tag:blogger.com,1999:blog-81227785088248972382024-03-04T23:42:07.313-08:00Armagon's IslesArmagonhttp://www.blogger.com/profile/08377208978902686793noreply@blogger.comBlogger6125tag:blogger.com,1999:blog-8122778508824897238.post-80922349194602541462009-05-15T08:37:00.000-07:002009-05-15T08:47:03.514-07:00Installing Composer-style .dmg Without Casper<p>On occassion I have needed to install software where we created a .dmg package using <a href="http://www.jamfsoftware.com/products/composer.php">Composer</a> when I did not have <a href="http://www.jamfsoftware.com/products/casper_suite.php">Casper</a> installed. </p><p>Here is an example of doing it. (Names, etc, will change when you do it yourself). Note that this will not fill user templates or copy files to all users.</p><pre class="brush: bash">$ # Mount the file while retaining permissions
$ hdiutil attach ~/Desktop/iWork\ 08.dmg -owners on
expected CRC32 $880FA4DB
/dev/disk1 Apple_partition_scheme
/dev/disk1s1 Apple_partition_map
/dev/disk1s2 Apple_HFS /Volumes/iWork 08
$ sudo cp -Rp /Volumes/iWork\ 08/ /
Password:
cp: /Volumes/iWork 08/: unable to copy extended attributes to /: Is a directory
cp: /Volumes/iWork 08/: unable to copy ACL to /: Is a directory
$ hdiutil detach /Volumes/iWork\ 08/
"disk1" unmounted.
"disk1" ejected.
</pre>Armagonhttp://www.blogger.com/profile/08377208978902686793noreply@blogger.com1tag:blogger.com,1999:blog-8122778508824897238.post-80664171018326864962009-04-08T12:03:00.000-07:002009-04-08T15:52:56.790-07:00Use MAC Address to Look Up Computer In Open Directory<p>Occassionally you know a Mac computer is in your Open Directory, but don't know what it is named in there. If you know the primary MAC address, you can look it up.</p>
<p>After you open up a trusty Terminal, you can make a list of all of the Computer Names and their Mac addresses by doing this (on one line):</p>
<p><code>dscl /LDAPv3/192.168.100.100 -readall /Computers RecordName macAddress > out.txt</code></p>
<p>Then, open up out.txt in a text editor, and do a search for your MAC address, or, from the command line, do this:</p>
<p><code>grep -A 1 "00:1b:63:36:95:35" out.txt</code></p>
<p>The result will look like:</p>
<p><code>dsAttrTypeNative:macAddress: 00:1b:63:36:95:35<br>
RecordName:</code> <em>ComputerNameHere</em></p>
<p>If you have access to a computer over ssh or ARD, you can get the MAC address with this command:</p>
<p><code>ifconfig en0 | grep eth</code></p>
<p>'en0' is the first interface, which is almost always ethernet, and should be the value stored in the directory. Using 'en1' would give you the second interface's MAC address; it is almost always the Airport.</p>Armagonhttp://www.blogger.com/profile/08377208978902686793noreply@blogger.com1tag:blogger.com,1999:blog-8122778508824897238.post-17047515741670906312009-03-26T09:52:00.000-07:002009-04-02T20:12:48.508-07:00OD Archive fails due to "Keychain -25300" error<p>At my workplace, we have been having problems with Apple <a href="http://en.wikipedia.org/wiki/Apple_Open_Directory">Open Directory</a>. [I'm using OS X Server, 10.5.6.] One thing we noticed is that, if you go to Server Admin, and tell it to make an archive or your directory, it will appear to happily do so, but, if you check, you will not end up with an archive; no file will have been created, and, in looking at the "Configuration Log" (/Library/Logs/slapconfig.log), you will see at the end that there was some sort of mysterious keychain error at the end of step 5:
</p><pre>Error in backing up keychain -25300
Removed directory at path /tmp/slapconfig_backup_stage[funky-unique-name].</pre>Searching the web for the keychain error message merely revealed other people who were having the problem, and had not come up with a solution.
