brunerd – Page 10

10.5.1 Install Media Fixes Disk Utility Bug

February 7, 2008June 13, 2011 brunerd 3 Comments

So I waited until the last minute to do the Leopard Up-to-Date program for my mac mini. One because the dang website wouldn’t recognize my mini’s serial number since December (and never did, they made me fill out the manual form — no phone orders!), but also because I wanted to make sure I got newer media. Unfortunately 10.5.2 is still in the oven, but 10.5.1 fixes this annoying bug in Disk Utility:

“Unable to create “filename“. (Read-only file system)

This would happen when you attempted to make a disk image of your hard drive and save it to another device (like an external drive), it said it was read only. I tried going through Terminal running mount -uw /Volumes/volumename to make sure it was read/write it would still balk in Disk Utility. And this was a useful thing to do before, say, upgrading to a new OS or just saving a machine image for restore/deployment like I do at work. Not a big deal since I could use a retail Tiger disc (for PPC machines) or the 10.4 (intel) install media that came with the intel machines to make backups, but I really wanted to get a Universal disc that could boot Intel and PPC and do what I wanted it to do.

Well, 10.5.1 fixes this. If you have a 10.5.0 disc, it ain’t gonna work. I was considering taking my 10.5.0 media back for an exchange, but I expensed it for work and the finance dept. has swallowed up my receipt (in a box in a warehouse Indiana Jones style, I’m sure) and I didn’t get it emailed to me as they usually do, but I think they were in a bit of a hurry since I got it on release day. C’est la vie. Besides what I really want is a 10.5.2 DVD anyway… this will be a keeper. The version that should have come out as 10.5.0 but you know they had to hit that Holiday shopping window.

Office 2008 for the ‘executive’

January 21, 2008January 24, 2008 brunerd 11 Comments

Last night, while groggily honing in on the Office 2008 installer package UID problems, I missed another glaringly obvious defect: All the files are set executable, yes those files owned by 502 are also set executable. Take a look again at the lsbom dump you’ll see this everywhere: 100775. For the first two: the 10 means it’s a file, 40 is a directory. The last three (775) are significant: 7 is 4+2+1 (4:read, 2:write, 1:execute) and 5 is… that’s right: 4+1, read and execute privileges.

Now tell me does… /Microsoft Office 2008/Read Me.html need to be executable for you to look at it? Tick, tick, tick, *ding*! No. It does not let’s do another!
Does this god awful GIF bullet? /Microsoft Office 2008/Office/Media/Clipart/Bullets.localized/Red Swirl No. But it is.
Ok. One more: /Microsoft Office 2008/Office/Media/Sounds/Yeehaw? Yeah, you’re getting it. No.

The only things that needs execute privileges are directories (that’s application bundles too) and executables such as: Microsoft Word.app/Contents/MacOS/Microsoft Word

And can you remove this execute bit in Finder? No. You have 3 choices, Read & Write, Read Only, and No Access, flip through them all and the x will still be there. You’ll need to chmod it from the terminal, but be careful, not all of them… or just give chmod -R ugo-x * a whirl, then slowly go through and chmod go+x the executables one by one and see if it still works, might be faster than the inverse… but I haven’t tested anything yet, that’s for work tommorrow… and the next day… in the mean time…

Try this: ls -lFGR /Applications/Microsoft\ Office\ 2008

You’ll be seeing red. :D

BTW: Just in case, the media I am using is Part No: X13-64625-03, I hope MS can fix this and re-press this for Volume License customers — my day job! And speaking of just in case, thanks ‘justincase’ of the Clix forums for pointing out the glaringly obvious.

Office 2008, 502, and you

January 21, 2008January 10, 2011 brunerd 33 Comments

So… I got a free copy of Office 2008 Digital Media Edition for free at MacWorld 2008! W00t! All because IDG double booked a room and the session I wanted got bumped until later. I instead went to see what’s new at the “Office2008:Form Meet Function” session, cute sounding eh? Within the first minute or two, to ensure our rapt attention I’m sure, our lady MC told us that we were all going to receive a free copy of Office 2008. Except, without the same flair as Oprah (she should have tried stretching it out: “You’re all getting Awwwwwww-Fiiiiiiiiiiiiiiiiice!!!”) Oh well, it still felt nice to win something, especially something as pricey as the Digital Media Edition which runs $467 at CDW! I got back yesterday and after debating whether I’d sell this bad boy or install it, I went with carnal knowledge of the beast.

