Mac OS X: Difference between revisions

From ZS64
Jump to navigationJump to search
No edit summary
 
(8 intermediate revisions by the same user not shown)
Line 1: Line 1:
A personal list of software, configuration and tweaks to make Mac OS X even better.
A personal list of software, configuration and tweaks to make Mac OS X even better.
= Flash Version Check and Offline Installer =
Flash is notorious for it's frequently discovered security problems, so make sure to regularly check for updates [http://www.adobe.com/software/flash/about/ at Adobe's Flash info page], which shows you the version of Flash you have installed currently.
If you don't like the regular Adobe Download Manager Flash Installer, there's an [http://www.adobe.com/products/flashplayer/distribution3.html Offline Flash Installer] version available. Simply download and use Apple's Installer to install a regular package. Don't forget to restart you browsers to activate the freshly installed version. Here's how you can update Flash from the command line (tested on 10.10). Find the Flash Installer link on the download page ("for system administrators"), then:
curl -O https://fpdownload.macromedia.com/get/flashplayer/current/licensing/mac/install_flash_player_18_osx_pkg.dmg
hdiutil attach install_flash_player_18_osx_pkg.dmg
sudo installer -pkg /Volumes/Flash\ Player/Install\ Adobe\ Flash\ Player.pkg -target LocalSystem
hdiutil detach /Volumes/Flash\ Player/


= Configuration =
= Configuration =
Line 7: Line 18:
Screen Sharing is normally hidden in the library folder, so I like to drag it to the Dock for easy access. Use the Finder's Go To command to go to <tt>/System/Library/CoreServices</tt> and drag Screen Sharing to the Dock, or create an alias to it and put it in Applications.
Screen Sharing is normally hidden in the library folder, so I like to drag it to the Dock for easy access. Use the Finder's Go To command to go to <tt>/System/Library/CoreServices</tt> and drag Screen Sharing to the Dock, or create an alias to it and put it in Applications.


=== Enabling via Command Line ===
=== Enabling Screen Sharing Remotely via Command Line ===


When you forget to enable Screen Sharing, but you have ssh access to the machine, you can enable Screen Sharing via the command line:
When you forget to enable Screen Sharing, but you have ssh access to the machine, you can enable Screen Sharing via the command line:
Line 99: Line 110:
  $ sudo postmap /etc/postfix/relay_password
  $ sudo postmap /etc/postfix/relay_password


Add these lines to /etc/postfix/main.cfg, for example at the end of the file:
Add these lines to <code>/etc/postfix/main.cf</code>, for example at the end of the file:
  relayhost = [''servername'']:587
  relayhost = [''servername'']:587
  smtp_sasl_auth_enable = yes
  smtp_sasl_auth_enable = yes
Line 117: Line 128:
* if your mail server does not listen on the mail submission port (587), try with port 25.
* if your mail server does not listen on the mail submission port (587), try with port 25.
* If you've entered the wrong username or password, remember that you need to update the Postfix database with <tt>postmap</tt> for changes to the password file to become effective.
* If you've entered the wrong username or password, remember that you need to update the Postfix database with <tt>postmap</tt> for changes to the password file to become effective.
* On Mac OS X 10.8 (Mountain Lion), Apple has changed the <code>launchd</code> configuration in a way that stops Postfix from working. See [http://blog.deversus.com/2012/07/fix-for-postfix-in-mac-os-x-10-8-mountain-lion/ this blog post] for a fix.


== Clear DNS Cache ==
== Clear DNS Cache ==
Line 124: Line 136:
Since MacOS 10.5:
Since MacOS 10.5:
  dscacheutil -flushcache
  dscacheutil -flushcache
= Cleaning Up After Yourself =
Your home directory contains many files that accumulate information about your behaviour. Here's a couple:
* <code>~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2</code> <br>[http://www.tuaw.com/2012/02/14/mac-os-xs-quarantineevents-keeps-a-log-of-all-your-downloads/ Mac OS X's 'QuarantineEvents' keeps a log of all your downloads]
* <code>~/Library/Preferences/Macromedia/Flash\ Player/#SharedObjects/</code> <br><code>~/Library/Preferences/Macromedia/Flash\ Player/macromedia.com/support/flashplayer/sys/</code> <br>[http://en.wikipedia.org/wiki/Local_shared_object Flash Local Shared Objects]


= Additional Software =
= Additional Software =
Line 129: Line 148:
Things I like to add:
Things I like to add:


