I recently reinstalled OSX 10.6 onto a shiny new hard disk. Upon restoring my backups, I discovered my (legit) Adobe Photoshop CS3 installation wasn’t working. It would immediately crash upon startup, and the OSX error report included something about a missing framework:
Dyld Error Message:
Library not loaded: @executable_path/../Frameworks/AdobeAGM.framework/Versions/A/AdobeAGM
Referenced from: /Applications/Adobe Photoshop CS3/Adobe Photoshop CS3.app/Contents/MacOS/Adobe Photoshop CS3
Reason: image not found
Much to my dismay, I discovered after some Googling that CS3 products do not function properly when installed on case-sensitive HFS volumes.
…
OK, so total disbelief aside, here’s an extremely helpful blog post that includes a shell script for fixing this brain-dead behaviour.
http://thinkingdigitally.com/archive/adobe-photoshop-cs3-osx-case-sensitive-filesystem-fixed/
This reminds me… I need to buy a license for Pixelmator [http://www.pixelmator.com] and stop funding the Hellspawn that Adobe’s products have become. </rant>
A default FreeBSD system with process accounting enabled, either manually through ‘accton [accounting file]’ or by setting ‘accounting_enable=”YES”’ in /etc/rc.conf, will rotate through 3 *uncompressed* process accounting log files.
Here’s a snippet of /etc/defaults/periodic.conf:
# 310.accounting
daily_accounting_enable="YES" # Rotate acct files
daily_accounting_compress="NO" # Gzip rotated files
daily_accounting_flags=-q # Flags to /usr/sbin/sa
daily_accounting_save=3 # How many files to save
If you’d like to compress your rotated process accounting logs, override the above “daily_accounting_compress” statement by placing this in your “/etc/periodic.conf” file (whose values will override those in /etc/defaults/periodic.conf):
daily_accounting_compress="YES"
This will compress rotated logs using the default -6 level of gzip compression. You could change this if you really wanted to by editing /etc/periodic/daily/310.accounting, but even the default level of compression will likely reduce the files to 1/3 or 1/4 their original size.
(I’ve verified these defaults on FreeBSD 7.0/7.1/8.0.)
We’ve all been there: it’s past quitting time, you’ve got a half-dozen terminals open, and you halt or reboot a machine… only to realize moments later (with creeping panic) it was the wrong one.
molly-guard is a straightforward script that intercepts reboot/shutdown-related commands. Here’s an example where I punch in reboot, but fail to confirm the hostname I’m meaning to restart:
root@linuxhost:~# reboot
W: molly-guard: SSH session detected!
Please type in hostname of the machine to reboot: oops
Good thing I asked; I won't reboot linuxhost ...
W: aborting reboot due to 30-query-hostname exiting with code 1.
molly-guard is available for many distributions; check with your preferred package manager.
(By default in Ubuntu, molly-guard will only provide the above functionality for remote sessions. If you’d prefer that it *always* requested confirmation for shutdown/restart operations, see here for details: http://www.ubuntugeek.com/molly-guard-protects-machines-from-accidental-shutdownsreboots.html)
A little information on the origin of the name “molly-guard” (cute!): http://en.wiktionary.org/wiki/molly-guard
A friend recently had a Webmail account compromised. Being a reasonably savvy user, he was concerned a keylogger may be present on his Mac.
This led me to realize I knew nothing whatsoever about OSX keyloggers.
A bit of Googling led me to logkext [ http://code.google.com/p/logkext ], an open-source kernel extension for key logging. (Sadly, the project page indicates it is no longer under active development.)
I tested it on Snow Leopard and it works like a charm. The command line utility “logKextClient” is used to manage logging (the logfile location is customizable and can be encrypted) and to view the contents of the logfile itself. The entire package can be easily removed by running “LogKextUninstall.command” (which is copied to / when logkext is installed).
I haven’t played with any OSX antimalware packages to see if they detect/deactivate/remove logkext.
p.s. You can list loaded kernel extensions by popping open Terminal and using the “kextstat” utility.
p.p.s. So far, doesn’t look like a keylogger was to blame for the compromise listed above.
If you’re having grief installing SEP11 on Windows 7 x64, give this a try:
- Install LiveUpdate (via SEPWin64\x64\LUSETUP.exe in the original installation discs/files)
- Reboot the machine
- Re-try your SEP client installation.
I was unable to install either from those original installation files or a managed client package before following the above procedures.
Thanks to Paul Murgatroyd for the hint: http://www.symantec.com/connect/forums/windows-7-beta-and-sep-11-mr4 - opens in new window
It’s hard work being prey. Watch the birds at a feeder. They’re constantly on alert, and will fly away from food — from easy nutrition — at the slightest movement or sound. Given that I’ve never, ever seen a bird plucked from a feeder by a predator, it seems like a whole lot of wasted effort against not very big a threat.
— Bruce Schneier
The “mountvol” utility can be used to quickly determine the GUIDs of various storage volumes on a Windows 2008 server.
(I needed this to enable scripted mounting of TrueCrypt volumes; backups are now happily dumping to encrypted USB drives that are automatically dismounted when the job completes. I’ll post some details on that later, but it’s pretty straightforward.)
All human cultures evolve institutions of law, religion, and philosophy, and these institutions both adopt specific answers to circular questions and establish authority-schemes to indoctrinate people with those beliefs. One might complain that such establishments substitute dogma for reason and truth. But in exchange, they spare whole populations from wasting time in fruitless reason loops. Minds can lead more productive lives when working on problems that can be solved.
