Topic: QuickTips

It's now become a best practice to turn off the Auto-Open feature of Safari so that we don't accidentally execute malware. Here's a one-liner that can do so for the current user. It's also useful to push it out via ARD.

defaults write com.apple.Safari AutoOpenSafeDownloads 0

In browsing through some forums lately, I've found a few posts complaining that when USB printers attached to a Mac OS X machine run out of paper, they don't automagically restart their print queues when the paper tray's refilled. Well, the answer turned out to be pretty simple, actually.

Ironically, the command is "enable" or "disable" "name of printer." Pretty cool, except for a few little gotchas. First, when you open up a printer, an application called "PrinterProxy" is launched, which presents a human-readable name for the printer. What we really want is the CUPS (Common UNIX Printing System) name of the print queue, which we'll need to get by visiting the CUPS website on our Macs by typing 127.0.0.1:631 in our favorite browser, then clicking the "printers" button.

Alternately, we can get the list of printers by using the lpstat command:

macbook:~ dean$ lpstat -d -p
system default destination: _6mp
printer _192.168.0.99 is idle. enabled since Jan 01 00:00
printer _192_168_0_97 is idle. enabled since Jan 01 00:00
printer _192_168_0_98 is idle. enabled since Jan 01 00:00
printer _6mp disabled since Jan 01 00:00 -
Paused
printer Adobe_PDF is idle. enabled since Jan 01 00:00
printer Lexmark_C510 is idle. enabled since Jan 01 00:00
printer Phaser_8400DP__8b_7c_00_ is idle. enabled since Jan 01 00:00
printer Phaser_8400DP__90_2a_f3_ is idle. enabled since Jan 01 00:00
printer RICOH_Aficio_3245C is idle. enabled since Jan 01 00:00

Here, we see that the _6mp printer is "paused" because it's run out of paper. Even if we refill it, it may or may not resume printing. Whether it does or not is largely dependent on the printer, but if some one wants to automatically restart the printer on a schedule, all they need to do is set up a cron job or launchdaemon with the following command:

/usr/bin/enable _6mp

Which will kick the printer back to an "enabled" state.

macbook:~ dean$ lpstat -d -p
system default destination: _6mp
printer _192.168.0.99 is idle. enabled since Jan 01 00:00
printer _192_168_0_97 is idle. enabled since Jan 01 00:00
printer _192_168_0_98 is idle. enabled since Jan 01 00:00
printer _6mp is idle. enabled since Jan 01 00:00
printer Adobe_PDF is idle. enabled since Jan 01 00:00
printer Lexmark_C510 is idle. enabled since Jan 01 00:00
printer Phaser_8400DP__8b_7c_00_ is idle. enabled since Jan 01 00:00
printer Phaser_8400DP__90_2a_f3_ is idle. enabled since Jan 01 00:00
printer RICOH_Aficio_3245C is idle. enabled since Jan 01 00:00

For those of you who use bash (the bourne again shell) on a regular basis, you probably know about the .profile or .bash_profile configuration file you can use to customize your shell environment and path. What many people don't know, however, is that bash keeps a history of commands and actions in an invisible file in your home directory called .history.

While it's easy enough to use the "cat" command to view the contents of the .history file, it's more useful to search it interactively for long commands you might have spend some time typing out and would like to re-use or modify a little. Obviously the command buffer can help (using the arrow keys on the keyboard to zip forward or backward though the command history), but sometimes it's better to be a little smarter about searching though your by using control + R, which brings up the following prompt:

(reverse-i-search)`':

simply type a few characters of the command you want to find, and it appears! For example, typing "v" at the search prompt yields:

macbook:~ dean$ du -sh /var/log/win*

Press return, and execute the command, no matter where it is in your command buffer. Now that's just plain cool!

If you've ever wanted to install a fresh System from the Mac OS X Install DVD on an external firewire drive or another partition of your boot disk but didn't want to boot your critical system off the install DVD, there is a way:

1) Insert the DVD
2) Got to /System/Installation/Packages/OS Install.pkg and double-click it to start the installer
3) Choose where you want to install the OS (your external drive) and install it
4) When done, install the latest combo updater or any other updates you have lying around

That's all!

Option-tab brings up the list editor in any application that supports it (basically any application that uses the TextEdit engine). These applications include:

Fishpad
Stickies (not the widget)

I'm sure many of you use Firefox, the excellent open-source web browser based on the Netscape lineage. Earlier this week, Firefox 1.5 was released, bringing with it a host of improvements, including faster and more accurate page rendering. Hoever the feature that I'm just loving, is the ability to swiftly change font sizes on any web page with the scroll wheel on a mouse. Simply hold down the command (Apple) key and scroll the wheel up to increase the font size, or down to decrease it. Enjoy Firefox! I do.

Turn it into a Server

Run the headless laptop with a display attached or without, using either VNC or Apple Remote Desktop to control the display. This makes either a nice file server or email srever.If you have rackspace, the broken laptop fits in nicely with other rack mount hardware.

Use it as a Media Center

With either a composite video or s-video adapter, the broken laptop makes a great iTunes or even streaming video server to complement the rest of your entertainment equipment.

