Bits on Bytes bits on iphone, programming, and all things tech

Run the following in Terminal, just fill in your company name:

defaults write com.apple.Xcode PBXCustomTemplateMacroDefinitions '{ORGANIZATIONNAME = "Some Company Name"; }'

It’s been almost 10 months since I posted Gmail Feature Request and what do you know? Google answered!

Well, maybe not directly but either way the problem has been fixed! As you can see in the picture on the right, the Gmail navigation column (including the labels) was increased by 23 pixels!

So thanks Google.

We use CAS here at ACU for our single sign-on service and it works great but trying to authenticate with it from an iPhone app can be a little tricky. Luckily the latest versions of CAS server can implement a RESTful protocol which can be used to programatically obtain a Ticket Granting Ticket and subsequent Service Tickets.

I’ve been able to successfully do this in a native iPhone app but the method still needs refinement. I’m posting this to see if anybody else is doing this or knows of a better method. If anyone else is interested I’d be glad to share code, just let me know.

Before you can enable the samba service in SMF the config file needs to be created. Copy /etc/sfw/smb.conf-example to /etc/sfw/smb.conf. Make sure you have lines that look like this:

security = user
passdb backend = tdbsam

That will let you use the Solaris user accounts for samba access. Next set up a share that you’d like to test with. Here’s a simple one I used:

[htdocs]
path = /opt/coolstack/apache2/htdocs
valid users = cjs00c
public = no
writable = yes

Start up the samba service with svcadm enable samba. Now we need to add a user/pass to the samba user database: smbpasswd -a cjs00c. You should be able to connect to your new samba share now.

Just for fun, the samba password database file is located at /etc/sfw/private/passdb.tdb. If you’d like to check it for users you can use:
tdbtool /etc/sfw/private/passdb.tdb
tdb> info
3 records totalling 224 bytes
tdb> dump

key 12 bytes
USER_cjs00c
data 213 bytes
[a whole bunch of encoded data here]

key 13 bytes
INFO/version
data 4 bytes
[000] 03 00 00 00 …

key 13 bytes
RID_000004b0
data 7 bytes
[000] 63 6A 73 30 30 63 00 cjs00c
tdb>

I often disable the GUI login on my Solaris machines for simplicity, so they just sit at the console login prompt. This presents a problem because by default Solaris sends logs to the console via /dev/sysmsg. This means that system errors, kernel and authentication notices are right out there for the world to see. So I like to redirect these logs to a more secure location (and keep my console nice and pretty).

The config file is /etc/syslog.conf. Comment out the line:

*.err;kern.notice;auth.notice                  /dev/sysmsg

by putting a # in front of it, or point to a new file location.

You should notice that most of these messages are being captured by the line below it as well and are being sent to /var/adm/messages. That’s a good place for these logs so leave that. However, it’s not capturing the auth.notice messages. Look a bit further down the file and you’ll see an ‘auth.notice’ line that’s commented out. Uncomment that line (make sure loghost is set in /etc/hosts) and your auth messages should be sent to /var/log/authlog. Which is a much nicer location than the console don’t you think?

User errors are defined further down the file and it also has an entry for logging user errors to /dev/sysmsg so you can comment that out as well if desired.

Boot to the Solaris DVD and at the GRUB menu select Solaris (it’s the default option)

At the next menu choose ‘Solaris Interactive Text’ either desktop or console. I chose #4, the console session because it loads faster.

The installer asks you a few network and configuration questions first. For simplicity I’ll just list my summary:

Networked: Yes
Use DHCP: No
Host name: gibbs
IP address: 150.252.xxx.xxx
System part of a subnet: Yes
Netmask: 255.255.xxx.xxx
Enable IPv6: No
Default Route: Specify one
Router IP Address: 150.252.xxx.xxx
Configure Kerberos Security: No
Name service: DNS
Domain name: acu.edu
Server address(es): 150.252.xxx.xxx
150.252.xxx.xxx
Search domain(s): acu.edu
NFSv4 Domain Name: << Value to be derived dynamically >>
Time zone: Central Time
(US/Central)
Date and time: 2008-11-03 14:14:00

After entering the root password the screen goes blank for a few seconds, some scripts start executing, then the installation screen comes back.

1. Select the “Standard” installation
2. Automatically eject CD/DVD
3. Auto Reboot
4. Accept the license agreement
5. Select any extra regional support
6. Select POSIX C (C)
7. Select None for Web Start products
8. Select ZFS for the filesystem
9. Select Entire Distribution
10. Select disk to install on

Configure the ZFS settings. I changed the swap size to 2G and left everything else default.

ZFS Pool Name: rpool
ZFS Root Dataset Name: s10x_u6wos07b
ZFS Pool Size (in MB): 39214
Size of Swap Area (in MB): 2048
Size of Dump Area (in MB): 1024
Keep / and /var combined

Add remote mounts if you have any and begin installation!

So apparently when I wrote part 1, I completely forgot about the zone configuration - which needs to be done in order to use any networking services.

So to configure the zone you need to log into the zone’s ‘console’ after booting it for the first time.

# zlogin -C myzone

If you don’t see anything hit enter. You should be presented with a terminal choice. After that it should be pretty standard system configuration questions.

Alternatively, this can be automated by creating a sysidcfg file and placing it in /etc

1,376 spam comments I don’t have to deal with.

So if you didn’t quite understand that subject it means this post is about the ACL (access control list) I am using on my CIFS (common internet file system) shared ZFS (zetta file system). I’m fairly new to ACLs myself but Ben Rockwood wrote an extremely helpful post about them, so go check it out!

On to the subject of this post - If you share a ZFS filesystem with CIFS and create new entries from a windows computer (as one might do for a home file server), the resulting entries have zero permissions. For example, this is the ls -l result of a directory and a text file created from a windows system: Read the rest of this entry »

If you were like me and installed the original release of OpenSolaris, it might be time to upgrade. The original release (2008.05) was based on the Solaris Nevada code version 86. The current version of Nevada is 93. The great thing about OpenSolaris is that the changes in Nevada get ported over to the OpenSolaris package server. This means you can easily upgrade to the latest package set with one command: pkg image-update

It gets better! OpenSolaris will even help protect your system by creating an entirely new boot environment and upgrading that. So if something were to not go as expected you could always boot back into your original environment. Read the rest of this entry »