I am attending MacSysAdmin 2017 in Göteborg this week, so posting will be light. However, I have the honor of presenting there on “Scripting Bash”.
The slides and links that go with this presentation can be found here.
Session video is already available here. All the other wonderful and great MacSysAdmin sessions are also (or will be) collected here.
Welcome all the new readers and subscribers. My post summarizing High Sierra News for Admins certainly caused some extra traffic. Yesterday was the busiest day on this website ever, beating even the book launches by a good margin.
I will repeat some of the links from the High Sierra post here, so they don’t drown completely in that long list. A huge thank you to everyone in the MacAdmin community who share their time and knowledge, so we can all be better admins.
Next week, I will be attending and speaking at MacSysAdmin in Göteborg. I am really looking forward to meeting everyone there (again and for the first time). Feel free to say “Hi!” and introduce yourself.
If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)
To support Scripting OS X, consider buying one (or both) of my books. Thank you!
If you have already bought and read the books, please leave a review on the iBooks Store. Reviews are important to help new potential readers make the purchase decision. Thank you (again)!
There have been many post regarding High Sierra and iOS 11 over the past few weeks in my weekly news summary. And more arrived this week after the release. I thought it might be helpful to aggregate them all in one place.
Also be sure to check out the Weekly Admin News Summaries I post on this blog. If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)
To support Scripting OS X, consider buying one (or both) of my books. Thank you!
If you have already bought and read the books, please leave a review on the iBooks Store. Reviews are important to help new potential readers make the purchase decision. Thank you (again)!
Happy Update Day!
macOS High Sierra (10.13) will be released some time tonight. There have already been many articles on many of the new features (or issues) in High Sierra, especially in my Weekly Newsletter. But how does High Sierra affect my books and information therein?
The good news is: surprisingly little. There were many rumors and concerns in the build-up to WWDC this year, but the worst did not happen. I posted about my reaction to the news in WWDC here.
Nevertheless, the tutorials in the books needed to be tested on High Sierra and there were quite a few changes that had accumulated over time so I threw those in as well. The advantage of digital books is if you have already purchased the books (Thank you!) you will get these updates for free in the iBooks Store (you might have to check in the ‘Updates’ tab).
If you don’t have the books yet, you can go and buy them now and get future updates to these books as well!
PR3 is still in review limbo, but should be through soon. (Update: Available now). ‘Packaging 1.5’ is available on the iBooks store already!
If you have already purchased books, all I ask in return for the free update of new information, is to go to the iBooks Store and leave a review. iBooks Store segregates reviews by territory, so every single one of them will be very important for other users to find and evaluate the books.
Thank you!
Some notes on each of the books in particular:
The basic tools and methods for packaging in High Sierra have not changed. But since I had to go through the book to test all the examples again, I made quite a few minor corrections and clarifications.
Note: The current version of Whitebox Packages, does not run on High Sierra. I believe there will be an update soon, so I did not change the section in the book to reflect that right now.
I also added two entirely new sections: (not dependant on High Sierra)
based on this blog post: how to extract a component from a distribution package.
Other than that, Packaging remains very relevant to a Mac Administrator’s skill set with High Sierra, so go and get the book! (and please leave a review)
Note: as mentioned before, PR3 is still in Apple review limbo. I will post as soon as it clears. (Update: it cleared!) If you haven’t bought it yet, you can buy the current version now and will get the update pushed in iBooks, as soon as it clears review!
First, with High Sierra comes Swift 4, which brings a new Property List serialization API. I added new sample code to the Swift section for Swift 4.
Second, the profiles tool comes in a new version in High Sierra, with new syntax and some new functionality. You can see the new command syntax in the man page of the profiles command in High Sierra. (You can also still get the old syntax on High Sierra by calling the man page for profiles.old.)
However, while the old syntax is considered deprecated the new version on High Sierra still supports it. So there is no reason (yet) to run out and change your scripts. Nevertheless, both versions are documented in the relevant section in the book.
