macosxhints.com – 10.5: Migrate crontabs from 10.4
n Mac OS X 10.4 (and earlier?), crontabs (the lists of tasks scheduled with cron) were stored in /var/cron/tabs. However, in 10.5, they are now stored in /usr/lib/cron/tabs, and the installer doesn’t seem to move any existing files from the old to the new location. So, the easy way to bring your old crontabs across is to run the following command in a Terminal:
sudo mv /var/cron/tabs/* /usr/lib/cron/tabs
Note that this command will replace any crontabs you’ve edited or set up since upgrading to Leopard with the version you had in Tiger; if you think there’s likely to be a clash, it would be a good idea to open the old files in a text editor and copy-and-paste the entries across to your new crontab (using crontab -e) instead.
You are currently browsing the archive for the Unix Notes category.
perl -pe 'use MIME::Base64; $_=MIME::Base64::encode($_);'
perl -pe 'use MIME::Base64; $_=MIME::Base64::decode($_);'
That’s the piece I needed this morning. I found all sorts of entertaining things.
Some of them are vaguely in my memory. Most not, since I started before bash.
For Jan – edit command lines in the EDITOR
found in the mac os X system admin list
Just wanted to say thanks to Michael Wise for taking time out today
and providing me with a great set of forensic tools and techniques
for locating message queue IDs, and using postcat on the queue to
view actual messages/headers. Now I can start the real investigation.
Haven’t found the offending script yet, but am getting closer.
Notes from my conversation with Michael, for the archives:
* First, find suspicious looking lines in /var/log/mail.log
* Look for the smtp ID, such as: postfix/smtp[25897]
* Grep for other instances of that ID in the log: grep 25897
mail.log
* From there, youÂ’ll be able to see postfix queue IDs, such as
159A347C89C
* You can use this queue ID to find deferred messages in the
postfix queue
* cd /var/spool/postfix/
* Find where in the queue directory hierarchy this message
lives: find . -name 159A347C89C
* The messages are stored in a format not easily readable. To
make them readable, use the postcat command, e.g. postcat deferred/E/
E9B8F4F0E7C
* Now you can see the real message, with all of its headers,
which should give you a lot more info about its origins. You can see
whether it came from outside, or if it comes from a process ID, there
should be some indication. If user is www, you know itÂ’s coming from
a web script.
* To delete a message from the queue, use e.g.: postsuper -d
E9B8F4F0E7C Do not use the path with this command – just the queue ID.
Other tools:
Monitor incoming network connections, filtering out legit traffic on
port 80:
netstat -na | grep EST
netstat -na | grep EST | grep -v ‘\.80 ‘
netstat -na | grep EST | grep ‘\.25 ‘
To find files or dirs owned by www (that might be illegitimate):
find / -user www -ls
In case attacker named directories with spaces or other weird chars
in them:
find / -user www -ls | cat -vet -
(take your cat to the vet – itÂ’s sick)
Thanks also to others who responded on this.
Best,
Scot
–
Scot Hacker, Webmaster
Graduate School of Journalism
UC Berkeley
http://journalism.berkeley.edu
Readline shortcuts
GNU Readline is the library used to make advanced command-line wizardry convenient and conistent across a multitude of command-line applications. These programs include bash, bc, ftp, gnuplot, gpg, ksh, mysql, psql, python, smbclient and xmllint.
The cheatsheet at the right contains a summary of many of the useful line editing command shortcuts which are available in all applications that use libreadline.
sudo dd if=/dev/rdisk0 of=/dev/rdisk1 bs=131072
Learn 10 good UNIX usage habits
Adopt 10 good habits that improve your UNIX® command line efficiency — and break away from bad usage patterns in the process. This article takes you step-by-step through several good, but too often neglected, techniques for command-line operations. Learn about common errors and how to overcome them, so you can learn exactly why these UNIX habits are worth picking up.
I still don’t like what xargs does
sed one-liners are here
sed FAQ is here
I wanted to change all occurrences of PRIVATE to NJPRIVATE in a bunch of files. It’s a simple command in sed, but what about replacing the file? output to temporary, then copy? yes, but.
the PERL solution is
perl -pi -e 's/PRIVATE/NJPRIVATE/' `grep -l PRIVATE *.php`
the magic is
-p loop and swallow the files, and print default.
-i edit the files in-place
-e do the command
solution found at Debian Administration
So, I got my PHP 5 to work, and talk to MySQL.
I wonder if Netjuke works? Nope. Not at all.
Everywhere I read I see that Netjuke is not supported and will never work on PHP 5. Use Jinzora they say. Uck – that wasn’t fun.
Simply put. Fix “play.php” to only output one header at a time. Search for the header() call. It’s pretty obvious.
Change the test in the config.inc.php for
`PRIVATE == true`
to be something like
`NJPRIVATE == true`
Fix every file that has a
`define(“PRIVATE”, true/false)`
to be a
`define(“NJPRIVATE”, true/false)`
private is a reserved word in PHP 5.
That’s all it took. All of about 30 minutes once I decided to ignore all of the advice on the web.
Classic maintenance programming attack.
10.3.9 – no help beyond 4.3.11 from Marc Liyanage.
Apple’s 4.4 is of no help – no GD support, missing other things – PEAR, XML things, etc.
How do I make a compatible build?
Start with Apple’s configure command (use phpinfo() on a standard installation). It *will* screw up your system files nicely, so make sure you know what each of the files and directories means! I didn’t. I have an interesting mix of system/local files now.
Add extensions as needed. Test ./configure each time, and you might as well re-build each time.
Decide where to get libraries. I finally decided to use darwinports for the non-Apple standards. Look out for X11 when not installed!!!!
Use the built-in GD ‘–with-gd’ – no path. darwinports gd has issues (won’t build).
I wound up with this
configure –prefix=/usr –mandir=/usr/share/man –infodir=/usr/share/info –with-apxs –with-ldap=/usr –with-kerberos=/usr –enable-cli –with-zlib-dir=/usr –enable-trans-sid –with-xml –enable-exif –enable-ftp –enable-mbstring –enable-mbregex –enable-dbx –enable-sockets –with-iodbc=/usr –with-curl=/opt/local –with-config-file-path=/etc –sysconfdir=/private/etc –with-pear –with-mysql=/usr/local/mysql –with-openssl=/usr –with-gd –with-png=/opt/local –with-jpeg=/opt/local –with-expat=/opt/local –with-gettext=/opt/local –with-dom=/opt/local –with-dom-xslt=/opt/local –with-xslt-sablot=/opt/local –enable-xslt –with-xmlrpc –enable-wddx
I still need to figure out about IMAP support.
macosxhints.com – Modify cursor movement keys in Terminal
The defacto standard in Terminal’s shells is meta-b (backward) and meta-f (forward) for word-by-word movement. In every other Cocoa app, however, it’s Option-left arrow and Option-right arrow. I wanted Terminal to behave the same way.
Recent Comments