Tag: macOS

  • Mac mini 10GbE Packet Loss Issue with Energy Efficient Ethernet (EEE)

    64 bytes from 10.0.1.2: icmp_seq=772 ttl=64 time=2.401 ms
    64 bytes from 10.0.1.2: icmp_seq=773 ttl=64 time=2.958 ms
    Request timeout for icmp_seq 774
    Request timeout for icmp_seq 775
    Request timeout for icmp_seq 776
    Request timeout for icmp_seq 777
    Request timeout for icmp_seq 778
    64 bytes from 10.0.1.2: icmp_seq=779 ttl=64 time=2.457 ms
    64 bytes from 10.0.1.2: icmp_seq=780 ttl=64 time=2.173 ms
    64 bytes from 10.0.1.2: icmp_seq=781 ttl=64 time=2.325 ms
    64 bytes from 10.0.1.2: icmp_seq=782 ttl=64 time=2.803 ms

    If you got packet loss issue with 10GbE Mac mini. Try to disable Energy Efficient Ethernet on your Network pane in System Preferences:

    Network pane in macOS System Preferences

    You have to manually configure your Ethernet with full-duplex only. Then your network should be back to normal.

  • Global Homebrew PATH Prefix for macOS

    Based on Homebrew’s FAQ you can set prefix in PATH for all GUI apps which is not enabled by default:

    user$ sudo launchctl config user path "$(brew --prefix)/bin:${PATH}"
    Configuration applied. You must reboot for changes to take effect.

    According to this answer. The sudo launchctl config user path <...> command updates /private/var/db/com.apple.xpc.launchd/config/user.plist:

    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    <plist version="1.0">
    <dict>
    	<key>PathEnvironmentVariable</key>
    	<string>/opt/homebrew/bin:/usr/bin:/bin:/usr/sbin:/sbin</string>
    </dict>
    </plist>

    You can query launchd‘s current settings via:

    launchctl getenv PATH

    Related: You can also query the default PATH by executing:

    sysctl user.cs_path

    Test script with clear environment:

    env -i git commit
  • Show macOS Sleep States

    pmset -g log | grep -E 'Wake from|Entering Sleep'
  • Remove/Uninstall Rosetta 2 from Apple Silicon Macs

    1. Obtain a list of files/directories and LaunchAgents with: pkgutil --files com.apple.pkg.RosettaUpdateAuto
    2. Save them in a way that you can access them in the recovery
    3. Boot into recovery mode: Press and hold the power button on your Mac until “Loading startup options” appears.
    4. Open Terminal in recovery mode
    5. Run csrutil disable and confirm (temporary disable SIP)
    6. Reboot
    7. Delete the files listed at step 1 (in my case it was enough to delete /Library/Apple/usr/share/rosetta and /Library/Apple/usr/libexec with all their contents)
    8. Remember to empty the Trash
    9. Reboot back to recovery
    10. Run csrutil enable and confirm

    Sample pkgutil output:

    $ pkgutil --files com.apple.pkg.RosettaUpdateAuto
    Library
    Library/Apple
    Library/Apple/usr
    Library/Apple/usr/lib
    Library/Apple/usr/lib/libRosettaAot.dylib
    Library/Apple/usr/libexec
    Library/Apple/usr/libexec/oah
    Library/Apple/usr/libexec/oah/debugserver
    Library/Apple/usr/libexec/oah/libRosettaRuntime
    Library/Apple/usr/libexec/oah/runtime
    Library/Apple/usr/libexec/oah/translate_tool
    Library/Apple/usr/share
    Library/Apple/usr/share/rosetta
    Library/Apple/usr/share/rosetta/rosetta
  • Migrate Homebrew from Intel Macs to Apple Silicon Macs

    Dump all your existing Homebrew packages:

    brew bundle dump

    If you’re using custom shell installed by Homebrew (ie. fish), change it back to bash temporarily:

    chsh -s /bin/bash

    You may also need to change this in System Preferences – Users & Groups (right click on your avatar and choose Advanced Options…)

    Uninstall existing Homebrew (and all its packages):

    curl -fsSL -o /tmp/uninstall.sh https://raw.githubusercontent.com/Homebrew/install/HEAD/uninstall.sh
    /bin/bash /tmp/uninstall.sh --path=/usr/local
    (more…)
  • Fix Invalid Package Name “.DS_Store” for Node.js NPM Global Update on macOS

    If you got the following error message when run npm update -g:

    $ npm update -g
    npm ERR! code EINVALIDPACKAGENAME
    npm ERR! Invalid package name ".DS_Store": name cannot start with a period
    
    npm ERR! A complete log of this run can be found in:
    npm ERR!     /Users/sparanoid/.npm/_logs/2021-04-28T13_59_32_013Z-debug.log

    Simply run if you installed your Node.js via Homebrew:

    find /usr/local -name '.DS_Store' -type f -print -delete

    Or the following for M1:

    find /opt/homebrew/lib -name '.DS_Store' -type f -print -delete

  • About bash_profile and bashrc on macOS – Scripting OS X

    Note: bash_profile is completely different from configuration profiles. Learn more about Configuration Profiles in my book: ‘Property Lists, Preferences and Profiles for Apple Administrators’ Note:…

    Source: About bash_profile and bashrc on macOS – Scripting OS X

  • How to fix gyp: No Xcode or CLT version detected

    xcode-select -print-path
    /Library/Developer/CommandLineTools
    sudo rm -rf /Library/Developer/CommandLineTools
    xcode-select --install

    Update Nov 7, 2020, 5:33 PM:

    With latest release of Xcode 12. This method no longer worked for macOS Catalina (10.15.7) and Big Sur. You should download it manually from Apple.

