From Philip.Moetteli at tele2.ch Sun Mar 2 23:49:34 2008 From: Philip.Moetteli at tele2.ch (=?ISO-8859-1?Q?Philip_M=F6tteli?=) Date: Sun Mar 2 23:49:38 2008 Subject: Can't su anymore In-Reply-To: <3C951116-7C57-4925-826E-64B1E964A3DC@fusl.ac.be> References: <680861F0-D6F9-4138-8861-D693FDC10914@tele2.ch> <5bbc0cd60802251156o4834f651w6b80913d219703ea@mail.gmail.com> <0B102139-34D9-497D-8903-86D615FC9CCC@tele2.ch> <27E97B78-CA0E-47AA-874A-39B1A41F70A5@fusl.ac.be> <66DC1199-3E96-4B86-ADD7-B0629B362050@tele2.ch> <4A546BCA-31F0-4DD9-A248-DC22DE0DD983@gmail.com> <5710D777-C2FC-49DE-89BA-BC4A0E9B8B70@tele2.ch> <17c8e29e0802270735n3ff3a8aar8b237d6ec19796ce@mail.gmail.com> <9F8AA252-D26F-4E63-B75A-4C9C9AB3254C@tele2.ch> <7E3D3BEB-EB2A-4331-A08B-27105A118E8A@gmail.com> <47C6738E.1030700@wanadoo.fr> <491F9255-714F-45F9-996E-1082070E245F@tele2.ch> <42ECA8EF-723A-4204-9A2C-C04AE9C355B3@fusl.ac.be> <9A3216B2-14AB-4C00-A2E4-4F1AFFE913EE@tele2.ch> <3C951116-7C57-4925-826E-64B1E964A3DC@fusl.ac.be> Message-ID: <07ADC314-C831-4B02-96CA-387FFDDAD910@tele2.ch> Am 28.02.2008 um 12:05 schrieb Axel Luttgens: > Le 28 f?vr. 08 ? 11:24, Philip M?tteli a ?crit : > >> Am 28.02.2008 um 10:47 schrieb Axel Luttgens: > do you have aliases somehow defined when launching your shell? (BTW, > what's your shell?) /bin/bash > In the case of bash (or sh), > alias -p > may provide a hint, No alias defined. > as well as a look at /etc/profile, ~/.bash_profile, ~/.bashrc, > ~/.profile, $BASH_ENV, $ENV, etc. Didn't find any aliases or other things. > And what gives when trying with a shell other than the usual one? It's strange. It works now! I really don't understand why. The only thing I changed was, that I removed several entries of test -r /sw/bin/init.sh && . /sw/bin/init.sh in '.bash_profile'. I don't remember having changed anything else. I removed alias su /usr/bin/su which I have created on behalf of one poster here. And I logged out and in, several times in those days. Really strange. Am 28.02.2008 um 17:18 schrieb Jos? Pedro do Amaral: > Another possible test for this interesting situation (this test will > only work if you have not done the aliasing in the shell > configuration of su to /usr/bin/su): Someone here proposed to do that and I did it for a moment. Of course afterwards it worked. But in order to find out the cause of the problem, I removed it. > 1. Try su --version then $ su --version su: illegal option -- v usage: su [-] [-flm] [login [args]] > 2. Try /usr/bin/su --version and $ /usr/bin/su --version /usr/bin/su: illegal option -- v usage: su [-] [-flm] [login [args]] > By the way, have you tried /sfw/sbin/su? $ /sw/sbin/su -bash: /sw/sbin/su: No such file or directory I'm sorry, I really don't know, what happened! From kef_list at ibacom.es Mon Mar 3 00:27:43 2008 From: kef_list at ibacom.es (kef_list) Date: Mon Mar 3 00:34:31 2008 Subject: AFP Leopard Server problems changing permission with get info Message-ID: Hi guys, I have a very strange problem with Mac OS X 10.5.2 clients on server 10.5.2. 1) client does a "get info" on a server folder: user: auser - Read & Write group: agroup - Read Only everyone: No Access 2) Client tries to change the permission of the group to "Read & Write" 3) WEIRDNESS: As the client changes the perms, the OWNER gets changed to "theadmin" (main admin, user id 500), and the group to "com.apple.monitor_all_services" !!!!!!!! What the $/&/"?&% is going on? How can changing the perms change the owner and group? From the Terminal "ls -la" show the correct permissions! ACLs: Yes, I am using ACLs, but the same happens with a "normal" user (no ACLs affect him) as well as the ACLed user that has an "all permissions" override ACL on a parent folder. Happens from all 10.5 client computers. Server restarted, clients restarted. Ran Disk Utility: no problems found. If anyone has any idea of what is going on I would greatly appreciate it! Thanks, Charles From luttgens at fusl.ac.be Mon Mar 3 00:56:21 2008 From: luttgens at fusl.ac.be (Axel Luttgens) Date: Mon Mar 3 00:56:28 2008 Subject: Can't su anymore In-Reply-To: <07ADC314-C831-4B02-96CA-387FFDDAD910@tele2.ch> References: <680861F0-D6F9-4138-8861-D693FDC10914@tele2.ch> <5bbc0cd60802251156o4834f651w6b80913d219703ea@mail.gmail.com> <0B102139-34D9-497D-8903-86D615FC9CCC@tele2.ch> <27E97B78-CA0E-47AA-874A-39B1A41F70A5@fusl.ac.be> <66DC1199-3E96-4B86-ADD7-B0629B362050@tele2.ch> <4A546BCA-31F0-4DD9-A248-DC22DE0DD983@gmail.com> <5710D777-C2FC-49DE-89BA-BC4A0E9B8B70@tele2.ch> <17c8e29e0802270735n3ff3a8aar8b237d6ec19796ce@mail.gmail.com> <9F8AA252-D26F-4E63-B75A-4C9C9AB3254C@tele2.ch> <7E3D3BEB-EB2A-4331-A08B-27105A118E8A@gmail.com> <47C6738E.1030700@wanadoo.fr> <491F9255-714F-45F9-996E-1082070E245F@tele2.ch> <42ECA8EF-723A-4204-9A2C-C04AE9C355B3@fusl.ac.be> <9A3216B2-14AB-4C00-A2E4-4F1AFFE913EE@tele2.ch> <3C951116-7C57-4925-826E-64B1E964A3DC@fusl.ac.be> <07ADC314-C831-4B02-96CA-387FFDDAD910@tele2.ch> Message-ID: Le 3 mars 08 ? 08:49, Philip M?tteli a ?crit : > Am 28.02.2008 um 12:05 schrieb Axel Luttgens: > >> [...] >> as well as a look at /etc/profile, ~/.bash_profile, ~/.bashrc, >> ~/.profile, $BASH_ENV, $ENV, etc. > > Didn't find any aliases or other things. Well, looks like there was something to be found therein... >> And what gives when trying with a shell other than the usual one? > > It's strange. It works now! I really don't understand why. The only > thing I changed was, that I removed several entries of > > test -r /sw/bin/init.sh && . /sw/bin/init.sh If the above change (removal) really allowed to cure your problem, then file /sw/bin/init.sh should exist; just out of curiosity, what does it contain? TIA, Axel From Philip.Moetteli at tele2.ch Mon Mar 3 01:09:45 2008 From: Philip.Moetteli at tele2.ch (=?ISO-8859-1?Q?Philip_M=F6tteli?=) Date: Mon Mar 3 01:09:50 2008 Subject: Can't su anymore In-Reply-To: References: <680861F0-D6F9-4138-8861-D693FDC10914@tele2.ch> <5bbc0cd60802251156o4834f651w6b80913d219703ea@mail.gmail.com> <0B102139-34D9-497D-8903-86D615FC9CCC@tele2.ch> <27E97B78-CA0E-47AA-874A-39B1A41F70A5@fusl.ac.be> <66DC1199-3E96-4B86-ADD7-B0629B362050@tele2.ch> <4A546BCA-31F0-4DD9-A248-DC22DE0DD983@gmail.com> <5710D777-C2FC-49DE-89BA-BC4A0E9B8B70@tele2.ch> <17c8e29e0802270735n3ff3a8aar8b237d6ec19796ce@mail.gmail.com> <9F8AA252-D26F-4E63-B75A-4C9C9AB3254C@tele2.ch> <7E3D3BEB-EB2A-4331-A08B-27105A118E8A@gmail.com> <47C6738E.1030700@wanadoo.fr> <491F9255-714F-45F9-996E-1082070E245F@tele2.ch> <42ECA8EF-723A-4204-9A2C-C04AE9C355B3@fusl.ac.be> <9A3216B2-14AB-4C00-A2E4-4F1AFFE913EE@tele2.ch> <3C951116-7C57-4925-826E-64B1E964A3DC@fusl.ac.be> <07ADC314-C831-4B02-96CA-387FFDDAD910@tele2.ch> Message-ID: <35F09B4B-13FD-46F5-8DBA-A4E3A77FF776@tele2.ch> Am 03.03.2008 um 09:56 schrieb Axel Luttgens: > Le 3 mars 08 ? 08:49, Philip M?tteli a ?crit : > >> Am 28.02.2008 um 12:05 schrieb Axel Luttgens: >>> >> It's strange. It works now! I really don't understand why. The only >> thing I changed was, that I removed several entries of >> >> test -r /sw/bin/init.sh && . /sw/bin/init.sh > > > If the above change (removal) really allowed to cure your problem, > then file /sw/bin/init.sh should exist; just out of curiosity, what > does it contain? -------------- next part -------------- From Philip.Moetteli at tele2.ch Mon Mar 3 01:36:47 2008 From: Philip.Moetteli at tele2.ch (=?ISO-8859-1?Q?Philip_M=F6tteli?=) Date: Mon Mar 3 01:38:18 2008 Subject: Can't su anymore In-Reply-To: <35F09B4B-13FD-46F5-8DBA-A4E3A77FF776@tele2.ch> References: <680861F0-D6F9-4138-8861-D693FDC10914@tele2.ch> <5bbc0cd60802251156o4834f651w6b80913d219703ea@mail.gmail.com> <0B102139-34D9-497D-8903-86D615FC9CCC@tele2.ch> <27E97B78-CA0E-47AA-874A-39B1A41F70A5@fusl.ac.be> <66DC1199-3E96-4B86-ADD7-B0629B362050@tele2.ch> <4A546BCA-31F0-4DD9-A248-DC22DE0DD983@gmail.com> <5710D777-C2FC-49DE-89BA-BC4A0E9B8B70@tele2.ch> <17c8e29e0802270735n3ff3a8aar8b237d6ec19796ce@mail.gmail.com> <9F8AA252-D26F-4E63-B75A-4C9C9AB3254C@tele2.ch> <7E3D3BEB-EB2A-4331-A08B-27105A118E8A@gmail.com> <47C6738E.1030700@wanadoo.fr> <491F9255-714F-45F9-996E-1082070E245F@tele2.ch> <42ECA8EF-723A-4204-9A2C-C04AE9C355B3@fusl.ac.be> <9A3216B2-14AB-4C00-A2E4-4F1AFFE913EE@tele2.ch> <3C951116-7C57-4925-826E-64B1E964A3DC@fusl.ac.be> <07ADC314-C831-4B02-96CA-387FFDDAD910@tele2.ch> Message-ID: <30C2ABEB-69ED-452F-99ED-7365BCCA9530@tele2.ch> Am 03.03.2008 um 10:09 schrieb Philip M?tteli: > Am 03.03.2008 um 09:56 schrieb Axel Luttgens: > >> Le 3 mars 08 ? 08:49, Philip M?tteli a ?crit : >> >>> Am 28.02.2008 um 12:05 schrieb Axel Luttgens: >>>> >>> It's strange. It works now! I really don't understand why. The >>> only thing I changed was, that I removed several entries of >>> >>> test -r /sw/bin/init.sh && . /sw/bin/init.sh >> >> >> If the above change (removal) really allowed to cure your problem, >> then file /sw/bin/init.sh should exist; just out of curiosity, what >> does it contain? The attachement has been removed: # init.sh # # to use the Fink hierarchy, put the following in your .profile: # # . /sw/bin/init.sh # # # Fink - a package manager that downloads source and installs it # Copyright (c) 2001 Christoph Pfisterer # Copyright (c) 2001-2004 The Fink Team # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # # define append_path and prepend_path to add directory paths, e.g. PATH, MANPATH. # add to end of path append_path() { if ! eval test -z "\"\${$1##*:$2:*}\"" -o -z "\"\${$1%%*:$2}\"" -o - z "\"\${$1##$2:*}\"" -o -z "\"\${$1##$2}\"" ; then eval "$1=\$$1:$2" fi } # add to front of path prepend_path() { if ! eval test -z "\"\${$1##*:$2:*}\"" -o -z "\"\${$1%%*:$2}\"" -o - z "\"\${$1##$2:*}\"" -o -z "\"\${$1##$2}\"" ; then eval "$1=$2:\$$1" fi } # setup fink related paths. we assume that the fink directories exists. if [ -z "$PATH" ]; then PATH=/sw/bin:/sw/sbin:/bin:/sbin:/usr/bin:/usr/sbin else prepend_path PATH /sw/bin:/sw/sbin fi export PATH osMajorVer=`uname -r | cut -d. -f1` osMinorVer=`uname -r | cut -d. -f2` if [ -z "$MANPATH" ]; then if [ $osMajorVer -gt 7 ]; then MANPATH=`/usr/bin/manpath` else MANPATH=`/usr/bin/manpath -q` fi fi prepend_path MANPATH /sw/share/man perlversion=`/usr/bin/perl -e 'printf("%vd\n", $^V)'` append_path MANPATH /sw/lib/perl5/$perlversion/man export MANPATH if [ -z "$INFOPATH" ]; then INFOPATH=/sw/share/info:/sw/info:/usr/share/info else prepend_path INFOPATH /sw/share/info:/sw/info fi export INFOPATH if [ -r /sw/share/java/classpath ]; then if [ -z "$CLASSPATH" ]; then CLASSPATH=`cat /sw/share/java/classpath`:. else add2classpath=`cat /sw/share/java/classpath` prepend_path CLASSPATH $add2classpath fi export CLASSPATH fi if [ -z "$PERL5LIB" ]; then PERL5LIB=/sw/lib/perl5:/sw/lib/perl5/darwin else prepend_path PERL5LIB /sw/lib/perl5:/sw/lib/perl5/darwin fi export PERL5LIB # Add X11 paths (but only if the directories are readable) if [ -r /usr/X11R6/bin ]; then append_path PATH /usr/X11R6/bin export PATH fi if [ -r /usr/X11R6/man ]; then append_path MANPATH /usr/X11R6/man export MANPATH fi # On Mac OS X 10.4.{x|x<3} there is a dyld bug (rdar://problem/4139432) # where a library will not load if a library with a matching basename # is already loaded from one of the system paths, # the workaround is to set DYLD_FALLBACK_LIBRARY_PATH to : if [ -z "$DYLD_FALLBACK_LIBRARY_PATH" ]; then if [ $osMajorVer -eq 8 -a $osMinorVer -lt 3 ]; then DYLD_FALLBACK_LIBRARY_PATH=: export DYLD_FALLBACK_LIBRARY_PATH fi fi PROXYHTTP=`grep ProxyHTTP /sw/etc/fink.conf | grep -v "#" | cut -d " " -f2` if [ "$PROXYHTTP" != "" ]; then HTTP_PROXY=$PROXYHTTP http_proxy=$PROXYHTTP export HTTP_PROXY http_proxy fi PROXYFTP=`grep ProxyFTP /sw/etc/fink.conf | grep -v "#" | cut -d " " - f2` if [ "$PROXYFTP" != "" ]; then FTP_PROXY=$PROXYFTP ftp_proxy=$PROXYFTP export FTP_PROXY ftp_proxy fi # read per-package scripts from /sw/etc/profile.d if [ -d /sw/etc/profile.d ]; then for i in /sw/etc/profile.d/*.sh ; do if [ -r $i -a -x $i ]; then . $i fi done unset i fi # eof From jearle at gmail.com Mon Mar 3 01:48:42 2008 From: jearle at gmail.com (Jared Earle) Date: Mon Mar 3 01:48:45 2008 Subject: [OT] Advanced ln command use In-Reply-To: References: Message-ID: <5bbc0cd60803030148v25dcbe53u6905c13322c34fff@mail.gmail.com> On Fri, Feb 29, 2008 at 11:00 PM, Richard Taubo wrote: > 2) Domain directory > /Web/Sites/www.mysite.com/cgi-bin -> /usr/local/myprogram > /Web/Sites/www.mysite.com/myconfig.cfg Um, what's wrong with using the ScriptAlias in Apache? It's what it's there for. -- Jared Earle :: There is no SPORK jearle@gmail.com :: http://www.23x.net The Spodcast :: http://spodcast.org From mrhatken at mac.com Mon Mar 3 07:51:37 2008 From: mrhatken at mac.com (Ashley Aitken) Date: Mon Mar 3 07:51:46 2008 Subject: Problem with Google URLs not loading? Message-ID: <063A9A3E-E43B-4F56-A4D3-FE1436E81F7B@mac.com> Howdy All, I'm having a strange problem within my LAN. Any machine on the wireless part of the LAN can't seem to access any Google URL (www.google.com , news.google.com, www.google.com.au etc). The sites just time out in Safari and Firefox. It also affects any other sites that use Google Analytics, but other than that all Web browsing works fine. I thought it may be a DNS problem since I am trying to run a DNS server for local (internal) machines (with limited success since the transition to Leopard Server - but that is another story). However, "dig" seems to suggest that the machines have no trouble looking up Google sites, and I have taken the local DNS server out the search path without any improvement. Entering the actual IP addresses for Google also fails to load the pages at all (although I guess this could be due to the fact that the pages themselves may contain references to other resources using fully qualified domain names?). To tell you the truth I am not sure, and I am really confused by this (not difficult to do, i.e. confusing me). MS Live Searching (for obvious reasons) seems to suggest that a few others may have had a similar problem (in the past), particularly with wireless LANs. I should have also said that all Google sites work fine from our wired LAN. And our wireless LAN is just an Ad-Hoc network between a number of machines using their Airport Extreme cards. I also thought routing could be a problem (since I don't use "Internet Sharing" for the wireless LAN, rather I route packets to/from the Ad- Hoc network). However, as I mentioned all other sites and Internet access seems to be ok. What does my wireless LAN have against Google? I seem to have ruled out DNS, browser, routing. Thanks for any suggestions / pointers. Cheers, Ashley. -- Ashley Aitken Perth, Western Australia mrhatken at mac dot com Skype Name: MrHatken (GMT + 8 Hours!) From rhicks41 at tampabay.rr.com Mon Mar 3 11:18:05 2008 From: rhicks41 at tampabay.rr.com (Randal Hicks) Date: Mon Mar 3 11:18:24 2008 Subject: Problem with Google URLs not loading? In-Reply-To: <063A9A3E-E43B-4F56-A4D3-FE1436E81F7B@mac.com> References: <063A9A3E-E43B-4F56-A4D3-FE1436E81F7B@mac.