We’ve noticed problems with mouse cursor tracking, on Thunderbolt Macs attached to displays.
In the middle of moving the cursor with mouse or trackpad, the cursor jumps or skips making it difficult to control.
We tracked down the problem to background runs of system_profiler. Specifically, when system_profiler queries the display for information.
Running system_profiler without flags or with the SPDisplaysDataType data type triggers the problem.
To reproduce the problem at its worst, run the following in Terminal on a Thunderbolt Mac attached to a display and attempt to use the tracking device:
while [ 1 ]; do system_profiler SPDisplaysDataType; done
Apple is aware of the issue, but has stated that this is expected behavior.
Many tools that rely on system_profiler trigger the issue including JAMF Casper Suite, Puppet, and Apple Remote Desktop. These and other tools routinely inventory the Mac using system_profiler.
There is currently no workaround for getting display information such as Display serial number. And the only way to avoid the trigger is to run system profiler with each data type excluding SPDisplaysDataType.
If you think Apple should address the issue, please let them know.
Apple has some restrictions in place to prevent access to LaunchAgents running in a user session context.
But you may want to load or refresh a LaunchAgent as part of your install without requiring the user to log out and back in.
I prefer not to require logouts and reboots in my installation packages. Where possible, I use munki’s unattended option so software installs silently and the user is not prompted.
After some experimentation, I came up with this hacky method of getting a LaunchAgent to load from a package being installed as root. If you have a cleaner way to accomplish this, please let me know.
Once in a while you run into a package or program that will only work properly with a user logged in. This can ruin your day if you need to automated the deployment.
I found this method of automatically logging in a user (which is quite awesome).
Using that perl script along with a wrapper script can enable you to automate these can other cases where your only option is to have a user logged in.
I started writing a script to handle this, but it turned out I didn’t need it. The script is unfinished, but it may give you a head start if you are considering something similar.
It depends on a modified version of the perl script that accepts a username and password. Just swap out the user and password lines with these that accept arguments.
my $user = $ARGV;
my $pass = $ARGV;
and I comment out the line to automatically restarts the loginwindow.
No feature changes, just a few bug fixes:
- fix issue with replacing a url dock item
- add legacy support –hupdock option for backward compatibility
- fix paths with spaces when passing full path to plist
A few times I’ve had issues with signing in or out of the Mac AppStore. The sign out may be greyed out or the login sheet does nothing.
After removing the related preferences noted elsewhere and verifying that my Apple ID billing info was okay, I did not want to log out or reboot. Killing the storeagent got things working again for me. (It is a LaunchAgent, so it will start back up again.)
Then try sign in to the Mac AppStore again.
Version 1.1 of dockutil is out:
- fixes many issues with paths (should now work with Default User Template and other paths with spaces)
- adds option to not restart the dock (–no-restart)
- fixes issue where item would be added multiple times (use –replacing to update an existing item)
- resolves deprecation warnings
- adds option to remove all items (–remove all)
- fixes issue with removals when a url exists in a dock
- adds option –version to output version
If you are getting errors “Pass phrase incorrect” in your apache logs on Snow Leopard server, it is because the key is protected by a password. I found the answer here.
The password for the key is stored in the System Keychain. It is a password entry called “Mac OS X Server certificate management”. You can open the entry and select “Show Password”. You may also use the security command line tool to dump the password.
security find-generic-password -l "Mac OS X Server certificate management" -g
security dump-keychain -d # look in data for password which will look like a GUID
Once you have the password, you can create a copy of the key without the password using openssl:
openssl rsa -in /etc/certificates/server.domain.com.uniqueid.key.pem \ -out /etc/certificates/server.domain.com.uniqueid.passwordlesskey.pem
You can then replace the password protected key with the passwordless key or point apache to the passwordless key in your /etc/apache2/sites/sitename.conf file.
- Option parsing: Read this article by Allen Wei on RubyLearning Blog for a great overview. I recommend sticking with the built-in OptionParser if you want to reduce dependencies.
- If you want your code to be loadable so you can access functions and classes in the irb console for testing, use the following pattern:
#option parsing and execution code here
if __FILE__ == $0
This way the main function will only be automatically called if the script is being executed on the command line.
And in irb, you can call your functions and classes as you see fit for testing without triggering your whole script to run.
Note that this is similar to the python __main__ test if you are coming from a python background.
- Naming without ruby’s.rb extension: You can name your executable without the rb extension if you wish, just be sure to include your shebang (#!)
To use the user’s default ruby, use:
But in some cases you may want the specify the path to ruby so you can use macruby or rubycocoa if you are need those frameworks to be available
When testing in irb,
won’t work without the rb extension, but
- Use exit codes. When your script fails or needs to communicate status at exit, use standard exit status codes.
Exit zero for default success status
Exit any other number for a failure or warning status. You choose the exit codes for your tool, but be sure to document them if they require more explanation than simple success or failure.
- Output to stderr using:
$stderr.puts "error: problem ...."
It is pretty cool how Apple System Profiler has a command line equivalent (system_profiler). And it is pretty cool how system_profiler has a -xml option to allow for easier parsing. You might use this info for extracting asset information into a database or for puppet facter facts.
However if you’ve ever looked at that xml, you know that it is a tree full of unpredictable semi-structured data that was designed specifically for the GUI app. So even though you can parse it with your favorite plist parser, there is still a lot more work to do to get to the data you care about.
The tree structure is nice for a browsing through on a single machine, but not so good for reporting across many machines.
Apple stores most of the same data as key value pairs in its database for ARD reporting, but they do a lot of massaging of the data to get it that way.
It is possible to get at this data in an ARD database if you have an ARD collection server, but an ARD collection server isn’t for everyone and doesn’t serve every use case.
You can still get at the nicely formatted ARD information. ARD client includes a tool that outputs most, if not all of the asset information you care about in a much nicer structured format for reporting.
The tool is called sysinfocachegen and you use it like this:
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/sysinfocachegen -p /tmp/com.yourorganization.systeminfo.plist
Just use your favorite language’s plist parser to read the plist.