Sad Macs: Road Service for the Infobahn

Page 852 of Mac OS X Help Line. In the sidebar titled "Troubleshooting Web Browsing and Email:Beyond Mac OS X," I state that Chapter 13 from Sad Macs, Bombs & Other Disasters (Peachpit 2000), titled "Road Service for the Infobahn:TheWorld Wide Web,Email and Beyond," is available for download from this Web site.

To download a PDF file of the Sad Macs chapter, click here.

Corrections, clarifications, and changes

This section contains a list of changes and corrections to Mac OS X Help Line. You'll find two types of items here:

• At over 1100 pages, it is just about inevitable that there will be some minor errors in the text. There may also be instances where, while not exactly an error, the text could have been a bit clearer. As I find them, all such errors and clarifications will be posted to this list.
  
  
• As Apple releases updates to Mac OS X and related software -- and publishes new technical documents covering various facets of Mac OS X -- some statements in the book that were correct and complete when written will require modification to remain correct and complete. Major changes will have to wait for the next edition of the book. But in cases where a brief revision will address the issue, I will cite the new information here.

This list is a work in progress. It will continue to be updated as qualifying items are found. If you own the book, and spot something that you believe should be listed here, please let me know.

Front Matter

Page vii and xxxv: Foreword. The word Foreword is spelled incorrectly on both these pages. In my own defense: I had spelled the word correctly, but it was somehow changed to the wrong spelling during proofreading, just prior to going to the printer.

Chapter 2

Page 60: Forget your password? Here is a clarification to this section of the sidebar:

If you forget your Master Password, you can still create a new one by doing the following: Delete the FileVaultmaster.cer and FileVaultMaster.keychain files in /Library/Keychains and then restart your Mac. To delete these files via Terminal, type:
sudo rm /Library/Keychains/FileVault*

The Master Password will now be cleared and you will have the option to create a new one (e.g., in the Security System Preferences pane) without having to know the old one.
Note: If you do this, user passwords are not yet stored with the new Master password. Thus, the ability to change a forgotten password via the Master Password option in the Hints window (as described above) will not work. To get this working again, login to a user’s account with their current password and change it to a different password. This stores the new password with the new Master password.

WARNING! If you forget both the Master password and the user’s login password for a FileVault-encrypted account, there is no way to access or recover the data in that account!

Page 67: Use the F1-F12 keys for custom actions. Starting in Mac OS X 10.3.3, this new option appears in the Keyboard & Mouse System Preferences pane of laptops Macs. If enabled, you will need to hold down the Function (fn) key to perform the default action of the keys. In other words, if enabled, functions such as adjusting brightness and volume will require the Function key to work.

Page 81: TinkerTool. TinkerTool is no longer available as a System Preferences pane. It is an application.

Page 81-82: Installing third-party Preference panes. When you download a third-party System Preferences pane from the Internet, it may include an installer that automatically places it in the correct PreferencePanes folder. Otherwise, simply double-click the downloaded pane file. This will launch the System Preferences application and a dialog will apppear asking which PreferencePanes location to place the file.

Chapter 3

Page 128-129: Disk Utility and case-sensitive HFS formatting. The option to create a case-sensitive HFS Plus volume appears in Disk Utility, but only if you are running Mac OS X Server. To determine whether or not you are running Mac OS X Server, Disk Utility checks for the ServerVersion.plist file in /System/Library/CoreServices/. If it finds it, the case-sensitive option appears.

Page 145: Warning about extracting files from Pacifist: Starting with Mac OS X 10.3.4: In addition to the Combo and Delta versions of Mac OS X updates, there is a new smaller-sized Delta version, called the patch version. This patch version is only available from Software Update, which checks to see if your currently installed Mac OS X version can use the patch to update. The patch update is smaller because it does not have complete versions of all the software to be installed (unlike the Combo and Delta updates). Thus, you should not extract files from a patch update to use as a replacement to existing files, as the files from the patch update may be incomplete.

To tell if you have the patch update, check the name of the update package/receipt: if it is the patch update, it's name will end in "Patch.pkg."

