Skip to content

Changing UID and Shell in Leopard

Since Netinfo was replaced by Directory Services in Leopard there are several user based tweaks that I like to do. This had not been a problem on my Mac Pro since I did an upgrade, but I just got a new MacBook with a fresh install of Leopard. Now there are several user based tweaks I like to make. I change my UID to my standard one; it makes file sharing and remote work much easier. I am also a tcsh user. So there are two ways to adjust this sans NetInfo

1) GUI — Go to System Preferences > Accounts and right click (control-click) on the user you wish to modify. An advance window will appear and you can make changes here.

2) CLI — su – to root and run dscl

su –
dscl localhost
cd /Local/Default/Users

You can see all users by doing an ls and you can see the attributes of the users by catting the user (e.g. cat someuser ). Man dscl and man 8 DirectoryServices will give more info on changing attributes.

2007 12 03 scoker3 Mac OS X Comments (0) Permalink

Leopard Upgrade and Parallels

Another problem I ran into is that Parallels v.3 network bridge mode stopped working. This is related to the fact that I did an upgrade and not a fresh install of the OS. Reinstalling parallels does not solve the problem. The following files need to me moved out of the way and a reboot done.

    /System/Library/Extensions/vmmain.kext
    /System/Library/Extensions/hypervisor.kext
    /System/Library/Extensions/helper.kext
    /System/Library/Extensions/ConnectUSB.kext
    /System/Library/Extensions/Pvsnet.kext
    ~/Library/Parallels/
    /Library/Parallels/
    ~/Library/Preferences/com.parallels

After the reboot a fresh install of parallels fixed the problem. Interestingly Fusion did not have the same problems.

2007 11 03 scoker3 Mac OS X Comments (0) Permalink

Leopard and Photoshop v. 7

I just upgraded to Leopard and so far the first big problem I found is that Photoshop v.7 will not work. Granted this is an old version and designed to run in both classic and OS X, which I suspect is the cause of the problem.

2007 11 03 scoker3 Mac OS X Comments (0) Permalink

Upgrading IBM pSeries 660 Memory

After sending most of my day on a memory upgrade, I discovered something fun. IBM pSeries 660 model 7026-6H1 Servers count their memory in quads and not pairs. Even though the memory vendor sells the upgrade kit as a pair.

Tagged ,
2007 10 15 scoker3 AIX Comments (0) Permalink

Fresh Start

I have recently left my job at Rockefeller University and move across the street to Weill Medical College of Cornell University. I thought this would also be an excellent time to pick the blog back up and see if I can make something of it.

At least it will be useful place to park tidbits as I learn the fun and exciting world of AIX HACMP and CACHE databases.

2007 09 28 scoker3 Personal Comments (0) Permalink

Set Hostname for OS X

Append or edit /etc/hostconfig with the following:

HOSTNAME="machine.your.domain"

2007 09 19 scoker3 Mac OS X Comments (0) Permalink

Creating Certificate Authority (CA) for a SSL Certificate

1) Create the certificate authority certificate and key. Make sure you remember the password you use. You will need to use it repeatedly.

mkdir /CERTS/ldap-certs/ca
cd /CERTS/ldap-certs/ca
openssl req -new -x509 -keyout ./ca.key -out ./ca.crt
echo 01 > /CERTS/ldap-certs/ca/serial
touch > /CERTS/ldap-certs/ca/index.txt

2) Create the openssl.cf file in /CERTS/ldap-certs

####################################################################
[ ca ]
default_ca = CA_default # The default ca section

####################################################################
[ CA_default ]

dir = /CERTS/ldap-certs/ca # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
new_certs_dir = $dir/newcerts # default place for new certs.

certificate = $dir/ca.crt # The CA certificate
serial = $dir/serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/ca.key # The private key
RANDFILE = $dir/private/.rand # private random number file

# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL.
# crl_extensions = crl_ext