— Marvin Minsky, “The Society of Mind”
(As root)
# dmidecode
Look for the “Base Board Information” section.
Example output:
[...]
Handle 0x0002, DMI type 2, 15 bytes.
Base Board Information
Manufacturer: ASUSTeK Computer INC.
Product Name: P5LD2-VM
Version: Rev 1.xx
Serial Number: MB-1234567890
Asset Tag: To Be Filled By O.E.M.
Features:
Board is a hosting board
Board is replaceable
Location In Chassis: To Be Filled By O.E.M.
Chassis Handle: 0x0003
Type: Motherboard
Contained Object Handles: 0
[...]
/edit Ah, “lshw” works as well.
I wanted to dump out a production Rails database and import it into a development DB for poking and prodding. I figured there was a Rails Way to accomplish this; however, I found no built-in rake tasks or the like.
I did, however, come across this:
http://github.com/adamwiggins/yaml_db
From the README:
YamlDb is a database-independent format for dumping and restoring data. It complements the the database-independent schema format found in db/schema.rb. The data is saved into db/data.yml.
Usage is dead simple; several rake tasks are made available to dump/load database schema/contents. Thumbs up.
Had a bit of trouble getting the Ruby sqlite3 gem installed on FreeBSD 7.2. While I’m certain I’ve done it before without difficulty, I figured I’d make a note in case I (or any Googling users) run into it again.
Running “gem install sqlite3-ruby” resulted in:
install sqlite3-ruby
Building native extensions. This could take a while...
ERROR: Error installing sqlite3-ruby:
ERROR: Failed to build gem native extension.
/usr/local/bin/ruby18 extconf.rb
checking for fdatasync() in -lrt... no
checking for sqlite3.h... no
*** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of
necessary libraries and/or headers. Check the mkmf.log file for more
details. You may need configuration options.
Provided configuration options:
--with-opt-dir
--without-opt-dir
--with-opt-include
--without-opt-include=${opt-dir}/include
--with-opt-lib
--without-opt-lib=${opt-dir}/lib
--with-make-prog
--without-make-prog
--srcdir=.
--curdir
--ruby=/usr/local/bin/ruby18
--with-sqlite3-dir
--without-sqlite3-dir
--with-sqlite3-include=${sqlite3-dir}/include
--with-sqlite3-lib
--without-sqlite3-lib=${sqlite3-dir}/lib
--with-rtlib
--without-rtlib
Gem files will remain installed in /usr/local/lib/ruby/gems/1.8/gems/sqlite3-ruby-1.2.5 for inspection.
Results logged to /usr/local/lib/ruby/gems/1.8/gems/sqlite3-ruby-1.2.5/ext/sqlite3_api/gem_make.out
Buh?? Strange, as I’d installed the sqlite3 port and sqlite3.h was present in /usr/local/include.
This took care of the issue:
# export CONFIGURE_ARGS="with-sqlite3-include=/usr/local/include" && gem install sqlite3-ruby
Ah, “enthusiasts” with local administrative rights… disabling all those pesky little system services in an attempt to give their machine that extra dash of zip.
Since it’s a bitch to reset every service’s startup parameter to defaults by hand, I recommend checking out BlackViper.com’s ready-to-go registry patches:
http://www.blackviper.com/WinXP/registry.htm
Much <3 to BlackViper.com!
From the scponly wiki (http://sublimation.org/scponly/wiki/index.php/Main_Page):
“scponly is an alternative ‘shell’ (of sorts) for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution priviledges [sic].”
Using its included chroot version, one can effectively lock down access to a user’s home directory (well, more specifically, a subdirectory IN their home directory).
On Ubuntu 8.04, it’s as easy as “apt-get install scponly” then following some instructions here:
http://www.ubuntugeek.com/scponly-limited-shell-for-secure-file-transfers.html
…Afterwards, however, I was receiving errors like this in /var/log/auth.log:
Sep 7 15:03:47 machinename sshd[31752]: subsystem request for sftp
Sep 7 15:03:47 machinename scponly[31753]: running: /usr/lib/sftp-server (username: scponly-user(1001), IP/port: x.x.x.x 50563 22)
Sep 7 15:03:47 machinename scponly[31753]: failed: /usr/lib/sftp-server with error No such file or directory(2) (username: scponly-user(1001), IP/port: x.x.x.x 50563 22)
Turns out these errors are a little misleading. See here for the fix:
http://lists.ccs.neu.edu/pipermail/scponly/2008-February/001915.html
In short, a number of libraries need to be copied into the user’s home directory for the chroot to be fully intact. (I’m not sure if this is only an issue on 64-bit systems.)
If you’re not familiar with Growl, it’s a non-intrusive little notification system for OSX:
http://growl.info/
Now, check out this Gist:
http://gist.github.com/180943
function n {
"$@"
status=$?
if [ "$status" == "0" ] ; then
result="completed"
else
result="FAILED ($status)"
fi
growlnotify -m "Script $result" -s "$@"
}
This snippet of bash shell scripting will use Growl to notify you when a long-running command completes. Simply slap that snippet into your .profile, open a new shell (or run “source ~/.profile” in an existing one), run “n yourcommandhere” and blammo!
For even more shell sexiness, be sure to check out Visor, a Quake-style OSX terminal that pops down with the stroke of a keycombo:
http://visor.binaryage.com/
(Thanks to Sean for pointing this out to me.)
/edit “growlnotify” is not included in a default Growl installation. Look on the Growl installation image under “Extras/growlnotify” folder for “install.sh”
