Mac OS X

From ZS64
Revision as of 23:47, 27 April 2016 by Stefan Bethke (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

A personal list of software, configuration and tweaks to make Mac OS X even better.

Flash Version Check and Offline Installer

Flash is notorious for it's frequently discovered security problems, so make sure to regularly check for updates at Adobe's Flash info page, which shows you the version of Flash you have installed currently.

If you don't like the regular Adobe Download Manager Flash Installer, there's an Offline Flash Installer version available. Simply download and use Apple's Installer to install a regular package. Don't forget to restart you browsers to activate the freshly installed version. Here's how you can update Flash from the command line (tested on 10.10). Find the Flash Installer link on the download page ("for system administrators"), then:

curl -O https://fpdownload.macromedia.com/get/flashplayer/current/licensing/mac/install_flash_player_18_osx_pkg.dmg
hdiutil attach install_flash_player_18_osx_pkg.dmg
sudo installer -pkg /Volumes/Flash\ Player/Install\ Adobe\ Flash\ Player.pkg -target LocalSystem
hdiutil detach /Volumes/Flash\ Player/

Configuration

Screen Sharing

Screen Sharing is normally hidden in the library folder, so I like to drag it to the Dock for easy access. Use the Finder's Go To command to go to /System/Library/CoreServices and drag Screen Sharing to the Dock, or create an alias to it and put it in Applications.

Enabling Screen Sharing Remotely via Command Line

When you forget to enable Screen Sharing, but you have ssh access to the machine, you can enable Screen Sharing via the command line:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -help

The -help option will show a usage summary for the command:

kickstart -uninstall -files -settings -prefs

         -install -package <path>

         -deactivate
         -activate

         -configure -users <user1,user2...> 
           -access -on  -off 
           -privs  -all -none
                   -DeleteFiles                                                                     
                   -ControlObserve                                                                 
                   -TextMessages                                                                   
                   -ShowObserve                                                                     
                   -OpenQuitApps                                                                    
                   -GenerateReports                                                                 
                   -RestartShutDown                                                                 
                   -SendFiles                                                                            
                   -ChangeSettings                                                                  
                   -ObserveOnly    
                   -mask <mask>

           -allowAccessFor
                   -allUsers [-privs <priv options>]
                   -specifiedUsers
            
           -computerinfo -set1 -1 <text> 
                         -set2 -2 <text> 
                         -set3 -3 <text> 
                         -set4 -4 <text>

           -clientopts
             -setmenuextra -menuextra  yes
             -setdirlogins -dirlogins  yes
             -setreqperm   -reqperm    no
             -setvnclegacy -vnclegacy  yes
             -setvncpw     -vncpw      mynewpw
             -setwbem      -wbem       no

         -stop

         -restart -agent -console -menu

         -targetdisk <mountpoint>
          

         -verbose
         -quiet

         -help     ## Show verbose documentation

To enable Screen Sharing, you can use this command line:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -restart -agent -privs -all

To enable Screen Sharing and VNC, use this:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -clientopts -setvnclegacy -vnclegacy yes -clientopts -setvncpw -vncpw mypasswd -restart -agent -privs -all

Based on Ryan’s Tech Note .

Time Machine Frequency

Time Machine runs a backup every hour, or 3600 seconds. With the following command, you can change the frequency to have it run more or less often.

sudo defaults write /System/Library/LaunchDaemons/com.apple.backupd-auto StartInterval -int 3600

If you don't feel like changing system defaults, you can also use TimeMachineEditor or TimeMachineScheduler.

Sending System Mail

Some processes on Mac OS X send mail through the built-in mail server, Postfix. In it's default configuration, Postfix will try and deliver such mail to a local user account. Since there's no mail application installed that can read mail from traditional mailboxes (in /var/mail/username), the only result is that you get annoying reminders that you have new mail whenever you open a Terminal window.

To be able to properly handle these mail messages, you can configure Postfix to send them to your mail server, like GMail. To reconfigure Postfix, do this:

  1. Find out which server name, username and password you have to use to send mail through your email provider.
  2. Create a text file with the server name, username and password under /etc/postfix/relay_password
  3. Convert the relay_password file to a postfix database using postmap.
  4. Amend the Postfix configuration by adding appropriate entries to the /etc/postfix/main.cfg config file.

To create the relay_password file, you can use this command line:

$ sudo sh -c 'echo servername username:password >/etc/postfix/relay_password'

To convert the file to a database, run this command:

$ sudo postmap /etc/postfix/relay_password

Add these lines to /etc/postfix/main.cf, for example at the end of the file:

relayhost = [servername]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/relay_password
smtp_sasl_security_options = noanonymous
smtp_use_tls = yes

To test whether things are working, send yourself an email from the command line:

$ mail -s "test" me@example.com
This is the body of the test mail.
Enter a single period on a line by itself, or hit Ctrl-D to finish entering the message.

If you get an error message, or if the mail does not arrive within a couple of minutes, check /var/log/mail.log for further hints.

Potential issues are:

  • if your mail server does not support the use of TLS (encryption), remove the smtp_use_tls = yes;
  • if your mail server does not listen on the mail submission port (587), try with port 25.
  • If you've entered the wrong username or password, remember that you need to update the Postfix database with postmap for changes to the password file to become effective.
  • On Mac OS X 10.8 (Mountain Lion), Apple has changed the launchd configuration in a way that stops Postfix from working. See this blog post for a fix.

Clear DNS Cache

Up to MacOS 10.4:

lookupd -flushcache

Since MacOS 10.5:

dscacheutil -flushcache

Cleaning Up After Yourself

Your home directory contains many files that accumulate information about your behaviour. Here's a couple:

Additional Software

Things I like to add:

Remove User, Restart Setup

If you want to return a Mac to it's pristine state, but skip reinstalling the OS, or keep certain files, you can remove all users and flag for the Setup Assistant to run again on the next boot.

  1. Prepare the Mac by removing all the things that you don't want to linger around. This includes extra users, installed software, Wifi networks that have been remembered in the Network settings, etc. Of course, you can't delete your own user; this will be done in the following steps.
  2. Restart the Mac into single-user mode by holding Command-S during startup. You will be greeted by a lot of arcane text, instead of the Apple logo. This is fine.
  3. Once you reach the command prompt (indicated by a line starting with #), type the following commands to remove the last remaining user, and flag Setup Assistant to run again. Replace "username" with the Unix (short) name of your user. When entering these commands, you will be using the U.S. keyboard layout. It might be helpful to pull up the Keyboard on another machine.
mount -uw /
launchctl load /System/Library/LaunchDaemons/com.apple.opendirectoryd.plist
dscl . -delete /Users/username
rm -r /Users/username
rm /var/db/.AppleSetupDone 
halt

After executing the last command, the Mac will turn off. The next time you start it up, Setup Assistant will run and you can configure it as if you had reinstalled OS X.