  • Restart macOS Screen Sharing Service via SSH

    Sometimes screen sharing service on your headless Mac mini may crash. This should fix the issue:

    sudo launchctl unload /System/Library/LaunchDaemons/com.apple.screensharing.plist  
    sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.screensharing.plist
  • Install OptiFine for Minecraft without Installing Java Runtime on macOS

    You can simply use Minecraft bundled Java runtime to install OptiFine.

    ~/Library/Application\ Support/minecraft/runtime/jre-x64/jre.bundle/Contents/Home/bin/java -jar /path/to/OptiFine_1.14.4_HD_U_F3.jar
  • macOS Bug: Connecting to another Mac via SMB protocol results in client hanging indefinitely at shutdown or restart

    How to force SMB2, which actually doesn’t work for me:

    10.14.3 – SMB3 Performance Issues – Force SMB2

    Related discussion on Apple Communities

    Computers Won’t Shut Down After Connecting To Server

    Bug reports on Apple Radar:

    How to submit sysdiagnose:

    • Command + Option + Shift+ Control + Period (.)
    • Or in Terminal: sudo sysdiagnose

    Note: The sysdiagnose process can take 10 minutes to complete. Once finished, the folder /private/var/tmp/ should appear automatically in the Finder and the sysdiagnose file there will look similar to this:

    sysdiagnose_2017.08.17_07-30-12-0700_10169.tar.gz

    View active SMB connection status:

    smbutil statshares -a
  • How to Rebuild a RAID 1 Setup (WD My Book Duo) on macOS, the Right Way

    This guide will talk about rebuilding a failed RAID 1 disk with WD My Book Duo on macOS, it should also works on Thunderbolt Duo or other RAID 1 setup.

    Many other guides only tell you how to replace the whole two disks without restoring / rebuilding data for this common situation:

    In a common case, your RAID 1 setup could fail with only one defective disk, while the other is online. If you see this status on your macOS:

    1. Buy a brand new disk, same size and model as your failed disk.
    2. Reboot your mac in recovery mode, this step is very important to make sure your disks are not used by macOS.
    3. In recovery boot, open Disk Utility.
    4. Rename your RAID set, for example if your RAID set is External-Raid, rename it to something like External-Raid-Rebuild or just some names different than your original, this is the most important step to make sure your RAID set wouldn’t be using after entering macOS system.
    5. Restart your system in normal mode.
    6. Login to your system, then open Disk Utility, congrats, you will see the new disk is now rebuilding.

    Other notes:

    • Restraint editing/adding/removing files on your RAID set while rebuilding.
    • The rebuild process could take hours depends on your disk size (10-20 hours for a 4 TB + 4 TB RAID 1 setup).
    • After the rebuild complete, you can rename your RAID volume name back to original.

    This is not the only way to rebuild your RAID with a failed disk. According to WD documentation, you can power on your My Book Duo without connecting to macOS (remove the thunderbolt cable), then the My Book Duo should rebuild it automatically. However, it’s really hard to know when the rebuild process will finish, there’s no special indicator status for this situation, so I prefer rebuilding in macOS. This could be the best method for me.

  • Change Default Screen Sharing / VNC Port on macOS

    sudo vi /etc/services
    

    Search 5900 and edit it.

    sudo launchctl unload /System/Library/LaunchDaemons/com.apple.screensharing.plist
    sudo launchctl load /System/Library/LaunchDaemons/com.apple.screensharing.plist
    
  • Apple Autofs.pdf

    It was available at http://www.apple.com/business/docs/Autofs.pdf

    Autofs.pdf

  • S/MIME for Apple Mail, The Right Way (DigiCert Version)

    Install it on macOS:

    • Download cert bundle (.p7b) or individual certs (zipped) from DigiCert
    • Double click to install them on macOS Keychain Access

    Install it on iOS:

    • Open Keychain Access, select category My Certificates
    • Right click and choose Export, select format .p12 (Make sure to export your cert into .p12, this will contain private key for iOS to send encrypted emails)
    • Email it with your individual certs (root CAs from DigiCert) and install them on iOS
    • Select this cert under email account settings
  • macOS Sierra Universal Clipboard Issue with VNC (Screen Sharing) Shared Clipboard

    If you like me owning more than one Mac and using one of them to control the other via macOS built-in Screen Sharing feature, you may occur this issue after you upgrade your macOS to Sierra.

    macOS Sierra introduces a new feature Universal Clipboard which can share the same clipboard among iOS and macOS devices. This sounds cool, but as it’s technically a part of Continuity feature, it would require Bluetooth to work.

    So the problem is, when I control my Mac mini from my MacBook Pro via Screen Sharing in the same network, with the Shared Clipboard enabled, the Universal Clipboard would still always try to “sync” copied content via Bluetooth instead of using Screen Sharing Shared Clipboard.

    It’s ok if both of your Macs are at your hand, but it’s a disaster if they’re in different rooms, Universal Clipboard via Bluetooth would become really slow to connect to each other, and this issue could even make your VNC drop connection if you copy images to your clipboard.

    So here’s the solution, just disable Bluetooth on your Mac mini, and wait Apple to fix this bug.