Use it to Power a Digital Picture Frame

Wall mount an LCD monitor with the broken laptop behind it. Control the laptop using Airport and hite the power cable if you can. Now, you'll have a digital piture frame for slide shows or even home movies at your disposal. You can even watch DVDs.

Got an idea of how to use a Mac Laptop with a busted screen? Drop me a line and I'll add it to the article!

Mac Users have come a long way in being able to troubleshoot OS X issues. For example, many Mac Users didn't always know that preferences are now (mostly) kept in XML files called .plist files in each user's home directory. It's a common troubleshooting practice to see if the problem persists when logged in as a different user on the same Mac...that way, it's easy to determine whether the problem is machine-wide or user-specific.

Despite this knowledge, however, it isn't totally obvious how to find out which .plist file controls which action/problem or resolution. Of course all preference files from the user's Library folder can be tossed, but this can cause other issues, like email accounts needing to be reconfigured, applications acting funny or even asking for serial numbers again.

Just today, the follwoing question came across a listserv I subscribe to, which indicates the difficulty of narrowing the problem down to a specific .plist file:

"Hi All,

A client running 10.3.9 can't do screen captures using the usual
Cmd-3 or Cmd-4. However, creating a new user on the same machine
does allow screen captures. Sound like a plist problem. What do I
delete?"

This person had hit the nail right on the head by employing a very simple troubleshooting technique: loggin on as a different user to see if the problem persists, yet the solution seems not-so-simple, as the technique for isolating the problem .plist is obviously not in this person's flow chart of troubleshooting actions, so they ask, which isn't such a bad route to take. Being the helpful person I am, I set out to answer the question, not becuase I knew off the top of my head (though I had some suspects in mind) but because I did have the troubleshooting technique at my fingertips which would isolate the problem .plist.

Since the problem was related to a keyboard shortcut, I knew that the answer lay with the Keyboard & Mouse preference pane in System Preferences, more specifically, the last tab on the right, called "Keyboard Shortcuts." Not surprisingly, the first set of keyboard shortcut settings are called "Screen Shots."

1) Get the serial number of the system with ioreg, grep, awk & cut:

>$ ioreg -l|grep IOPlatformSerialNumber|awk '{print $4}'|cut -d \" -f 2
UV43800BPLH

>$ ioreg -l | awk '/IOPlatformSerialNumber/ {print $4}' | sed 's/\"//g'
UV43800BPLH

2) Get a list of all local user over 500:

>$ nireport / /users uid name|sort -n|grep -A 500 '[5-9][0-9][0-9]'
501 dean
502 sysadmin
505 one
506 two
507 vault
1024 osxuser

3) dscl -u username -P password localhost -passwd NetInfo/root/Users/shortname oldpassword newpassword

This changes the local admin password, but you need to have an admin password in the first place! This is very useful to mass changes to the local admin password using Remote Desktop and the "Send Unix Command" feature.

Get and remove the colons from the active interface's MAC address

>$ ifconfig -a|grep -B 1 "status: active"|head -1|awk '{print toupper($2)}'| sed 's/://g'
000D93C5DFC6

Those of us who write shell scripts for system administration purposes have gotten used to querying scutil (Apple's System Configuration Utility) for quick access to hard-to-get information, such as the computername. Now, with the release of Tiger, I've discovered a new facility to get DNS information via scutil, as in the example below:

nagitest:~ mostadmin$ scutil --dns
DNS configuration

resolver #1
search domain[0] : macworkshops.com
nameserver[0] : 192.168.0.89
order : 200000

resolver #2
domain : local
nameserver[0] : 224.0.0.251
nameserver[1] : ff02::fb
options : attempts:4
port : 5353
timeout : 2
order : 300000

resolver #3
domain : 254.169.in-addr.arpa
nameserver[0] : 224.0.0.251
nameserver[1] : ff02::fb
options : attempts:4
port : 5353
timeout : 2
order : 300000

resolver #4
domain : 0.8.e.f.ip6.arpa
nameserver[0] : 224.0.0.251
nameserver[1] : ff02::fb
options : attempts:4
port : 5353
timeout : 2
order : 300000

If we discover any other additions to scutil, we'll be sure to post them!

If you save a particluar set of Terminal session settings, it creates a file with a .term extension. First, open the Terminal applications located in /Applications/Utilities and then customize your preferences. Change the font size, dimensions, font color, transparency of the background to anything you wish in the Inspector window that comes up when you choose File > Show info. When you're done, choose File > Save As. . . to create your .term file. Then, to launch a session with those terminal characteristics, simply double-click the .term file, and your Terminal will reflect those settings.

Recently, I came across a site that had an interesting tip on it regarding .command files and how they're handled by the Terminal. The tip indicated that adding a .command extension to a text file would make the file "executable." The fact of the matter is that this is only partially true. What adding the .command extension does is associate the file type to the terminal, so that when double-clicked the Terminal attempts to open that file. For example, I'm going to create this simple script using a text editor (you can use TextEdit if you like).