First things first: They’ve moved to Apple’s Package Maker (.pkg) installer files, good news for the enterprise rollouts? Well, unfortunately they’ve created all the packages to install most all of the files with the owner set to 502.

So let’s say, Mr. IT installs this on a user’s machine where the first user is the admin (501) and the standard user is Joes User (502), well, when after all’s installed, it will give Joe User (502) ownership of these folders and their installed contents:

/Library/Automator/ (if it doesn’t exist already)
/Library/Fonts/Microsoft
/Library/Application Support/Microsoft
/Applications/Microsoft Office 2008

Hmmm, that’s not good now is it? Because A) Joe User will find a way to screw it up and B) those are security holes IT does not want to have. Oh, if only they’d taken a peek at p. 1060 of Cocoa Programming, which basically says, if you let root own the file but the person installing isn’t root, it will assign that user’s id to the installed files, that’s how it should be. Instead if UID 502 doesn’t exist on your system when you install it will still assign that UID as the file’s owner anyway. D’oh!

I think I feel a chown’ing script (or an Iceberg repackaging) coming on and an uninstaller script too. “But, there’s an Uninstaller!”, you say? Yes there is and it does a lovely job of moving the Microsoft Office 2008 folder to the Trash, but it kinda misses the Application Support folder, the fonts folder (and moving the disabled fonts back), and all 97 automator actions… tsk tsk. Still, it was free!

Morning Update: It was late, I was tired (and sick), and I totally didn’t think of this one: “Fix Permissions”. If you do get your ownership fixed on all those files, make sure to delete all the Office2008* files from your /Library/Receipts folder, lest you reverse it all with one click of “Fix Permissions” in Disk Utility. And no, you can’t use awk, sed, or some other readily apparent way to modify the bom files… that’s someting for the MOAB crew ;)

MyMacWorld Calendar, Outlook Compatible

January 9, 2008January 12, 2008 brunerd 6 Comments

So, the MyMacWorld site made by BDMetrics has an “Export to PDA” function that supports Outlook and not iCal. Try and import the ics file into iCal and you’ll get:"This calendar file is unreadable. No events have been added to your iCal calendar"Guh!? Let’s go back and read the description of what this exporting will get you:

This exports all your scheduled items in a single, iCalendar or vCalendar file. You may then import this file into any iCalendar-compliant system such as OutlookTM, then subsequently synch to your PDA.

Oh super, Outlook. That’s great for the PC manager who gets sent to MacWorld to see what this Mac hullaballoo is all about, but it’s useless for 95% of MacWorld’s attendees. Are you serious BDMetrics?

Update:
OK After spending way too long looking at Apple’s iCal specs and messing with the tags and blogging the whole thing (and using ♥ in my URL, so the thing broke on every other browser besides Safari!) I have the solution. But first the reason they don’t work:

iCal will only read VERSION:2.0 tagged files, MyMacWorld is VERSION:1.0

The iCalendar spec call for CRLF ending, they use an LF only

HA! Of course a spec written in 1998 by an MS employee calls for CRLF line endings! Of course, it makes sense now!

OK so here’s the code. Get thee to a Terminal, cd to where your ics file is, and copy and paste following onto one line, and you’ll be good to go
perl -p -e 's/VERSION:1.0/VERSION:2.0/g' ShowCalendar.ics | perl -p -e 's/(\r\n|\n|\r)/\r\n/g' > newShowCalendar.ics

What’s in the Quicktime 7.3.1 Update?

December 13, 2007January 12, 2008 brunerd

Well security patches are in 7.3.1 to guard against RTSP buffer overflows that gave us the hilarious 2nd Life Mugging exploit with avatars shouting “I’ve been hacked” and sending 12 Linden dollars to the virtual mugger. But also it correct the Automator issue mentioned in the previous post. Leopard User’s can now start and stop A/V captures just like their Tiger brethren. w00t.

What’s (not) in the Quicktime 7.3 Update

November 12, 2007November 13, 2007 brunerd

This one is weird…
With the new Quicktime you get movie windows with no border on the left or right, you also get some new Automator actions…
/System/Library/Automator/Enable or Disable Tracks.action /System/Library/Automator/Hint Movies.action /System/Library/Automator/New Audio Capture.action /System/Library/Automator/New Video Capture.action /System/Library/Automator/Pause Capture.action /System/Library/Automator/Play Movies.action /System/Library/Automator/Start Capture.action /System/Library/Automator/Stop Capture.action

That is, if you are in Tiger. If you on Leopard, these files are copied down but are not added to Automator. If you do add them manually (drag them in, double click them, open from Terminal), they won’t do anything.