* [http://perian.org/ Perian] - Additional QuickTime codecs for common formats
* [http://xquartz.macosforge.org/ XQuartz] - development version of the X11 package included in 10.5, updated by the main Apple developer
* [http://xquartz.macosforge.org/ XQuartz] - development version of the X11 package included in 10.5, updated by the main Apple developer
* [http://hoyois.github.com/safariextensions/clicktoplugin/ ClickToPlugin] - A pluging to block flash and other plugins, replacement for [http://rentzsch.github.com/clicktoflash/ ClickToFlash].
* [http://fluidapp.com Fluid] - A simple WebKit-based browser that allows you to create copies of itself with a separate cookie store. [http://blog.zs64.net/2012/09/keep-those-privacy-eating-websites-at-bay/ What Fluid can do for web privacy]
* [http://mplayerosx.sttz.ch/ MPlayer OSX Extended]
* [http://www.schirmacher.de/display/INFO/Deutsche+Tastaturbelegung+unter+Parallels,+VMWare,+BootCamp+und+VirtualBox German Mac-like keyboard layout for Windows], so you can continue to use the Mac key combinations for €, @, {}, etc.
* [http://www.schirmacher.de/display/INFO/Deutsche+Tastaturbelegung+unter+Parallels,+VMWare,+BootCamp+und+VirtualBox German Mac-like keyboard layout for Windows], so you can continue to use the Mac key combinations for €, @, {}, etc.


= Version Checks =
= Remove User, Restart Setup =


Flash is notorious for it's frequently discovered security problems, so make sure to regularly check for updates [http://www.adobe.com/software/flash/about/ at Adobe's Flash info page], which shows you the version of Flash you have installed currently.
If you want to return a Mac to it's pristine state, but skip reinstalling the OS, or keep certain files, you can remove all users and flag for the Setup Assistant to run again on the next boot.


= VMware =
# Prepare the Mac by removing all the things that you don't want to linger around. This includes extra users, installed software, Wifi networks that have been remembered in the Network settings, etc. Of course, you can't delete your own user; this will be done in the following steps.
# Restart the Mac into single-user mode by holding Command-S during startup. You will be greeted by a lot of arcane text, instead of the Apple logo. This is fine.
# Once you reach the command prompt (indicated by a line starting with #), type the following commands to remove the last remaining user, and flag Setup Assistant to run again. Replace "username" with the Unix (short) name of your user. When entering these commands, you will be using the U.S. keyboard layout. It might be helpful to pull up the Keyboard on another machine.
mount -uw /
launchctl load /System/Library/LaunchDaemons/com.apple.opendirectoryd.plist
dscl . -delete /Users/username
rm -r /Users/username
rm /var/db/.AppleSetupDone
halt


* [http://blog.rectalogic.com/2008/08/virtualizing-mac-os-x-leopard-client.html Running non-Server 10.5 in VMware Fusion]
After executing the last command, the Mac will turn off. The next time you start it up, Setup Assistant will run and you can configure it as if you had reinstalled OS X.
* [http://www.macosxhints.com/article.php?story=20081031054054546 Virtualize machine-specific 10.4 in Fusion 2]

Latest revision as of 22:47, 27 April 2016

A personal list of software, configuration and tweaks to make Mac OS X even better.

Flash Version Check and Offline Installer

Flash is notorious for it's frequently discovered security problems, so make sure to regularly check for updates at Adobe's Flash info page, which shows you the version of Flash you have installed currently.

If you don't like the regular Adobe Download Manager Flash Installer, there's an Offline Flash Installer version available. Simply download and use Apple's Installer to install a regular package. Don't forget to restart you browsers to activate the freshly installed version. Here's how you can update Flash from the command line (tested on 10.10). Find the Flash Installer link on the download page ("for system administrators"), then:

curl -O https://fpdownload.macromedia.com/get/flashplayer/current/licensing/mac/install_flash_player_18_osx_pkg.dmg
hdiutil attach install_flash_player_18_osx_pkg.dmg
sudo installer -pkg /Volumes/Flash\ Player/Install\ Adobe\ Flash\ Player.pkg -target LocalSystem
hdiutil detach /Volumes/Flash\ Player/

Configuration

Screen Sharing

Screen Sharing is normally hidden in the library folder, so I like to drag it to the Dock for easy access. Use the Finder's Go To command to go to /System/Library/CoreServices and drag Screen Sharing to the Dock, or create an alias to it and put it in Applications.

Enabling Screen Sharing Remotely via Command Line

When you forget to enable Screen Sharing, but you have ssh access to the machine, you can enable Screen Sharing via the command line:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -help

The -help option will show a usage summary for the command:

kickstart -uninstall -files -settings -prefs

         -install -package <path>

         -deactivate
         -activate

         -configure -users <user1,user2...> 
           -access -on  -off 
           -privs  -all -none
                   -DeleteFiles                                                                     
                   -ControlObserve                                                                 
                   -TextMessages                                                                   
                   -ShowObserve                                                                     
                   -OpenQuitApps                                                                    
                   -GenerateReports                                                                 
                   -RestartShutDown                                                                 
                   -SendFiles                                                                            
                   -ChangeSettings                                                                  
                   -ObserveOnly    
                   -mask <mask>

