Archive for the ‘Apple & Mac’ Category

How-To fix Sophos Central Endpoint “Installation Failed” on macOS Sierra

Tuesday, October 17th, 2017
Sophos Central Endpoint Installation Failed

“Installation Failed. Contact your computer system administrator or Sophos Technical Support for further assistance.”

If you get this error while trying to (re)install Sophos Endpoint or even Sophos Home and in /var/log/install.log you see something like:

2017-10-17 10:47:56-06 hulk Sophos Bootstrap[5051]: [SMESophosBootstrapAppDelegate.m:1656] System verified 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEInstallController.m:237] Installing saas version 9.6.5 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEInstallController.m:857] Upgrading the "saas" product 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEAggregateInstallStrategy.m:93] "installer.prepare.stopProcesses" success: YES 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMERemoveFilesStrategy.m:110] Removing files belonging to components: [prepare] 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEAggregateInstallStrategy.m:93] "installer.prepare.removeComponents" success: YES 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEAggregateInstallStrategy.m:93] "installer.prepare.removeKeychains" success: YES 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEReceiptClient.m:199] Failed to launch receipt at /Library/Application Support/Sophos/saas/Installer.app/Contents/MacOS/tools/InstallationDeployer. launch path not accessible 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEReceiptClient.m:56] Failed to launch receipt. 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEReceiptClient.m:199] Failed to launch receipt at /Library/Application Support/Sophos/saas/Installer.app/Contents/MacOS/tools/InstallationDeployer. launch path not accessible 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEReceiptClient.m:73] Failed to launch receipt. 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEBuildInstallPlanStrategy.m:115] Failed to connect with receipt 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEAggregateInstallStrategy.m:93] "installer.localPayload.buildPlan" success: NO 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEAggregateInstallStrategy.m:93] "installer.localPayload.cacheManifestComponents" success: NO 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEAggregateInstallStrategy.m:93] "installer.localPayload.remoteRemove" success: NO 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEAggregateInstallStrategy.m:93] "installer.localPayload.createUsersAndGroups" success: NO 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEAggregateInstallStrategy.m:93] "installer.localPayload.installComponents" success: NO 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEAggregateInstallStrategy.m:93] "installer.localPayload.processStart" success: NO 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEAggregateInstallStrategy.m:93] "installer.localPayload.distributeNotifications" success: NO 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEAggregateInstallStrategy.m:93] "installer.writeReceipt" success: NO 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEInstallController.m:467] "installer" success: NO 2017-10-17 10:48:36-06 hulk Sophos Bootstrap[5051]: [SMESophosBootstrapAppDelegate.m:1131] Received failure notification: (1) 2017-10-17 10:48:36-06 hulk Sophos Installer[5087]: [SMEInstallController.m:347] Successfully sent the installer telemetry 2017-10-17 10:48:37-06 hulk Sophos Installer[5087]: [SGCServerAuthenticator.m:159] Server connection successfully validated 2017-10-17 10:48:38-06 hulk Sophos Installer[5087]: [SGCCDFSBroker.m:306] Feedback json file was successfully uploaded (status code: 201). 2017-10-17 10:48:38-06 hulk Sophos Installer[5087]: [SMEInstallController.m:377] Failed to update saas to 9.6.5 2017-10-17 10:48:38-06 hulk Sophos Installer[5087]: [SophosDistantObject.m:219] An exception was encountered while messaging the server: SophosNilProxyException.

a passible cause is that the file "/Library/Application Support/Sophos/saas/Installer.app/Contents/MacOS/tools/InstallationDeployer" permissions are incorrect and the file is not marked as executable as per the cause described on Sophos’ Community blog https://community.sophos.com/products/sophos-home/f/sophos-home-for-mac/89938/sophos-home-not-working-unable-to-uninstall—trapped-by-sophos-what-to-do/326016#326016 to fix the issue run the following commands from the command-line:

cd /Library/Application\ Support/Sophos/saas/Installer.app/Contents/MacOS/tools/
sudo chmod a+x InstallationDeployer

then run the Sophos Antivirus installer again and the process should complete successfully.