<p>At length, I found that <a href="http://developer.apple.com/opensource/index.html">Apple has open-sourced a number of their projects</a>, including parts of Open Directory, and that <a href="http://www.opensource.apple.com/darwinsource/Current/">the source is available for download</a>.</p>
<p>When looking for the source for slapconfig (the tool used in creating the Open Directory archive), which does not appear to be available, I came across a posting where <a href="http://www.afp548.com/forum/viewtopic.php?showtopic=22684">someone identified which keychain is missing</a>.</p>
<p>The missing keychain is a System keychain called <code>com.apple.opendirectory</code>. Here is how you re-create it:</p>
<p>Run Keychain Access (it is in /Applications/Utilities).</p><p>Click on the "System" Keychain (on the left) and note that the com.apple.opendirectory keychain does not exist. [The picture below shows it after it has been created.]</p>
<p><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDdRd2t9Aj9rZdQPH4i2k1rW5fsIJIoY8G2a2xE4sU6XZlewifUJRvF_fBv6Z3aEOAW-2F2u4yeVdUVg9XSWnikrRdc0zCs1tlme95BuX6-niongLSGePvCjdt8hPW-ifk6IY65rK8v5o/s1600-h/Keychain+Access.png"><img style="cursor: pointer; width: 400px; height: 245px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDdRd2t9Aj9rZdQPH4i2k1rW5fsIJIoY8G2a2xE4sU6XZlewifUJRvF_fBv6Z3aEOAW-2F2u4yeVdUVg9XSWnikrRdc0zCs1tlme95BuX6-niongLSGePvCjdt8hPW-ifk6IY65rK8v5o/s400/Keychain+Access.png" alt="" id="BLOGGER_PHOTO_ID_5317590107758230962" border="0" /></a></p>
<p><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://3.bp.blogspot.com/_JnwonNKkGAc/ScvBAb6A3II/AAAAAAAAABI/dCMZ9kR0vik/s1600-h/Keychain+Access.png">
</a></p>
<p>You will need to add a new keychain item. Click on the "+" symbol at the bottom. [You may have to unlock your keychain first]</p>
<p><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://1.bp.blogspot.com/_JnwonNKkGAc/ScvBAg9lb_I/AAAAAAAAABQ/Lyv_zfDo1z0/s1600-h/Create+New+Keychain.png">
</a></p>
<p><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFXsNnvw-apeAm5p5wP59aFdPuepEgooj33iLgYhbVoD4IjWARyuzki-KKIGxTOo5FNEquzNnlDrZMEb8M5iAGN6yJfkpkcpaJQeN3fX1FjWXddMjlxepMkLPojHXcmaMlAjaJgZ9aw3E/s1600-h/Create+New+Keychain.png"><img style="cursor: pointer; width: 400px; height: 372px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFXsNnvw-apeAm5p5wP59aFdPuepEgooj33iLgYhbVoD4IjWARyuzki-KKIGxTOo5FNEquzNnlDrZMEb8M5iAGN6yJfkpkcpaJQeN3fX1FjWXddMjlxepMkLPojHXcmaMlAjaJgZ9aw3E/s400/Create+New+Keychain.png" alt="" id="BLOGGER_PHOTO_ID_5317590110515811890" border="0" /></a></p>
<p>I did some testing. It is important that the account name be your server's hostname followed by a dollar sign. If you use something else -- for example, I tried the hostname of the server that used to be our Open Directory Master -- you will get keychain errors when you try to create the archive.</p>
<p>We went to some effort to recover the former password [cool enough, if you have a keychain, you can hit the 'i' button (or press Cmd-I) to see the info on it, and then tick the "Show password" checkbox to see the password.] This was needless; it turns out that the password you use really doesn't matter. I don't think you'd ever need to know it again, and while I don't know what purpose it serves, I'd use a reasonably strong password.</p>
<p>Having created your new key, can you make a backup? Yes, well, ..., erm, well, yes, but, not through the GUI tool. When you use Server Admin now (and I even tried rebooting to see if it would make a difference), things still do not work right. If you click on Open Directory and then on "Archive", it may say "loading information" for a couple of minutes, and, when you finally try to create the archive, it will fail silently, logging:
</p><pre>Error in backing up keychain -25308</pre>
a different error, which, I gather, means it couldn't communicate with the keychain. (Sigh)
<p>But, <span style="font-style: italic;">you can now create the backup manually.</span></p>
<p>Open up a trusty Terminal, and issue a the backup command:</p>
<code>sudo slapconfig -backupdb Desktop/backup</code>
<p>The latter parameter is the path and filename of the backup to create. You will be asked for your admin password [by sudo], and then for a password for the sparseimage archive of your directory [by slapconfig]. It goes ahead and does it thing, even stopping to ask if it can access the keychain, and, you'll notice at the end of step 5 it says,</p>
<code>Backed Up Keycahin</code>
<p>[That is a direct cut-and-paste, by the way. Bugs come in all shapes and sizes.] You now have a successful backup!</p>