           -allowAccessFor
                   -allUsers [-privs <priv options>]
                   -specifiedUsers
            
           -computerinfo -set1 -1 <text> 
                         -set2 -2 <text> 
                         -set3 -3 <text> 
                         -set4 -4 <text>

           -clientopts
             -setmenuextra -menuextra  yes
             -setdirlogins -dirlogins  yes
             -setreqperm   -reqperm    no
             -setvnclegacy -vnclegacy  yes
             -setvncpw     -vncpw      mynewpw
             -setwbem      -wbem       no

         -stop

         -restart -agent -console -menu

         -targetdisk <mountpoint>
          

         -verbose
         -quiet

         -help     ## Show verbose documentation

To enable Screen Sharing, you can use this command line:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -restart -agent -privs -all

To enable Screen Sharing and VNC, use this:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -clientopts -setvnclegacy -vnclegacy yes -clientopts -setvncpw -vncpw mypasswd -restart -agent -privs -all

Based on Ryan’s Tech Note .

Time Machine Frequency

Time Machine runs a backup every hour, or 3600 seconds. With the following command, you can change the frequency to have it run more or less often.

sudo defaults write /System/Library/LaunchDaemons/com.apple.backupd-auto StartInterval -int 3600

If you don't feel like changing system defaults, you can also use TimeMachineEditor or TimeMachineScheduler.

Sending System Mail

Some processes on Mac OS X send mail through the built-in mail server, Postfix. In it's default configuration, Postfix will try and deliver such mail to a local user account. Since there's no mail application installed that can read mail from traditional mailboxes (in /var/mail/username), the only result is that you get annoying reminders that you have new mail whenever you open a Terminal window.

To be able to properly handle these mail messages, you can configure Postfix to send them to your mail server, like GMail. To reconfigure Postfix, do this:

  1. Find out which server name, username and password you have to use to send mail through your email provider.
  2. Create a text file with the server name, username and password under /etc/postfix/relay_password
  3. Convert the relay_password file to a postfix database using postmap.
  4. Amend the Postfix configuration by adding appropriate entries to the /etc/postfix/main.cfg config file.

To create the relay_password file, you can use this command line:

$ sudo sh -c 'echo servername username:password >/etc/postfix/relay_password'

To convert the file to a database, run this command:

$ sudo postmap /etc/postfix/relay_password

Add these lines to /etc/postfix/main.cf, for example at the end of the file:

relayhost = [servername]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/relay_password
smtp_sasl_security_options = noanonymous
smtp_use_tls = yes

To test whether things are working, send yourself an email from the command line:

$ mail -s "test" me@example.com
This is the body of the test mail.
Enter a single period on a line by itself, or hit Ctrl-D to finish entering the message.

If you get an error message, or if the mail does not arrive within a couple of minutes, check /var/log/mail.log for further hints.

Potential issues are:

  • if your mail server does not support the use of TLS (encryption), remove the smtp_use_tls = yes;
  • if your mail server does not listen on the mail submission port (587), try with port 25.
  • If you've entered the wrong username or password, remember that you need to update the Postfix database with postmap for changes to the password file to become effective.
  • On Mac OS X 10.8 (Mountain Lion), Apple has changed the launchd configuration in a way that stops Postfix from working. See this blog post for a fix.

Clear DNS Cache

Up to MacOS 10.4:

lookupd -flushcache

Since MacOS 10.5:

dscacheutil -flushcache

Cleaning Up After Yourself

Your home directory contains many files that accumulate information about your behaviour. Here's a couple:

Additional Software

Things I like to add:

Remove User, Restart Setup

If you want to return a Mac to it's pristine state, but skip reinstalling the OS, or keep certain files, you can remove all users and flag for the Setup Assistant to run again on the next boot.

  1. Prepare the Mac by removing all the things that you don't want to linger around. This includes extra users, installed software, Wifi networks that have been remembered in the Network settings, etc. Of course, you can't delete your own user; this will be done in the following steps.
  2. Restart the Mac into single-user mode by holding Command-S during startup. You will be greeted by a lot of arcane text, instead of the Apple logo. This is fine.
  3. Once you reach the command prompt (indicated by a line starting with #), type the following commands to remove the last remaining user, and flag Setup Assistant to run again. Replace "username" with the Unix (short) name of your user. When entering these commands, you will be using the U.S. keyboard layout. It might be helpful to pull up the Keyboard on another machine.
mount -uw /
launchctl load /System/Library/LaunchDaemons/com.apple.opendirectoryd.plist
dscl . -delete /Users/username
rm -r /Users/username
rm /var/db/.AppleSetupDone 
halt

After executing the last command, the Mac will turn off. The next time you start it up, Setup Assistant will run and you can configure it as if you had reinstalled OS X.