It's like it's afraid of the impending Force Quit that happened shortly after.

You can modify the .dist files, but here's an alternative approach:

• Create a 50 GB sparse image, name the volume "Final Cut Studio 3"
• Enable permissions on the "Final Cut Studio 3" volume

• Mount all the FCS discs, install the main package using installer:

  installer -verbose -pkg /Volumes/Final\ Cut\ Studio\ Install/Installer/FinalCutStudio.mpkg -taret /Volumes/Final\ Cut\ Studio\ 3
  

Running the first phase through installer allows us to skip entering the license info.

• Run all the remaining installers from the individual discs, i.e. "Audio Content 1", "DVD Studio Pro Content", "Motion Content 1". In the installer click "Change Install Location..." and select the "Final Cut Studio 3" volume.
• Create a new compressed disk image from the "Final Cut Studio 3" volume, scan for restore (only necessary if you want to do a block restore, see below).

Now you have a complete FCS install as a single disk image, ready to be restored with asr. I've only tested this with fresh systems so YMMV, but the idea is straigtforward - we just copy all the files that come with FCS to their correct locations.

Since a default FCS installation is about 14 times the size of a minimal Snow Leopard install (!) it might make sense (save time) to first lay down FCS with a block copy (i.e. erasing the target first) and then restore the OS with a file copy. I tried this and it actually worked! With this method, a complete install of Final Cut Studio 2 clocks in at just under 12 minutes.

On an unrelated note, a minimal 10.6 install restores in 80 seconds over 1Gb Ethernet (onto a Mac Pro, using RAID 6 on the server). Probably less time most Windows PC's take to boot up. :-P

/**
 * Check Finnish social security number
 * @return true if correct, false if incorrect, -1 if malformed
 */
function checkSsn(ssn)
{
  ssn = ssn.toLowerCase();
  m = ssn.match(/(\d{6})-(\d{3})(\w){1}/);

  if (!m) {
    return -1;
  }

  c = Array(); base = 35;
  n = parseInt(m[1] + m[2], 10) % 31;

  for (i = 0; i < base; i++)  {
    e = parseInt(i, 10).toString(base);
    if ('gioq'.indexOf(e) < 0) {
      c.push(e);
    }
  }

  return (c[n] == m[3]);

}

The idea is the last character in the SSN is essentially a verification code derived from all the numbers in the SSN. The specs are from the Finnish Population Register Center but unfortunately they only seem to be available in Finnish.

Yeah, that's what I thought too. This happens every time I tried to create a NetRestore image using Apple's System Image Utility. Clicking "OK" just brings the same dialog back after some time.

This reminds me of how a customer brought me his PowerBook with the classic "Document was not saved" dialog in Excel 2004, with only one button - "OK". "No, it's not OK", he said. :-)

I ran into this after deleting the 1.5.1 shortcut from the Desktop. Going to the .app download page just opened the .jnlp launching the app, but the shortcut was gone. Command-clicking the app in the dock just selected the java executable. This trick forces the client to re-download and also create the .app on the desktop.

Anyways, the script's been fixed now. No need to update the actual widget since that acts simply as the UI. Enjoy! ;-)

Symbolic link not allowed or link target not accessible /Volumes/data/SoftwareUpdate/html/index.sucatalog

This will probably only happen if you remove the original swupd datastore. The fix is to clear out all the index files:

serveradmin stop softwareupdate
rm -rf /Volumes/data/SoftwareUpdate/html/index*
serveradmin start softwareupdate

IIRC, this wasn't necessary in 10.5, but I might be wrong...

The imaging starts automatically when a volume is mounted. Should also work with multiple DVD drives. The images are bzip compressed (UDBZ, need 10.4 or later to open) and are named after the volume name. It ejects the media once the imaging has completed.

Should work with 10.5 or later (uses PyObjC).

To use it, just modify config.yaml. Multiple sources and destinations can be defined under their own "name". Anonymous connections haven't been tested, but should be in the form ":@server/path".

$ python relay.py 
-- checking default
<- getting Untitled_2.wmv
-> sending Untitled_2.wmv

The skiplist is stored in $CWD/.skiplist. Remove it to do a full transfer. The files are always relayed through the local machine (not sent from server to server) which is not terribly efficient but sometimes the only option. Folders are not trasfered - they throw an exception and are skipped on the next run.

There's obsiously no shortage of great free/open source forum applications out there. My first recommendation was Vanilla due to it's very lightweight nature, but it quickly dawned that it's not really the right choice.

My next choice is PunBB which we've run very successfully on the Estonian Macintosh User Group. It has all the important features, is fast and just "quick and dirty" enough to make your own modifications to it. It's also more secure than phpBB and gives excellent performance even with large installations.