  • Repair / Verify Disk Permissions in OS X El Capitan

    $ sudo /usr/libexec/repair_packages --verify --standard-pkgs /
    $ sudo /usr/libexec/repair_packages --repair --standard-pkgs --volume /
    
  • Signing Git Commits without Entering Password Using `gpg-agent` and `pinentry-mac` on OS X

    Install required packages via Homebrew:

    $ brew install gpg gpg-agent pinentry-mac
    

    Edit and add the following lines in ~/.gnupg/gpg-agent.conf:

    pinentry-program /usr/local/bin/pinentry-mac
    

    Edit and enable use-agent in ~/.gnupg/gpg.conf:

    use-agent
    

    Then add the following line to your shell profile:

    eval $(gpg-agent --daemon --sh)
    
  • ProxyChains-NG and OS X El Capitan System Integrity Protection System Integrity Protection

    Apple introduces System Integrity Protection (SIP) as a security feature for OS X El Capitan (10.11), which prevent ProxyChains-NG working as before, you have to disable SIP to make it work:

    1. Reboot your Mac into Recovery Mode by pressing command-R
    2. Open Terminal and type csrutil enable --without debug:
    $ csrutil enable --without debug
    $ csrutil: requesting an unsupported configuration. This is likely to break in the future and leave your machine in an unknown state.
    $ Successfully enabled System Integrity Protection. Please restart the machine for the changes to take effect.
    

    Just ignore the warnings and then restart your Mac.

  • How to Update “Bypass proxy settings for these Hosts & Domains” Programmatically in OS X

    You can get all proxy bypass domains using:

    $ networksetup -getproxybypassdomains "Wi-Fi"
    

    The Wi-Fi should be your current interface, you can also update it using:

    $ networksetup -setproxybypassdomains "Wi-Fi" \
    *.local \
    0.0.0.0/8 \
    1.0.0.0/9 \
    1.160.0.0/11 \
    1.192.0.0/11 \
    

    See man networksetup for more information

  • Uninstalling letsencrypt – Let’s Encrypt Community Support

    If you have the environment variable XDG_DATA_HOME set, the installation is located at $XDG_DATA_HOME/letsencrypt. Otherwise, it is located at ~/.local/share/letsencrypt. You can simply delete this directory. You can also delete configuration, work, and log directories which by default are stored at /etc/letsencrypt, /var/lib/letsencrypt, and /var/log/letsencrypt respectively. The directory where you cloned our git repo can also be deleted.

    Let’s Encrypt also installs some OS dependencies and how you remove these would be very OS specific. To see what dependencies were installed, take a look at the files in the bootstrap folder at the root of our git repo (link). Take a look at the shell script for your OS to see what packages are required. You can uninstall these packages through the normal means of your OS, but make sure they aren’t required by any other programs on your system.

    Source: Uninstalling letsencrypt – Let’s Encrypt Community Support

  • 三星 850 Pro 、 OS X El Capitan 、 SSD Trim 備忘

    最近重灌了 El Capitan,在找「三星 850 Pro 是否可以用 trimforce 開啟 Trim 支援」時發現了下面的信息:

    我就看了下我的硬體:

    Samsung SSD 850 PRO 512GB:
    
      Capacity: 512.11 GB (512,110,190,592 bytes)
      Model:    Samsung SSD 850 PRO 512GB               
      Revision: EXM01B6Q
      Serial Number:    S1SXNSAF806527E     
      Native Command Queuing:   Yes
      Queue Depth:  32
      Removable Media:  No
      Detachable Drive: No
      BSD Name: disk0
      Medium Type:  Solid State
      TRIM Support: No
      Bay Name: Lower
      Partition Map Type:   GPT (GUID Partition Table)
      S.M.A.R.T. status:    Verified
    

    😀

  • Export Compact SVG with Sketch

    Bohemian Coding – Preferences.

    Used to tell Sketch to export compact SVG files. We add some metadata to exported SVG files, to make it easier to re-import them in Sketch. However, if you are sure you won’t import them, you can disable the saving of metadata by running this into your Terminal.app:

    $ defaults write com.bohemiancoding.sketch3 exportCompactSVG -bool yes
    

    When this is set to YES, Sketch will not use the name of the layer for the id field of the layer in SVG export:

    $ defaults write com.bohemiancoding.sketch3 svgExportSkipAssignIdToLayerName -bool yes
    
  • How to Use FFmpeg to Extract Audio from Video File Without Re-encoding

    Try -c copy:

    $ ffmpeg -i video.mp4 -c copy audio.aac
    

    How ever you have to know the original audio format to extract audio without re-encoding, for example:

    $ ffmpeg -i video.mp4
    ...
      Metadata:
        major_brand     : isom
        minor_version   : 1
        compatible_brands: isomavc1
        creation_time   : 2015-01-17 20:39:33
      Duration: 00:23:59.94, start: 0.000000, bitrate: 1983 kb/s
        Stream #0:0(und): Video: h264 (High) (avc1 / 0x31637661), yuv420p(tv, bt709), 1280x720 [SAR 1:1 DAR 16:9], 1787 kb/s, 23.98 fps, 23.98 tbr, 24k tbn, 47.95 tbc (default)
        Metadata:
          creation_time   : 2015-01-17 20:39:33
          handler_name    : 264:[email protected]
        Stream #0:1(jpn): Audio: aac (LC) (mp4a / 0x6134706D), 48000 Hz, stereo, fltp, 191 kb/s (default)
        Metadata:
          creation_time   : 2015-01-17 15:55:11
          handler_name    : Sound Media Handler
    ...
    

    Then you should know what format and which track to extract.