How-To unlock MAGIC-SIM stuck in DUAL-MODE (007) on an iPhone 6

Monday, January 12th, 2015

The MAGIC-SIM DUAL-MODE (aka 007 mode) is not working well on any iPhone model.
Once activated it will take away the `STK menu` from your SIM Applications list with no apparent way to roll back to normality. At this point the MAGIC-SIM is practically useless.

The only one to restore the STK menu without the need to use a non-Apple mobile, is very simple by the way, but surely not intuitive (especially because not documented anywhere):

  1. Go to iPhone’s ‘Settings’ application
  2. Enter the ‘Phone’ settings
  3. Edit the ‘My Number’ option: type there 007
  4. The MAGIC-SIM will receive the input and immediately restore the STK menu in the SIM Application list

Enjoy!

 

 

How-To Create An Encrypted DMG File From Command-Line in OSX

Tuesday, May 21st, 2013

You can create an secure encrypted DMG disk image from the command-line in Mac OS X using ‘hdiutil’, type the following instrcution in the Terminal application:

#hdiutil create -encryption AES-256 -fs HFS+ new.dmg -srcfolder /path/to/your/folder
  • Substitute ‘/path/to/your/folder’ with the actual path of the folder containing the files that you want to secure.
  • You can use ‘MS-DOS’ in place of ‘HFS+’ for the FileSystem type. Other formats are available.
  • You can change the encryption type to AES-128

iPhone Replacement Fees: Express Replacement Service

Saturday, November 3rd, 2012

If your iPhone is or is NOT under warranty, Apple still provides the option to replace the device for specific fees, depending on the model.
You will have to pay in any case an ERS Fee (Express Replacement Service fee, like an excess fee for any insurance) an in case your device is not under warranty you will have to pay an Out-Of-Warranty service fee.

Here to follow there is the link to the official Apple support’s Service Answer Center where you can find the table of the detailed fees according to models and warranty status:
http://support.apple.com/kb/index?page=servicefaq&geo=United_Kingdom&product=iphone 

iPad Mini Vs. New iPad (iPad 3): brief comparison

Tuesday, October 23rd, 2012

At my advice the iPad Mini is a shrieked version of the New iPad (aka iPad 3), with a very few differences, some borrowed from the iPad 2.

  1. Mostly significant, and brand new:
    1.  THINNER borders design.
    2. mounts Micro-SIM
    3. uses the ‘Lightning’ connector
  2. The weight is almost the half of the New iPad, 308g against 601g.
  3. The screen is NOT retina
    1. same resolution as the iPad 2: 1024 x 768
    2. 168dpi vs 132dpi of iPad 2 vs 264dpi as New iPad
  4.  the process is the Dual-Core A5 (same as iPad 2) vs the Dual-Core CPU/Quad-Core GPU A5X (New iPad)
  5. ..and of course, the dimension is… MINI

all the other features are the same as the New iPad (iPad 3).

 

Where To Download Workgroup Manager 10.8 for Mac OS X Server 10.8 Mountain Lion

Friday, October 12th, 2012

Workgoup Manager is NO MORE included in OS X Server since the release of Mountain Lion 10.8.

If you want to manager OS X Server Open Directory in the ‘old way’ you will need to download Workgroup Manager 10.8 from this link:

http://support.apple.com/kb/DL1567

How-To Fix Cadaver Showing “WARNING: Untrusted server certificate presented” on Mac OS X

Tuesday, October 2nd, 2012

Here is explained how to compile Cadaver to support root CA certificates with ‘homebrew’ or Mac OS X.

Cadaver is a command line webdav client tool. It’s available on Mac through the ‘homebrew‘ subsystem for OS X.
It has the capability to connect you to webdav services via both http and https protocols, with the same ease you would use a ftp client.

While using ‘cadaver’ to connect to a webdav repository via https (SSL encrypted http), you may experience the odd request from the tool to accept the SSL certificate offered by the site you are connecting to because it is recognised as ‘Untrusted’, although the same certificate is not expired yet and is recognised as trusted by any other tool webdav client you may use (i.e. browsers or graphical tools like Cyberduck). This is the message that will be thrown “WARNING: Untrusted server certificate presented”.