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mar 3, 2008, at 10:51 AM, Ashley Aitken wrote: > > Howdy All, > > I'm having a strange problem within my LAN. Any machine on the > wireless part of the LAN can't seem to access any Google URL > (www.google.com, news.google.com, www.google.com.au etc). The > sites just time out in Safari and Firefox. It also affects any > other sites that use Google Analytics, but other than that all Web > browsing works fine. > > I thought it may be a DNS problem since I am trying to run a DNS > server for local (internal) machines (with limited success since > the transition to Leopard Server - but that is another story). > However, "dig" seems to suggest that the machines have no trouble > looking up Google sites, and I have taken the local DNS server out > the search path without any improvement. > > Entering the actual IP addresses for Google also fails to load the > pages at all (although I guess this could be due to the fact that > the pages themselves may contain references to other resources > using fully qualified domain names?). To tell you the truth I am > not sure, and I am really confused by this (not difficult to do, > i.e. confusing me). > > MS Live Searching (for obvious reasons) seems to suggest that a few > others may have had a similar problem (in the past), particularly > with wireless LANs. I should have also said that all Google sites > work fine from our wired LAN. And our wireless LAN is just an Ad- > Hoc network between a number of machines using their Airport > Extreme cards. > > I also thought routing could be a problem (since I don't use > "Internet Sharing" for the wireless LAN, rather I route packets to/ > from the Ad-Hoc network). However, as I mentioned all other sites > and Internet access seems to be ok. > > What does my wireless LAN have against Google? > > I seem to have ruled out DNS, browser, routing. > > Thanks for any suggestions / pointers. > > Cheers, > Ashley. > > -- > Ashley Aitken > Perth, Western Australia > mrhatken at mac dot com > Skype Name: MrHatken (GMT + 8 Hours!) > > > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin Hi Ashley, On the surface, to me, it appears to be a problem with your firewall settings... @the command line (via terminal.app) type the following -- followed by your password (with admin privs): sudo ipfw show ...see if google url ips are listed, 'man ipfw' or post back to the list for assist in correcting rules. hope this helps, if I'm off base someone please chime in Randal -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAkfMTu4ACgkQHXnD0tz+/vy4UwCfRDeVcPJZQGfGeNJNH9g4eCid CsAAn0kZJSSR6DBASh5a5Q3ncumYZ/Yx =NdOY -----END PGP SIGNATURE----- From mrhatken at mac.com Mon Mar 3 18:00:05 2008 From: mrhatken at mac.com (Ashley Aitken) Date: Mon Mar 3 18:00:20 2008 Subject: Problem with Google URLs not loading? In-Reply-To: References: <063A9A3E-E43B-4F56-A4D3-FE1436E81F7B@mac.com> Message-ID: On 04/03/2008, at 4:18 AM, Randal Hicks wrote: > > On the surface, to me, it appears to be a problem with your > firewall settings... > @the command line (via terminal.app) type the following -- followed > by your password (with admin privs): > > sudo ipfw show > > ...see if google url ips are listed, 'man ipfw' or post back to the > list for assist in correcting rules. > > hope this helps, if I'm off base someone please chime in > Randal Thanks for the suggestion Randal, I will have a look when I am next there. It would need to be a pretty specific firewall rule though (i.e. limiting things for one particular subnet) since the pages (URLs) load fine on the wired network (and I only have the firewall on at the modem/router). I don't believe the Mac OS X firewall is active on the machine that connects the Ad-Hoc wireless network to the rest of the LAN and the Internet but I will also check that. Cheers, Ashley. From no-reply at yelp.com Mon Mar 3 23:37:59 2008 From: no-reply at yelp.com (Kenneth R.) Date: Mon Mar 3 23:45:02 2008 Subject: See all my reviews Message-ID: <20080304073759.E05E71C9530@web3.365.yelpcorp.com> Hi Mac, How's it going? Have you heard about Yelp yet? I am addicted to it! Yelp is the new and fun way to find, review and talk about what's great - and not so great - in your neighborhood and beyond, everything from cool restaurants and bars to doctors and yoga instructors. Check it out: http://yelp.com/e;AQIAIw;xCeGCjWduo8AVelb26IzZw See you on Yelp, - Kenneth From mrhatken at mac.com Tue Mar 4 04:03:44 2008 From: mrhatken at mac.com (Ashley Aitken) Date: Tue Mar 4 04:03:53 2008 Subject: Problem with Google URLs not loading? In-Reply-To: References: <063A9A3E-E43B-4F56-A4D3-FE1436E81F7B@mac.com> Message-ID: <850FFC52-1250-465C-8E80-E4C2F85B098A@mac.com> > On the surface, to me, it appears to be a problem with your firewall > settings... > @the command line (via terminal.app) type the following -- followed > by your password (with admin privs): > > sudo ipfw show > > ...see if google url ips are listed, 'man ipfw' or post back to the > list for assist in correcting rules. > > hope this helps, if I'm off base someone please chime in On the Mac that connects the wireless LAN to the rest of the LAN and Internet: > 00010 0 0 divert 8668 ip from any to any via en0 > 01000 0 0 allow ip from any to any via lo0 > 01010 0 0 deny ip from any to 127.0.0.0/8 > 01020 0 0 deny ip from 224.0.0.0/4 to any in > 01030 0 0 deny tcp from any to 224.0.0.0/4 in > 12300 0 0 allow tcp from any to any established > 12301 0 0 allow tcp from any to any out > 12302 0 0 allow tcp from any to any dst-port 22 > 12302 0 0 allow udp from any to any dst-port 22 > 12303 0 0 allow udp from any to any out keep-state > 12304 0 0 allow tcp from any to any dst-port 53 out keep-state > 12304 0 0 allow udp from any to any dst-port 53 out keep-state > 12305 0 0 allow udp from any to any in frag > 12306 0 0 allow tcp from any to any dst-port 311 > 12307 0 0 allow tcp from any to any dst-port 625 > 12308 0 0 allow udp from any to any dst-port 626 > 12309 0 0 allow icmp from any to any icmptypes 8 > 12310 0 0 allow icmp from any to any icmptypes 0 > 12311 0 0 allow igmp from any to any > 65534 0 0 deny ip from any to any > 65535 0 0 allow ip from any to any Nothing looks specific enough for the Google problem. Not sure what the 224.0.0.0 is about but the rest looks pretty generic. And although our ADSL modem/router (Draytek 2600 Plus) does have content filtering, and a firewall, nothing is on in the content filtering and the firewall is normal(?). As mentioned, we also have no problems on the wired part of the LAN. Still bamboozled. Cheers, Ashley. From ort at bergersen.no Tue Mar 4 04:09:43 2008 From: ort at bergersen.no (Richard Taubo) Date: Tue Mar 4 04:09:51 2008 Subject: [OT] Advanced ln command use In-Reply-To: <5bbc0cd60803030148v25dcbe53u6905c13322c34fff@mail.gmail.com> References: <5bbc0cd60803030148v25dcbe53u6905c13322c34fff@mail.gmail.com> Message-ID: <224199B9-E13E-468A-9F64-18908F55A71D@bergersen.no> Hi! On 03/03/2008, at 10:48, Jared Earle wrote: > On Fri, Feb 29, 2008 at 11:00 PM, Richard Taubo > wrote: >> 2) Domain directory >> /Web/Sites/www.mysite.com/cgi-bin -> /usr/local/myprogram >> /Web/Sites/www.mysite.com/myconfig.cfg > > Um, what's wrong with using the ScriptAlias in Apache? It's what > it's there for. Thanks for the hint! I can't see how this would solve my issue though, since my challenge was to keep one program folder but use many config files. In addition, http://httpd.apache.org/docs/1.3/mod/mod_alias.html says the following: " . . . The ScriptAlias directive has the additional effect of marking the target directory as containing only CGI scripts . . ." So it really does not seem to apply to my situation. For the record, I ended up with something like this instead, and using "real" files and directories for the config stuff: ln -s pathToMyCGI/* . Not as unified as I wanted, but it does the job . . . Richard Taubo From justin at mac.com Tue Mar 4 13:59:04 2008 From: justin at mac.com (Justin C. Walker) Date: Tue Mar 4 13:59:30 2008 Subject: Time Machine/HFS question Message-ID: <979F6315-226B-49A9-8885-4351CAE8980B@mac.com> Hi, all, This is a bit involved, since I'm not sure what is useful information. My backups stopped working recently, and I don't know why. There doesn't seem to be anything in the system logs, but I did find this entry on the Apple support site: I have been backing up using Time Machine from a 10.5 MacBook Pro (Core 2 Duo) to a 10.4 Mac Pro (Dual Quad Xeon) using a 1TB Western Digital MyBook FireWire drive. It was fine from October through early February. Then I took the laptop on the road. I plugged it back in last week and didn't notice til today that backups weren't happening. In the past, I would just mount the (remote) firewire drive on the laptop, and Time Machine would begin chugging away (or would dutifully schedule a time to start chugging away). Now, I mount the device, Time Machine remains 'off', and when I turn it on, I get a drop down window where, presumably, the available drives are given. This window is empty, and there's nothing in the logs to indicate what's happening (other than the mounting of the drive over AFP is logged). Following the suggestions in the above article, I copied all the data off the firewire drive, reformatted it as GUID, and copied it back. Same story. This may be linked with the upgrade from 10.5.1 to 10.5.2 (the last 'band' on the drive is 2/4; the upgrade was on 2/5). The appearance of the Time Machine prefs pane may have changed in 10.5.2, but that's a bit hazy... A little more extraneous info. My backup volume has two directories: Backups.backupdb/laptop laptop_...bundle The Backups directory has a half-dozen directories from 10/29 (when I first started trying this out) and that's it. The 'laptop...bundle' directory has a bunch of "bands" dating between 10/30 and 2/4. If I try to "restore", the alert tells me that there's no backup location. I can open the prefs, which gets me back to the above problem (no drive to select) or I can use a "previous" disk, which gives me access to the 10/29 backups only. A clue for the clueless? Thanks as always. Justin -- Justin C. Walker, Curmudgeon-At-Large, Director Institute for the Enhancement of the Director's Income -------- The path of least resistance: it's not just for electricity any more. -------- From cwolf at mac.com Tue Mar 4 14:34:56 2008 From: cwolf at mac.com (Christopher Wolf) Date: Tue Mar 4 14:35:48 2008 Subject: Time Machine/HFS question In-Reply-To: <979F6315-226B-49A9-8885-4351CAE8980B@mac.com> References: <979F6315-226B-49A9-8885-4351CAE8980B@mac.com> Message-ID: <42463E42-169E-4266-8139-1C2A96F6128C@mac.com> On Mar 4, 2008, at 4:59 PM, Justin C. Walker wrote: > Hi, all, > > This is a bit involved, since I'm not sure what is useful information. > > My backups stopped working recently, and I don't know why. There > doesn't seem to be anything in the system logs, but I did find this > entry on the Apple support site: > > > I have been backing up using Time Machine from a 10.5 MacBook Pro > (Core 2 Duo) to a 10.4 Mac Pro (Dual Quad Xeon) using a 1TB Western > Digital MyBook FireWire drive. > It was fine from October through early February. Then I took the > laptop on the road. I plugged it back in last week and didn't > notice til today that backups weren't happening. > > In the past, I would just mount the (remote) firewire drive on the > laptop, and Time Machine would begin chugging away (or would > dutifully schedule a time to start chugging away). > > Now, I mount the device, Time Machine remains 'off', and when I turn > it on, I get a drop down window where, presumably, the available > drives are given. This window is empty, and there's nothing in the > logs to indicate what's happening (other than the mounting of the > drive over AFP is logged). Network backups are only supported to other Macs if the machine serving the AFP volume is running OS X 10.5. The preference pane filters out volumes which do not have the necessary capabilities. That would be why your mounted network volume is not showing up as a potential destination. The real mystery is how you were ever able to back up to this volume over the network previously. - Chris From david at mackler.net Tue Mar 4 14:41:31 2008 From: david at mackler.net (David Mackler) Date: Tue Mar 4 14:48:15 2008 Subject: Time Machine/HFS question In-Reply-To: <29BF70DC-4677-425C-BFF0-0F28180A3AB3@pacbell.net> References: <979F6315-226B-49A9-8885-4351CAE8980B@mac.com> <29BF70DC-4677-425C-BFF0-0F28180A3AB3@pacbell.net> Message-ID: <2F6A4F56-22CB-4188-B3AF-E79BF5FC6E05@mackler.net> On Mar 4, 2008, at 1:59 PM, Justin C. Walker wrote: > My backups stopped working recently, and I don't know why. There > doesn't seem to be anything in the system logs, but I did find this > entry on the Apple support site: > > > I have been backing up using Time Machine from a 10.5 MacBook Pro > (Core 2 Duo) to a 10.4 Mac Pro (Dual Quad Xeon) using a 1TB Western > Digital MyBook FireWire drive. It was fine from October through > early February. Then I took the laptop on the road. I plugged it > back in last week and didn't notice til today that backups weren't > happening. > > In the past, I would just mount the (remote) firewire drive on the > laptop, and Time Machine would begin chugging away (or would > dutifully schedule a time to start chugging away). > > Now, I mount the device, Time Machine remains 'off', and when I turn > it on, I get a drop down window where, presumably, the available > drives are given. This window is empty, and there's nothing in the > logs to indicate what's happening (other than the mounting of the > drive over AFP is logged). There is clearly an asymmetry with Time Machine. The ".backupdb" is created for a locally attached drive, and the ".bundle" is created for a network attached drive. TM appears to all a restore from either recognized source, but is selective in what it allows for a backup destination. Further, it only seems to permit a network style backup when the network share is hosted by Leopard [client|server]. Somehow you managed to make TM recognize your Tiger-hosted network share as a valid destination. > This may be linked with the upgrade from 10.5.1 to 10.5.2 (the last > 'band' on the drive is 2/4; the upgrade was on 2/5). The appearance > of the Time Machine prefs pane may have changed in 10.5.2, but > that's a bit hazy... > > A