Now if you look in an .action you will see its just a folder, like an app bundle. The meat of an action is in here /Contents/Resources/main.scpt and the Tiger and Leopard Quicktime actions are byte for byte the same (use md5 for a checksum)

The only concern is though what string you find inside (these are “Run-Only” compiled Applescripts, so no plain text):
01cd Tiger 028b 'Tiger:Applications:QuickTime Player.app 02E9 T i g e r

Hmmm, is it just me or should the strings Tiger not be in a Leopard component? Especially when they have two seperate packages for the Tiger and Leopard version of Quicktime 7.3? Come on Quicktime 7.3.1!

What’s in Hard Drive Update 1.0?

November 8, 2007November 8, 2007 brunerd

So there’s a Hard Drive Update 1.0 update out from Apple! Put on your mining hats and let’s go spelunking… first stop the package .dist file has some strings of interest:
if( model.match(/ST3500641AS/) ) if( revision.match(/3.BTD/) ) if( model.match(/ST3750640AS/) ) if( revision.match(/3.BTF/) )

This refers to Seagate’s 750GB & 500GB drives

What else can we find? Once we open the archive.pax.gz there’s the actual Hard Drive Update 1.0 Cocoa app, which has a very scary sounding readme.rtf file inside the Contents/Resources/.lproj:

Warning: It is strongly recommended that you back up the data on your hard drives to an external drive or removable media before running this update. Do not reset, shut down, or turn off power to your computer while performing this update. If an error occurs during the update process, your hard drive(s) may become unusable and all data could be lost. If you have not backed up your data, click Quit and do so now.

As Count Floyd would say: “Oooh Scary”

Next up is the MacOS/Hard Drive Update 1.0 binary and a selection of strings:
installEFIUpdater: %@/%@/hdfw.efi This computer is not connected to an AC power source.
It uses an EFI application that will update the firmware on the drives (the AC line makes me chuckle, to think of what the battery life of a Mac Pro would be?! Obviously they used a template for this.)

Inside hdfw.efi are strings that refer to Cygwin, interesting what platform they are using to develop this with: a Windows box emulating *nix
C:\cygwin\home\Loki\Platform\Apple\Common\Application\ATAHDFWUtil\ATAHDFWUtil.c C:\cygwin\home\Loki\Platform\IntelMpg\AppleTools\Build\X64\ATAHDFWUtil.pdb
Inside the Hard Drive Update 1.0.app/Contents/Resources/System/HDFW directory are hives of model names with single string files (FWAlias & FWCurrent) and the actual firmwares (FW01):
ST3500641AS__P 3_BTD/FWAlias ST3500641AS__P 3_BTE/FWCurrent ST3500641AS__P_3_BTE/FW01 ST3500641AS__Q 3_BTD/FWAlias ST3500641AS__Q 3_BTE/FWCurrent ST3500641AS__Q_3_BTE/FW01 ST3750640AS_P 3_BTF/FWAlias ST3750640AS_P 3_BTH/FWCurrent ST3750640AS_P_3_BTH/FW01 ST3750640AS_Q 3_BTF/FWAlias ST3750640AS_Q 3_BTH/FWCurrent ST3750640AS_Q_3_BTH/FW01
Here’s an amusing edited list of strings :D
0000000000000c96 Lube Event 0000000000000d28 Virgin Sector Cleaned 0000000000000e8f Enter DateOfBirth YYWW 0000000000000eaa Enter 64Bit WorldWideName 000000000000534c DRIVE HAS BEEN SET-STUFFED -%1 00000000000058ca Invalid caller to SaveStuffToDisk()! Write not done! %x 0000000000006c1a !! Going Offlimits !! 0000000000006c31 Sleep?
Sounds like a date gone wrong! You really should get the DOB before initiating a lube event on a virgin sector… *ahem* let me try and get back on track with a couple informative strings about the guts of the drive:
0000000000012b4b Orig Code = BTG4H1 TONKA2_GX_4H1.0GC.0B9 0000000000012e87 Built for GALAXY4D,PITKIN,Redback,TI1810 PreAmp,Agere7531 PreAmp,McKinleyDT,4Disk,220 Servos,7200RPM,8Pole,133MHz

Well, enough spelunking I’m headed topside now.

