.ox.ac.uk Wed Feb 13 07:50:58 2002 From: scm at comlab.ox.ac.uk (Shin-Cheng Mu) Date: Thu Nov 3 12:29:17 2005 Subject: Print Center "could not access file or directory" Message-ID: <5E8F4F60-2099-11D6-A941-0050E459B742@comlab.ox.ac.uk> Hi, Print Center worked alright for a while until yesterday, when it starts to give me the queue error, "Could not access file or directory" what every I print, after displaying the message "closing printer connection" in the window for the printer queue. I searched in the Apple archive but could not find any relevant information. I suspect that it is caused by some corrupted spool file or directory but I don't know which ones they might be. And removing unneeded files in /Library/Printers or deleting and adding the printer again does not help, either. Any ideas what I should do? Any help would be appreciated. Thank you very much. sincerely, Shin ps. If it's relevant, I was printing to an lpr printer. From justin at mac.com Wed Feb 13 07:59:02 2002 From: justin at mac.com (Justin C. Walker) Date: Thu Nov 3 12:29:17 2005 Subject: how to enter root password In-Reply-To: <00364423fa9631369b6cb23f1c1ca24a3c6a80c0@