  • How to Uninstall NoMachine on OS X

    After uninstalling the app, you have to remove these shit:

    In /System/Library/Extensions/:

    • nxaudio.kext
    • nxfs.kext
    • nxtun.kext

    In /System/Library/StartupItems/:

    • nxfs/
    • nxtun/

    In /private/etc/:

    • NX/
  • How to Uninstall XQuartz on OS X

    From http://xquartz.macosforge.org/trac/ticket/675:

    • launchctl unload -w /Library/LaunchAgents/org.macosforge.xquartz.startx.plist
    • sudo rm -rf /opt/X11* /Library/Launch*/org.macosforge.xquartz.* /Applications/Utilities/XQuartz.app /private/etc/*paths.d/*XQuartz
    • sudo pkgutil --forget org.macosforge.xquartz.pkg
  • How to Allow Only localhost Access in MAMP Pro

    Simply add 127.0.0.1 to your MAMP Pro to allow localhost access, if you also want local subnet access, just add 10.0.1.0/24 (change this according to your local ranges)

  • Update HP Laserjet Printer Firmware on OS X

    If your printer firmware has official OS X version (for example LaserJet Pro MFP M476dn), just download the official DMG update and run it.

    If your printer doesn’t have official firmware update for OS X, then you should:

    • Download the Windows version firmware (any version should be ok)
    • Extract the .exe using 7-Zip, you will get `product-update.acl`, this is the firmware update file
    • Open HP Utility (the official HP Printer Software shipped with your pinter)
    • On the menu, click “Show Advanced Options”, then you will see a “Update Firmware” icon
    • Click it and choose the `product-update.acl` we just extracted from the package, then click “Update”

    Then your printer status will be “Printing”, during update your printer will get disconnected for 1-2 minute(s), then it will be back to normal and shown as “Ready” on your printer LED display.

    If you don’t like HP softwares and you don’t have it on your OS X, you can also update it with the following steps:

    • Download Windows version firmware, extract it, the same as the “HP Utility” method
    • Open Terminal, type lpr ~/Downloads/product-update.acl (change the path to your real location)

    Please note you have to set the printer you want to update as default printer, or you have to specify the printer with lpr or lp

  • How to Setup Gmail (Google Apps) Mail Account with Apple Mail

    • Open Gmail settings, switch to Labels tab
    • Check Sent Mail, Drafts, Spam, and Trash
    • Uncheck all others
    • On OS X, configure mailbox behaviors as the following screenshot:

    Reference: Using Gmail with Apple Mail

  • How to Move Plex Media Cache to External Hard Drive

    $ cp -pr ~/Library/Application\ Support/Plex\ Media\ Server/Media /Volumes/Backups\ HD/Temporary\ Files/Plex\ Media\ Cache 
    
    $ ln -s /Volumes/Backups\ HD/Temporary\ Files/Plex\ Media\ Cache/Media ~/Library/Application\ Support/Plex\ Media\ Server/Media
    

    Platform: OS X

  • Export Website RSA Private Key for Apache Server Certificate from OS X Server

    If you’re using OS X Server and MAMP Pro at the same time, and you’d like to export OS X site certificates to use them for MAMP Pro sites, you can do the following:

    • Locate certificate (Category -> Certificates)
    • control + click -> Export… -> Certificate.p12

    Next, I need to split the PKCS12 archive, to get the old private key out:

    $ openssl pkcs12 -in site.p12 -nocerts -out site.key
    

    Remove passphrase from the key (otherwise you have to enter it lots when you restart services.)

    $ openssl rsa -in site.key -out site.unprotected.key
    

    Read more: Renewing a SSL Certificate on OSX Server

  • Fix RubyGems Postinstall Error

    gem pristine --all --only-executables
    
  • How to Cleanup Systems w/o CleanMyMac (a.k.a. OS X Cleanup Guide)

    Here’re some folders you should check if you want to cleanup your Mac, all the following folders are also frequently scanned by CleanMyMac. Check and remember these then you won’t need CleanMyMac anymore.

    Cache Files

    All cache files can be deleted, but there’s no need to remove them too often, Homebrew uses the system cache folder to cache libraries.

    /Library/Caches/
    ~/Library/Caches/
    

    Logs

    All logs can be deleted safely.

    /Library/Logs/
    ~/Library/Logs/
    

    Internet Plugins

    Some of them are default from OS X. Check the bundle .plist to see if they’re shipped by default. In most cases, your user plugins folder shouldn’t be existed, most of them in this folder can be safely removed. AdobeAAMDetect.plugin is stored in system plugins forder.

    /Library/Internet Plug-Ins/
    ~/Library/Internet Plug-Ins/
    

    Launch Agents

    All files in these folders are safe to delete. I have com.adobe.AAM.Updater-1.0.plist and com.adobe.AdobeCreativeCloud.plist stored in the system launch agents folder, they can be safely deleted.

    /Library/LaunchAgents/
    ~/Library/LaunchAgents/
    

    Launch Daemons

    Some apps stored their daemons app here, such as Clean My Mac and Textmate. They’re safe to delete. There’s no user launch daemons folder by default.

    /Library/LaunchDaemons
    

    Privileged Helper Tools

    Some apps uses privileged helpers to gain more access across different users from your Mac. For example I have com.macpaw.CleanMyMac2.Agent and com.macromates.auth_server in the following folder.

    /Library/PrivilegedHelperTools
    

    QuickLook Plugins

    There’re two default plugins related to iBooks Author and iWork in system QuickLook folder, my user QuickLook folder is empty.

    /Library/QuickLook/
    ~/Library/QuickLook/
    

    Spotlight Plugins

    There’re iBooks Author and iWork plugins, too, plus a Microsoft Office Spotlight plugin shipped with OS X (10.9). My user Spotlight folder is empty.