#!/bin/sh
datestamp=`/bin/date`
mkdir ~/Desktop/"$datestamp"

When executed, this script will make a folder on the logged in user's Desktop with a date stamp. If added to the user's login item in the Accounts System Preference, this should happen every time the user logs in.

So, let's save the text file with the .command extension on the Desktop and double-click it. Up pops the following dialog:



It seems that simply adding the .command extension isn't enough. By the way, the default permissions for all files in OS X don't include the right to "execute." Things are this way mainly for security reasons, and it wouldn't stand to make much sense to simply allow changing the name of a file to make it executable in the Terminal.

We need to do this first:

dean$ chmod +x ~/datefolder.command

Now, it's really executable so that when we double click it, it creates the a folder with a nice time stamp on it in the Finder.

Security Settings - WPA Pre-Shared Key

Pre-Shared Key

There are two encryption options for WPA Pre-Shared Key, TKIP and AES. TKIP stands for Temporal Key Integrity Protocol. TKIP utilizes a stronger encrytption method and incorporates Message Integrity Code (MIC) to provide protection against hackers. AES stands for Advanced Encryption System, which utilizes a symmetric 128-Bit block data encryption.

To use WPA Pre-Shared Key, enter a password in the WPA Shared Key field between 8 and 63 characters long. You may also enter a Group Key Renewal Interval time between 0 and 99,999 seconds.

Check all the values and click Save Settings to save your settings. Click Cancel Changes to cancel your changes. "

What is TKIP (Temporal Key Integrity Protocol)?
TKIP (Temporal Key Integrity Protocol) is part of a draft standard from IEEE 802.11i working group.
TKIP is an enhancement to WEP (Wired Equivalent Privacy) security.
TKIP enhances WEP by adding a per-packet key mixing function to de-correlate the public initialization vectors (IVs) from weak keys.
TKIP also enhances WEP by adding a rekeying mechanism to provide fresh encryption and integrity keys. This makes TKIP protected networks more resistant to attacks involving key reuse.
Before TKIP, it was possible to perform a known ciphertext attack on WEP after collecting a large number of packets.
TKIP significantly mitigates the WEP key derivation vulnerability but does not provide complete resolution for the weaknesses.
TKIP utilizes the RC4 stream cipher with 128-bit keys for encryption and 64-bit keys for authentication.

TKIP is Being Replaced by RSN
The RSN (Robust Secure Network) component of the 802.11i standard recommends replacing TKIP with CCMP. However, the standard does allow TKIP for backwards compatability.
This backwards compatability with TKIP is necessary because most legacy Wi-Fi (802.11) hardware does not have the CPU power to use the AES algorithm utilized by CCMP. The RC4 algorithm utilized by TKIP will run on legacy Wi-Fi hardware.

Additional Reading on TKIP
For more information on TKIP, read 802.11 Security Series Part II: The Temporal Key Integrity Protocol (TKIP).
Some analysts use the name TKIP to refer to the functionality of both TKIP and MIC (Message Integrity Check).

Recently, with the price of large (one gigabyte and bigger) keychain (USB) flash drives coming down to below $100 or even $49 when on sale, more and more Mac users and admins are using them as data transfer tool, quickie backup device, or even a data recovery or troubleshooting tool. However, it's easy to forget, in these days of OS X applications that don't have resource forks or create documents with resource forks, that nearly all of these USB drives come formatted with the FAT32 file system, which is still unfriendly to Classic Mac Applications, as well as Postscript Fonts, and QuarkXpress Documents. If you copy file from your Mac to a FAT32 keychain drive, you'll separate the resource forks of the files and find that your Applications, Fonts, and other document may be trashed beyond the point of recoverability.

One way around this problem is to format your USB drive with the HFS+ file system using Disk Utility, however, this prohibits the flash drive from ever being used with a Windows or Linux computer.

I have worked around the problem by using Disk Utility to create a "sparseimage" on my USB keychain drive. A sparseimage is the a disk image with a "growable" filesystem. When you create a sparseimage, you have to specify the maximum size it can grow to, but it won't reach that size unless you fill it up. Now, when you attach your USB drive to a Mac, simply double-click the sparseimage to mount it. Put your Mac files in there, and you'll enjoy the best of both worlds, without having to reformat your USB drive.

Recently, many iLife 05 users have complained about the performance of iPhoto when scrolling though lots of thumbnails, on even some of the fastest Macs. It seems that the default thumbnail size tends to eat up a lot of processor power. Unfortunately, changing the thumbnail size is something that isn't very easy to do, and requires editing the com.apple.iphoto,plist preference file located in your home directory inside the Library/Preferences folder. Evidently Textedit, OmniOutliner, Bbedit, and the Property List Editor that is bundled with the Apple Xcode Tools are all valid ways to hunt down the value and edit it.

However, being more than a bit addicted to the Terminal, I found a way to set this quickly, without having to dig through all of the values and attributes in the preference file. Just open the Terminal, and type the following:

Defaults write com.apple.iPhoto ThumbnailSize .80

and restart iPhoto. You'll find that the thumbnails scroll by a lot quicker now. If you don't like the thumbnail size, toss the com.apple.iPhoto.plist file and everything will revert to the defaults. Now that's fast and easy, isn't it?