little more extraneous info. My backup volume has two directories: > Backups.backupdb/laptop > laptop_...bundle > > The Backups directory has a half-dozen directories from 10/29 (when > I first started trying this out) and that's it. > > The 'laptop...bundle' directory has a bunch of "bands" dating > between 10/30 and 2/4. > > If I try to "restore", the alert tells me that there's no backup > location. I can open the prefs, which gets me back to the above > problem (no drive to select) or I can use a "previous" disk, which > gives me access to the 10/29 backups only. > > A clue for the clueless? Only one meager clue. Did you do a hack to force network TM backups on your laptop? It might have been undone by that upgrade to 10.5.2. From cwolf at mac.com Tue Mar 4 15:25:14 2008 From: cwolf at mac.com (Christopher Wolf) Date: Tue Mar 4 15:25:22 2008 Subject: Time Machine/HFS question In-Reply-To: <2F6A4F56-22CB-4188-B3AF-E79BF5FC6E05@mackler.net> References: <979F6315-226B-49A9-8885-4351CAE8980B@mac.com> <29BF70DC-4677-425C-BFF0-0F28180A3AB3@pacbell.net> <2F6A4F56-22CB-4188-B3AF-E79BF5FC6E05@mackler.net> Message-ID: <629B2B5B-6ECA-4A93-81B5-7B44D0BA2C1B@mac.com> On Mar 4, 2008, at 5:41 PM, David Mackler wrote: > On Mar 4, 2008, at 1:59 PM, Justin C. Walker wrote: >> My backups stopped working recently, and I don't know why. There >> doesn't seem to be anything in the system logs, but I did find this >> entry on the Apple support site: >> >> >> I have been backing up using Time Machine from a 10.5 MacBook Pro >> (Core 2 Duo) to a 10.4 Mac Pro (Dual Quad Xeon) using a 1TB Western >> Digital MyBook FireWire drive. It was fine from October through >> early February. Then I took the laptop on the road. I plugged it >> back in last week and didn't notice til today that backups weren't >> happening. >> >> In the past, I would just mount the (remote) firewire drive on the >> laptop, and Time Machine would begin chugging away (or would >> dutifully schedule a time to start chugging away). >> >> Now, I mount the device, Time Machine remains 'off', and when I >> turn it on, I get a drop down window where, presumably, the >> available drives are given. This window is empty, and there's >> nothing in the logs to indicate what's happening (other than the >> mounting of the drive over AFP is logged). > > There is clearly an asymmetry with Time Machine. The ".backupdb" is > created for a locally attached drive, and the ".bundle" is created > for a network attached drive. The .backupd folder needs to live on a Leopard HFS+ filesystem with support for directory hard-links, extended attributes and ACLs. However, if a volume is accessed over the network (even if it is formatted HFS+) the client machines don't see it as an HFS+ volume but rather as an AFP volume (which does not support directory hardlinks or extended attributes). To get around this Time Machine creates a .sparsebundle disk image on the AFP volume containing a HFS+ filesystem. Time Machine creates its .backupd structure on the HFS+ filesystem contained within the mounted disk-image in that case. - Chris From justin at mac.com Tue Mar 4 19:57:50 2008 From: justin at mac.com (Justin C. Walker) Date: Tue Mar 4 19:58:05 2008 Subject: Time Machine/HFS question In-Reply-To: <629B2B5B-6ECA-4A93-81B5-7B44D0BA2C1B@mac.com> References: <979F6315-226B-49A9-8885-4351CAE8980B@mac.com> <29BF70DC-4677-425C-BFF0-0F28180A3AB3@pacbell.net> <2F6A4F56-22CB-4188-B3AF-E79BF5FC6E05@mackler.net> <629B2B5B-6ECA-4A93-81B5-7B44D0BA2C1B@mac.com> Message-ID: <1FCF36C1-E2A1-49EF-8BCB-7CFC0A758B56@mac.com> Thanks, Chris and David, On Mar 4, 2008, at 15:25 , Christopher Wolf wrote: > On Mar 4, 2008, at 5:41 PM, David Mackler wrote: >> On Mar 4, 2008, at 1:59 PM, Justin C. Walker wrote: [snip] >>> Now, I mount the device, Time Machine remains 'off', and when I >>> turn it on, I get a drop down window where, presumably, the >>> available drives are given. This window is empty, and there's >>> nothing in the logs to indicate what's happening (other than the >>> mounting of the drive over AFP is logged). >> >> There is clearly an asymmetry with Time Machine. The ".backupdb" >> is created for a locally attached drive, and the ".bundle" is >> created for a network attached drive. > > The .backupd folder needs to live on a Leopard HFS+ filesystem with > support for directory hard-links, extended attributes and ACLs. > > However, if a volume is accessed over the network (even if it is > formatted HFS+) the client machines don't see it as an HFS+ volume > but rather as an AFP volume (which does not support directory > hardlinks or extended attributes). To get around this Time Machine > creates a .sparsebundle disk image on the AFP volume containing a > HFS+ filesystem. Time Machine creates its .backupd structure on the > HFS+ filesystem contained within the mounted disk-image in that case. I think I'm still puzzled :-} From your first mail, Chris, it sounded like access to remote drives is possible only when the server is 10.5. In my setup, there are two 10.4 systems, including the main server hosting the firewire drive, and one 10.5 system. The only way the ".backupdb" could have been set up is when the firewire drive was mounted on the 10.4 system, correct? I only physically attached this drive to the 10.5 system for a few brief periods, one begin before 10/29 (when I was trying to get the drive to work :-}), and once a couple of weeks ago (post 10.5.2 upgrade). There wasn't enough "connect" time in the first case to create the 6 "2007-10-29-*" directories (they were apparently created over a period of about 5 hours, based on timestamps). Is there a way to verify which system the drive was connected to when these directories were created (memory being somewhat fallible :-})? As for the "sparsebundle", it is not a disk image, it's a real directory. Based on the timestamps on the "bands" in this directory, it had to have been connected to a 10.5 system for quite a spell, if I understand your comment (it can only be served from a 10.5 system, and is used only to handle remote 10.5 clients). Is that correct? If so, I'm really confused, because this firewire drive was physically attached to the Mac Pro (10.4) during the period that these "bands" were created. I think I only once moved the drive to the laptop (10.5), and then only briefly. Again, thanks for your explanations. Is any of this documented? I checked ADC, but nothing obvious popped out (overviews and API discussions were all I saw). Justin -- Justin C. Walker, Curmudgeon-At-Large Institute for the Enhancement of the Director's Income -------- Experience is what you get when you don't get what you want. -------- From david at mackler.net Tue Mar 4 20:09:48 2008 From: david at mackler.net (David Mackler) Date: Tue Mar 4 20:09:54 2008 Subject: Time Machine/HFS question In-Reply-To: <1FCF36C1-E2A1-49EF-8BCB-7CFC0A758B56@mac.com> References: <979F6315-226B-49A9-8885-4351CAE8980B@mac.com> <29BF70DC-4677-425C-BFF0-0F28180A3AB3@pacbell.net> <2F6A4F56-22CB-4188-B3AF-E79BF5FC6E05@mackler.net> <629B2B5B-6ECA-4A93-81B5-7B44D0BA2C1B@mac.com> <1FCF36C1-E2A1-49EF-8BCB-7CFC0A758B56@mac.com> Message-ID: <06BC0CAF-26E1-4617-A416-79AD0EB1750E@mackler.net> On Mar 4, 2008, at 7:57 PM, Justin C. Walker wrote: > Thanks, Chris and David, >> However, if a volume is accessed over the network (even if it is >> formatted HFS+) the client machines don't see it as an HFS+ volume >> but rather as an AFP volume (which does not support directory >> hardlinks or extended attributes). To get around this Time Machine >> creates a .sparsebundle disk image on the AFP volume containing a >> HFS+ filesystem. Time Machine creates its .backupd structure on the >> HFS+ filesystem contained within the mounted disk-image in that case. > > I think I'm still puzzled :-} > > From your first mail, Chris, it sounded like access to remote drives > is possible only when the server is 10.5. In my setup, there are > two 10.4 systems, including the main server hosting the firewire > drive, and one 10.5 system. TM only creates the .backupdb directory when directly connected on the client, not when network mounted. > The only way the ".backupdb" could have been set up is when the > firewire drive was mounted on the 10.4 system, correct? Yup. > I only physically attached this drive to the 10.5 system for a few > brief periods, one begin before 10/29 (when I was trying to get the > drive to work :-}), and once a couple of weeks ago (post 10.5.2 > upgrade). There wasn't enough "connect" time in the first case to > create the 6 "2007-10-29-*" directories (they were apparently > created over a period of about 5 hours, based on timestamps). Is > there a way to verify which system the drive was connected to when > these directories were created (memory being somewhat fallible :-})? Perhaps, if I were able to still think clearly instead of merely reciting what I already know. I don't suppose you have a system.log that goes back that far, do you? That's the problem with memory crutches, isn't it. Without our crutches, well? ;-) > As for the "sparsebundle", it is not a disk image, it's a real > directory. Based on the timestamps on the "bands" in this > directory, it had to have been connected to a 10.5 system for quite > a spell, if I understand your comment (it can only be served from a > 10.5 system, and is used only to handle remote 10.5 clients). Is > that correct? Yes? and no. It's a wacky expansion of the sparse disk image. Instead of one monolithic file, the new leopard way is to create a directory of smallish files, that will mount as a single file-based disk image. In other words, they took the single file holding a sparse disk image and chopped it into pieces, keeping them all in a directory. The idea, I believe, that freeing empty space allows those band files to be deleted, so that a sparsebundle can not only grow, but shrink. > If so, I'm really confused, because this firewire drive was > physically attached to the Mac Pro (10.4) during the period that > these "bands" were created. I think I only once moved the drive to > the laptop (10.5), and then only briefly. So yeah, those bands were created when it was mounted through the network. You still have the mystery of how TM created that sparse bundle when hosted on a tiger server. It shouldn't happen (tm). well, unless you applied one of the various hacks floating about like flotsam and jetsam. > Again, thanks for your explanations. Is any of this documented? I > checked ADC, but nothing obvious popped out (overviews and API > discussions were all I saw). Heh. man hdiutil has a nice discussion of sparse images and bundles. Beyond that, I haven't a clue. From cwolf at mac.com Tue Mar 4 20:41:46 2008 From: cwolf at mac.com (Christopher Wolf) Date: Tue Mar 4 20:41:54 2008 Subject: Time Machine/HFS question In-Reply-To: <1FCF36C1-E2A1-49EF-8BCB-7CFC0A758B56@mac.com> References: <979F6315-226B-49A9-8885-4351CAE8980B@mac.com> <29BF70DC-4677-425C-BFF0-0F28180A3AB3@pacbell.net> <2F6A4F56-22CB-4188-B3AF-E79BF5FC6E05@mackler.net> <629B2B5B-6ECA-4A93-81B5-7B44D0BA2C1B@mac.com> <1FCF36C1-E2A1-49EF-8BCB-7CFC0A758B56@mac.com> Message-ID: On Mar 4, 2008, at 10:57 PM, Justin C. Walker wrote: > Thanks, Chris and David, > > On Mar 4, 2008, at 15:25 , Christopher Wolf wrote: > >> On Mar 4, 2008, at 5:41 PM, David Mackler wrote: >>> On Mar 4, 2008, at 1:59 PM, Justin C. Walker wrote: > [snip] >>>> Now, I mount the device, Time Machine remains 'off', and when I >>>> turn it on, I get a drop down window where, presumably, the >>>> available drives are given. This window is empty, and there's >>>> nothing in the logs to indicate what's happening (other than the >>>> mounting of the drive over AFP is logged). >>> >>> There is clearly an asymmetry with Time Machine. The ".backupdb" >>> is created for a locally attached drive, and the ".bundle" is >>> created for a network attached drive. >> >> The .backupd folder needs to live on a Leopard HFS+ filesystem with >> support for directory hard-links, extended attributes and ACLs. >> >> However, if a volume is accessed over the network (even if it is >> formatted HFS+) the client machines don't see it as an HFS+ volume >> but rather as an AFP volume (which does not support directory >> hardlinks or extended attributes). To get around this Time Machine >> creates a .sparsebundle disk image on the AFP volume containing a >> HFS+ filesystem. Time Machine creates its .backupd structure on the >> HFS+ filesystem contained within the mounted disk-image in that case. > > I think I'm still puzzled :-} > > From your first mail, Chris, it sounded like access to remote drives > is possible only when the server is 10.5. > In my setup, there are two 10.4 systems, including the main server > hosting the firewire drive, and one 10.5 system. Time Machine backups to remote drives are only supported when the server is running 10.5. If you are trying to back up to a 10.4 system that is not a configuration which is supported. The Time Machine preference pane should not allow you to backup to a AFP volume hosted by a 10.4 server. (And it sounds like that is what you are now seeing.) If somehow Time Machine got confused and was trying to back up to a 10.4 server (and it sounds like perhaps that is what was happening to you) then the results would be unpredictable. I could only speculate as to how Time Machine might get confused like that... perhaps a 10.5 server was replaced with a 10.4 server with the same hostname and sharing the same backup drive? Perhaps one of the various hacks circulating on the internet was used to bypass the checks which prevent backing up to a 10.4 server? Perhaps a drive which was originally configured for local (directly attached) backups was moved to a server and somehow Time Machine is still finding it and trying to use it? > The only way the ".backupdb" could have been set up is when the > firewire drive was mounted on the 10.4 system, correct? The .backupdb directory should have only been created when a computer was backing up to a directly attached firewire drive, not when the computer was backing up over a network. > I only physically attached this drive to the 10.5 system for a few > brief periods, one begin before 10/29 (when I was trying to get the > drive to work :-}), and once a couple of weeks ago (post 10.5.2 > upgrade). There wasn't enough "connect" time in the first case to > create the 6 "2007-10-29-*" directories (they were apparently > created over a period of about 5 hours, based on timestamps). Is > there a way to verify which system the drive was connected to when > these directories were created (memory being somewhat fallible :-})? Each of the 2007-10-29-* directories