The next and biggest question in integration is of course authentication - we don't want to manually create all the wiki server accounts in the forum software. The ideal solution would be to have the forum share the same session with the wiki software - a kind of SSO solution. This would be awesome but not really feasable at this time. The next best thing would be to have PunBB authenticate against the same LDAP server as the wiki. This something that PunBB doesn't yet do.

So I threw together a little extension for PunBB that enables LDAP authentication. You can download it from my Github page. Once you have PunBB and the extension installed, it's simply a matter of editing the respective templates to include the links to both applications.

One thing to note - PunBB doesn't, AFAIK, have a notion of a completely "private" bulletin board. That means, as is, the solution is not appropriate if your wiki is publicly accessible.

defaults write com.apple.com SendWindowsFriendlyAttachments -bool Yes
defaults write com.apple.com AttachAtEnd -bool Yes

It's the second one, disabling inline attachments, that really makes a difference. Now if only there was a way to always display attachments as icons...

The point is, chown will not be able to set the permissions since it won't have any idea of who those users actually are, so after upgrading and re-binding, one should do something like this (as root):

maildir=$(serveradmin settings mail:imap:partition-default | cut -d = -f 2 | sed 's/[ "]//g')
for u in $maildir/*; do
  chown -R $(basename $u):mail $u
done
/usr/bin/cvt_mail_data -r "$maildir"

The last line renames the user folders to their corresponding GUIDs, which also isn't possible without a working OD master.

On a lighter note, It's clear that Apple has indeed put a lot of effort into 10.6 server and into making upgrading and migrating as smooth as possible. Quite frankly I don't remember the last time I've been able to read an OS X server manual and find helpful and working instructions which is exactly what has happened more than once installing 10.6. Even working around this bug was a joy thanks to the clear scripts and logs. My faith in OS X as a great server platform is slowly being restored. :-)

So I hacked together this thing in like 10 minutes. A basic usage example would be:

$ ./smalltest.sh 1000 20 /tmp
#### WRITE TEST ####

real    0m2.452s
user    0m0.530s
sys 0m1.649s
#### READ TEST ####

real    0m1.799s
user    0m0.461s
sys 0m1.302s

That created 1000 ten kilobyte (twenty 512 byte blocks) files into a folder under /tmp on my MacBook Pro. The scrips itself would make a great "Bash 101" example for first graders:

  #!/usr/bin/env bash
  # smalltest.sh

  USAGE="$(basename $0) HowManyFiles BlockSize Destination"

  if [[ $# -lt 3 ]]; then
    echo $USAGE 2>&1
    exit 1
  fi

  tmpdir="/$3/$(date +%s)"
  mkdir $tmpdir

  echo "#### WRITE TEST ####"

  time (
    for (( i = 0; i < $1; i++ )); do
      dd if=/dev/zero of="$tmpdir/$i" count=$2 bs=512 > /dev/null 2>&1
    done
  )


  echo "#### READ TEST ####"

  time (
    for f in $tmpdir/*; do
      cat $f > /dev/null
    done
  )

  rm -r $tmpdir

$ echo abc | shasum
03cfd743661f07975fa2f1220c5194cbaff48451  -
$ php -r 'echo sha1("abc");'
a9993e364706816aba3e25717850c26c9cd0d89d

Not quite the same. The reason is of course totally obvious, just not visible - echo puts a newline after everything by default, so instead of the previous, one should use:

$ echo -n abc | shasum
a9993e364706816aba3e25717850c26c9cd0d89d  -

Duh. The same thing with md5(). I think I might have figured this out before but then forgot about it so hopefully it'll stick better after posting this.

One of the problems you'll run into quite early on is accessing the Keychain which is still firmly in Carbon aka procedural C land. Maybe the PyObjC bridge also allows calling C stuff, I don't know, but lucky for us, we don't have to. There's been posts about this elsewhere but I think I've found a more simple solution. One that doesn't involve ancient frameworks or changes to your Python imports.

So, to access the Keychain from your PyObjC app:

• Download Extendmac's EMKeychain classes and add them to your PyObjC project
• Add the Carbon and Security frameworks

• Edit "main.m" and add these import statements:

  #import "EMKeychainProxy.h"
  #import "EMKeychainItem.h"
  

• Test it. For instance, to add a password to the keychain from your Python code:

  kp = EMKeychainProxy.sharedProxy()
  kp.addGenericKeychainItemForService_withUsername_password_("someservice", "filipp", "test")
  

which should result in this in Keychain Access:

And reading a password is just as simple:

ki = kp.genericKeychainItemForService_withUsername_("someservice", "filipp")
pw = ki.password()

And that's it! All kudos and many thanks to Brian Amerige of Extendmac for sharing his Keychain code!

