wget certificate validation
For years I've been using wget to download things from sites secured with SSL, but always got a "Certificate verification error .. unable to get local issuer certificate". You can bypass this with a switch (which is what I'd immediately afterwards) but one fateful day I decided to figure out how to fix it properly.
It turns out that OS X comes with a certificate bundle in /usr/share/curl/curl-ca-bundle.crt , but I downloaded a larger and presumably more hardcore one from here and put it in /usr/share/curl/
Then do this:
echo ca-certificate=/usr/share/curl/cacert.pem >> ~/.wgetrc
CPanel tips
CPanel causes me a fair bit of trouble! One problem I had was that an account had a number of mailboxes, but all mail was shifted to another mail server and the MX was updated. However, mail generated on the CPanel server was still being delivered locally. Predictably, this went unnoticed for two years. I fixed it by:
- Deleting all mail accounts from the domain
- Removing custom MX record (which caused it to point back to the CPanel server)
- Adding customer MX record (making sure the checkbox about delivering locally wasn't ticked)
- Check that /etc/localdomains doesn't contain the domain and that /etc/remotedomains does.
OS X IP address change Growl notifier
There's a blog tag thingy going around where you run a command that tells you which command you run most often. Embarrassingly, mine is ifconfig, which I like to repeatedly run because OS X doesn't come with a watch command and I spend a lot of time using unreliable wireless networks. This prompted me to set up scripts that alert me via Growl when my address changes.
In ~/Library/LaunchAgents/org.tristesse.ipnotify.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>org.tristesse.ipnotify</string>
<key>ProgramArguments</key>
<array>
<string>/usr/local/bin/ipnotify</string>
</array>
<key>WatchPaths</key>
<array>
<string>/Library/Preferences/SystemConfiguration</string>
</array>
</dict>
</plist>
In /usr/local/bin/ipnotify, which is chmod 755
#!/bin/bash EN0IP=`ifconfig en0 | grep 'inet ' | cut -d' ' -f 2` EN1IP=`ifconfig en1 | grep 'inet ' | cut -d' ' -f 2` /usr/local/bin/growlnotify -H localhost --appIcon "Network Utility.app" IP address changed -m "IPs changed to en0: $EN0IP en1: $EN1IP"
I found that I needed to enable Growl's "Listen for incoming notifications" or else growlnotify would miss messages. Apparently this is a bug with OS X Lepoard and Growl 1.1.2.
You have to tell launchd to load the new action, which is done by running launchctl load ~/Library/LaunchAgents/org.tristesse.ipnotify.plist
It might be worth modifying the script to only report if you've got an address, or you'll be notified even when no address is found, which you're unlikely to care about.
Even better would be to use ipconfig getifaddr. Note to self: locate and compile a list of OS X specific commands that replace BSD commands plus hackish string manipulation.
Getting the current SSID in OS X
There are a few pretty ugly ways that I know of:
ssid=`/System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport -I\
| grep ' SSID:' | cut -d ':' -f 2 | tr -d ' '`
ssid=`ioreg -l -n AirPortDriver | grep APCurrentSSID | sed 's/^.*= "\(.*\)".*$/\1/; s/ /_/g'`
ssid=`system_profiler SPAirPortDataType | awk -F": " '/Current Wireless Network/{print $2}'`
Breaking the slot-load DVD drive in a MacBook
I broke the slot-load drive in my MacBook by pushing a DVD into the slot while the computer was powered off (this saves valuable seconds you'd otherwise spend switching it on, putting it in, and turning it off again, or alternatively finding somewhere safe to put the DVD. Apparently weither were appealing options for me at the time). I spent my teenage years pushing tray-loading CD-ROM drive trays in while they were powered off and suffered no ill effects. This just doesn't fly with a slot-load drive, though. If you've done this and find that it no longer accepts a disk, but rather makes crunching noises before spitting the disk out at a rather high velocity, have the drive replaced. Preferably under warranty.
Bash tips
When I remember all of these, they save me lots of time.
- Ctrl + K - Clear the line after the cursor
- Ctrl + U - Clears the line before the cursor position. If you are at the end of the line, clears the entire line.
- Ctrl + T - Swap the last two characters before the cursor
- Alt + T - Swap the last two words before the cursor
- Alt + F - Move cursor forward one word on the current line
- Alt + B - Move cursor backward one word on the current line
- Alt + . - Insert last word of last command
Microsoft Exchange drops email when GFI FaxMaker uninstalled
I moved an installation of GFI FaxMaker from an Exchange 2003 server to a separate machine and installed the 'Exchange only' bit, which really just adds an SMTP connector pointing to the GFI machine's SMTP service. I then found that mail to faxmaker.com was being dropped without bounces (and a message about failure to deliver with the advanced queue, or something). After some fiddling I found that I could add another domain to the connector (eg, fax.example.com) and this would be relayed properly. It's possible to add a new domain to FaxMaker's 'accept' list through the registry, but the problem was due to FaxMaker's event sink not being unregistered properly when I uninstalled it.
Daniel from GFI helpfully provided the following VBScript:
Const catidSmtpOnArrival = "{FF3CAA23-00B9-11d2-9DFB-00C04FA322BA}"
Const bindidInboundSink = "{483C5DC8-22A0-4B74-9CA9-BA0084156FE0}"
On Error Resume Next
Set InboundSink = GetObject("IIS://localhost/SmtpSvc/1/EventManager/EventTypes/" & catidSmtpOnArrival & "/bindings/" & bindidInboundSink)
If Err.Number = -2147023838 then MsgBox("Warning: Failed to connect to MetaBase. IIS is probably disabled.")
If Err.Number = -2147024893 then MsgBox("Warning: FMSink is not registered in the MetaBase.")
If Err.Number = 0 then MsgBox("Success: FMSink found in Metabase.")
The solution? Allow IIS metabase editing, edit the metabase, and remove all references to the FMSink (by searching for the ..56FE0 GUID).
MacBook gets stuck in overwrite mode
This only seems to bother me when running Windows in a VM, but occasionally I'll do something that causes overwrite mode to be activated. The MacBook doesn't have an Insert key, but it does have Fn-M (number pad zero)! This will switch it off.