represent an hourly snapshot created by Time Machine. Those directories should be contained within another directory which is named with the name of the machine that was being backed up. If things were functioning as expected then those snapshots must have been created while the drive was attached to that machine. > As for the "sparsebundle", it is not a disk image, it's a real > directory. The fact that it's a directory does not preclude it from being a disk- image. It's actually a bundle. Disk images come in a variety of forms... the traditional ".dmg" images use a single non-expandable file. A sparsebundle is a different type of disk image which uses a bundle (directory) instead of a single file to store it's data. (The hdiutil man page elaborates a bit on the different types of disk images). > Based on the timestamps on the "bands" in this directory, it had to > have been connected to a 10.5 system for quite a spell, if I > understand your comment (it can only be served from a 10.5 system, > and is used only to handle remote 10.5 clients). Is that correct? > > If so, I'm really confused, because this firewire drive was > physically attached to the Mac Pro (10.4) during the period that > these "bands" were created. I think I only once moved the drive to > the laptop (10.5), and then only briefly. I'm saying that Time Machine *should* only allow you to configure backups to a 10.5 AFP server. If somehow you ended up backing up to a 10.4 server then the backups may have appeared to be working and the disk-image could have been updated while being served from the 10.4 server. However, I would not trust that backed up data. And it is not surprising that Time Machine is no longer working in that configuration and will not let you configure the 10.4 server as a backup destination anymore. > Again, thanks for your explanations. Is any of this documented? I > checked ADC, but nothing obvious popped out (overviews and API > discussions were all I saw). The feature page at Apple's site states: "Time Machine can also back up to another Mac running Leopard with Personal File Sharing, Leopard Server, or Xsan storage devices" And this kbase article states: "Time Machine can back up to another Mac running Leopard with Personal File Sharing, or to a Leopard Server volume, or an Xsan s storage device." - Chris > > > Justin > > -- > Justin C. Walker, Curmudgeon-At-Large > Institute for the Enhancement of the Director's Income > -------- > Experience is what you get > when you don't get what you want. > -------- > > > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin From justin at mac.com Tue Mar 4 21:06:33 2008 From: justin at mac.com (Justin C. Walker) Date: Tue Mar 4 21:06:49 2008 Subject: Time Machine/HFS question In-Reply-To: References: <979F6315-226B-49A9-8885-4351CAE8980B@mac.com> <29BF70DC-4677-425C-BFF0-0F28180A3AB3@pacbell.net> <2F6A4F56-22CB-4188-B3AF-E79BF5FC6E05@mackler.net> <629B2B5B-6ECA-4A93-81B5-7B44D0BA2C1B@mac.com> <1FCF36C1-E2A1-49EF-8BCB-7CFC0A758B56@mac.com> Message-ID: <5E75C351-B8F4-4BC4-9065-9C73037622E9@mac.com> On Mar 4, 2008, at 20:41 , Christopher Wolf wrote: > On Mar 4, 2008, at 10:57 PM, Justin C. Walker wrote: [snip] >> In my setup, there are two 10.4 systems, including the main server >> hosting the firewire drive, and one 10.5 system. > > Time Machine backups to remote drives are only supported when the > server is running 10.5. If you are trying to back up to a 10.4 > system that is not a configuration which is supported. The Time > Machine preference pane should not allow you to backup to a AFP > volume hosted by a 10.4 server. (And it sounds like that is what > you are now seeing.) Prior to 10.5.2, the TM pref panel was laid out differently (ISTR). When this occurred, I was able to select the remote device in the TM panel. The remote device was certainly hosted on the 10.4 system, because I typically had to mount it before backups would occur (being a laptop, it tended to wander :-}). > If somehow Time Machine got confused and was trying to back up to a > 10.4 server (and it sounds like perhaps that is what was happening > to you) then the results would be unpredictable. I could only > speculate as to how Time Machine might get confused like that... > perhaps a 10.5 server was replaced with a 10.4 server with the same > hostname and sharing the same backup drive? Perhaps one of the > various hacks circulating on the internet was used to bypass the > checks which prevent backing up to a 10.4 server? Perhaps a drive > which was originally configured for local (directly attached) > backups was moved to a server and somehow Time Machine is still > finding it and trying to use it? I can guarantee that - the laptop running 10.5 has run *only* 10.5 since this experiment started - the Mac Pro serving the firewire drive has *only* run 10.4. - I have added *no* hacks to the system (life's now too short to fool around with that, since I have real things to do with these systems :-}; I use `em as tools, and don't want to fuss with things going wrong, beyond the normal things that go wrong, like Time Machine going whacky on me :-}) What I can't guarantee is the number of times, and length of time, that the firewire drive was physically attached to the laptop. It was brief, and only a couple of times, but my memory is not what it used to be... These are all systems running in my home office, and I have complete control control control .... >> The only way the ".backupdb" could have been set up is when the >> firewire drive was mounted on the 10.4 system, correct? > > The .backupdb directory should have only been created when a > computer was backing up to a directly attached firewire drive, not > when the computer was backing up over a network. See above non-guarantee :-} In the absence of any substantive evidence, it appears that I had the device physically connected to the laptop for long enough that these 6 backups took place. >> I only physically attached this drive to the 10.5 system for a few >> brief periods, one begin before 10/29 (when I was trying to get >> the drive to work :-}), and once a couple of weeks ago (post >> 10.5.2 upgrade). There wasn't enough "connect" time in the first >> case to create the 6 "2007-10-29-*" directories (they were >> apparently created over a period of about 5 hours, based on >> timestamps). Is there a way to verify which system the drive was >> connected to when these directories were created (memory being >> somewhat fallible :-})? > > Each of the 2007-10-29-* directories represent an hourly snapshot > created by Time Machine. Those directories should be contained > within another directory which is named with the name of the > machine that was being backed up. If things were functioning as > expected then those snapshots must have been created while the > drive was attached to that machine. They are within a directory named for the system itself. >> As for the "sparsebundle", it is not a disk image, it's a real >> directory. > > The fact that it's a directory does not preclude it from being a > disk-image. It's actually a bundle. Disk images come in a variety > of forms... the traditional ".dmg" images use a single non- > expandable file. A sparsebundle is a different type of disk image > which uses a bundle (directory) instead of a single file to store > it's data. (The hdiutil man page elaborates a bit on the different > types of disk images). I get that now, thanks to your and David's explanations. I haven't fiddled around with disks much, so I didn't notice this about "images". > I'm saying that Time Machine *should* only allow you to configure > backups to a 10.5 AFP server. If somehow you ended up backing up to > a 10.4 server then the backups may have appeared to be working and > the disk-image could have been updated while being served from the > 10.4 server. However, I would not trust that backed up data. And it > is not surprising that Time Machine is no longer working in that > configuration and will not let you configure the 10.4 server as a > backup destination anymore. The more I look at this, the more it looks like a problem that was "fixed" in 10.5.2. The presence of the image, the number and dates on the bands, and the fact that there is *only* one 10.5 system in the mix, means that they were created while the device was physically on the 10.4 system, and remotely mounted from the 10.5 system. >> Again, thanks for your explanations. Is any of this documented? >> I checked ADC, but nothing obvious popped out (overviews and API >> discussions were all I saw). > > The feature page at Apple's site features/timemachine.html> states: > "Time Machine can also back up to another Mac running Leopard with > Personal File Sharing, Leopard Server, or Xsan storage devices" I saw this (belatedly); I was really interested in more, um, detailed details :-} Thanks again for your detailed explanations. I guess it's time to walk up to the edge and push my Mac Pro into the 10.5 quarry... Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large, Director Institute for the Enhancement of the Director's Income -------- The path of least resistance: it's not just for electricity any more. -------- From cwolf at mac.com Tue Mar 4 21:32:51 2008 From: cwolf at mac.com (Christopher Wolf) Date: Tue Mar 4 21:32:57 2008 Subject: Time Machine/HFS question In-Reply-To: <5E75C351-B8F4-4BC4-9065-9C73037622E9@mac.com> References: <979F6315-226B-49A9-8885-4351CAE8980B@mac.com> <29BF70DC-4677-425C-BFF0-0F28180A3AB3@pacbell.net> <2F6A4F56-22CB-4188-B3AF-E79BF5FC6E05@mackler.net> <629B2B5B-6ECA-4A93-81B5-7B44D0BA2C1B@mac.com> <1FCF36C1-E2A1-49EF-8BCB-7CFC0A758B56@mac.com> <5E75C351-B8F4-4BC4-9065-9C73037622E9@mac.com> Message-ID: On Mar 5, 2008, at 12:06 AM, Justin C. Walker wrote: > On Mar 4, 2008, at 20:41 , Christopher Wolf wrote: >> On Mar 4, 2008, at 10:57 PM, Justin C. Walker wrote: > Prior to 10.5.2, the TM pref panel was laid out differently (ISTR). The only change to the preference pane layout that I can think of since 10.5 GM was the addition of a check-box in 10.5.2 to control whether the menu extra was visible. The first time you visit the Time Machine preference pane (before Time Machine has ever been configured) it does have a different appearance (where the only option is Choose a Disk...) - perhaps that is what you are remembering. Or perhaps you are remembering one of the various pre-release screen-shots on Apple's site (and leaked elsewhere) which showed the preference pane in various states of pre-release evolution. > When this occurred, I was able to select the remote device in the TM > panel. I believe you, but this is not something which you should have been able to do and it is puzzling as to why you were previously able to do so. > I can guarantee that > - the laptop running 10.5 has run *only* 10.5 > since this experiment started > - the Mac Pro serving the firewire drive has > *only* run 10.4. > - I have added *no* hacks to the system (life's > now too short to fool around with that, since > I have real things to do with these systems :-}; > I use `em as tools, and don't want to fuss with > things going wrong, beyond the normal things that > go wrong, like Time Machine going whacky on me :-}) > > What I can't guarantee is the number of times, and length of time, > that the firewire drive was physically attached to the laptop. It > was brief, and only a couple of times, but my memory is not what it > used to be... Good to know that no hacks were involved. My only remaining hypothesis is that you may have previously been allowed to select the 10.4 network drive because it had at one point been attached to the 10.5 system and this confused Time Machine once the drive was mounted from the 10.4 system. >> I'm saying that Time Machine *should* only allow you to configure >> backups to a 10.5 AFP server. If somehow you ended up backing up to >> a 10.4 server then the backups may have appeared to be working and >> the disk-image could have been updated while being served from the >> 10.4 server. However, I would not trust that backed up data. And it >> is not surprising that Time Machine is no longer working in that >> configuration and will not let you configure the 10.4 server as a >> backup destination anymore. > > The more I look at this, the more it looks like a problem that was > "fixed" in 10.5.2. I concur. > I saw this (belatedly); I was really interested in more, um, > detailed details :-} The technical details, to the best of my knowledge, have not been disclosed. > Thanks again for your detailed explanations. I guess it's time to > walk up to the edge and push my Mac Pro into the 10.5 quarry... Yes, currently, if you want to do network backups (without using any questionable hacks) you will need to upgrade the Mac Pro to 10.5 (or invest in a Time Capsule.) Good luck, Chris From kef_list at ibacom.es Wed Mar 5 07:25:35 2008 From: kef_list at ibacom.es (kef_list) Date: Wed Mar 5 07:25:45 2008 Subject: AFP Leopard Server problems changing permission with get info Message-ID: <1F821AC6-86D0-4174-A747-EC36E70823BE@ibacom.es> Hi guys, I have a very strange problem with Mac OS X 10.5.2 clients on server 10.5.2. 1) client does a "get info" on a server folder: user: auser - Read & Write group: agroup - Read Only everyone: No Access 2) Client tries to change the permission of the group to "Read & Write" 3) WEIRDNESS: As the client changes the perms, the OWNER gets changed to "theadmin" (main admin, user id 500), and the group to "com.apple.monitor_all_services" !!!!!!!! What the $/&/"?