There is some new functionality in the new syntax (startup type profiles) and I assume that new features will only added to the new syntax going forward. As long as you still need to support Sierra Macs and older, you will have to use the old syntax or maintain both versions.
And, like the Packaging book, while I was working through the examples in the books, there are many corrections, additions and small clarifications added.
With many interesting new features in MDM, profiles will increase in relevance for adminstrators. Go get the book! (and please leave a review)
Happy Equinox, everyone! ☀️
This was the big week for the iOS family of Apple OSes (iOS, watchOS and tvOS) and hardware. While macOS HighSierra will not ship until next Tuesday (Sep 25) we already got a lot of new relevant information from the iOS release.
If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)
To support Scripting OS X, consider buying one (or both) of my books. Thank you!
If you have already bought and read the books, please leave a review on the iBooks Store. Reviews are important to help new potential readers make the purchase decision. Thank you (again)!
Distribution packages are a special format of installer packages. Distribution packages can contain one or more normal or component packages. They can also contain extra resources to customize and control the user interface in the Installer application.
In most cases administrators prefer component packages since they are easier to create and maintain. However, there are a few cases where distribution packages are necessary:
InstallApplication commandYou can easily convert an existing component package, built with pkgbuild to a distribution package with the productbuild command:
$ productbuild --package component.pkg dist.pkg
You can also combine multiple components into a single distribution package:
$ productbuild --package A.pkg --package B.pkg combined.pkg
You can add the --sign option to the productbuild command when the distribution package needs to be signed:
$ productbuild --sign "Installer: Armin" --package component.pkg dist.pkg
You can find valid identities with
$ security find-identity -p basic -v
The string you pass with the --sign parameter can be a partial match to the full identity name.
Note:
munkipkghas a flag to build a distribitution package instead of a component package.
Sometimes you may want to extract a component installer pkg from a distribution package.
First you need to expand the distribution pkg with pkgutil:
$ pkgutil --expand dist.pkg dist_expanded
When you use the --expand option on a distribution package, components will also be expanded into subfolders that end in .pkg. Because of this Finder will erroneously display them as installer bundle files. This is misleading, since the components are not functional in this form.
When you want to use the component package without any modifications, you can quickly recompress or ‘flatten’ the expanded component:
$ pkgutil --flatten dist_expanded/component.pkg component.pkg
The process of expanding and flattening a component will of course remove any signature the original pkg might have had. You can re-sign the flattened package with productsign:
$ productsign --sign "Installer: Armin" component.pkg component_signed.pkg
Note: Obviously, when you are tearing a distribution package apart you need to know what you are doing. Components in a distribution package may depend on other components or on scripts and tools in other components. As always: test, test, test.
You can learn more on building installer packages in my book: “Packaging for Apple Administrators”
High Sierra Golden Master candidate release today! Time to get that last minute testing in! Release date will be September 25.
Also Apple had their big event, showing the new Steve Jobs Theater at the Apple Park and the new iPhones and Apple Watches. The fact that macOS did not get a mention is not that unusual. The September event has always been for iPod/Music/iPhone. The iPads did not get a mention, either.
If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)
To support Scripting OS X, consider buying one (or both) of my books. Thank you!
If you have already bought and read the books, please leave a review on the iBooks Store. Reviews are important to help new potential readers make the purchase decision. Thank you (again)!
(Please indulge me while I stray from my usual topics.)
Today the Cassini orbiter will burn up in Saturn’s atmosphere, nearly twenty years after it was launched from Earth and thirteen years after it entered orbit around Saturn.
It makes me terribly sad to see the (physical) end of its mission. But I believe it is better to celebrate what an amazing and mind-boggling mission it has been.
Not only did the Huygens probe land on another planet’s moon, but every time the controllers pointed Cassini’s camera and sensors at something new, it discovered a surprise.
Cassini saw the hexagonal storm on Saturn’s pole. A moon that looks like a dryed out sponge, moons with ridges, hydrocarbon lakes on Titan, water volcanoes on Enceladus, gravity waves in the rings…
The list goes on and on.