#default_days = 365 # how long to certify for
default_days = 3650 # how long to certify for
#default_crl_days= 30 # how long before next CRL
default_crl_days= 0 # how long before next CRL
default_md = md5 # which md to use.
preserve = no # keep passed DN ordering

# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that.
policy = policy_anything

# For the ‘anything’ policy
# At this point in time, you must list all acceptable ‘object’
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional

3) Generate a Certificate Signing Request

mkdir /CERTS/ldap-certs/server
cd /CERTS/ldap-certs/server
openssl genrsa -out hostname.key
openssl req -new -key hostname.key -out hostname.csr

4) Sign the hostname certificate with your certificate authority

openssl ca -config ../openssl.cf -out hostname.crt -infiles ./hostname.csr

2006 08 26 scoker3 FreeBSD -- General Comments (0) Permalink

CAMP Shibboleth June 2006

Camp wiki

I am here for the conference on Shibboleth.

2006 06 27 scoker3 Personal Comments (0) Permalink

VMWare and the Joys of Vitualization

Like many sys admins I have used VMWare Workstation to test and deploy new environments and OS. I am starting to use VMWare server in production environments. My current employer is a private university and we have a large amount of individual labs that we support the web sites. In the past we had used one Apache server to handle all the labs. This has become problematic, mainly in the area of stability and security, where one labs script would bring down the entire server.
We have now deployed a VMWare Server that runs on a native Linux 2.6 environment. Each lab gets a virtual server that contains their own virtual machine with a default copy of Apache. We are still in the early stages and have not worked out the details on how many virtuals are most efficient per each server, nor have we work on HA solutions.

2006 05 20 scoker3 VMWare Comments (0) Permalink

Updating FreeBSD 6.0 to FreeBSD 6.1

Preliminary Work

1) First make sure that you have cvsup installed

pkg_add -r cvsup-without-gui
rehash

2) Setup your standard-supfile to update to the Release English 6.1 Sources

cp /usr/src/share/examples/cvsup/standard-supfile ~/

3) Edit the standard-supfile file:

vi standard-supfile

Change

*default release=cvs tag=RELENG_6_0

to

*default release=cvs tag=RELENG_6_1

Also make sure that you edit the

*default host=CHANGE_THIS.FreeBSD.org

to the mirror that you want to use.

Updating your Source Tree

1) Download and install your new sources

cvsup -g -L 2 standard-supfile

2) Be sure to read /usr/src/UPDATING.

Installing New Sources

1) Build your world

cd /usr/src
make clean;make cleanworld
make buildworld

2) Back up your current kernel. If you have a custom kernel config, back it up, make a copy of the new GENERIC to your old custom config name, and then edit the new file since some things may have changed since the last time you updated. In the example below, our custom kernel config is MYKERNEL.

cd /usr/src/sys/i386/conf/
cp MYKERNEL MYKERNEL.060519

3) Build and install the new kernel.

cd /usr/src
make buildkernel KERNCONF=MYKERNEL
make installkernel KERNCONF=MYKERNEL
mergemaster -p

Mergemaster checks to see if any critical files need updated to ensure the rest of the process will work smoothly. Just follow the prompts and PAY ATTENTION to what its asking you. Do not just overwrite files or you may lose users, groups etc.

Now reboot and drop into single user mode:

shutdown -h now

and at the boot prompt, choose single user mode. On some systems you have to hit the SPACE bar and then enter boot -s at the prompt if you do not see an option.

At the shell prompt mount the disks and turn on swap

fsck -p
mount -u /
mount -a -t ufs
swapon -a

Install and run mergemaster again:

cd /usr/src
make installworld
mergemaster

This last run of mergemaster checks any other files that should be merged/updated due to the upgrade. Do the same as last time, pay attention.

reboot

At this point the system should be on the 6.1 release.  I then run:

portmanager -u -f

This rebuild all installed ports to ensure we are using all our new libs and installs.

2006 05 19 scoker3 FreeBSD -- General Comments (0) Permalink