&% is going on? How can changing the perms change the owner and group? From the Terminal "ls -la" show the correct permissions! ACLs: Yes, I am using ACLs, but the same happens with a "normal" user (no ACLs affect him) as well as the ACLed user that has an "all permissions" override ACL on a parent folder. Happens from all 10.5 client computers. Server restarted, clients restarted. Ran Disk Utility: no problems found. If anyone has any idea of what is going on I would greatly appreciate it! Thanks, Charles From lists at colorremedies.com Wed Mar 5 08:00:17 2008 From: lists at colorremedies.com (Chris Murphy) Date: Wed Mar 5 08:09:34 2008 Subject: File sharing 10.5->10.4 doesn't work Message-ID: Two laptops: Powerbook 10.4.11, Mac Book Pro 10.5.2 I can successfully using file sharing from the 10.4 machine as client to 10.5 machine as server. But not the other way around. From the 10.5 machine, I can enter a password which is accepted and connect. As soon as I navigate a volume or folder, on the 10.5 machine I get: The file server"colorpower" connection has unexpectedly closed down. The instant I click on a folder or volume, console on the 10.4 machine reports applefileserver has crashed, followed by the message on the 10.5 machine that the connection has unexpectedly closed down. This problem occurs whether over airport, ethernet, or firewire (direct connection). Suggestions? Chris Murphy From jearle at gmail.com Wed Mar 5 08:14:55 2008 From: jearle at gmail.com (Jared Earle) Date: Wed Mar 5 08:15:26 2008 Subject: Time Machine/HFS question In-Reply-To: References: <979F6315-226B-49A9-8885-4351CAE8980B@mac.com> <29BF70DC-4677-425C-BFF0-0F28180A3AB3@pacbell.net> <2F6A4F56-22CB-4188-B3AF-E79BF5FC6E05@mackler.net> <629B2B5B-6ECA-4A93-81B5-7B44D0BA2C1B@mac.com> <1FCF36C1-E2A1-49EF-8BCB-7CFC0A758B56@mac.com> <5E75C351-B8F4-4BC4-9065-9C73037622E9@mac.com> Message-ID: <5bbc0cd60803050814i5e3d6449qcc62a648d3d4235f@mail.gmail.com> I found that updating to 10.5.2 broke my backups to an AFP volume by slowing the connection down to unusable levels. This wasn't just for Backups but for copies over wifi too. I fixed it with this little hack: sudo sysctl -w net.inet.tcp.delayed_ack=0 -- Jared Earle :: There is no SPORK jearle@gmail.com :: http://www.23x.net The Spodcast :: http://spodcast.org From justin at mac.com Wed Mar 5 09:37:00 2008 From: justin at mac.com (Justin C. Walker) Date: Wed Mar 5 09:37:34 2008 Subject: File sharing 10.5->10.4 doesn't work In-Reply-To: References: Message-ID: On Mar 5, 2008, at 08:00 , Chris Murphy wrote: > Two laptops: Powerbook 10.4.11, Mac Book Pro 10.5.2 > > I can successfully using file sharing from the 10.4 machine as > client to 10.5 machine as server. But not the other way around. > > From the 10.5 machine, I can enter a password which is accepted and > connect. As soon as I navigate a volume or folder, on the 10.5 > machine I get: The file server"colorpower" connection has > unexpectedly closed down. > > The instant I click on a folder or volume, console on the 10.4 > machine reports applefileserver has crashed, followed by the > message on the 10.5 machine that the connection has unexpectedly > closed down. This problem occurs whether over airport, ethernet, or > firewire (direct connection). In the absence of anything more helpful, maybe get a network trace of the conversations between client and server. Something like tcpdump -p -iDEV (where DEV is the ethernet device through which the communication occurs, like 'en0') (and run as root, of course :-} At least this will tell you who's doing what to whom at a low level. Justin -- Justin C. Walker, Curmudgeon-At-Large Institute for the Enhancement of the Director's Income -------- Experience is what you get when you don't get what you want. -------- From justin at mac.com Wed Mar 5 09:53:36 2008 From: justin at mac.com (Justin C. Walker) Date: Wed Mar 5 09:54:01 2008 Subject: Time Machine/HFS question In-Reply-To: <5bbc0cd60803050814i5e3d6449qcc62a648d3d4235f@mail.gmail.com> References: <979F6315-226B-49A9-8885-4351CAE8980B@mac.com> <29BF70DC-4677-425C-BFF0-0F28180A3AB3@pacbell.net> <2F6A4F56-22CB-4188-B3AF-E79BF5FC6E05@mackler.net> <629B2B5B-6ECA-4A93-81B5-7B44D0BA2C1B@mac.com> <1FCF36C1-E2A1-49EF-8BCB-7CFC0A758B56@mac.com> <5E75C351-B8F4-4BC4-9065-9C73037622E9@mac.com> <5bbc0cd60803050814i5e3d6449qcc62a648d3d4235f@mail.gmail.com> Message-ID: Hi, Jared, On Mar 5, 2008, at 08:14 , Jared Earle wrote: > I found that updating to 10.5.2 broke my backups to an AFP volume by > slowing the connection down to unusable levels. This wasn't just for > Backups but for copies over wifi too. > > I fixed it with this little hack: > sudo sysctl -w net.inet.tcp.delayed_ack=0 There were changes to the kernel code between 10.5.1 and 10.5.2, and there are some changes that might affect this. I'd file a bug. In my case, of course, there's no connection to slow down :-} Justin -- Justin C. Walker, Curmudgeon-At-Large Director Institute for the Enhancement of the Director's Income -------- "Weaseling out of things is what separates us from the animals. Well, except the weasel." - Homer J Simpson -------- From airdrummer at wheel.org Wed Mar 5 17:18:44 2008 From: airdrummer at wheel.org (tom wible) Date: Wed Mar 5 18:18:55 2008 Subject: sys_prof/firewire question In-Reply-To: <30C2ABEB-69ED-452F-99ED-7365BCCA9530@tele2.ch> References: <680861F0-D6F9-4138-8861-D693FDC10914@tele2.ch> <0B102139-34D9-497D-8903-86D615FC9CCC@tele2.ch> <27E97B78-CA0E-47AA-874A-39B1A41F70A5@fusl.ac.be> <66DC1199-3E96-4B86-ADD7-B0629B362050@tele2.ch> <4A546BCA-31F0-4DD9-A248-DC22DE0DD983@gmail.com> <5710D777-C2FC-49DE-89BA-BC4A0E9B8B70@tele2.ch> <17c8e29e0802270735n3ff3a8aar8b237d6ec19796ce@mail.gmail.com> <9F8AA252-D26F-4E63-B75A-4C9C9AB3254C@tele2.ch> <7E3D3BEB-EB2A-4331-A08B-27105A118E8A@gmail.com> <47C6738E.1030700@wanadoo.fr> <491F9255-714F-45F9-996E-1082070E245F@tele2.ch> <42ECA8EF-723A-4204-9A2C-C04AE9C355B3@fusl.ac.be> <9A3216B2-14AB-4C00-A2E4-4F1AFFE913EE@tele2.ch> <3C951116-7C57-4925-826E-64B1E964A3DC@fusl.ac.be> <07ADC314-C831-4B02-96CA-387FFDDAD910@tele2.ch> <30C2ABEB-69ED-452F-99ED-7365BCCA9530@tele2.ch> Message-ID: <47CF4674.9050100@wheel.org> i have an HD tuner connected to my mini duo on firewire, and using system_profiler SPFireWireDataType | grep "SAMSUNG ELEC" | wc -l i can determine if it's turned on... however, if it's turned off, there is some period (overnite works, but that's too long;-) during which s.p. apparently caches the device data... is there anyway of flushing that cache? From johnmusbach1 at gmail.com Wed Mar 5 18:21:19 2008 From: johnmusbach1 at gmail.com (John Musbach) Date: Wed Mar 5 18:21:21 2008 Subject: sys_prof/firewire question In-Reply-To: <47CF4674.9050100@wheel.org> References: <680861F0-D6F9-4138-8861-D693FDC10914@tele2.ch> <47C6738E.1030700@wanadoo.fr> <491F9255-714F-45F9-996E-1082070E245F@tele2.ch> <42ECA8EF-723A-4204-9A2C-C04AE9C355B3@fusl.ac.be> <9A3216B2-14AB-4C00-A2E4-4F1AFFE913EE@tele2.ch> <3C951116-7C57-4925-826E-64B1E964A3DC@fusl.ac.be> <07ADC314-C831-4B02-96CA-387FFDDAD910@tele2.ch> <30C2ABEB-69ED-452F-99ED-7365BCCA9530@tele2.ch> <47CF4674.9050100@wheel.org> Message-ID: <17c8e29e0803051821t6f07e765vfc9218c6b2b35ad5@mail.gmail.com> On Wed, Mar 5, 2008 at 5:18 PM, tom wible wrote: > i have an HD tuner connected to my mini duo on firewire, and using > > system_profiler SPFireWireDataType | grep "SAMSUNG ELEC" | wc -l > > i can determine if it's turned on... > > however, if it's turned off, there is some period (overnite works, but that's > too long;-) during which s.p. apparently caches the device data... > > is there anyway of flushing that cache? Unfortunately the only options are: Usage: system_profiler [-listDataTypes] system_profiler [-xml] [-detailLevel n] system_profiler [-xml] [dataType1 ... dataTypeN] -detailLevel n specifies the level of detail for the report mini = short report (contains no identifying or personal information) basic = basic hardware and network information full = all available information -listDataTypes lists all the available datatypes -xml generates xml output instead of plain text if redirected to a file with the extension ".spx" the file can be opened in System Profiler.app Examples: system_profiler Generates a text report with the standard detail level. system_profiler -detailLevel mini Generates a short report without identifying/personal information. system_profiler -listDataTypes Shows a list of the available data types. system_profiler SPSoftwareDataType SPNetworkDataType Generates a text report containing only software and network data. system_profiler -xml >MySystem.spx Creates a XML file which can be opened by System Profiler.app -- Best Regards, John Musbach From johnmusbach1 at gmail.com Wed Mar 5 19:42:58 2008 From: johnmusbach1 at gmail.com (John Musbach) Date: Wed Mar 5 19:43:01 2008 Subject: AFP Leopard Server problems changing permission with get info In-Reply-To: <1F821AC6-86D0-4174-A747-EC36E70823BE@ibacom.es> References: <1F821AC6-86D0-4174-A747-EC36E70823BE@ibacom.es> Message-ID: <17c8e29e0803051942k27d1bd23h48a1d75c15291b9c@mail.gmail.com> On Wed, Mar 5, 2008 at 7:25 AM, kef_list wrote: > What the $/&/"?&% is going on? How can changing the perms change the > owner and group? > > From the Terminal "ls -la" show the correct permissions! > > > > > ACLs: Yes, I am using ACLs, but the same happens with a "normal" user > (no ACLs affect him) as well as the ACLed user that has an "all > permissions" override ACL on a parent folder. > > Happens from all 10.5 client computers. Server restarted, clients > restarted. Ran Disk Utility: no problems found. > > > If anyone has any idea of what is going on I would greatly appreciate > it! Hello, it looks like this thread describes the same problem you are describing and has some possible solutions: http://discussions.apple.com/thread.jspa?messageID=6757284 -- Best Regards, John Musbach From johnmusbach1 at gmail.com Wed Mar 5 20:09:04 2008 From: johnmusbach1 at gmail.com (John Musbach) Date: Wed Mar 5 20:09:08 2008 Subject: See all my reviews In-Reply-To: <20080304073759.E05E71C9530@web3.365.yelpcorp.com> References: <20080304073759.E05E71C9530@web3.365.yelpcorp.com> Message-ID: <17c8e29e0803052009h1f97cb80mf4c6ff8295c76c1b@mail.gmail.com> On Mon, Mar 3, 2008 at 11:37 PM, Kenneth R. wrote: > Hi Mac, > > How's it going? Have you heard about Yelp yet? I am addicted to it! It was going fine until you had the nerve to use this list as your personal spam relay ...and how nice, this comes from a member of the hawaii education staff, that's appalling.... -- Best Regards, John Musbach From mgf at mgfconsulting.net Wed Mar 5 21:15:52 2008 From: mgf at mgfconsulting.net (Mike Friedman) Date: Wed Mar 5 21:15:58 2008 Subject: AD as contact list Message-ID: <3A859506-A789-4EB6-8E9B-D7EB0E669DDB@mgfconsulting.net> I'm trying to set up a couple of Leopard clients to do lookups on an Active Directory for shared contacts. I've followed the instructions I can find to set this up (it really should be pretty simple), but I'm finding that Mail isn't finding the clients (the problem also comes up in Address Book if you try to do searches on the LDAP/AD server). I'm a bit stumped. Unfortunately, there doesn't seem to be any indication of something failing, it just never happens for addresses that I know are in the AD. Any advice well appreciated. Thanks. ======================= Mike Friedman MGF Consulting Computers without Attitude http://www.mgfconsulting.net 415-648-6560 (office) 415-823-9990 (mobile) Yahoo Messenger/AIM: sfmike64 From rhicks41 at tampabay.rr.com Wed Mar 5 22:51:45 2008 From: rhicks41 at tampabay.rr.com (Randal Hicks) Date: Wed Mar 5 22:52:02 2008 Subject: Problem with Google URLs not loading? In-Reply-To: <850FFC52-1250-465C-8E80-E4C2F85B098A@mac.com> References: <063A9A3E-E43B-4F56-A4D3-FE1436E81F7B@mac.com> <850FFC52-1250-465C-8E80-E4C2F85B098A@mac.com> Message-ID: > > On the Mac that connects the wireless LAN to the rest of the LAN > and Internet: > >> 00010 0 0 divert 8668 ip from any to any via en0 >> 01000 0 0 allow ip from any to any via lo0 >> 01010 0 0 deny ip from any to 127.0.0.0/8 >> 01020 0 0 deny ip from 224.0.0.0/4 to any in >> 01030 0 0 deny tcp from any to 224.0.0.0/4 in >> 12300 0 0 allow tcp from any to any established >> 12301 0 0 allow tcp from any to any out >> 12302 0 0 allow tcp from any to any dst-port 22 >> 12302 0 0 allow udp from any to any dst-port 22 >> 12303 0 0 allow udp from any to any out keep-state >> 12304 0 0 allow tcp from any to any dst-port 53 out keep-state >> 12304 0 0 allow udp from any to any dst-port 53 out keep-state >> 12305 0 0 allow udp from any to any in frag >> 12306 0 0 allow tcp from any to any dst-port 311 >> 12307 0 0 allow tcp from any to any dst-port 625 >> 12308 0 0 allow udp from any to any dst-port 626 >> 12309 0 0 allow icmp from any to any icmptypes 8 >> 12310 0 0 allow icmp from any to any icmptypes 0 >> 12311 0 0 allow igmp from any to any >> 65534 0 0 deny ip from any to any >> 65535 0 0 allow ip from any to any > > Nothing looks specific enough for the Google problem. Not sure > what the 224.0.0.0 is about but the rest looks pretty generic. > > And although our ADSL modem/router (Draytek 2600 Plus) does have > content filtering, and a firewall, nothing is on in the content > filtering and the firewall is normal(?). > > As mentioned, we also have no problems on the wired part of the LAN. > > Still bamboozled. > > Cheers, > Ashley. > Hi Ashley, Still bamboozled? Your ipfw table shows all zeroed counters so it looks like you aren't even using ipfw. 224.0.0.0 entries deal with multicast -- Reasons for the deny is to prevent Denial Of Service attacks. http://tools.ietf.org/html/draft-iana-special-ipv4-05 224.0.0.0/4 - This block, formerly known as the Class D address space, is allocated for use in IPv4 multicast address assignments. The IANA guidelines for assignments from this space are described in [RFC3171]. Regards, Randal From lists at colorremedies.com Wed Mar 5 23:11:52 2008 From: lists at colorremedies.com (Chris Murphy) Date: Wed Mar 5 23:11:56 2008 Subject: File sharing 10.5->10.4 doesn't work In-Reply-To: References: Message-ID: > In the absence of anything more helpful, maybe get a network trace > of the conversations between client and server. > > Something like > tcpdump -p -iDEV > (where DEV is the ethernet device through which the communication > occurs, like 'en0') (and run as root, of course :-} > > At least this will tell you who's doing what to whom at a low level. There's a bit of text that results from this so I'm putting up links instead of pasting, not sure what the limit is here. http://www.colorremedies.com/downloads/terminal_output.txt http://www.colorremedies.com/downloads/crash.log The crash.log indicates the crash occurs at 01:46:16. In that second, there's a ton of stuff going on (a lot of it repetitive but slightly different), but seems to occur near the end once there's what appears to be IPv6 related negotiation going on. So I went over to the 10.4.11 machine and turn IPv6 off and tried again. Same thing happens. The dump just doesn't have the IPv6 references. Chris Murphy From kef_list at ibacom.es Thu Mar 6 00:10:11 2008 From: kef_list at ibacom.es (kef_list) Date: Thu Mar 6 00:10:18 2008 Subject: AFP Leopard Server problems changing permission with get info In-Reply-To: <17c8e29e0803051942k27d1bd23h48a1d75c15291b9c@mail.gmail.com> References: <1F821AC6-86D0-4174-A747-EC36E70823BE@ibacom.es> <17c8e29e0803051942k27d1bd23h48a1d75c15291b9c@mail.gmail.com> Message-ID: John, Thanks for your reply. I actually started that thread on Apple's forum. Unfortunately no solutions have been posted (there is one suggestion, but it is for a different problem). Thanks anyways, Charles On Mar 6, 2008, at 04:42 , John Musbach wrote: > On Wed, Mar 5, 2008 at 7:25 AM, kef_list wrote: >> What the $/&/"?