You are hereMacOS X
MacOS X
5 years after a change in attitude
It has been approximately 5 years I finished using stolen or pirated software. I must admit: I love it!
I love the look on the face of others when they hear I have no illegal software on my machine.
I love the feeling of being legit with all that software.
I love to help others do their first steps in this uncommon world.
And no, I love my money and don't spend it when it's not necessary.
It's all about the attitude.
The most difficult part is the attitude that needs to change.
My previous attitude was to look for a well known brand, download the software, crack it and play with it. If it could do what I needed it for I kept using it. But what with all the unused features? What with the price of this software? That's not important, it's "free" says the thief.
Like with everything in this world there are different options you can choose from. But do we have the choice with software?
Sure we have. I usually see two different options: a) use open source software or b) find an alternative that is worth it's price.
Many (almost all) open source software packages are available for free. Many are even of a great quality, but finding the right packet is difficult. There is a great site around called osalt. It's a huge list with well known commercial software and their similar alternatives in the open source world. There is a short description and a list of supported operating systems. Be sure to check out this site and find what you need.
In the rare case it is possible that you can't find what you need, just look around for other software that is less expensive. Dare to try free beta's, usually when pre-ordering you get a reduction.
aether - Mac OS X
On my Mac I have three commercial software packages that need to be payed for. The first one is Mac OS X, but this one I payed for when buying the computer.
The second one is VMWare Fusion. When I was in then need for a hypervisor on my Mac the only open source alternative was Q. Unfortunately it had a huge performance impact on my machine. So I tried Fusion's beta program. The product worked very well and a few months before the final release there was a 50% off from the price of $80 making it $40 or €30 (by then).
Right now you can use VirtualBox as alternative, but that wasn't available yet when I needed it.
The third commercial software is called Bibble. I couldn't find a good open source alternative that ran on Mac and Adobe Lightroom 2 with it's $300 is really to expensive for me. So I bought Bibble that delivers the required features for $130 or €83.
What about the rest? It's fairly simple here's a short list:
- Browsing - Mozilla Firefox
- Email - Mozilla Thunderbird
- Office Suite - OpenOffice.org (or NeoOffice in the past)
- Chat - Adium
- Launcher - Quicksilver
- Notification - Growl
- Video - VLC
- Burning - Burn
- (s)FTP - Cyberduck
- Code editor - Smultron
- Backup - iBackup (not open source, free for personal use)
- ...
sws00448 - Microsoft Windows
This is the computer I have from my company. I'm 'forced' to use many commercial software but they do pay for it. So it's not really my problem. Let's skip that boring non-Office or administrative software if you want.
- Browsing - Mozilla Firefox
- Full-Disk Encryption - TrueCrypt
- Secure Erasing - Eraser
- Office Suite 2- OpenOffice.org
- PortableApps - Portable Apps
- Chat - Pidgin
- Launcher - Launchy
- Video - VLC
- Burning - Infrarecorder
- (s)FTP - FileZilla
- Code editor - Notepad++
- Shell - Cygwin
- ...
neptunus - Linux / Ubuntu
No need to make a list here. For all the software you want just got to the "Add/Remove Software" menu item. In contrary to some other Operating Systems you can really add software in this place.
Conclusion: I changed my attitude
Do I miss something on my machine? No, and I'm really happy with the things I use, and (almost) all for free.
Jump on the bus and try out free software.
Belgian eID to login on Mac OS X
This short howto explains how to use the Belgian eID to login on your Mac OS X machine. In this document I assume your cardreader is detected/installed and you are administrator of your machine. I am using Mac OS X 10.4.11.
Enable SmartCard authentication (only Mac OS X 10.4)
The happy owners of Leopard, Mac OS X 10.5, shouldn't change anything in their configuration file. Just jump to the part about access permissions.
Probably for performance reasons Apple didn't activate SmartCard login by default. So we will need to change a few configuration files to enable it. This procedure is explained on this page. Here's my own documentation with the examples for the Belgian eID.
The instructions in this part should be exactly the same on your system.
$ sudo -s Password: $ cd /etc/ $ cp authorization authorization.20080707.orig $ cp authorization /tmp/authorization.mod
Now edit the temporary file using your favorite editor or by using the graphical editor if you prefer.
$ vi /tmp/authorization.mod $ open -a "Property List Editor" /tmp/authorization.mod
Make the following changes to the mechanisms Array inside the system.login.console rights (Line 452):
After the string <string>builtin:auto-login,privileged</string> add the string <string>builtin:smartcard-sniffer,privileged</string>.