And the pictures sent back to Earth kept being utterly beautiful, showing a planetscape and moonscapes vastly different from our terrestrial experience. We could never have imagined the views and features revealed to us by the orbiter’s camera.
But now we can.
This is of course, the point of science and exploration. Where ever humanity starts to explore, we always discover the unexpected.
Cassini, Rosetta, Juno, NewHorizon and all the other probes in space, prove over and over again, that the universe is stranger than we can imagine. But once someone has measured or seen our universe has expanded. We have learned.
After today there will be one spacecraft left in the outer solar system: Juno is orbiting Jupiter and scheduled to be scuttled into the Jovian atmosphere in 2018. NewHorizons has zipped through the Plutonian system and is preparing to meet a small icy body in the Kuiper belt on its way out of the system.
As of now, none of the space agencies are preparing another mission to the outer solar system. There are plans. However, the preparation and travel necessary for these missions requires several years.
Once Juno is scuttled, we will not see new pictures from the outer solar system for at least a decade or more.
This makes me much more sad than seeing the end of this glorious, astounding and wonderful mission.
Thank you, Cassini, and everyone who made this happen!
Big Apple Event next week! Tuesday will certainly be interesting.
Note: Byword – the app I use to write my blog posts, including this weekly – is on sale this week, both for Mac and iOS!
If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)
To support Scripting OS X, consider buying one (or both) of my books. Thank you!
If you have already bought and read the books, please leave a review on the iBooks Store. Reviews are important to help new potential readers make the purchase decision. Thank you (again)!
If you like this series and want to learn Terminal and the shell on macOS in more detail, get my book “macOS Terminal and Shell“
When you get a detailed list of the file system root / you will see a few interesting entries: (output abbreviated)
$ ls -l /
lrwxr-xr-x@ 1 root wheel etc -> private/etc
lrwxr-xr-x@ 1 root wheel tmp -> private/tmp
lrwxr-xr-x@ 1 root wheel var -> private/var
These are symbolic link files. Symbolic links are identified by the first character l on a long ls. Symbolic links are redirections to other files or directories. /etc, /tmp and /var are standard directories for certain kinds of files in Unix systems, but in this case these directories are actually located in /private.
Note: The reason for this is historical and goes back to NeXTStep. This setup could allow the
/privatefolder to be mounted from another disk or file share separate from the rest of the system. This is not used in macOS anymore, but the directory structure remains.
Aside from the long ls you can use the readlink command to determine where a symbolic links points to:
$ readlink /etc
private/etc
or the stat -l command:
$ stat -l /etc
lrwxr-xr-x 1 root wheel 11 Nov 17 07:50:53 2016 /etc -> private/etc
A symbolic link contains a path pointing to the original file or directory. Most operations such as reading or changing are directed to the original, rather than the symbolic link. ls /tmp and ls /private/tmp will show you both the contents of the original /private/tmp.
An example for a symbolic link to a file is the file /usr/share/dict/words (a list of english words, which can be surprisingly useful to have around) which points to a file web2 in the same directory. Symbolic links can be used as a means to ‘switch’ between files without having to change around filenames and configuration files.
When you read the file /usr/share/dict/words the read command will be redirected to /usr/share/dict/web2:
$ cat /usr/share/dict/words | wc
235886 235886 2493109
$ cat /usr/share/dict/web2 | wc
235886 235886 2493109
Note: the
wccommand counts words, lines and bytes in a file.
Symbolic links can be relative or absolute. However, most of the time they are relative, since you do not want them pointing to different files, depending on which volumes the system is booted from. Relative paths are resolved relative to the link itself, not the current working directory. The above link for /etc points to the relative path private/etc so to the sub-directory etc in the directory private in the same location as the symbolic link itself.
To create a symbolic link use the ln -s command.