    /Library/Spotlight/
    ~/Library/Spotlight/
    
  • Hama (HTTP Anidb Metadata Agent) and Plex Media Server

    最近發現一個比 AniDB agent 還好用的 Plex agent:Hama (HTTP Anidb Metadata Agent),效果非常不錯,支持 AniDB 和 TVDB 抓取 banner 、 background 、 theme song,可以更好的識別日文文件夾的結構,更新後再也不用在 Plex 里看羅馬音了

  • How to Configure Multiple DNS Redirections (PlexConnect-like Service) for Apple TV

    目標

    • Apple TV 通過修改 DNS,可以觀看 享看
    • 同時也可以通過本地架設 Plex+PlexConnect 來觀看 Plex

    難點

    • 「享看」官方的 DNS 和 PlexConnect 都默認劫持 Apple TV 中的 Trailers 頻道,同時使用會造成衝突
    • OS X Server 在 Mavericks 中對 HTTP 的 80 端口享有絕對控制權,而 PlexConnect 需要獨佔 80 端口

    實現方法

    • 在 OS X Server 上安裝 Plex 、 PlexConnect 和 Dnsmasq
    • 通過在 OS X Server 上創建新介面,設置額外 IP,避免 PlexConnect 80 端口衝突
    • 本地架設 Dnsmasq,同時劫持 Apple TV 上兩個不同頻道來實現「享看」和 PlexConnect 共存

    配料表

    • 裝有 OS X 的電腦一部
    • Apple TV 一部
    • Plex 一只
    • PlexConnect 一只
    • Dnsmasq 一只

    網絡基本結構設置

    • 10.0.1.3:OS X Server,DHCP with manual address(或通過 MAC 地址綁定亦可,主要是需要保持主 IP 固定)
    • 10.0.1.4:OS X Server,額外 IP(PlexConnect),DHCP with manual address

    為 OS X Server 設置額外 IP

    由於 OS X 上已經安裝過 Server app,為了避免與系統的 80 端口衝突,我們必須將 PlexConnect 的 80 端口指向額外的 IP 。首先我們 duplicate 現有的網絡(或者直接創建新介面),Wi-Fi 、以太均可,為了區分,可以將此服務命名為「PlexConnect」,IP 獲取方法為 DHCP with manual address,地址為 10.0.1.4(具體情況請根據自己的路由分配狀況自行修改),然後將 DNS 設置為 10.0.1.3,即 Dnsmasq 所在的主 IP,Dnsmasq 的相關設置我們會在接下來講,其他設置保持默認

    Dnsmasq 安裝與配置

    推薦的方法是通過 Homebrew 安裝:

    brew install dnsmasq
    

    哦?想自己編譯源代碼安裝?那請跳過此步驟

    然後我們需要 vi /usr/local/etc/dnsmasq.conf 來修改 Dnsmasq 的配置,Dnsmasq 的默認配置是無法作為 DNS server 使用的,以下是必備的配置:

    https://gist.github.com/9fea03b8e6349ab3c805

    • port=53:DNS 默認端口,這裡我們需要禁用 Server app 里的 DNS
    • domain-needed:不轉發 plain name
    • bogus-priv:不轉發本地的 nslookup 請求
    • server=8.8.8.8server=8.8.4.4:使用 Google 的 DNS 作為主、從 DNS,當然也可以選擇 ISP 提供的
    • local=/localnet/:讓本地域名走 /etc/hosts 或者 DHCP
    • address=/trailers.apple.com/180.153.225.136:享看 DNS,劫持 Apple TV 中的 Trailers,具體的 IP 地址請去享看官網參考
    • address=/secure.marketwatch.com/10.0.1.4:PlexConnect DNS,劫持的是 WSJ,指向的是本地的 PlexConnect instance
    • listen-address:限制 Dnsmasq listen 指定地址,當然也可以按 interface 來限制

    以上就是本教程的技巧所在,運用 Dnsmasq 對不同域名進行劫持,來實現「享看」和 PlexConnect 的共存,通過下面的方法可以測試是否設置正確:

    dig trailers.apple.com @10.0.1.3
    dig secure.marketwatch.com @10.0.1.3
    

    執行下面命令可以啓動、停止 Dnsmasq

    sudo launchctl stop homebrew.mxcl.dnsmasq
    sudo launchctl start homebrew.mxcl.dnsmasq
    

    PlexConnect 的安裝與配置

    PlexConnect 官方提供有 詳細的教程,具體請參考官方的方法。在這裡我只對配置文件做詳細描述:

    配置方面,為了避免與 Server app 的 httpd 衝突,我們要將 PlexConnect 的 server 綁定到之前設置的 10.0.1.4 上,另外我們也自己搭建了 Dnsmasq,需要把 PlexConnect 自帶的 DNS 服務禁用,於是我們的 PlexConnect 配置如下:

    https://gist.github.com/cb1e7dee359fe3d9b8a1

    以下是必備的設置:

    • enable_plexconnect_autodetect = False:因為我們有多 IP,避免造成混亂,我們把 Plex server 的 auto detect 禁用掉
    • ip_pms = 10.0.1.3:既然禁用了,我就需要指定 Plex 的 IP
    • port_pms = 32400:相應的端口,我是用的默認端口
    • ip_plexconnect = 10.0.1.4:指定 PlexConnect 的 IP 地址,這裡用我們創建的新 IP
    • enable_dnsserver = False:這裡禁用自帶 DNS
    • ip_dnsmaster = 10.0.1.3:使用我們自己的 Dnsmasq
    • hosttointercept = secure.marketwatch.com:設置要劫持的域名,這裡要與 Dnsmasq 中的設置保持一致