What’s in the Login & Keychain Update 1.0

November 7, 2007November 7, 2007 brunerd

The Login & Keychain Update 1.0 for Mac OS X 10.5 Leopard is recommended for all Leopard installations. It addresses issues you may encounter when:

*Logging in with an account originally created in Mac OS X 10.1 or earlier that has a password of 8 or more characters.
*Connecting to some 802.11b/g wireless networks.
*Changing the password of a FileVault-protected account.

What files does it affect?

/System/Library/Extensions/IO80211Family.kext/Contents/PlugIns/AppleAirPortBrcm4311.kext/Contents/MacOS/AppleAirPortBrcm4311 /System/Library/PrivateFrameworks/DiskImages.framework/Versions/A/CodeResources /System/Library/PrivateFrameworks/DiskImages.framework/Versions/A/DiskImages /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/CodeResources /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices

Brcm4311 meaning the Broadcom 4311 wireless chip
I’m sure this is a stop-gap until 10.5.1

What’s in the ATI Radeon X1900 XT Firmware Update?

October 16, 2007November 7, 2007 brunerd

OK so there’s an update for the Radeon X1900 and we really don’t know what’s been improved…
If you wanna know where the ROM is it’s here
ATI Radeon X1900 XT Graphics Card Update.app/Contents/Resources/ ATIFacelessFlash.app/Contents/Resources/R580Alopias_1.202_EBC.ROM

And what’s in it? Pure binary. No symbol tables, no strings save for the the device number and copyrights….
ATY,Alopias ATY,RadeonX1900 113-A52027-202 109-A52027-00 01.00.202 AMD Inc. All Rights Reserved. 2005-2007
If we had the original ROM and this we could see what’s different then reverse engineer the binary! Whatcha think? :roll:

Me thinks Apple and AMD/ATi should pimp themselves better for all their hard work…. unless it’s a bone headed bug they had to fix :lol:

Mac Pro 10.4.10 AutoNegotiation Woes

October 11, 2007October 11, 2007 brunerd 2 Comments

In case you didn’t know, MacPro’s with 10.4.10 are connecting at 10Mb speeds to 1000Mb switches and hubs… bummer :(

So a kext is the culprit:
/System/Library/Extensions/IONetworkingFamily.kext/
Contents/PlugIns/AppleIntel8254XEthernet.kext

In 10.4.9 it’s version is 1.1.7a3, in 10.4.10 it is 1.1.8a2, in 10.4.11 it is 1.1.8a6
That doesn’t matter much really, but that’s the details.

So you gotta roll back the kext:
1. Get the 10.4.9 Intel Combo Updater
2. Get OpenUp or Pacifist
3. Open the DMG
4. Show contents on the PKG
5. Copy out the pax.gz file to the desktop
6. un-Gzip the pax, and open that up (with Pacifist or OpenUp)
7. Get the old IONetworkingFamily.kext
8. Copy it into your /System/Library/Extentions

Now, the ownership on the kext need to be changed to root:wheel or if you’re in Finder system:wheel
Also, you should either delete the kernel caches or:
sudo touch /System/Library/Extensions
this changes the date stamp on the directory and OS X will recreate the kernel caches…

And yes, the 10.4.11 seed update corrects this.

Bonus Log files: These have been “prettied up” for readability, but you’ll see, 10.4.10’s driver is just spitting out Zer0s so the network switch/hub has no choice but to say “O K… I ‘ l l s p e a k s l o w e r t h e n…”

10.4.9: Auto-Neg Advertise Reg (04d) = 0xde1, Link Partner Ability Reg (05d) = 0xc5e1, Gig Advertise Reg (09d) = 0xe00, Gig Link Partner Ability Reg (10d) = 0x7800


10.4.10:

Auto-Neg Advertise Reg (04d) = 0xde1,

Link Partner Ability Reg (05d) = 0x0,

Gig Advertise Reg (09d) = 0xe00,

Gig Link Partner Ability Reg (10d) = 0x0

10.4.11(seed, much prettier logging in this kext): Auto-Negotiation Advertisement Register (04d) = 0xde1 Auto-Negotiation Link Partner Ability Register (05d) = 0xc5e1 Auto-Negotiation Gigabit Advertisement Register (09d) = 0xe00 Auto-Negotiation Gigabit Link Partner Ability Register (10d) = 0x7800 PHY Specific Status Register (17d) = 0xaf48

If this info from 10.4.11 is NDA well bite me, I think people should know it’ll be fixed in the future, right? :)