Page 178-185: Transferring data to a new Mac. One of the reasons for making a backup of your drive is to prepare to transfer your existing data to a new Mac. Apple has updated (as of June 2004) the Apple Setup Assistant utility to include a new transfer feature that greatly simplifies this process. Essentially, you connect two Macs together via FireWire, run the utility, select from among a few options, and the rest is handled automatically.

Page 185: Backups of Bootable Volumes that Don't Boot: Regarding this sidebar, also see the sidebar on "Blessed Systems" on pages 387-88, for related advice.

Page 203-205: Separately reinstall Safari. If Safari no longer launches successfully after installing a Mac OS X update (such as 10.3.3 over 10.3.2), the solution is to download Safari from the Web and reinstall it.

Chapter 4

Page 228-237: Domain priority. To clarify the text in the book: When Mac OS X searches for something in Library folders, it typically does so in the following order: User, Local, Network, and then System. Note: The Network domain contains the resources available to all users of a local area network, typically via a server as set up and implemented by a network administrator.

Page 281-282: Wheel group no longer used in Mac OS X. Relevant to the discussion in the sidebar titled "Group Settings Explained," the wheel group is no longer used in Mac OS X 10.3 and later. Instead, its role as been taken over by the admin group. In UNIX, wheel group membership is needed to use the su command. In Mac OS X, such root user access is now almost never needed in the Finder as the admin user can perform almost all actions that might otherwise require root access. Apple states: "The only thing the administrator is prevented from doing is directly adding, modifying, or deleting files in the system domain."

Chapter 5

Page 355-358: Open Firmware troubleshooting. What if you enabled Open Firmware password protection via the Open Firmware Password application, but cannot now access this application (e.g., because you cannot successfully complete a startup) and need to troubleshoot your computer by: Resetting the PRAM, starting up in single-user mode, starting up in Verbose mode, or starting from CD-ROM? Can you do so. Yes. To do so, access Open Firmware at startup (via the Command-Option-O-F keys) and entering the following commands (providing your Open Firmware password when requested): reset-nvram and reset-all. Press Return after each command.

Page 369-370: Bootstrap daemons. Page 369 discusses creating a bootstrap daemon to launch an application at login for all user accounts. Another method that accomplishes the same goal is to create a loginwindow.plist file in the /Library/Preferences folder (or use the file already there, if there is one). Then, using the same format as for the loginwindow.plist in ~/Library/Preferences, add the desired application to the AutoLaunchedApplicationDictionary. This method avoids having to modify files in the UNIX directories. Still, I find the bootstrap daemon method to be just as easy to do - and more flexible (because of its ability to run shell scripts directly).

A sentence on page 370 reads: "Bootstrap daemons run twice during startup." To clarify: Bootstrap daemons are run at two different points in the startup sequence. However, different daemons are run at each point. I did not mean to imply that the same daemon runs twice.

Page 369-370: "mach" name error. In the middle of page 369 and near the bottom of page 370 are references to a directory listed as mac_init_per_user.d. The name is incorrect. It should be mach instead of mac. That is the name should be mach_init_per_user.d.

Page 381: Netbooting. Use of N key not needed to Netboot if a netbooting server has been previously selected.

Page 407: CrashReporter preferences. In the sidebar, the Terminal command: defaults write com.apple.CrashReporter crashreport should instead be: defaults write com.apple.CrashReporter DialogType crashreport.

Page 416: Force-quitting the frontmost application. Shift-Command-Option-Escape will cause the frontmost application to immediately quit - at least for Cocoa applications (such as TextEdit). Carbon applications (such as AppleWorks) do not appear to respond to this command.

Page 433-435: Diagnosing kext file problems. If USB, FireWire, or PCI-card connected devices do not work after installing Mac OS X 10.3.3, third-party extensions may be the cause. This was fixed in Mac OS X 10.3.4, as noted in this Apple Knowledge Base article. However, the original version of the article, posted prior to the release of 10.3.4, described a procedure for diagnosing and isolating a problem kext file. The procedure required the use the kextstat command in Terminal. This procedure may still be of value should a similar problem arise in the future. I will probably discuss this more in the next edition of the book. Until then, if you want a copy of the original KB file, send me an email to request it.