This annoying behaviour prevents you to use ‘cadaver’ in system scripting because it will require a human interaction at any execution.

The reason behind this obvious error, are apparently connected to the fact that ‘cadaver’ relies on the ‘libneon’ libraries to handle the SSL encrypted connections and such libraries, in the instance of OS X, are not able to interact with Certificate Authorities Certificates installed in the system, therefore there are not able to verify the ‘trusted’ status of any certificate they come across.

On a GNU/Linux system showing the same warning,  it’s probably enough to install the ‘ca-certificates’ packager otherwise another possible solution is to recompile the ‘libneon’ libraries making sure to specify the right path to the ‘root CA certificates’ during the configuration.

On a Mac OS X the ‘libneon’ libraries are not available via ‘homebrew’, then installed version of cadaver is using it’s own copy of them. That means we will have to force ‘homebrew’ to recompile an reinstall ‘cadaver’ including a copy of the ‘root CA certificates‘. To do so we will use ‘curl’ sources and modify cadaver’s homebrew formula formula.

You may skip the stage 1 and 2 in case you have already a curl’s certificate bundle installed at/usr/share/curl/curl-ca-bundle.crt

  1. Download and unarchive the Curl sources:
    $ wget http://curl.haxx.se/download/curl-7.22.0.tar.bz2
    $ tar xvjf curl-7.22.0.tar.bz2
  2. Retrive the ‘root CA certificates’ using a script included in curl’s sources directory:
    $ cd curl-7.22.0/lib/ 
    $  ./mk-ca-bundle.pl
  3. Install the ‘root CA certificates’ :
    $ sudo mkdir -p /usr/share/curl/
    $ sudo cp ca-bundle.crt /usr/share/curl/curl-ca-bundle.crt
  4. modify cadaver’s homebrew formula to include the ‘root CA certificates’ during the compilation:
    $ brew edit cadaver

    add this  string  – “–with-ca-bundle=/usr/share/curl/curl-ca-bundle.crt”, – to the ‘def install’ section of the formula (including the double-quotes and the comma), as follow:

    def install

    system “./configure”, “–prefix=#{prefix}”,

    “–with-included-neon”,

    “–with-ca-bundle=/usr/share/curl/curl-ca-bundle.crt”,

    “–with-ssl”

     

  5. Remove the current installation of ‘cadaver’:
    $ brew remove cadaver
  6. Re-Install ‘cadaver’ that will be recompiled with a link to the ‘root CA certificates’:
    $ brew install cadaver

    Mind that the ‘root CA certificates’ will not be hard-coded in ‘cadaver’, only their path will be hardcoded, so DO NOT move the ‘curl-ca-bundle.crt’ from it’s location otherwise you will experience again the ‘WARNING: Untrusted server certificate presented’ issue.

At this point you should be able to use cadaver with https webdav repositories without been requested to accept every single SSL certificate.

 

How-To Downgrade From OS X Mountain Lion 10.8.2 To The Previous Minor Release 10.8.1

Thursday, September 20th, 2012

Long Story Short:
1 – Re-install the base system of OS X Mountain Lion 10.8[.0] over the current System Drive, from a USB stick or NetInstall image.
2 – Apply the 10.8.1 update downloading it from Apple Support page.
or keep reading for more details

[if you like this post, LIKE my page on Facebook and you will receive updates on my future posts.]
Long Story:

To revert to a previous minor release of OS X you MUST first re-install the base major release of the specific OS X version (in our case OS X 10.8) over the current installed system volume. After that you will apply your favourite minor release. You can dowload the dmg archives of any minor release on Apple Support page:

i.e. OS X Mountain Lion Update v10.8.1 http://support.apple.com/kb/DL1571 

Re-installing a previous release (of the same OS X version) on an existing system will overwrite the most recent system updates that you may have applied so far. Without wiping the the current installed system.

It’s NOT considered a dangerous operation, it is even recommended by Apple as a troubleshooting technique.

Mind that it will restore Apple default permissions on OS X system files, overwriting any customised permission that you may have set for other subsitems like homebrew, ruby, MacPorts etc.