    測試

    當以上都設置好後,確認 Dnsmasq 、 PlexConnect 均已運行,在瀏覽器中打開 http://10.0.1.3/,應該可以返回 httpd 的網站;打開 http://10.0.1.4/ 則是返回「Error response」,一個 code 403 的頁面,這時就是配置正確了

    Apple TV 證書設置

    測試都沒甚麼問題後,可以開始搞 Apple TV 的證書了,Apple TV 從某一版本更新後,所有的連接都走 HTTPS 了,這時候我們如果直接劫持就不會奏效,於是我們需要使用自己的證書並上傳到 Apple TV,讓 Apple TV 認為我們的劫持的內容才是真正的網站內容

    設置方法比較簡單,可以通過 USB 線與 Apple TV 連接傳輸,也可以通過直接在 Apple TV 中直接添加,具體方法請參考 PlexConnect 文檔,需要注意的是,因為我們劫持了兩個頻道,所以兩個頻道的證書都需要進行 hack 並通過 profile 上傳到 Apple TV 中

    證書設置好了,接下來就可以在 Apple TV 上進行測試了,將 Apple TV 的 DNS 改為 10.0.1.3,然後回到主屏分別進入 Trailers 和 WSJ 測試即可

    更多設置

    • 你可以設置讓 Dnsmasq 開機時自動加載,設置方法可以參考 brew info dnsmasq
    • 你也可以設置讓 PlexConnect 開機是自動加載,設置方法請參考 官方文檔
    • 如果你也有使用 Server app 自帶的 DNS,可以有多種方案,一是全轉移到 Dnsmasq(推薦);或者保持 nameddnsmasq 共存,但這時需要設置 named 只監聽 10.0.1.3;再或者全部轉移到自帶 DNS 服務,如果是後兩者,這篇文章 可能會幫到你
    • 如果你 Server app 中的 httpd 沒跑任何服務,也可以通過 配置反向代理 來將系統的 web 服務轉向 PlexConnect 的內容
  • FlexGet + Transmission + Plex AniDB Agent on macOS

    目標

    • 自動下載新番種子
    • 種子自動加入 Transmission 下載隊列
    • 新番文件自動重命名到 Plex 兼容格式
    • 通過 Plex AniDB agent 自動獲取新番相關信息

    總結:基於 FlexGet 和 Transmission 的全自動追番方案

    實現方法

    • 通過 FlexGet 讀取 RSS,自動下載種子文件,通過正則自動剔除無效字符
    • 通過 FlexGet 的 transmissionrpc 插件自動將種子傳送到 Transmission
    • Transmission 下載完成後觸發腳本,自動將種子重命名為 Plex 可識別格式
    • 通過 Plex 的第三方插件 Hama.bundle 自動獲取新番相關訊息

    配料表

    • 裝有 macOS 的電腦一部
    • Plex
    • Transmission
    • FlexGet

    配置 FlexGet(2021 版)

    最新版本配置採用 FlexGet 內置的 manipulate 方法,對 RSS 直接修改為符合 Plex 查詢標準的文件名,避免了使用 Transmission 調用外掛腳本的方案,下面的正則可根據實際場景進行修改:

      bangumi:
        template: torrent
        manipulate:
          - title:
              # remove underscores
              replace:
                regexp: '_'
                format: ''
          - title:
              replace:
                regexp: '★'
                format: ''
          - title:
              extract: '^[\[【].*?[\]】](.*)'
          - title:
              replace:
                regexp: '【'
                format: '['
          - title:
              replace:
                regexp: '】'
                format: ']'
          - title:
              replace:
                regexp: '】'
                format: ']'
          - title:
              replace:
                regexp: '(?:\[|【)(简体|簡體|繁体|繁體|简日双语|繁日雙語|GB|BIG5|MP4)(?:\]|】)'
                format: ''
          - title:
              replace:
                regexp: '(?:\[|【|第)(\d\d)(?:\]|】|話|话)'
                # format: 's01e\1'
                format: '\1'
          - title:
              # replace `][` to ` ` (space)
              replace:
                regexp: '\]\['
                format: ' '
          - title:
              # remove leftover brackets
              replace:
                regexp: '[\[\]【】]'
                format: ' '
          - title:
              replace:
                regexp: '(?:.*字幕 (?: 组|組))'
                format: ''
          - title:
              replace:
                regexp: '\[(?:.+? 月新? 番)'
                format: ''
        set:
          path: /Volumes/Gizur/Downloads/Anime/{{ series_name }}
          content_filename: '{{ series_name }} - {{ series_id|pad(2) }}'
          magnetization_timeout: 45
        series:
          - スーパーカブ:
              alternate_name: 本田小狼與我 Super Cub
          - ダイナ莊びより:
              alternate_name: 恐龍日和
          - 回復術士のやり直し 〜即死魔法とスキルコピーの超越ヒール〜:

    配置 FlexGet(2013 版,無需再看)