$ mkdir directory
$ touch directory/file
$ ln -s directory/file
$ readlink file
directory/file
This series of commands will create a directory, and en empty file in directory and then a link to that file in the current working directory. When you want the symbolic link to have a different name, you can give that as a second argument:
$ ln -s directory/file second_link
$ readlink second_link
directory/file
The first argument is not really the path to a file or directory, but the path the symbolic link points to. When this path is relative it will be resolved relative to the location of the symbolic link. So if you wrote:
$ ln -s directory/file directory/link_to_file
A symbolic link named link_to_file will be created in directory but it will point to directory/directory/file instead of the file next to it. When you try to read from the symbolic link pointing to nowhere, you will get an error:
$ cat directory/link_to_file
cat: directory/link_to_file: No such file or directory
The reference you pass when creating the symbolic link has to be relative to the where the symbolic link is created. The correct command would have been:
$ ln -s file directory/link_to_file
When the second argument is a directory itself, a link named the same as the file it refers to will be created:
$ mkdir another_dir
$ ln -s ../directory/file another_dir
will create a link named file pointing to ../directory/file. Since you have to give the path to the target relative to the where the link is created you have to add the ../ to ‘go up a level’ out of the another_dir directory and then back into directory.
Note: you can create a symbolic link that points to non-exiting path. Also when the original file or directory gets deleted, a ‘dangling’ symbolic link will remain.
When you use rm or mv on a symbolic link, only the link will be affected, not the original item.
When you run cp on a symbolic link to a file, the contents of the original will be copied:
$ cp another_dir/file filecopy
$ stat -l filecopy
-rw-r--r-- 1 armin staff 0 Sep 4 14:51:44 2017 filecopy
However, when you recursively copy a directory tree containing symbolic links, they will be copied as symbolic links:
$ cp -R another_dir/ copy_dir
$ ls -l copy_dir/
total 8
lrw-r--r-- 1 armin staff 17 Sep 4 14:52 file -> ../directory/file
Usually the destination of a copy will be in a vastly different location and this will break the links:
$ cp -R another_dir/ /Users/Shared/copy_dir
$ ls -l /Users/Shared/copy_dir
total 8
lrwxr-xr-x 1 armin wheel 17 Sep 4 15:19 file -> ../directory/file
$ cat /Users/Shared/copy_dir/file
cat: /Users/Shared/copy_dir/file: No such file or directory
You can use cp‘s -L option to make the copy process resolve symbolic links and copy their contents instead:
$ cp -RL another_dir/ /Users/Shared/another_dir
$ ls -l /Users/Shared/another_dir
total 8
-rwxr-xr-x 1 armin wheel 17 Sep 4 15:19 file
Other commands will have similar options to control the behavior when encountering symbolic links. However, their names are not standardized in anyway and you will have to consult the man page to find out the details.
In macOS Finder, you can create aliases with the menu item ‘Make Alias’ from the ‘File’ or context menu. Finder Aliases have much the same role as symbolic links, but a few significant differences in behavior:
Finder will display Aliases and symbolic links with a small arrow in the corner of the icon. Both symbolic links and Finder Aliases have a ‘Show Original’ menu item in the ‘File’ menu or context menu.
There are no commands to create or resolve Finder aliases in Terminal, but you can use AppleScript with the osascript command:
$ osascript -e 'tell app "Finder" to make new alias to posix file "/Users/armin/Documents" at posix file "/Users/armin/Desktop"'
This will create a new Finder alias to ‘Documents’ in the ‘Desktop’ folder. The user who is running this command has to be logged in to the Mac, so that osascript can connect to the Finder to run this command.
To find out the original of a Finder alias, you can use:
$ osascript -e 'tell application "Finder" to get POSIX path of ( (original item of (POSIX file "/Users/armin/Desktop/Documents" as alias) ) as alias)'
Note: there is a lot of type casting (
as alias) in this command. To further confuse matters the data typealiasin AppleScript is not the same as a Finder alias. It is a special data type in AppleScript that references a file or folder.