<h1>Restoring the Backup</h1>
<p><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNEkt4fTmNmA4hMElwRt0aEoTXFy52p_qBt9qQFRF5tB2YJawGMPqqQholsNQ3rXFxKQ7YgLB90HHdc7L2UmSJ7Dot_dWmeCTi8i3rubD2mbeiYcRuYqkHINVqmY56M3k1GisqsJKz3IM/s1600-h/Archive+Open+Directory.png"><img style="margin: 0pt 10px 10px 0pt; float: left; cursor: pointer; width: 400px; height: 327px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNEkt4fTmNmA4hMElwRt0aEoTXFy52p_qBt9qQFRF5tB2YJawGMPqqQholsNQ3rXFxKQ7YgLB90HHdc7L2UmSJ7Dot_dWmeCTi8i3rubD2mbeiYcRuYqkHINVqmY56M3k1GisqsJKz3IM/s400/Archive+Open+Directory.png" alt="" id="BLOGGER_PHOTO_ID_5317566736190802322" border="0" /></a></p>
<p>I went to a pristine server and tried to restore the backup. In Server Admin, select the server, choose "Open Directory", click on the "Archive" icon, and choose "Restore". It didn't work. The log said, "The directories were not merged because the kerberos realms are different."</p>
<p>Okay, fine. I changed the server from being an Open Directory Master to being a Standalone server. Then, I changed it back to being an Open Directory Master. This time I was sure to enter in the realm information used by our existing master, and to change the base path to correspond. Afterward, I was able to restore, right from the GUI tool.</p>
<p>I tested the restored master with Workgroup Manager and <code>dscl</code>, and <code>su</code>. It looks good. Making an Open Directory Archive from Server Admin worked, too!</p>
<p>Hooray!</p><p></p><h1>Addendum</h1><p></p><p>If the com.apple.opendirectory keychain does not exist, it will be created when you take a standalone server and make it into an Open Directory Master. </p><p></p>Armagonhttp://www.blogger.com/profile/08377208978902686793noreply@blogger.com36tag:blogger.com,1999:blog-8122778508824897238.post-70733625952484041392009-03-05T15:50:00.000-08:002009-03-06T04:59:48.259-08:00Python Subprocess Wrapper for MySQL<p>Compiling <a href="http://sourceforge.net/projects/mysql-python">MySQL support for Python</a> under OS X Leopard is a <a href="http://www.google.com/search?hl=en&client=opera&rls=en&hs=wyt&q=mysql-python+leopard&btnG=Search">pain</a>, and, so far as I can see, there is no handy way to do it with a redistributable universal binary.</p><p>So, I decided to call MySQL from within Python using a subprocess. This is the code that I came up with, which should work fine with a default installation of <a href="http://www.mamp.info/">MAMP</a>. It likely has more overhead than using MySQLdb, and would likely choke if you got a really large result-set back. However, I think it will serve my purposes admirably.</p>
<pre class="brush: py">
#!/usr/bin/env python
from subprocess import Popen, PIPE
# Set the command you need to connect to your database
# WARNING: password will be visible in a process listing!
mysql_cmd_line = "/Applications/MAMP/Library/bin/mysql -u root -p"
mysql_password = "root"
def RunSqlCommand(sql_statement, database=None):
"""Pass in the SQL statement that you would like executed.
Optionally, specify a database to operate on. Returns the result."""
command_list = mysql_cmd_line.split()
if database:
command_list.append(database)
# Run mysql in a subprocess
process = Popen(command_list, stdin=PIPE, stdout=PIPE,
stderr=PIPE, close_fds=True)
# pass it our commands, and get the results
(stdout, stderr) = process.communicate( mysql_password )
return stdout
def test():
"""Performs a simple test connection."""
print "This specified MySQL server has the following databases:"
print
print RunSqlCommand("SHOW DATABASES;")
print RunSqlCommand("SELECT * FROM USER_PRIVILEGES LIMIT 2;", "information_schema")
if __name__ == "__main__":
test()
</pre>
<p>The output of that command, against a pristine MAMP installation, is:</p>
<pre class="brush: plain">
This specified MySQL server has the following databases:
Database
information_schema
mysql
test
GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE
'root'@'localhost' NULL SELECT YES
'root'@'localhost' NULL INSERT YES
</pre>
<p></p><p></p>Armagonhttp://www.blogger.com/profile/08377208978902686793noreply@blogger.com2tag:blogger.com,1999:blog-8122778508824897238.post-83637630747520361122009-03-01T19:32:00.000-08:002009-03-06T04:35:49.946-08:00Which World? cayleencreates.comhttp://www.blogger.com/profile/05363505858060743015noreply@blogger.com0tag:blogger.com,1999:blog-8122778508824897238.post-84815673743558816692009-03-01T19:28:00.000-08:002009-03-06T04:35:49.946-08:00Hello, World!Armagonhttp://www.blogger.com/profile/08377208978902686793noreply@blogger.com0