Page 441-444: Repair Disk Permissions. When run from the Mac OS X Install CD as the startup volume, it still uses the Receipts folder from drive being repaired to determine the correct permissions.

Page 450-451: Using Disk Utility's First Aid. When attempting repairs with Disk Utility's First Aid, if you get a message that says “Volume not repaired” as opposed to “Could not be repaired,” repeat the repair attempt. It may succeed on next try or two. If you get the latter message, success is unlikely, even with repeated attempts.

Page 451-455: Repair utility news. DiskWarrior has new feature that lets you build your own bootable CD when a new version comes out. Symantec has discontinued Norton Utilities and Norton SystemWorks. It will be updated to support future versions of 10.3, but will then be end-of-life.

Page 456-457: Prebinding. Prebinding is now done automatically in Mac OS X in most cases. There are exceptions. For example, automatic prebinding will not occur for a file that contains type/creator codes or a resource fork. It may also not occur if an application was drag-installed instead of using Apple's Installer utility.

To manually update the prebinding information for a single application, launch Terminal and use the redo_prebinding tool. To update prebinding information for one or more applications or frameworks, use the update_prebinding tool. When using Apple's Installer utility, the following command is typically issued to force prebinding of all files: update_prebinding -root /.

Chapter 6

Page 508: Alternatives to Get Info; Problems saving documents. Even if you have Read & Write access to a file, you may not be able to save changes to it if you have Read Only access to the folder that contains the file. This is because some applications (such as TextEdit) create a temporary file when saving changes. But because of Read Only access to the folder, you cannot create the temporary file, so Save is prohibited!

Page 580: Swap file size. The book implies that all swap files are 80MB in size. This is not so. They can vary in size.

Page 583: Internet connection performance check. You can get a useful estimate of the performance speed of your Internet connection by running Web-based tests. Two good examples can be found at www.toast.net/performance and www.pcpitstop.com.

Page 584-586: Mac performance check. To check other aspects of your Mac's performance (such as hard drive speed or graphics speed), you can use third-party utilities such as Xbench or TechTool Pro. Advanced users should also check out the sysctl tool, as accessed via Terminal.

Chapter 7

Page 600: Check for printer updates… Regarding installing third-party printer drivers, the Printer pop-up menu in the Print dialog -- on some Mac systems -- includes a new Check for printer updates item. Selecting the item launches Software Update.

Page 647: Do Administration Tasks. Starting in Panther, as a security measure, when you select the Administration item, you will be asked to give your administrative name and password. A change to the "Encryption Required" section of the cupsd.conf file is responsible for this change in behavior.

Unless you provide your password as requested, you will not be able to perform many of the actions from the other CUPS web pages.

Page 651: CUPS Restart Job buttons. If you make the change described here to allow the Restart Job buttons to work, the buttons may still not work. Instead, you will get a message that says "client-error-forbidden." The solution is to first go to the Administration page and enter your password when asked (as described in the previous item). When you return to the Completed Jobs page and select Restart Job for an item, the item will now print.

Note: The print jobs are stored in the /var/spool/cups directory (as described on page 645). You will find two type of files here: ones that begin with a c (such as c00212) and ones that begin with a d (such as d00212-001). The latter files are the actual print jobs. If you drag one of these files to BBEdit or TextWrangler, it will open and correctly display the print job output - much like a Print Preview feature. [Other applications will likely display either raw code or nothing at all.] You can now select to Print.

Chapter 8

Page 711: WAN Privacy vs. Base Station Options. In the latest versions of the AirPort Admin Utility, the WAN Privacy button has been renamed to Base Station Options.

Selecting the "Enable Default Host at" checkbox (in Base Station Options) can be used to set up a client computer as a DMZ host (as discussed on page 752). In the next edition of Help Line, I expect to expand on this and other AirPort-networking related topics.