    FlexGet 的安裝方法和自動運行請參考參考 官方文檔,寫的很詳細

    配置文件如下,要點在於 presets.global.transmission.path,為了能讓 Plex 識別和方便管理,每一個動畫 要分別放在相應命名的目錄。其中 {{task}} 對應的就是 tasks 下的新番標題:

    presets:
      global:
        accept_all: true
        transmission:
          host: localhost
          port: 9091
          addpaused: No
          ratio: 0.01
          removewhendone: Yes
          path: "/Volumes/Backups HD/Anime/{{task}}/"
    tasks:
      WHITE ALBUM2:
        rss: http://bt.ktxp.com/rss-search-%E6%BE%84%E7%A9%BA%E5%AD%A6%E5%9B%AD+%E7%99%BD%E8%89%B2%E7%9B%B8%E7%B0%BF+2+MP4+720p.xml
      アウトブレイク・カンパニー:
        rss: http://bt.ktxp.com/rss-search-%E6%BE%84%E7%A9%BA%E5%AD%A6%E5%9B%AD+%E8%90%8C%E8%90%8C%E4%BE%B5%E7%95%A5%E8%80%85+MP4+720p.xml
      ガリレイドンナ:
        rss: http://bt.ktxp.com/rss-search-%E6%BE%84%E7%A9%BA%E5%AD%A6%E5%9B%AD+%E4%BC%BD%E5%88%A9%E7%95%A5%E5%B0%91%E5%A5%B3+%E7%AE%80%E4%BD%93+MP4+720p.xml
      キルラキル:
        rss: http://bt.ktxp.com/rss-search-%E6%A5%B5%E5%BD%B1%E5%AD%97%E5%B9%95%E7%A4%BE+Kill+La+Kill+BIG5+MP4+720p.xml
      京騒戯画:
        rss: http://bt.ktxp.com/rss-search-WOLF+%E4%BA%AC%E9%AA%9A%E6%88%8F%E7%94%BB+GB+720P+MP4.xml
      凪のあすから:
        rss: http://bt.ktxp.com/rss-search-%E5%8B%95%E6%BC%AB%E5%9C%8B+%E4%BE%86%E8%87%AA%E9%A2%A8%E5%B9%B3%E6%B5%AA%E9%9D%9C%E7%9A%84%E6%98%8E%E5%A4%A9+720P+%E7%B9%81%E9%AB%94+MP4.xml
      境界の彼方:
        rss: http://bt.ktxp.com/rss-search-%E6%BE%84%E7%A9%BA%E5%AD%A6%E5%9B%AD+%E5%A2%83%E7%95%8C%E7%9A%84%E5%BD%BC%E6%96%B9+%E7%AE%80%E4%BD%93+MP4+720p.xml
      夜桜四重奏 ~ハナノウタ~:
        rss: http://bt.ktxp.com/rss-search-%E6%A5%B5%E5%BD%B1%E5%AD%97%E5%B9%95%E7%A4%BE+%E5%A4%9C%E6%AB%BB%E5%9B%9B%E9%87%8D%E5%A5%

    配置 Transmission

    如果使用了 2021 版的方案,請略過本段

    Transmission 本身不需要進行過多配置,為了避免下載隊列越來越多,記得勾選下載完成後從隊列刪除這個選項。下面是其對應的 post-process 腳本:

    #!/bin/sh
    
    # Search all subdirectories
    # Use rename -n for dry-run
    cd /Volumes/Backups\ HD/Anime
    find . -name '*.mp4' -print0 | xargs -0 /usr/local/bin/rename -f 's/\[(.*)\]\[(.*)\]\[(\d{2})\].*$/$2 - $3\.mp4/'

    上述腳本會通過正則將 [Fansub][Title][Episode]*.mp4 這樣的格式替換為 Plex 可識別的 Title - Episode.mp4 格式,例如 [WOLF&amp;HYSUB][Kyousougiga][00][GB][720P][MP4].mp4 就會被替換為 Kyousougiga - 00.mp4

    配置 Plex w/ Hama Agent

    注意!,已棄用 AniDB agent,改為 Hama Agent 。詳情請訪問最新文章:Hama (HTTP Anidb Metadata Agent) and Plex Media Server – 2014-04-09

    訪問 Plex 論壇 下載 AniDB agent 并安裝,通過 Plex 的 web 界面進行管理即可

    完成配置後可通過下列指令進行 dry run 測試:

    flexget -c ~/.flexget/config.yml --test execute

    以下是效果圖:

  • How to Batch Delete PNG Screenshots in iPhoto

    输入下列命令,替换其中的路径即可:

    find /Volumes/Remote HD/Pictures/username/iPhoto Library/Masters/ -name '*.PNG' -type f

    注意以上命令不会删除图片,只会将其显示,如需删除,需要在最后添加 -delete 选项,即:

    find /Volumes/Remote HD/Pictures/username/iPhoto Library/Masters/ -name '*.PNG' -type f -delete

    注意!此方法删除不可逆,图片不会进入垃圾桶,而是直接删除。另外此方法同样适用于「批量删除所有 MOV 视频」

  • Fix “The folder “Backups.backupdb” can’t be opened because you don’t have permission to see its contents.” Error

    According to this site, you can simply use the following command:

    sudo chmod -RN /path/to/your/backup/

    But note that it may taks very long to remove all ACL attributes.

    If the method mentioned above didn’t work, you may also try this one:

    You could also invoke “Enter Time Machine” as root. That requires Finder to be started as root first, so only for those who understand the risks. In Terminal, for both Leopard and Snow Leopard:

    sudo /System/Library/CoreServices/Finder.app/Contents/MacOS/Finder

    In Snow Leopard this does not (always?) open an initial Finder window. Do not click the Finder icon in the Dock (which might take you to your normal Finder), but use Command-Tab to go to Finder (which will be the new root-Finder). Here, hit Cmd-N for a new Finder window.

    The new Finder looks like a normal Finder, but you’ll notice root next to the home folder icon in Finder’s sidebar. While the root-Finder is active, enter Time Machine (and once again validate that root is shown next to the home folder icon). This should allow you to browse, delete or restore what you need (but, for the original question: it won’t solve your access issues permanently).