After the string <string>builtin:reset-password,privileged</string> remove the string <string>authinternal</string> then add string <string>builtin:authenticate,privileged</string>
Make the following changes to the "mechanisms" Array inside the "authenticate" rules (Line 649):
Add the following string to the beginning of the array <string>builtin:smartcard-sniffer,privileged</string>
After the string <string>builtin:authenticate</string> remove the string <string>authinternal</string> then add the string <string>builtin:authenticate,privileged</string>
Now copy the file to the right place on your system:
$ cp /tmp/authorization.mod /etc/authorization
You can check the differences here or download the original and modified file (Mac OS X 10.4.11)
$ diff -uN /etc/authorization /tmp/authorization.mod
--- /etc/authorization 2008-03-23 17:53:36.000000000 +0100
+++ /tmp/authorization.mod 2008-07-07 11:19:05.000000000 +0200
@@ -449,9 +449,10 @@
<key>mechanisms</key>
<array>
<string>builtin:auto-login,privileged</string>
+ <string>builtin:smartcard-sniffer,privileged</string>
<string>loginwindow_builtin:login</string>
<string>builtin:reset-password,privileged</string>
- <string>authinternal</string>
+ <string>builtin:authenticate,privileged</string>
<string>builtin:getuserinfo,privileged</string>
<string>builtin:sso,privileged</string>
<string>HomeDirMechanism:login,privileged</string>
@@ -645,8 +646,9 @@
<string>evaluate-mechanisms</string>
<key>mechanisms</key>
<array>
+ <string>builtin:smartcard-sniffer,privileged</string>
<string>builtin:authenticate</string>
- <string>authinternal</string>
+ <string>builtin:authenticate,privileged</string>
</array>
</dict>
<key>authenticate-admin</key>
Access permissions (everyone)
We now enabled SmartCard authentication. The question that remains open is: Who owns what SmartCard?
On the eID card there are two private keys present. One for signing purposes and one for authentication. We will use the authentication key of course.
Go back to your Terminal that was logged in as root and type the following command. This will list the hashes of the keys.
$ sc_auth hash 3F5C816C10AB60926E2E8A3CD9096C1F8AF34C9C PrK#2 (authentication) 35BDB8600FA219204D28FAD856380F6E06123B62 PrK#3 (signature) $ sc_auth accept -u chri -h 3F5C816C10AB60926E2E8A3CD9096C1F8AF34C9C
If desired, more than one smart card can be associated with a single user account by running the script again with the hash from the additional card(s).
We can check if it's OK:
$ dscl . -read /Users/chri ... AuthenticationAuthority: ;ShadowHash;HASHLIST:<SALTED-SHA1,SMB-NT,SMB-LAN-MANAGER> ;pubkeyhash;3F5C816C10AB60926E2E8A3CD9096C1F8AF34C9C ...
Test your configuration
That's it. Save all your open files, log out of the system and connect your SmartCard. You should see the Enter PIN when your card is connected:
Debug info
When entering the cardreader in /var/log/secure.log (open using Console). If you don't see these messages check that your cardreader is configured correctly on the system.
com.apple.SecurityServer: Token reader CCID Smart Card Reader 0 0 inserted into system com.apple.SecurityServer: token inserted into reader CCID Smart Card Reader 0 0 com.apple.SecurityServer: reader CCID Smart Card Reader 0 0 inserted token "BELPIC-534C494E336600296CFF2491AB111E14" (BELPIC-534C494E336600296CFF2491AB111E14) subservice 2 using driver com.apple.tokend.belpic
After a successfull login see these messages:
SecurityAgent[1994]: Showing Login Window SecurityAgent[1994]: User Authenticated: continue login process com.apple.SecurityServer: Succeeded authorizing right system.login.console by process /System/Library/CoreServices/loginwindow.app for authorization created by /System/Library/CoreServices/loginwindow.app. com.apple.SecurityServer: Succeeded authorizing right system.login.done by process /System/Library/CoreServices/loginwindow.app for authorization created by /System/Library/CoreServices/loginwindow.app.
Links
Apple Smart Card Setup GuideMac OS X 10.4: Enabling smart card login
See access to disk Mac OS X
sudo fs_usage -f filesys
Create ISO on MacOS X
From slashdotdash.net
1. Insert CD/DVD source
2. Fire up a Terminal, you can then determine the device that is you CD/DVD drive using the following command:
$ drutil status
Vendor Product Rev
MATSHITA DVD-R UJ-857 HBEA
Type: CD-ROM Name: /dev/disk1
Cur Write: 24x CD Sessions: 1
Max Write: 24x CD Tracks: 1
Overwritable: 00:00:00 blocks: 0 / 0.00MB / 0.00MiB
Space Free: 00:00:00 blocks: 0 / 0.00MB / 0.00MiB
Space Used: 76:47:23 blocks: 345548 / 707.68MB / 674.90MiB
Writability:
3. Umount the disk with the following command:
$ diskutil unmountDisk /dev/disk1 Disk /dev/disk1 unmounted
4. Create the ISO file with the dd utility (may take some time):
$ dd if=/dev/disk1s0 of=file.iso bs=2048
5. Test the ISO image by mounting the new file (or open with Finder):
$ hdid file.iso
6. The ISO image can then be burnt to a blank CD/DVD.
Unexpected reinstall MacOS X & Hard Drive Issues
This weekend I chose to reinstall my MacBook. The main reason was that, some time ago, I screwed up my language support be removing all unwanted languages with Monolingual. MacOS X application bundles usually come in Universal Binarys and can contain many translations. This nice monolingual application enables you to remove all these unwanted PPC binaries and unwanted languages. Stupid as I am I didn't realize that by removing Dutch and French my spellcheck would also loose these languages.
