recursive chmod and chown on files 07. Oct 2011
If you want to recursively apply permissions to files it’s best to use GNU parallel because it handles obscure filenames robustly:
find directory -type f | parallel -m chmod mode
If you want to change ownership of the files, you can use a root subshell:
sudo bash -c "find directory -type f | parallel -m chown user:group"
make ard work with dynamic dns 22. Sep 2011
With its default settings Apple Remote Desktop doesn’t play well with dynamic DNS services. If you add a domain with a dynamic IP address it retrieves the IP address only once and if the IP address changes, the connect fails. A temporary workaround is to remove the IP address from the computer information window or to remove and readd the computer, but that certainly sucks for the long term.
A permanent solution is to disable reverse IP lookups:
defaults write com.apple.RemoteDesktop \
DisableReverseIPLookup -bool yes
Now Apple Remote Desktop will update the IPs upon launch.
ssl certificate errors on mac os x 20. Sep 2011
If you try to download something from Github via https with wget on Mac OS X you might receive one of the following errors:
ERROR: The certificate of `github.com' is not trusted.
ERROR: The certificate of `nodeload.github.com' is not trusted.
ERROR: The certificate of `raw.github.com' is not trusted.
The reason is that the default certificate directory is hard coded in wget as /etc/ssl/certs which corresponds to the Linux directory layout and doesn’t exist on Mac OS X. I’m actually quite suprised by this because I installed wget via MacPorts so I would have expected it to have been patched for my plattform.
So, where do you get root certificates from?
You could use the certificates from the default curl installation on Mac OS X, but they are hopelessly outdated (Yes Apple, I’m looking at you!):
$ head -n 5 /usr/share/curl/curl-ca-bundle.crt
##
## $Id: ca-bundle.crt,v 1.2 2003/03/24 11:06:57 bagder Exp $
##
## ca-bundle.crt -- Bundle of CA Root Certificates
## Last Modified: Thu Mar 2 09:32:46 CET 2000
The version from the curl website is a lot fresher:
$ curl -s http://curl.haxx.se/ca/cacert.pem | head -n 4
##
## ca-bundle.crt -- Bundle of CA Root Certificates
##
## Certificate data from Mozilla as of: Fri Sep 2 23:34:57 2011
Interestingly the version from MacPorts is the freshest:
$ head -n 4 /opt/local/share/curl/curl-ca-bundle.crt
##
## lib/ca-bundle.crt -- Bundle of CA Root Certificates
##
## Certificate data from Mozilla as of: Tue Sep 20 00:13:05 2011
You don’t need to install curl to get the certificates, there is a separate bundle:
$ sudo port install curl-ca-bundle
Using MacPorts also has the advantage, that your root certificates get upgraded automatically when you upgrade your outdated ports.
After you installed the root certificates you need to tell wget where to look.
You can use a parameter:
$ wget --ca-certificate=/opt/local/share/curl/curl-ca-bundle.crt \
https://www.domain.com/path/to/your/file
Or you can add an option to your ~/.wgetrc:
CA_CERTIFICATE=/opt/local/share/curl/curl-ca-bundle.crt
The latter is of course much more meaningful, because it saves you from manually applying the lengthy parameter on every https download.
acoustic feedback in the terminal 19. Sep 2011
If you compile larger programs on the command line of Mac OS X it can take quite a while and you will probably not want to stare at the Terminal until compilation is finished. To give you an acoustic feedback you can create some aliases:
alias success='afplay /System/Library/Sounds/Glass.aiff'
alias failure='afplay /System/Library/Sounds/Basso.aiff'
alias exitsound='if [ $? -eq 0 ]; then success; else failure; fi'
I like to put them in ~/.bash_aliases and source them from ~/.bashrc put that’s just a matter of taste. Now you can enjoy the full glory of the alert sounds while doing stuff in the Terminal!
sudo port install something; exitsound
./configure && make; exitsound
Have fun!
safari 5.1 user agent changed 19. Aug 2011
If you are using Glimmerblocker and Little Snitch together with Safari 5.1 you need to be aware that Safari 5.1 uses a different user agent so you have to include WebProcess and possibly PluginProcess in your PAC file. I have created updated versions of the PAC rule and the PAC script. For more information see the Glimmerblocker wiki.