    (As usual, holding down Option while clicking the Time Machine icon will change “Enter Time Machine” into “Browse Other Time Machine Disks” if you need to examine a disk that is not associated to your current machine. You might not need to be running as root to do that though!)

    When done, eject the Time Machine volume if applicable. Next, hit Ctrl-C in Terminal to stop the root-Finder. The usual Finder will still be running, but in Snow Leopard the indicator in the Dock may have gone. Run killal Finder if that bothers you. (And if you forgot to eject the Time Machine volume while you were still root and the disk doesn’t unmount properly at a later time, or if Time Machine won’t mount it correctly when running its hourly backup, then you may simply log off as an easy fix.)

    (If anyone knows how to do this without first running a root-Finder then please tell us! Running sudo "/Applications/Time Machine.app/Contents/MacOS/Time Machine" does not give the expected result, and I assume that the Time Machine galaxy window is in fact part of Finder. For the sake of search engines: “run time machine as root”, “start time machine as root”.)

    This method is tested and also works fine in Mountain Lion.

  • 警惕 Mac App Store 上的 QQ for Mac 2.3.0 更新

    此次 2.3.0 的更新有如下内容:

    中文:

    1. 因为 apple 审核规则限制,我们取消了菜单栏的新建 qq 按钮,仅支持 command+n 快捷键新建 QQ.
    2. 新增文件盒子功能
    3. 新增请求与通知集成面板
    4. 传文件面板界面优化
    5. Retina 下截图支持尺寸选择
    6. 截图功能可独立使用
    7. 新增快速登录插件,支持快速登录腾讯服务
    8. 修复了提取消息卡顿的问题
    9. 修复了 Retina 下头像模糊的问题

    「支持 command+n 快捷键新建 QQ」,是不是感觉很牛屄?「新增快速登录插件,支持快速登录腾讯服务」屌爆了有没有?第一次运行后,有如下提示:

    当然是全部取消勾选,然后通过 CleanMyMac 2 的检测,我们发现有一个 QQ Login Item:

    厉害的是系统中并没有这个:

    通过查看 launchctl 的手册我们可以发现,一般开机运行有以下几处:

    • ~/Library/LaunchAgents Per-user agents provided by the user.
    • /Library/LaunchAgents Per-user agents provided by the administrator.
    • /Library/LaunchDaemons System wide daemons provided by the administrator.
    • /System/Library/LaunchAgents OS X Per-user agents.
    • /System/Library/LaunchDaemons OS X System wide daemons.

    但在上述目录中完全找不到 QQ 的影子,我们也懒得一点点查了,总之很厉害有没有?

    然后我们接着打开系统防火墙,发现了奇怪的东西:

    QQPlatform.app 是什么?通过搜索 QQPlatform,我们发现这玩意好像并不是什么好东西,被 多个网站 定义为 Trojan.agent 和 Trojan-Downloader.agent 木马,具体那东西做了啥我们也懒得开 Charles 一点点抓了,总之把 conn 给 block 掉

    另外值得一提的是之前提到的「新增快速登录插件,支持快速登录腾讯服务」,是需要去腾讯官网下载的,Sandbox 立功了:

    经过以上分析,我们能得出以下结论:

    • 一定要开防火墙
    • OS X 上最好不要安装中国 app,随着 Mac 的越来越流行,国内的大老板们肯定会盯上这块肉
    • 有 Mac App Store 的版本不要用官网下载的版本
    • 如果必须要装,请不要在主力机上装,比如我们就装在 Mac mini with OS X Server 上,要用的时候通过 VNC 来使用
  • New Mac Checklist – mactips – Helpful configuration tips for OS X users

    This checklist is mainly aimed at setting up a new Mac laptop, with OS X 10.8 (Mountain Lion) pre-installed. Some notes regarding modifications to this procedure for Mountain Lion desktops, or computers that have been upgraded to Mountain Lion from a previous version of OS X, are included. This procedure is what I do – you might find all, some, or none of it useful for your own particular requirements and preferences. The procedure for setting up an OS X 10.7 (Lion) computer is not substantially different.

    via New Mac Checklist – mactips – Helpful configuration tips for OS X users.

  • Java SE 6 Locations

    The location of the Java SE 6 runtime home has changed to /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home. JDK bundles provided via the Developer package, developer previews, and 3rd party JVMs should be installed in /Library/Java/JavaVirtualMachines or ~/Library/Java/JavaVirtualMachines. Developer previews of Java can now be installed and uninstalled without affecting the system JVM(s).

    Source

  • compiler errors – Cannot compile ruby 1.9.3 – Stack Overflow

    With Xcode 4.6 I was also getting this problem. I installed the command line tools which made gcc available in /usr/bin/gcc.

    I managed to get it to work using:

    rvm install 1.9.3 --with-gcc=gcc

    NB. I dont have homebrew installed.

    via compiler errors – Cannot compile ruby 1.9.3 – Stack Overflow.

  • Things You Need To Do Before You Reinstall Adobe Photoshop

    • Brushes
    • Actions
    • Textures
    • Gradients
    • Keyboard Shortcuts
    • Color Scheme
    • Plug-Ins (/Applications/Adobe Photoshop CS6/Plug-ins)
    • Scripts (/Applications/Adobe Photoshop CS6/Presets/Scripts)
  • Connecting to MAMP sites from other local network clients | Raygun

    The solution is to create a local proxy server on the machine that has MAMP installed, and then configure the client to use that proxy to browse the web. The client configuration only takes a few seconds, and is easy to disable once you’re done.

    via Connecting to MAMP sites from other local network clients | Raygun.