Page 750: tftp command and LinkSys routers. After upgrading the firmware of the router via the tftp command, you may find that many of your settings have been reset to default values. Confirm that all of your settings are correct before continuing.

Page 754: Launch Services vs. internetconfig.plist. A third-party preferences pane called Default Apps (RCDefaultApp) is another utility with features similar to More Internet. In some ways it is better than More Internet. In particular, More Internet limits itself to checking the internetconfig.plist file, whereas RCDefaultApp also checks Launch Services data -- which (as indicated in this Apple Developer document) can "Identify the preferred application for opening a document or URL." Actually, as the Apple document goes on to state: "Launch Services’ facilities for dealing with URLs were formerly implemented through the Internet Config API. Launch Services replaces and supersedes the Desktop Manager and Internet Config with a new API providing similar functionality, but designed to operate properly in the Mac OS X environment." In other words, we can expect internetconfig.plist to be eliminated altogether in a future revision to Mac OS X.

Page 825: Measure AirPort performance. In addition to the advice already in the book, other tools are available to monitor AirPort signal strength (as well as check for nearby AirPort networks). These include: MacStumbler, AP Grapher, as well as Apple’s own AirPort Management Tools.

Page 840-843: URL security risk fixed. A very serious security risk was discovered in Mac OS X. Essentially, it worked because URL schemes could be used to open other applications. For example, the help:// scheme would open Apple's Help Viewer application. In addition, Help Viewer itself includes an AppleScript function that could be exploited so that Terminal gets launched and a harmful command (such as one to erase your home directory) is executed. This could all be accomplished simply by loading a Web page that contains the needed malicious code. Actually, this is just one example of a more general vulnerability that is not limited to Help Viewer. A similar attack involved downloading a malicious program to your drive and getting it to launch, all via loading a Web page. Happily, Apple released security updates that completely squashed this bug. For example, you are now warned if an application that you have never launched before is indirectly launched (e.g., via a remote command). Prior work-around solutions (such as disabling vulnerable URL schemes via the RCDefaultApp software or using the freeware utility Paranoid Android) are thus no longer needed.

Page 840-843 and 847: Resume downloads from Safari. In the latest versions of Safari, a Resume button appears in Safari’s Download window if the downloading of a file is interrupted before completion. Click the button to resume an interrupted download.

Page 847-852: Duplicate messages in Mail. If you are getting duplicates of your received mail (for POP accounts) in Apple's Mail application, a potential solution is to delete the MessageUidsAlreadyDownloaded file(s), located in the POP folders inside the ~/Library/Mail directory.

Chapter 10

Page 977: open -a. With the open -a command, it is not necessary to specify a full pathname, if the application is in one of the auto-searched directories (such as /Applications). You can even omit the .app extension. Thus, open -a Preview will launch the Preview application.

Page 1007: Packet traces. To do a packet trace over Ethernet, use this specific command:

sudo tcpdump -i en0 -s 0 -w ~/Desktop/DumpFile.dmp

See this Apple Knowledge Base article for more details.

Chapter 11

Page 1030: iTunes Music Store restrictions. With the introduction of iTunes 4.5, Apple modified the restrictions of music obtained from the iTunes Music Store. In particular, you can now burn a specified playlist only seven times (down from ten in the previous iTunes version) and you can listen to the music on a maximum of five computers (up from three in the previous iTunes version).

Page 1033-1034: iTunes 4.5, QuickTime 6.5.1 and protected AAC files. The new versions of iTunes and QuickTime, released as this book went to the printer, contain numerous new features, including iMixes, party shuffles, a lossless encoder, and the ability to print CD inserts. On the negative side, it closes the loophole that allows programs such as Toast to strip the protection from AAC files obtained from the iTunes Music Store. This is the protection that Apple built-in to prevent unrestricted copying of the songs. This means, for example, if you try to burn a AIFF CD via Toast, any protected AAC files will not burn successfully, resulting in a silent gap instead.

Revised: September 26, 2004