The Mac OS X Keychain

Today, I was trying to restore the contents of System keychain in my Mac OS X.

Luckily, I had a copy of the System.keychain file lying around, so I copied it as /tmp/System.keychain and rebooted my computer in single-user mode [1].

In single-user mode:

mv /tmp/System.keychain /Library/Keychains
exit

However, I found out that System.keychain was being apparently wiped out during boot: the Keychain application shown it was empty instead of containing the expected entries. Looking at /var/log/system.log I found this intriguing log line:

Jan 10 20:46:12 foo _locationd[86]: Recreating System.keychain because it ca
nnot unlock; see /usr/libexec/security-checksystem
Jan 10 20:46:12 foo systemkeychain[79]: done file: /var/run/systemkeychaincheck.done

Turns out that /usr/libexec/security-checksystem just dies die with the following error code: CSSMERR_DL_DATASTORE_ALREADY_EXISTS. I couldn’t find any explanation of what it means.

Turns out that /usr/libexec/security-checksystem is just a shell script, and it contains some very interesting lines:

KEYCHAIN=/Library/Keychains/System.keychain
KEY=/var/db/SystemKey

So, it seems that the System.keychain file is actually protected (encrypted) using a system key which is stored inside /var/db/SystemKey. Fortunately for me, Mac OS X keeps a copy of both the System.keychain and SystemKey files:

ls /var/db/SystemKey*
SystemKey
SystemKey.2013-01-10.20:46:12
...

So, in order to make /usr/libexec/security-checksystem happy, the only thing I had to do is to restore the right SystemKey backup file (which is easily done by looking at the timestamp). After doing this, and also restoring the right version of the System.keychain, I double-checked that /usr/libexec/security-checksystem ran silently. Rebooting the system demonstrated that the System keychain survives the boot process and is not recreated anymore 🙂

[1] To reboot in single-user mode, just hold Command+S during boot.

Advertisements

Reverse scrolling direction in Windows

If you are used to Mac OS X Lion “natural” scrolling behavior, you might be interested in to how to emulate such behavior in Windows.

There is a registry setting named FlipFlopWheel that does allow reversing the scrolling direction, both vertical and horizontal. The exact name of the registry key depends on the HID of the mouse devices and, in computers with multiple input devices, there might be multiple entries.

Look for a key under HKEY_LOCAL_MACHINE that is named like SYSTEMCurrentControlSetEnumHID????????Device Parameters. Change the value for FlipFlopWheel from 0 to 1 to reverse vertical scrolling. In Windows 8, there’s an additional FlipFlopHScroll that allows reversing horizontal scrolling.

Error Configuring db46 – MacPorts

Recently, I could not get db46 to install from Macports:

$ sudo /opt/local/bin/port install db46
...
Error: db46 requires the Java for Mac OS X development headers.
Error: Download the Java Developer Package from:
Error: Target org.macports.configure returned: missing Java headers

The solution consists of creating symbolic link to the installed files:

sudo ln -s /Developer/SDKs/MacOSX10.6.sdk/System/Library/
  Frameworks/JavaVM.framework/Versions/CurrentJDK/Headers 
  /System/Library/Frameworks/JavaVM.framework/
  Versions/CurrentJDK/Headers

How to disable Bonjour in Mac OS X Snow Leopard

From Mac OS X v10.6: Disabling mDNSResponder will disable DNS I found how to disable Bonjour broadcasting without disabling mDNSResponder — because disabling mDNSResponder effectively breaks DNS name resolution.

To disable Bonjour broadcasting, just add:

<string>-NoMulticastAdvertisements</string>

to the array in the ProgramArguments section in System/Library/LaunchDaemons/com.apple.mDNSResponder.plist:

...
        <key>ProgramArguments</key>
        <array>
            <string>/usr/sbin/mDNSResponder</string>
            <string>-launchd</string>
            <string>-NoMulticastAdvertisements</string>
        </array>
...

Google Talk Video might cause up to a 30-second delay while sleeping on Snow Leopard

Currently available version of Google Talk Video plug-in for Mac OS X (1.0.13.1284) might cause up to a 30-second delay while putting the computer to sleep under Snow Leopard.

This has been reported and discussed in the following Apple support thread. In the end, the solution typically requires to uninstall Google Talk Video. The solution was found and reported by Snoop Dogg in that same thread.

Basically, the misbehaving process can be found by running sudo pmset -g log then looking for the process with the highest response time. In my case:

$ sudo pmset -g log
...
 * Domain: applicationresponse.timedout
 - Message: Kernel GoogleTalkPlugin com.apple.powermanagement.applicationrespons
e.timedout 30000 ms
 - Time: 9/2/09 12:42:47 AM GMT+02:00
 - Signature: GoogleTalkPlugin
 - UUID: AD1E9199-B66D-41CB-BF4F-590EF232DE79
 - Result: Noop - Response time (ms): 30000
...

Official Chromium builds for Mac OS X

Recently, the Chromium team has started to provide official builds of Chromium for Mac OS X. Looks to me these builds are just the output of the continuous build process — also known as waterfall.

In any case, these are good news and to me a proof that Chromium for Mac OS X keeps evolving at a fast pace and that it is making very good progress. As a consequence, a few days ago, I switched to Chromium as my main browser (also in Linux) and I must say it feels great so far.

PS: This post was written entirely under Chromium for Mac OS X. No crashes or any strange behavior were experienced.

Chromium for Mac OS X

Chromium is the open source browser developed by Google. The differences between Chromium and Chrome are very minimal. Chrome has custom icons and other parafernalia that, due to licensing issues, can’t be made available in Chromium. Chrome is also available as a binary for Microsoft Windows operating systems, and can be downloaded from the Google Chrome Web site.
Other than that, Chromium is a fully functional browser product that is currently available only as source code. Chromium is available for Windows, Mac OS X and Linux. The Mac OS X and Linux ports are still under heavy development but are becoming more and more usable over time.

For more than a month I’ve been tracking development of Chromium for Mac OS X. I’ve been building and testing Chromium for Mac OS X myself [1] and my general impression is that development pace is pretty fast. For example, yesterday, a mock Preferences dialog box was added. A few days ago, working support for draggable and dettachable tabs was also added (previously it was possible to detach a tab from a window but it was not possible to re-attach it to an existing window).

Overall, the Mac OS X port of Chromium is getting more and more usable and stable. I’m now able to use it for most browsing tasks. The look and feel matches perfectly Aqua but also resembles a lot its Windows counterpart. While it is true there are a few annoyances, like losing the focus on edit controls when switching tabs, or tabs crashing at times when executing a paste operation, they are getting fixed in each iteration. The browser feels extremely fast when compared to Firefox 3.0 and faster than Firefox 3.1, Safari or Safari 4 beta. Heavy and complex Web pages like Google Reader or Google Mail load almost instantly while still looking correct. Some Web pages get rendered slightly different from other browsers. As an example, Google Mail looks slightly different with bigger spacing between lines in the mail thread (main) view and also slightly smaller fonts, but these are very subtle differences that do not affect usability or readability.

I must confess I’m pretty impressed about Chromium. When Google disclosed Chrome and the initial availability for the Windows platform only I was very disappointed. I also thought that it’d take much longer to see a nearly-functional port for Mac OS X or Linux. But I was wrong. It is good to be wrong. Let’s hope the development pace keeps on the same levels 🙂

PS: By the way, this post was written entirely from Chromium in Mac OS X. The tab crashed a couple of times but WordPress has a nice auto-save feature that I really appreciate 😉

[1] http://code.google.com/p/chromium/wiki/MacBuildInstructions