To be able to install the base version of the system you have to:

  1. download from the App Store the OS X base installer application:
    for Mountain Lion or Lion do not download the official image from the Mac App Store because it will already include the updates that you probably want to avoid.
    [have you ever heard about Torrent files?]If you are running Lion, you can purchase an official Mac OS X Lion Thumb key.
    If your system is Snow Leopard or any previous version you can use the official CD/DVD discs.
  1. Create a USB Thumb from the installer (10.8[.0])archive following these detailed instructions on iClarified.com:
    http://iclarified.com/entry/index.php?enid=23486Alternatively using the installer archive you can create a NetInstall image for your NetBoot service running on your local OS X Server, as described at Apple Support Page:
    http://support.apple.com/kb/HT4178
    .
    do not user the Mac Recovery pertition, because it would source the installation file from the MacApp Store and it will install the latest version of OS X (10.8.2)
    .
  2. Restart your Mac a boot from the USB drive or from the DVD, and when the installation wizard will ask you to choose where to install OS X you will choose your current system volume (without need to wipe it from it’s content), and start the installation process.

On a Mac the downgrade process of OS X from a minor release to a previous release of the system is the same for every system version.

You can downgrade OS X 10.8.2 to 10.8.1 or 10.8, or you can revert from 10.7.6 to 10.7.5 or 10.7.4 down to 10.7.. and so on for the older releases.

What you can NOT do is to downgrade from a major release to a previous major release of OS X, for instance you can NOT downgrade from any release OS X 10.8.x to any release of OS X 10.7.x and so on for the other previous versions.

 

It is not possible to install OS X Mountain Lion 10.8 on an Asus Eee PC 1005HA

Monday, September 3rd, 2012

The reason why it is not possible to install OS X Mountain Lion 10.8 on an Asus EeePC 1005HA is because it uses the Intel Atom N270 processor that is 32bit only while OS X Mountain Lion  is a full 64 bit operating system only.

In fact it’s possible to find an ‘hackintosh’ version of the OS X Mountain Lion 10.8.1 kernel for Atom support on the OSx86.net project:
http://www.osx86.net/view/3160-mach_kernel_atom_1081.zip.html

but that would be compatible only with the 64bit versions of the Atom processors:
http://en.wikipedia.org/wiki/Intel_atom#64_Bit_Support

Instead, you can follow these instructions to Install Mac OS X Snow Leopard 10.6.7 on the Asus Eee PC 1005HA.

How-To Fix a Bricked OS X Lion System After Thunderbolt Software Update Causes Boot Failure?

Thursday, June 14th, 2012
Listen to me!
Audio MP3

download mp3
Following the WWDC 2012 Apple has released some new system and applications updates for OS X Lion 10.7; one of them is an update for the Thunderbolt port, and unfortunately brings with it a serious bug that may badly corrupt your system generating a Kernel Panic as soon as it start loading the system.

As reported on many tech blogs (like iClarified http://www.iclarified.com/entry/index.php?enid=22556) many users after the update have not been able to re-boot their systems properly reporting Kernel panics, or simply unable to go further the boot menu. Basically the system got stuck, or more precisely BRICKED!

If you possess a MacBook Pro or MacBook Air purchased during the year 2011 or later or in any case if your Mac has a Thunderbolt port, it is advisable not to install the Thunderbolt Software Update for now, hopefully Apple will release a newer and safer update.

In case you have installed the update and your system is bricked reinstalling the whole system is NOT the only solution to fix the problem.

If you have the luck to have a second Mac computer with a firewire port, you can follow the following steps to ripristine your system with a minimal effort:

  1. Start the bricked Mac into TARGET MODE (pressing ‘T’ before the start-up chime).
  2. On a spare Mac, download from Apple website the latest Combo System Update for Lion 10.7.4.
  3. Run the Combo System Update installation and specifying as target the mounted volume of the bricked Mac. <== VERY IMPORTANT

That will fix the installation of unfortunate Mac

Side Effects: Reinstalling the Combo System Update for Lion 10.7.4. will over-write all the Apple updates released after the 9th of May 2012 and you will have to re-run the Software Update application to reinstall them (don’t forget to skip the Thunderbolt Software Update)

I hope this has been helpful for many of you as much as it has been for me.