There's a number of things I would like to do with it, like have proper version strings displayed for starters. All the metadata on the SUS could also be linked to the packages so that one could get pretty detailed information on what a package actually installs. It would also be nice to support distributions (right now it can only list individual packages). But with work stuff taking up pretty much all my time right now I thought I'd just throw it out there before I completely forget about this project.

Downloadable through GitHub. To install, just copy the folder someplace your web server can reach it. The web service has to be running on the same machine as the SUS.

[WebDAVProtocol,client] "[Failure instance: Traceback: <class 'zanshin.http.HTTPError'>: 
<<class 'zanshin.http.HTTPError'> (404) Not Found>\n/usr/share/caldavd/lib/python/twisted/internet/defer.py:304:_s
tartRunCallbacks\n/usr/share/caldavd/lib/python/twisted/internet/defer.py:317:_runCallbacks\n/usr/share/caldavd/li
b/python/twisted/internet/defer.py:239:callback\n/usr/share/caldavd/lib/python/twisted/internet/defer.py:304:_star
tRunCallbacks\n--- <exception caught here> ---\n/usr/share/caldavd/lib/python/twisted/internet/defer.py:317:_runCa
llbacks\n/usr/share/wikid/lib/python/apple_calendar/CalendarReportUtilities.py:135:handleReportResponse\n]"

with a sprinkle of these here and there:

[HTTPChannel,17,127.0.0.1] 127.0.0.1 - - [14/Sep/2009:15:17:45 +0000] "POST / HTTP/1.1" 200 730    
"http://example.com/groups/cityportal/" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_8; fi-fi) App
File "/usr/share/caldavd/lib/python/twisted/python/log.py", line 34, in callWithContext
        return context.call({ILogContext: newCtx}, func, *args, **kw)
      File "/usr/share/caldavd/lib/python/twisted/python/context.py", line 59, in callWithContext
        return self.currentContext().callWithContext(ctx, func, *args, **kw)
      File "/usr/share/caldavd/lib/python/twisted/python/context.py", line 37, in callWithContext
        return func(*args,**kw)
      File "/usr/share/caldavd/lib/python/twisted/internet/selectreactor.py", line 139, in _doReadOrWrite
        why = getattr(selectable, method)()
    --- <exception caught here> ---
      File "/usr/share/caldavd/lib/python/twisted/internet/tcp.py", line 805, in doRead
        protocol = self.factory.buildProtocol(self._buildAddr(addr))
      File "/usr/share/caldavd/lib/python/twisted/internet/tcp.py", line 752, in _buildAddr
        def _buildAddr(self, (host, port)):
    exceptions.TypeError: 'NoneType' object is not iterable

Created a fresh group and wiki - same problem. Having gone through all the basic places - group settings in WG, SACL's, Apache settings etc I just stared at the error_log and then noticed this every time I restarted the web service:

[-] Unable to write to our repository path: /Volumes/Data/Wiki

Looks like the permissions were screwed up when the wikid docroot was moved to a different volume. Indeed:

$ sudo chown _teamsserver:_teamsserver /Volumes/Data/Wiki

... fixed the issue. This looks to me like a wikid or Server Admin bug - why wouldn't they check the permissions of the "Data Store" path when it's set in Server Admin? Anyway, put this up here in case someone else runs into this.

Other improvements include defaulting the wordlist to /usr/share/dict/web2 which means you can run your scripts against it without any arguments and still get something out of it:

> curl http://unflyingobject.com/passgen/passgen.php
Prop3ll4
Ph4rm4Co
HydroPlu
Th4Lth4n
Supr4oRb
Sc4bB3D
M3roG3n1
!ROQUO1S
HYPOTH3C

If you want to use Webster's from the web interface, just leave the URL field blank.

So I wrote Desklabel. The interface is so straight-forward that it doesn't make any sense to waste time explaining it. And for the scripters, here's an AppleScript to use this automagically:

set png to "/tmp/" & (do shell script "uuidgen") & ".png"
do shell script "curl -o " & png & "  http://unflyingobject.com/desklabel/index.php -d w=1280 -d h=800 -d t=$(hostname)"
tell application "Finder"
set the desktop picture to POSIX file png
end tell
do shell script "rm " & png

If you leave out the "t" variable it'll just return your public DNS name. You should get a different color every time you run it. Set the r, g and b variables if you want something specific (my favorite is 60/60/60).

And yes, the font is awesome. It's called Bebas.

The text says something like "I need spam right away!" in Russian.

Oh, and that fancy zoom effect is FancyZoom