&% is going on? How can changing the perms change the >> owner and group? >> >> From the Terminal "ls -la" show the correct permissions! >> >> >> >> >> ACLs: Yes, I am using ACLs, but the same happens with a "normal" user >> (no ACLs affect him) as well as the ACLed user that has an "all >> permissions" override ACL on a parent folder. >> >> Happens from all 10.5 client computers. Server restarted, clients >> restarted. Ran Disk Utility: no problems found. >> >> >> If anyone has any idea of what is going on I would greatly appreciate >> it! > > Hello, it looks like this thread describes the same problem you are > describing and has some possible solutions: > http://discussions.apple.com/thread.jspa?messageID=6757284 > > > > -- > Best Regards, > > John Musbach ____________________________________________________ Institut Balear de Comunicacions, S.L. Gremio Tejedores 22, 1 07009 Palma de Mallorca, Spain Tel: +34 971.45.90.99 | Mobile: +34 607.87.12.77 Fax: +34 971.43.08.18 | E-mail: ckefauver@ibacom.es URL: http://www.ibacom.es/ ____________________________________________________ From luttgens at fusl.ac.be Thu Mar 6 01:13:20 2008 From: luttgens at fusl.ac.be (Axel Luttgens) Date: Thu Mar 6 01:13:27 2008 Subject: File sharing 10.5->10.4 doesn't work In-Reply-To: References: Message-ID: <9FC8D764-0630-4395-BE4C-424B03C32E53@fusl.ac.be> Le 6 mars 08 ? 08:11, Chris Murphy a ?crit : > [...] > > There's a bit of text that results from this so I'm putting up links > instead of pasting, not sure what the limit is here. > > http://www.colorremedies.com/downloads/terminal_output.txt > > http://www.colorremedies.com/downloads/crash.log > > The crash.log indicates the crash occurs at 01:46:16. In that > second, there's a ton of stuff going on (a lot of it repetitive but > slightly different), but seems to occur near the end once there's > what appears to be IPv6 related negotiation going on. So I went over > to the 10.4.11 machine and turn IPv6 off and tried again. Same thing > happens. The dump just doesn't have the IPv6 references. Hello Chris, From the crash log: [...] Thread: 4 [...] Thread 4 Crashed: 0 com.apple.ByteRangeLocking 0x9680c5a0 DBMutex::Grab() + 36 1 com.apple.ByteRangeLocking 0x968094c8 NLMDB::FindFileRecord(NLMDBID const&, unsigned*) + 56 2 com.apple.ByteRangeLocking 0x96809600 NLMDB::FindElseCreateFileRecord(NLMDBID const&, unsigned*) + 52 3 com.apple.ByteRangeLocking 0x9680730c BRLMCarbonOpen + 396 [...] Really a quick/rough guess, but perhaps do you have some problems with file /var/db/BRLM.db on the 10.4.11 box. Could you try, on the latter, to stop file sharing (AFP as well as SMB), delete the BRLM.db file, then restart file sharing? HTH, Axel From airdrummer at wheel.org Thu Mar 6 02:00:57 2008 From: airdrummer at wheel.org (tom wible) Date: Thu Mar 6 03:02:14 2008 Subject: sys_prof/firewire question In-Reply-To: <17c8e29e0803051821t6f07e765vfc9218c6b2b35ad5@mail.gmail.com> References: <680861F0-D6F9-4138-8861-D693FDC10914@tele2.ch> <47C6738E.1030700@wanadoo.fr> <491F9255-714F-45F9-996E-1082070E245F@tele2.ch> <42ECA8EF-723A-4204-9A2C-C04AE9C355B3@fusl.ac.be> <9A3216B2-14AB-4C00-A2E4-4F1AFFE913EE@tele2.ch> <3C951116-7C57-4925-826E-64B1E964A3DC@fusl.ac.be> <07ADC314-C831-4B02-96CA-387FFDDAD910@tele2.ch> <30C2ABEB-69ED-452F-99ED-7365BCCA9530@tele2.ch> <47CF4674.9050100@wheel.org> <17c8e29e0803051821t6f07e765vfc9218c6b2b35ad5@mail.gmail.com> Message-ID: <47CFC0D9.9030707@wheel.org> >> too long;-) during which s.p. apparently caches the device data... i should have said "the device data is cached" perhaps by the f/w subsystem that s.p. gets its info from... From mrhatken at mac.com Thu Mar 6 04:59:55 2008 From: mrhatken at mac.com (Ashley Aitken) Date: Thu Mar 6 05:00:07 2008 Subject: Problem with Google URLs not loading? In-Reply-To: References: <063A9A3E-E43B-4F56-A4D3-FE1436E81F7B@mac.com> <850FFC52-1250-465C-8E80-E4C2F85B098A@mac.com> Message-ID: <445DA599-52A1-412A-A7E1-95E18E70991E@mac.com> On 06/03/2008, at 3:51 PM, Randal Hicks wrote: > Still bamboozled? Yes, particularly since it is only the wireless subnet (not the wired subnet). I was planning on doing a network restructuring, so I think I will just try that and hope it fixes things (magically). > Your ipfw table shows all zeroed counters so it looks like you > aren't even using ipfw. You are right (as I mentioned I think) I am not using the firewall on the Mac OS X Server machine since these subnets are behind the ADSL modem/router firewall. > 224.0.0.0 entries deal with multicast -- Reasons for the deny is to > prevent Denial Of Service attacks. Thanks for that information. BTW, a dig www.google on the wired subnet (using local DNS) yields: > > ; <<>> DiG 9.4.1-P1 <<>> www.google.com > ;; global options: printcmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10744 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 4 > > ;; QUESTION SECTION: > ;www.google.com. IN A > > ;; ANSWER SECTION: > www.google.com. 509707 IN CNAME www.l.google.com. > www.l.google.com. 247 IN A 74.125.19.103 > www.l.google.com. 247 IN A 74.125.19.147 > www.l.google.com. 247 IN A 74.125.19.104 > www.l.google.com. 247 IN A 74.125.19.99 > > ;; AUTHORITY SECTION: > google.com. 56849 IN NS ns2.google.com. > google.com. 56849 IN NS ns3.google.com. > google.com. 56849 IN NS ns4.google.com. > google.com. 56849 IN NS ns1.google.com. > > ;; ADDITIONAL SECTION: > ns1.google.com. 161841 IN A 216.239.32.10 > ns2.google.com. 333615 IN A 216.239.34.10 > ns3.google.com. 333767 IN A 216.239.36.10 > ns4.google.com. 160966 IN A 216.239.38.10 > > ;; Query time: 42 msec > ;; SERVER: 192.168.1.2#53(192.168.1.2) > ;; WHEN: Thu Mar 6 21:51:07 2008 > ;; MSG SIZE rcvd: 252 > whereas on the same machine (ethernet plug removed, wireless on, not using local DNS) yields: > ; <<>> DiG 9.4.1-P1 <<>> www.google.com > ;; global options: printcmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65350 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;www.google.com. IN A > > ;; ANSWER SECTION: > www.google.com. 602458 IN CNAME www.l.google.com. > www.l.google.com. 267 IN A 74.125.19.103 > www.l.google.com. 267 IN A 74.125.19.99 > www.l.google.com. 267 IN A 74.125.19.147 > www.l.google.com. 267 IN A 74.125.19.104 > > ;; Query time: 31 msec > ;; SERVER: 203.161.127.1#53(203.161.127.1) > ;; WHEN: Thu Mar 6 21:52:35 2008 > ;; MSG SIZE rcvd: 116 > > The resultant IP address is the same. Cheers, Ashley. From treaves at silverfieldstech.com Thu Mar 6 05:42:14 2008 From: treaves at silverfieldstech.com (Timothy Reaves) Date: Thu Mar 6 05:48:16 2008 Subject: Import GoDaddy UCC Cert? Message-ID: Hello all. I just purchased a GoDaddy UCC cert )five domain). I am trring to get it installed, but am not having any luck. On the server, in the Keychain.app, I've imported both their cert an my cert, and they show up fine, valid, all that. Now I want to get the ServerAdmin cert. It does not seem to red from Keychain, but it does write to it. In Server Admin, my cert does nto show up. Fine, I follow the instructions from GoDaddy. I add a cert with the same CN as my cert. I then go to the 'Add Singed or Renewed...' in the Certificates page. I paste in the data. No error is logged. But the cert still shows as a self-signed cert, both in Server Admin and in Keychain. So the one I just added is in Keychain, next to the one I had imported. This is very confusing, and frustrating. I've reboot, repeated the process, all to no avail. In Server Admin I've tried the Import Cert (which would seem the logical choice). I selected my cert in box one, the .key file I created when generating the csr for GoDaddy in box two, the GoDaddy intermediate cert in box three, and the passphrase for the .key in box four, but the import fails. Has anyone been able to get this to work? I'd greatly appreciate some help. From treaves at silverfieldstech.com Thu Mar 6 06:22:37 2008 From: treaves at silverfieldstech.com (Timothy Reaves) Date: Thu Mar 6 06:22:46 2008 Subject: Import GoDaddy UCC Cert? In-Reply-To: References: Message-ID: <7323F05D-4746-4EF0-82FA-6EBEC74B174F@silverfieldstech.com> On Mar 6, 2008, at 8:42 AM, Timothy Reaves wrote: > Hello all. I just purchased a GoDaddy UCC cert )five domain). I > am trring to get it installed, but am not having any luck. On the > server, in the Keychain.app, I've imported both their cert an my > cert, and they show up fine, valid, all that. Now I want to get the > ServerAdmin cert. It does not seem to red from Keychain, but it > does write to it. > > In Server Admin, my cert does nto show up. Fine, I follow the > instructions from GoDaddy. I add a cert with the same CN as my > cert. I then go to the 'Add Singed or Renewed...' in the > Certificates page. I paste in the data. No error is logged. But > the cert still shows as a self-signed cert, both in Server Admin and > in Keychain. So the one I just added is in Keychain, next to the > one I had imported. This is very confusing, and frustrating. > > I've reboot, repeated the process, all to no avail. In Server > Admin I've tried the Import Cert (which would seem the logical > choice). I selected my cert in box one, the .key file I created when > generating the csr for GoDaddy in box two, the GoDaddy intermediate > cert in box three, and the passphrase for the .key in box four, but > the import fails. > > Has anyone been able to get this to work? I'd greatly appreciate > some help. In playing with this a little more, I have found that if I delete the cert from Keychain tool (where I had imported also in an attempt to get it to work), then go to Server Admin, select to 'Add Singed or Renewed...' and save, I do not get an error logged. The cert then does show back up in Keychain tool, so it is imported (and shows valid). However, it disappears completely from Server Admin! Under the cert page, it just simply is no longer listed. So all the apps that use a cert go to showing 'custom config', and my new cert is not shown in the selection popup. This is so frustrating. From lists at colorremedies.com Thu Mar 6 06:53:07 2008 From: lists at colorremedies.com (Chris Murphy) Date: Thu Mar 6 06:53:11 2008 Subject: what file are console messages in? Message-ID: silly question, but searches aren't yielding any answers. On 10.5 I can't find a console.log. I've found reference to console messages now being extracted from system.log. However I have a recently rotated system.log with few entries, and have pitched the others in an attempt to figure out where the console messages are originating. I have a bunch of webkit javascript messages going back several days in the Console Messages window that do not exist in the current system.log. So where are these console messages coming from? console.log existed for each user and would be rotated with each system reboot on 10.4.x, and that appears to be different on 10.5. Thanks, Chris Murphy From lists at colorremedies.com Thu Mar 6 07:00:08 2008 From: lists at colorremedies.com (Chris Murphy) Date: Thu Mar 6 07:00:12 2008 Subject: File sharing 10.5->10.4 doesn't work In-Reply-To: <9FC8D764-0630-4395-BE4C-424B03C32E53@fusl.ac.be> References: <9FC8D764-0630-4395-BE4C-424B03C32E53@fusl.ac.be> Message-ID: <0716D517-D2D0-43A4-B747-388D5C404FBF@colorremedies.com> On Mar 6, 2008, at 4:13 AM, Axel Luttgens wrote: > > From the crash log: > > [...] > Thread: 4 > [...] > Thread 4 Crashed: 0 com.apple.ByteRangeLocking 0x9680c5a0 > DBMutex::Grab() + 36 1 > com.apple.ByteRangeLocking 0x968094c8 NLMDB::FindFileRecord(NLMDBID > const&, unsigned*) + 56 2 > com.apple.ByteRangeLocking 0x96809600 > NLMDB::FindElseCreateFileRecord(NLMDBID const&, unsigned*) + 52 3 > com.apple.ByteRangeLocking 0x9680730c BRLMCarbonOpen + 396 > [...] > > Really a quick/rough guess, but perhaps do you have some problems > with file /var/db/BRLM.db on the 10.4.11 box. > Could you try, on the latter, to stop file sharing (AFP as well as > SMB), delete the BRLM.db file, then restart file sharing? Windows file sharing not on, but I did remove the file and then restarted. The brlm.db file has not been recreated after startup. Turned on file sharing and tried again, still get a crash with the same lines although now it's for thread 5. The file is still not present in /var/db. Chris Murphy From noam at maccentricsolutions.com Thu Mar 6 06:59:43 2008 From: noam at maccentricsolutions.com (Noam Birnbaum) Date: Thu Mar 6 07:20:46 2008 Subject: AFP/SMB locks Message-ID: <45292A7D-69DC-409A-BC5A-A937B4A11484@maccentricsolutions.com> Hey all, 10.5.2 server, no managed clients, OD standalone. AFP users in Excel 2008 sometimes get the notice that others are working on the file they're trying to open. Okay. But Windows users do not get that message, and when they try to save the files they've worked on, can't do so. We've turned on both strict locking and oplocks in SMB settings on the server. Any other suggestions? Thanks, noam Noam Birnbaum http://maccentricsolutions.com/ 877.luv.macs x89 ? Apple Certified Technical Coordinator ? Apple Certified Help Desk Specialist From mrhatken at mac.com Thu Mar 6 07:52:36 2008 From: mrhatken at mac.com (Ashley Aitken) Date: Thu Mar 6 07:52:50 2008 Subject: what file are console messages in? In-Reply-To: References: Message-ID: I haven't worked it all out yet (no time) but I believe some log files (system, console) have been replace with a database (but sometimes there are files too, so I am confused, unless they are duplicating i.e. log to file and database). Cheers, Ashley. On 06/03/2008, at 11:53 PM, Chris Murphy wrote: > silly question, but searches aren't yielding any answers. > > On 10.5 I can't find a console.log. I've found reference to console > messages now being extracted from system.log. However I have a > recently rotated system.log with few entries, and have pitched the > others in an attempt to figure out where the console messages are > originating. I have a bunch of webkit javascript messages going back > several days in the Console Messages window that do not exist in the > current system.log. So where are these console messages coming from? > console.log existed for each user and would be rotated with each > system reboot on 10.4.x, and that appears to be different on 10.5. > > Thanks, > > Chris Murphy > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > From lists at colorremedies.com Thu Mar 6 08:00:24 2008 From: lists at colorremedies.com (Chris Murphy) Date: Thu Mar 6 08:00:29 2008 Subject: what file are console messages in? In-Reply-To: References: Message-ID: <53F84791-DBEF-48A6-BEC5-AE04AD4E2490@colorremedies.com> On Mar 6, 2008, at 10:52 AM, Ashley Aitken wrote: > > I haven't worked it all out yet (no time) but I believe some log > files (system, console) have been replace with a database (but > sometimes there are files too, so I am confused, unless they are > duplicating i.e. log to file and database). Well at least system.log is still around. daily script does not do the rotation, rather launchd is responsible for calling newsyslog which then checks newsyslog.conf which sets time or size limits for various logs. But I don't see console in there at all. Using easy find to search the whole disk, console.log doesn't come up. So I wonder if console is extracting messages from various logs. Anyway, it's not a huge problem, but some applications, in particular betas, dump a huge amount of crud into console, and i'd like to rotate it daily rather than with each reboot. Webkit is spewing practically every website, flash ad, and javascript it encounters into system.log only on 10.4.11, but on 10.5.2 it's appearing in both system.log and console message. Weird. Chris Murphy From cwolf at mac.com Thu Mar 6 08:17:16 2008 From: cwolf at mac.com (Christopher Wolf) Date: Thu Mar 6 08:17:48 2008 Subject: what file are console messages in? In-Reply-To: References: Message-ID: <9CEFFA36-1975-4613-8BD5-2BBA9CD0657D@mac.com> On Mar 6, 2008, at 10:52 AM, Ashley Aitken wrote: > > I haven't worked it all out yet (no time) but I believe some log > files (system, console) have been replace with a database (but > sometimes there are files too, so I am confused, unless they are > duplicating i.e. log to file and database). > > Cheers, > Ashley. On Leopard 'console' and 'system' log messages all get routed to the ASL database. Console messages will have their "Facility" key set to the value "com.apple.console". You can query the ASL database using Console.app or the syslog command line tool. Console.app provides a pre-built query to fetch only the Console messages from the database. You can do the same thing from the command line using "syslog -C" (that's a capital C). 