Unfortunately MacOS X isn't documented like Linux and I couldn't find what files I was missing. The only solution: reinstall.
I took my courage with both hands and started making backups on my LaCie USB disk of 250 GB. After 30 mins of intensive tar cf /Volumes/UNTITLED/backup/${name}.tar ${name} all my data was backed up on my disk.
A simple tar tf filename.tar showed me that my files were indeed present in the tar archive.
Time to reinstall my Mac ! Everything went fine, except...kernel panics when installing the updates. Looks like Mac doesn't like unknown kernel modules running when doing such a big update. Reboot not possible, Reinstall... Finally my mac was installed and updated. Only then I started to reinstall the software I need. In such situations you really miss package managers like Linux has. This means going to every website and downloading that one piece of software from there, and hopping to the next website...
Like all unix platforms I know MacOS X has a centralized place for the user-preferences. /Users/$username/Library/ it is.
I connected my ext2 disk to my Mac and realized again that I needed a driver for that. Ex2fsx it is. Unfortunately that stupid driver went weird and screwed up my filesystem.
The pleasure starts now. Well, fortunately I was able to copy my Documents and mails before it all went wrong. So with old backups I could live without the need for a suicide. But first let's do some data-recovery...
No problem, been there, done that. Take work-laptop, boot linux, plug in the USB disk, that is automagically mounted, start copying data, done. NOT !
For obscure reasons my USB device (/dev/sdc*) disappeared from /dev/ when trying to copy/access data. The dmesg output said things like Buffer I/O error on device sdc and EXT3-fs error (device sg1): ext3_find_entry: reading directory blablabla.
I started to panic a little. Some FOSDEM related things were not in my 2month old backup. What should I do?
Trying different ways to access the data or repair the partition: fsck, dd. But they all failed. Well, time to get some sleep.
This morning I concluded I had only one solution: Open the case and connect the disk to a computer directly, and so bypassing the SATA-to-usb-controller. Maybe this will work better. But how should I do this? I can't find any screws on the case... With some patience I could find the right way to open the black-box.
Here are the instructions to open a black LaCie USB case:
Finally I connected the disk to my parents machine that has SATA support. Booted it again from my BT3-live-usb, mounted it manually, quickly backed up the data. Did a fsck /dev/sda2 and took a deep breath. All data recovered !
X over SSH
From be.comp.os.unix ...
XXXXXXXXXXXXXX wrote:
>> Hallo,
>>
>> Ik probeer om xserver te starten door ssh.
>>
>> Wanneer ik een verbinding maak via ssh en ik geeft het comando startx.
>> Dan start x wel op mijn unix machine maar niet op de host die ik op dat
>> moment gebruik.
Zo gaat dat niet.
Ofwel start je een X server op je 'remote machine' en neem je dat scherm over met iets zoals VNC.
Ofwel start je een X server op je lokale machine (windows, linux, mac,...) en pipe je de applicaties door je SSH tunnel naar je lokale Xserver.
Hoe gaat dit te werk? In mijn situatie run ik MacOS X op mijn laptop. Soms heb ik toegang nodig tot linux-only apps (ofwel ben ik te lui om het te recompilen met alle deps).
Op mijn Mac OS X laptop start ik X op. (X11.app)
Vervolgens open ik mijn shell (terminal) en typ ik:
$ ssh -Y 192.168.1.141
(je kan ook -X gebruiken, zie manpages) Zo geraak ik ingelogd op mijn remote linux bak en heeft SSH al direct mijn $DISPLAY variable goed gezet.
Vervolgens start ik gewoon mijn grafische app op, de applicatie wordt door de ssh tunnel naar mijn MacOS X X11 server gestuurd. (aether = MacOS X, chri-desktop = linux onder virtuele machine)
chri@aether ~ Tue 10 Apr 22:05 $ echo $DISPLAY :0.0 chri@aether ~ Tue 10 Apr 22:07 $ ssh -Y 192.168.1.141 chri@192.168.1.141's password: Linux chri-desktop 2.6.20-11-generic #2 SMP Thu Mar 15 08:03:07 UTC 2007 i686 Last login: Tue Apr 10 22:07:32 2007 chri@chri-desktop:~$ echo $DISPLAY localhost:10.0 chri@chri-desktop:~$ firefox& [1] 5593 chri@chri-desktop:~$ [1]+ Done firefox chri@chri-desktop:~$ exit logout Connection to 192.168.1.141 closed. chri@aether ~ Tue 10 Apr 22:09 $