'system' log messages also still get echoed to the /var/log/system.log text file. 'console' log messages do not get echoed to any text file anymore. A lot more information (including how to manually prune the ASL database) can be found in the syslog man page. - Chris > On 06/03/2008, at 11:53 PM, Chris Murphy wrote: > >> silly question, but searches aren't yielding any answers. >> >> On 10.5 I can't find a console.log. I've found reference to console >> messages now being extracted from system.log. However I have a >> recently rotated system.log with few entries, and have pitched the >> others in an attempt to figure out where the console messages are >> originating. I have a bunch of webkit javascript messages going >> back several days in the Console Messages window that do not exist >> in the current system.log. So where are these console messages >> coming from? console.log existed for each user and would be rotated >> with each system reboot on 10.4.x, and that appears to be different >> on 10.5. >> >> Thanks, >> >> Chris Murphy >> >> _______________________________________________ >> MacOSX-admin mailing list >> MacOSX-admin@omnigroup.com >> http://www.omnigroup.com/mailman/listinfo/macosx-admin >> > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin From nbfa at stanford.edu Thu Mar 6 10:47:37 2008 From: nbfa at stanford.edu (Noah Abrahamson) Date: Thu Mar 6 10:47:57 2008 Subject: AFP/SMB locks In-Reply-To: <45292A7D-69DC-409A-BC5A-A937B4A11484@maccentricsolutions.com> References: <45292A7D-69DC-409A-BC5A-A937B4A11484@maccentricsolutions.com> Message-ID: <18AB5219-7897-4DCF-B276-332AC54C8472@stanford.edu> On Mar 6, 2008, at 6:59 AM, Noam Birnbaum wrote: > AFP users in Excel 2008 sometimes get the notice that others are > working on the file they're trying to open. Okay. But Windows > users do not get that message, and when they try to save the files > they've worked on, can't do so. > > We've turned on both strict locking and oplocks in SMB settings on > the server. Any other suggestions? I don't think Samba has a mechanism for notifying users that the file is in use (similar to how you can send notifications to AFP users via Server Admin). The file is locked properly, but yeah, you're right, the Windows user won't know she or he can't save their edits until they attempt attempt it. Additionally, Apple's File Services manual recommends disabling strict locking and oplocks when the same share is available to protocols other than just SMB. This won't change the behavior you observed, however, and files will still be locked when accessed, they just won't be put into memory from the Windows side. Noah ------------------- Noah Abrahamson Stanford University From mvgfr1 at gmail.com Fri Mar 7 02:52:57 2008 From: mvgfr1 at gmail.com (Marc Farnum Rendino) Date: Fri Mar 7 02:53:01 2008 Subject: what file are console messages in? In-Reply-To: <9CEFFA36-1975-4613-8BD5-2BBA9CD0657D@mac.com> References: <9CEFFA36-1975-4613-8BD5-2BBA9CD0657D@mac.com> Message-ID: <4c7b1780803070252u63e44e35i38c496d89ead726a@mail.gmail.com> Wow; Console.app is now a very nice GUI to the new syslog command - thanks for the prompt to take a look at it again! From mrhatken at mac.com Sat Mar 8 07:56:53 2008 From: mrhatken at mac.com (Ashley Aitken) Date: Sat Mar 8 07:57:13 2008 Subject: Problem with Google URLs not loading? In-Reply-To: <445DA599-52A1-412A-A7E1-95E18E70991E@mac.com> References: <063A9A3E-E43B-4F56-A4D3-FE1436E81F7B@mac.com> <850FFC52-1250-465C-8E80-E4C2F85B098A@mac.com> <445DA599-52A1-412A-A7E1-95E18E70991E@mac.com> Message-ID: <4A43C36F-8F02-41BD-902E-5DA9611B00D6@mac.com> Not trying to bump this, but any ideas on how I would track this problem down? It seems to be related to to an ad-hoc network that is connected to the LAN via a Mac running OSX Server 10.5.2. Interestingly there have been one or two other Web posts about this in the last year, no useful suggestions. I can ping Google (and every where else) from the wired LAN but not Google or any other sites from the wireless LAN (although Web pages other than those using Google seem to work fine). Traceroute gets to my router from the wired LAN but not on the wireless. I can ping my modem/router from the wireless (and wired) networks. There is no firewall running on the OSX Server box. Any suggestions on tools I should use? I've given some more network details below. I think Google is just, somehow, showing up problems with routing. Cheers, Ashley. -- Network Configuration. ADSL Modem / Router / Gateway to Internet = 192.168.1.1 Mac = 192.168.1.4 (Google ok) Mac OS X Server (Google ok) Ethernet = 192.168.1.2 Ad Hoc Wireless = 192.168.29.2 NB: No NAT on OS X Server, not using Internet Sharing Laptop = 192.168.29.6 (No Google but all other sites ok) I've added static route on ADSL Modem / Router = 192.168.29.0 -> 192.168.1.2 I believe this is necessary I've tried with and without static routes on Mac OS X Server 192.168.29.0 -> en2 (wireless LAN) 192.168.1.0 -> en0 (ethernet) I'm not sure if either or both of those are necessary. NB The OS X Server box won't join the ad-hoc network automatically so I have to choose the network manually after reboot, this would be after the static route(s) are added as above. Could this be a problem? I'm not very good at reading netstat -r, but here it is: > server:~ admin$ sudo netstat -r > Password: > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif > Expire > default 192.168.1.1 UGSc 90 3310 en0 > 127 localhost UCS 0 0 lo0 > localhost localhost UH 6 896 lo0 > 169.254 link#4 UCS 0 0 en0 > 192.168.1 link#4 UCS 4 0 en0 > 192.168.1.1 0:50:7f:23:cf:be UHLW 41 7 > en0 1188 > 192.168.1.2 localhost UHS 0 0 lo0 > 192.168.1.6 0:1b:63:ac:3f:f4 UHLW 1 50 > en0 513 > 192.168.1.255 link#4 UHLWb 2 29 en0 > 192.168.29 link#6 UCS 2 0 en2 > 192.168.29.2 localhost UHS 0 34 lo0 > 192.168.29.6 0:1c:b3:c6:80:57 UHLW 1 5012 > en2 554 > 192.168.29.255 link#6 UHLWb 3 30 en2 > From huntc at internode.on.net Mon Mar 10 03:22:49 2008 From: huntc at internode.on.net (Christopher Hunt) Date: Mon Mar 10 03:22:56 2008 Subject: osascript command not timing out? Message-ID: <3DB15303-0519-42C0-873D-CA02987E1322@internode.on.net> Hi there, I've experienced a weird situation whereby I have an application that generally runs quite well, but ended up in an U state (ps command, uninterruptible wait). Now the process probably hung for some reason (cannot now reproduce) and a "shutdown -r now" failed... re-enforcing the idea that my process hung in a U state I suppose. Thing is, prior to the restart, I had a number of osascript commands from the shell and they remained in an S state (sleep for less than 20 seconds). I'd reckon that these processes had actually been around for a while so I'm a little mystified by that state. I would have thought they'd be in an 'I' (Idle) state. No matter, what really bugs me is that I would have thought my AppleScript tell statements should have timed out after a minute and disappeared. The osascript commands are invoked from cron in case that's useful. Any ideas on why these osascript invoked AppleScript tell commands to my U state application shouldn't have timed out? Could it have been that no live target process was found for the tell statement, it tried to start one, and then somehow got into trouble? BTW: Mac OS X 10.4. Cheers, -C From ahoesch at smartsoft.de Tue Mar 25 04:15:57 2008 From: ahoesch at smartsoft.de (=?ISO-8859-1?Q?Andreas_H=F6schler?=) Date: Tue Mar 25 04:40:06 2008 Subject: NFS mounts in Leopard Message-ID: Hi all, I want to hard mount mount -t nfs merkur:/home /home whenever MacOSX Leopard starts (merkur ist our Solaris 10 server holding the home dirs). I usually do that in /System/Library/StartupItems/NFS/NFS However, this file no longer exists in Leorpard. Where should/could I put this line in 10.5? Thanks, Andreas From a.s.bruvik at usit.uio.no Tue Mar 25 04:44:29 2008 From: a.s.bruvik at usit.uio.no (Anders Skolseg Bruvik) Date: Tue Mar 25 04:59:03 2008 Subject: NFS mounts in Leopard In-Reply-To: References: Message-ID: <47E8E59D.9020806@usit.uio.no> Andreas H?schler wrote: > Hi all, > > I want to hard mount > > mount -t nfs merkur:/home /home > > whenever MacOSX Leopard starts (merkur ist our Solaris 10 server holding > the home dirs). I usually do that in > > /System/Library/StartupItems/NFS/NFS > > However, this file no longer exists in Leorpard. Where should/could I > put this line in 10.5? > > Thanks, > > Andreas > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin You can specify mounts either in /etc/fstab, or in /var/db/dslocal/nodes/Default/mounts (specified using Directory Services) best, -- Anders Skolseg Bruvik USIT (BSD), Universitetet i Oslo Tel: 22 85 27 92 From jhealy at logn.net Tue Mar 25 18:22:00 2008 From: jhealy at logn.net (Jason Healy) Date: Tue Mar 25 18:22:16 2008 Subject: NFS mounts in Leopard In-Reply-To: <47E8E59D.9020806@usit.uio.no> References: <47E8E59D.9020806@usit.uio.no> Message-ID: <72DAD00C-81D6-4717-819B-3EA4972250F0@logn.net> On Mar 25, 2008, at 7:44 AM, Anders Skolseg Bruvik wrote: > You can specify mounts either in /etc/fstab, or in > /var/db/dslocal/nodes/Default/mounts (specified using Directory > Services) Or, in the automap files under 10.5 (/etc/auto_master and a file of your choosing). For example, add a line like this to /etc/auto_master: /foo/bar/merkur auto_merkur Then, create the file /etc/auto_merkur and add the following: home merkur:/home Invoke "automount" to rescan the files and mount the new shares. From this point on, automountd will take care of mounting the shares when needed. Read the manpage for "auto_master" for more detailed information. Jason -- Jason Healy | jhealy@logn.net | http://www.logn.net/ From bplist at thinkpink.com Tue Mar 25 22:59:00 2008 From: bplist at thinkpink.com (Brian Pinkerton) Date: Tue Mar 25 23:08:47 2008 Subject: Leopard resolver settings? Message-ID: Where the heck do the resolver settings live in Leopard? I want to understand how my machine is resolving hostnames, as /etc/resolv.conf is telling only part of the story. I suspect they live in the Directory Service somewhere, but I haven't been able to track them down. thanks, bri From justin at mac.com Wed Mar 26 11:42:16 2008 From: justin at mac.com (Justin C. Walker) Date: Wed Mar 26 11:42:28 2008 Subject: Leopard resolver settings? In-Reply-To: References: Message-ID: <13D1B968-B1A9-43F9-9E06-5FB38036D664@mac.com> On Mar 25, 2008, at 22:59 , Brian Pinkerton wrote: > Where the heck do the resolver settings live in Leopard? I want to > understand how my machine is resolving hostnames, as /etc/ > resolv.conf is telling only part of the story. I suspect they live > in the Directory Service somewhere, but I haven't been able to track > them down. Don't know that this will help, but try "man 5 resolver". FWIW, "apropos foo" (for 'foo' a string of interest) can sometimes give you pointers. HTH Justin -- They said it couldn't be done, but sometimes, it doesn't work out that way. - Casey Stengel -- From bplist at thinkpink.com Wed Mar 26 12:22:42 2008 From: bplist at thinkpink.com (Brian Pinkerton) Date: Wed Mar 26 12:22:45 2008 Subject: Leopard resolver settings? In-Reply-To: <13D1B968-B1A9-43F9-9E06-5FB38036D664@mac.com> References: <13D1B968-B1A9-43F9-9E06-5FB38036D664@mac.com> Message-ID: <1A2780A8-6D0D-441C-97D0-DB83544E64E5@thinkpink.com> Thanks. I started there last night and ended up reading the source this morning. Turns out the issue is that one step in hostname resolution is handled by a set of poorly described APIs (the dns_* functions ref'ed in ) that are driven by data in configd. As far as I can tell, the exact algorithm for resolving a hostname is undocumented, though the code reveals the (unbelievably long) story. Now I've just gotta figure out how to tell configd how to fix the broken DNS configuration. :) BTW, this all came up because I'm using a VPN client that frobs the DNS settings behind my back. The DNS servers across the VPN are broken in the face of the SRV queries that Leopard now issues with some regularity, so I need to adjust how requests to that server are handled (or edit the damn thing out entirely!) bri On Mar 26, 2008, at 11:42 AM, Justin C. Walker wrote: > > On Mar 25, 2008, at 22:59 , Brian Pinkerton wrote: >> Where the heck do the resolver settings live in Leopard? I want to >> understand how my machine is resolving hostnames, as /etc/ >> resolv.conf is telling only part of the story. I suspect they live >> in the Directory Service somewhere, but I haven't been able to >> track them down. > > Don't know that this will help, but try "man 5 resolver". FWIW, > "apropos foo" (for 'foo' a string of interest) can sometimes give > you pointers. > > HTH > > Justin > > -- > They said it couldn't be done, but sometimes, > it doesn't work out that way. > - Casey Stengel > -- > > > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin From brett.dikeman at gmail.com Wed Mar 26 12:56:37 2008 From: brett.dikeman at gmail.com (Brett Dikeman) Date: Wed Mar 26 12:56:40 2008 Subject: Leopard resolver settings? In-Reply-To: References: Message-ID: <9d9c4a330803261256k519767fp846bfd7bbba8eb53@mail.gmail.com> On Wed, Mar 26, 2008 at 1:59 AM, Brian Pinkerton wrote: > Where the heck do the resolver settings live in Leopard? I want to > understand how my machine is resolving hostnames, as /etc/resolv.conf > is telling only part of the story. I suspect they live in the > Directory Service somewhere, but I haven't been able to track them down. On a possibly related note: Leopard resolves names in a very funny and standard-but-thus-non-standard way. It looks for SRV records wherever it can, and when it can't find them, it makes them up based on whatever else it finds. Case and point: try telnetting to port 25 on a mail server with an MX record. On my work laptop, telnet connects to the machine's MX host. There's no SRV record present for either machine. If I telnet to port 25 on a second mail server which has two MX's, one low priority off-site and an MX pointing to itself with a higher priority, telnet consistently connects to the lower priority MX. Brett From bcully at gmail.com Wed Mar 26 13:10:56 2008 From: bcully at gmail.com (Brian Cully) Date: Wed Mar 26 13:11:02 2008 Subject: Leopard resolver settings? In-Reply-To: <9d9c4a330803261256k519767fp846bfd7bbba8eb53@mail.gmail.com> References: <9d9c4a330803261256k519767fp846bfd7bbba8eb53@mail.gmail.com> Message-ID: <92507914-F9A3-4929-A776-00A8ABE556F7@gmail.com> This is (arguably) a bug in telnet. It uses getaddrinfo(3) and supplies hints, which causes this behavior. getaddrinfo is defined by POSIX (among others) to do this, and is thus correct. My opinion is that telnet should not use hints when resolving names on the assumption that if you're using telnet you know what you're doing. On a side note, I know this works for MX records, but I'm not sure about generic SRV records (which would be substantially harder to figure out via hinting): natasya:~% dig SRV _xmpp-server._tcp.kublai.com ... _xmpp-server._tcp.kublai.com. 10800 IN SRV 0 0 5269 xmpp.onsip.com. ... natasya:~% host kublai.com kublai.com has address 67.17.128.36 kublai.com mail is handled by 0 albatross.kublai.com. kublai.com mail is handled by 10 mail.quuxuum.com. natasya:~% host xmpp.onsip.com xmpp.onsip.com has address 66.227.100.28 natasya:~% grep 5269 /etc/services jabber-server 5269/udp # Jabber Server Connection jabber-server 5269/tcp # Jabber Server Connection natasya:~% telnet kublai.com 5269 Trying 67.17.128.36... telnet: connect to address 67.17.128.36: Connection refused natasya:~% telnet kublai.com 25 Trying 2001:5c0:89ec::2... Connected to mail.quuxuum.com. -bjc On 26-Mar-2008, at 15:56, Brett Dikeman wrote: > On Wed, Mar 26, 2008 at 1:59 AM, Brian Pinkerton > wrote: >> Where the heck do the resolver settings live in Leopard? I want to >> understand how my machine is resolving hostnames, as /etc/resolv.conf >> is telling only part of the story. I suspect they live in the >> Directory Service somewhere, but I haven't been able to track them >> down. > > On a possibly related note: Leopard resolves names in a very funny and > standard-but-thus-non-standard way. It looks for SRV records wherever > it can, and when it can't find them, it makes them up based on > whatever else it finds. > > Case and point: try telnetting to port 25 on a mail server with an MX > record. On my work laptop, telnet connects to the machine's MX host. > There's no SRV record present for either machine. > > If I telnet to port 25 on a second mail server which has two MX's, one > low priority off-site and an MX pointing to itself with a higher > priority, telnet consistently connects to the lower priority MX. > > Brett > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin From bplist at thinkpink.com Wed Mar 26 15:04:26 2008 From: bplist at thinkpink.com (Brian Pinkerton) Date: Wed Mar 26 15:04:29 2008 Subject: Leopard resolver settings? In-Reply-To: <1A2780A8-6D0D-441C-97D0-DB83544E64E5@thinkpink.com> References: <13D1B968-B1A9-43F9-9E06-5FB38036D664@mac.com> <1A2780A8-6D0D-441C-97D0-DB83544E64E5@thinkpink.com> Message-ID: Just in case anyone's interested, here's a short summary of the host lookup process that I've gleaned from reading the source: user code: gethostbyname() - checks in-process cache - if directory service is running, checks that - otherwise checks flat files directory service (running in DirectoryService process): - checks its own cache (see dscacheutil) - tries each domain on in the directory search path, including any plugins that are registered - otherwise checks DNS multi-client DNS search (resolver runs in DirectoryService process): - check each matching DNS client in configd's DNS configuration (there are more than you think: see scutil --dns) - actually do the lookup (finally contacts an actual nameserver) - if it fails, try the next The path is similar, though slightly more complicated, if the original code did a getaddrinfo(). In this case, DirectoryService tries SRV queries across each of its DNS client configurations before going back and asking for A records. bri On Mar 26, 2008, at 12:22 PM, Brian Pinkerton wrote: > Thanks. I started there last night and ended up reading the source > this morning. Turns out the issue is that one step in hostname > resolution is handled by a set of poorly described APIs (the dns_* > functions ref'ed in ) that are driven by data in configd. As > far as I can tell, the exact algorithm for resolving a hostname is > undocumented, though the code reveals the (unbelievably long) story. > > Now I've just gotta figure out how to tell configd how to fix the > broken DNS configuration. :) > > BTW, this all came up because I'm using a VPN client that frobs the > DNS settings behind my back. The DNS servers across the VPN are > broken in the face of the SRV queries that Leopard now issues with > some regularity, so I need to adjust how requests to that server are > handled (or edit the damn thing out entirely!) > > bri > > > On Mar 26, 2008, at 11:42 AM, Justin C. Walker wrote: > >> >> On Mar 25, 2008, at 22:59 , Brian Pinkerton wrote: >>> Where the heck do the resolver settings live in Leopard? I want >>> to understand how my machine is resolving hostnames, as /etc/ >>> resolv.conf is telling only part of the story. I suspect they >>> live in the Directory Service somewhere, but I haven't been able >>> to track them down. >> >> Don't know that this will help, but try "man 5 resolver". FWIW, >> "apropos foo" (for 'foo' a string of interest) can sometimes give >> you pointers. >> >> HTH >> >> Justin >> >> -- >> They said it couldn't be done, but sometimes, >> it doesn't work out that way. >> - Casey Stengel >> -- >> >> >> >> _______________________________________________ >> MacOSX-admin mailing list >> MacOSX-admin@omnigroup.com >> http://www.omnigroup.com/mailman/listinfo/macosx-admin > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin From shoop at iwiring.net Thu Mar 27 19:42:43 2008 From: shoop at iwiring.net (Dan Shoop) Date: Thu Mar 27 19:42:53 2008 Subject: osascript command not timing out? In-Reply-To: <3DB15303-0519-42C0-873D-CA02987E1322@internode.on.net> References: <3DB15303-0519-42C0-873D-CA02987E1322@internode.on.net> Message-ID: On Mar 10, 2008, at 6:22 AM, Christopher Hunt wrote: > Hi there, > > I've experienced a weird situation whereby I have an application > that generally runs quite well, but ended up in an U state (ps > command, uninterruptible wait). Now the process probably hung for > some reason (cannot now reproduce) and a "shutdown -r now" failed... > re-enforcing the idea that my process hung in a U state I suppose. > > Thing is, prior to the restart, I had a number of osascript commands > from the shell and they remained in an S state (sleep for less than > 20 seconds). I'd reckon that these processes had actually been > around for a while so I'm a little mystified by that state. I would > have thought they'd be in an 'I' (Idle) state. > > No matter, what really bugs me is that I would have thought my > AppleScript tell statements should have timed out after a minute and > disappeared. The osascript commands are invoked from cron in case > that's useful. > > Any ideas on why these osascript invoked AppleScript tell commands > to my U state application shouldn't have timed out? Perhaps the AppleScript *did* timeout. Perhaps then it's parent then lost connection to this it's child and hence the state it got in? -dhan ------------------------------------------------------------------------ Dan Shoop Computer Scientist iWiring / U.S. Technical Services shoop@iwiring.net AOL IM .................... iWiring Nextel .................... 1-714-363-1174 Operations TOC (24/7) ..... 1-866-901-USTS USTS Offices .............. 1-714-374-6300 For immediate response for urgent matters please speak to the Duty Officer at the USTS Tactical Operations Center (above) who can reach me by radio. From mrhatken at mac.com Sun Mar 30 06:44:41 2008 From: mrhatken at mac.com (Ashley Aitken) Date: Sun Mar 30 06:44:52 2008 Subject: Bare hard disk drives and heat? Message-ID: <94C39261-7A90-4388-9A2E-964686418812@mac.com> Howdy All, I understand heat is one of the biggest causes of problems with hard disk drives. I have a USB2-to-SATA/PATA cable that I mostly use to temporarily connect bare drives (i.e. not inside a case) to Macs. My question is whether longer term use of a bare hard disk drive would be problematic with regards to heat? Of course, there is no fan, and no designed thermal air flow past the drive. I also generally have the drives in side a silicon rubber protector (to protect against limited physical shock) that does leave most of the top surface uncovered, covers the sides, and has some holes on the bottom covered surface. Would leaving a large drive (WD 750GB Caviar) running like this (not under much load; for example, as a time machine backup drive) in a relatively open space (it is not in a closed cabinet) be problematic? Thanks in advance for any comments or suggestions. Cheers, Ashley. From rhicks41 at tampabay.rr.com Sun Mar 30 08:02:38 2008 From: rhicks41 at tampabay.rr.com (Randal Hicks) Date: Sun Mar 30 08:02:54 2008 Subject: Bare hard disk drives and heat? In-Reply-To: <94C39261-7A90-4388-9A2E-964686418812@mac.com> References: <94C39261-7A90-4388-9A2E-964686418812@mac.com> Message-ID: <2A6F1623-0F3A-494C-9DF4-0F10DCC37F2D@tampabay.rr.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ashley, I have no experience with this particular drive, but the specs suggest that this drive can eschew the silicone protector (has shockguard ) which /might/ be holding in heat. As far as having the drive hanging external, its more of an aesthetics issue IMHO. I've used Western Digital HDDs almost exclusively and had no issues. I had a WD 4Gb drive for my Linux box from 1997-2002. The last year of service it spent lying atop the FDD to service my backups. As I recall, it got a lil dusty but nothing major. I still have it, and yes it still works... If you trust that where the drive rests will be free from tasty beverages, small animals and people, I wouldn't lose any sleep over it. Think of your room as one big computer case. Cheers, Randal BTW::Did you ever resolve your Google URL issue? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAkfvq44ACgkQHXnD0tz+/vxvFACgnJXrYhHbqF7uKgtoPoK03/L6 XiIAn0jRkglkAM+eyYMX1UoPqSrUD9DB =Q7ts -----END PGP SIGNATURE----- From scott_ribe at killerbytes.com Sun Mar 30 08:10:19 2008 From: scott_ribe at killerbytes.com (Scott Ribe) Date: Sun Mar 30 08:10:24 2008 Subject: Bare hard disk drives and heat? In-Reply-To: <94C39261-7A90-4388-9A2E-964686418812@mac.com> Message-ID: In my experience, touching a drive that has been running bare (completely bare though, no silicone wrap) vs the same or similar drive that has been running inside a Mac tower, the bare one is always less hot. The only thing I've found cooler than a bare drive ere external cases with a substantial fan dedicated to the drive. -- Scott Ribe scott_ribe@killerbytes.com http://www.killerbytes.com/ (303) 722-0567 voice From kremels at kreme.com Sun Mar 30 10:01:03 2008 From: kremels at kreme.com (LuKreme) Date: Sun Mar 30 10:01:07 2008 Subject: rsyncd.conf Message-ID: I have the following in rsyncd.conf (on 'server'): [backup] path = /backup/ comment = Backup readonly = no auth users = root secrets file = /usr/local/etc/rsyncd.secrets I tried to connect to it from www2 rsync -av --password-file=/var/rsync.passwd --link-dest=server::backup/ www2 / server::backup/www2.daily.0 and get the following error: building file list ... done rsync: mkdir "www2.daily.0" (in backup) failed: Permission denied (13) rsync error: error in file IO (code 11) at main.c(529) [receiver=2.6.9] rsync: connection unexpectedly closed (4 bytes received so far) [sender] Since the auth user for the rsync is 'root' why am I getting a permission failure? And even though the current www2 folder is owned by root (in fact, has the same permissions as /backup), I AM able to run the following command with no error: rsync -av --password-file=/var/rsync.passwd / server::backup/www2 $ ls -lsa /backup/ 2 drwxr-xr-x 13 root wheel 512 Mar 30 10:33 . 2 drwxr-xr-x 24 root wheel 1024 Feb 16 13:58 .. 2 drwxr-xr-x 21 root wheel 512 Jun 10 2007 www2 -- Well I've seen the Heart of Darkness/Read the writing on the wall/and the voice out in the desert/Was the voice out in the hall From philburk at mac.com Mon Mar 31 10:38:35 2008 From: philburk at mac.com (Phillip Burk) Date: Mon Mar 31 10:38:45 2008 Subject: Security/Preference panes and /etc/authorization Message-ID: I am just beginning my 10.5 rollout where I work and I have found an oddity that I did not expect. In the Security pane of System Preferences the "Require password to unlock each System Preferences pane" is unchecked yet all regular users (not admin) have all of the preference panes locked that have a lock. I believe I can kludge my way through this by altering the /etc/ authorization file. I basically understand what's going on with the syntax of /etc/authorization but what I am hesitant on is exactly WHAT I'll need to change to prevent this from happening. I believe the rules I'll need to change are system.preferences, system.preferences.accessibility and maybe system.print.admin. Anyone care to hold my hand with this? TIA, Phil