MacOS operatsioonisüsteemi kasutamine füüsilise MacBook Air M4 arvutiga
Allikas: Imre kasutab arvutit
Mine navigeerimisribaleMine otsikasti
Sissejuhatus
TODO
Apple system level innovations
- XNU hybrid kernel (Mach + BSD + I/O Kit).
- Read-only, sealed root filesystem.
- APFS (snapshots, sealing, native encryption).
- Secure Enclave (separate CPU/resources).
- Cryptographic boot chain (from Boot ROM → kernel → apps).
- System Integrity Protection (SIP).
- Gatekeeper & notarization.
- Launchd (unified service/daemon manager).
- Unified logging & tracing (dtrace, signpost).
- Rosetta + Universal binaries (smooth arch transitions).
- Quartz compositor + Core Animation (graphics pipeline).
- Metal API (low-level GPU abstraction).
Misc
- Aqua
- Quartz
- UTM (qemu-based virtulization)
Väited
- Apple lahendustele on iseloomulik, et sama it shop kontrolli all on nii riistvara kui tarkvara (põhimõtteliselt sarnane olukord nagu kunagi Sun sparc lahendustega)
- macos on pigem threaded orienteeritud lahendus (mitte process-is-single-thread) - märksõnad: Grand Central Dispatch, Operation Queues, Swift Concurrency)
- nn 'giant lock (https://en.wikipedia.org/wiki/Giant_lock)' probleem on macos puhul pigem praktiliselt lahendatud, ju see on sama millest openbsd vabastamisega tegeldakse, nt https://www.openbsd.org/76.html - 'Removed net lock from sysctl(8) net.inet.ip.forwarding, net.inet6.ip6.forwarding, net.inet6.ip6.redirect, net.inet.ip.directed-broadcast.'
Riistvara
TODO
- MacBook Air 13" M4 protsessoriga arvuti
- compute resource - 1. cpu (risc arm), 2. gpu, 3. secure enclave, 4. neural engine
- 16 G ddr5 non-ecc memory - kõik compute resource'id kasutavad sama mälu, st ühisest pool'ist võetakse kasutuseks, ja antakse tagasi jne
- kaks Dell monitori
- kaks thunderbolt 4 kaablit
- Logitech nö 9 eurone pc hiir
- lai apple magic keyboard
- väline andmekandja - SanDisk PRO-G40, https://www.apple.com/shop/mac/accessories/storage?f=thunderbolt3&fh=3783%2B47f6&page=1
- port saver - https://www.delock.com/produkt/66433/merkmale.html
- arvuti puhul ei ole kohta nagu pc arvuti puhul on 'enter bios' või 'enter setup' - ainuke realistlik sisenemiskoht on hoides alla toite nuppu arvuti käivitumise ajal
Väited
- macbookpro, air jt on non-ecc mäluga; mac pro ja mac studio on ecc mäluga
- arvuti on ühendatud ühe monitoriga TB4 kaabli abil
- esimese monitoriga on ühendatud usb klaviatuur ja hiir
- arvuti võrk töötab wifi abil, aga saaks töötada ka monitori rj45 ethernet kaabliga (arvutisse saabub üle thunderbolt neli nö signaali: 1. usb klaviatuur ja hiir, 2. ethenet, 3. video, 4. toide)
- teine monitor on ühendatud esimesega teise TB4 kaabliga nn daisy-chain ühenduses
- tundub, et monitoride pilt on vastuvõetava kvaliteediga ka non-4k režiimis (nt 3008 x 1692)
system_profiler SPHardwareDataType # CPU, memory, model system_profiler SPDisplaysDataType # GPU / monitor info system_profiler SPUSBDataType # USB controllers and devices system_profiler SPThunderboltDataType # Thunderbolt controllers system_profiler SPNetworkDataType # Network interfaces
Näiteks
Imres-MacBook-Air:~ root# system_profiler SPHardwareDataType
Hardware:
Hardware Overview:
Model Name: MacBook Air
Model Identifier: Mac16,12
Model Number: MW0W3KS/A
Chip: Apple M4
Total Number of Cores: 10 (4 performance and 6 efficiency)
Memory: 16 GB
System Firmware Version: 11881.81.2
OS Loader Version: 11881.81.2
Serial Number (system): KGHGX652VT
Hardware UUID: 27AE0C7C-DCC6-5F5C-A133-8F10726347EC
Provisioning UDID: 00008132-001A618E0121801C
Activation Lock Status: Enabled
Imres-MacBook-Air:~ root# system_profiler SPDisplaysDataType
Graphics/Displays:
Apple M4:
Chipset Model: Apple M4
Type: GPU
Bus: Built-In
Total Number of Cores: 8
Vendor: Apple (0x106b)
Metal Support: Metal 3
Displays:
Color LCD:
Display Type: Built-in Liquid Retina Display
Resolution: 2560 x 1664 Retina
Main Display: Yes
Mirror: Off
Online: Yes
Automatically Adjust Brightness: Yes
Connection Type: Internal
DELL U2725QE:
Resolution: 6016 x 3384
UI Looks like: 3008 x 1692 @ 120.00Hz
Mirror: Off
Online: Yes
Rotation: Supported
Neural Engine
TODO
- On-device machine learning
- Siri's voice recognition
- Image analysis in Photos
- Real-time video processing in apps like FaceTime
Misc OS
- cpu instructions - toimuvad kernel -> cpu vahel
- syscalls - toimuvad rakendustarkvara -> kernel vahel
- ei ole user-space-syscall'isid - kõik syscallid on nö kernel-space-syscall'd ehk lihtsalt syscall'id
- macos ei ole real-time operating system
- macos puhul on realiseeritud preemtion st ka tundlike kerneli kihi tegevuste puhul on võimalik teha nö katkestusi-tagasipöördumisi
- ei ole sellist storage-io lahenduste mitmekesisust nagu on linux puhul (nt io-uring, libaio) - nimetatakse 'Dispatch I/O'
- ei ole sellist network-io lahenduste mitmekesisust nagu on linux puhul (nt dpdk) - nimetatakse 'Network Framework'
- dpdk, rdma jms puudub kuna macos puhul tegevused käivad läbi kernel selleks, et toimuv oleks maksimaalselt kontrolli all (toimub kernel by-pass)
- tcp-offload jms siiski on kasutusel - kernel kontrollib siis ikkagi toimivat piisavalt
Palju on https://www.openbsd.org/innovations.html nimekirjast olemas macos puhul, kas otseselt või siis kontseptuaalselt, aga implementatsioon on macos juhtumile iseloomulik
- OpenBSD: retguard uses a unique XOR-based canary on a function's return address to prevent a specific type of buffer overflow attack (ROP).
- macOS: macOS does not have a feature called retguard. However, the same concept is implemented by Apple's Clang compiler. macOS has used stack canaries (or stack cookies) for years, which are values placed on the stack to detect if the return address has been overwritten. Both systems use different implementations to solve the same problem.
- OpenBSD: pledge is a security mechanism where a program "pledges" to only use a limited set of system calls. If it tries to make a syscall outside of its "pledge," the program is killed.
- macOS: macOS does not have a pledge equivalent. The concept is not present in the same form. Instead, macOS uses sandboxing, which is a more comprehensive and declarative security model. Sandboxing restricts an application's access to files, network connections, and system resources based on a detailed set of rules (called entitlements) defined in a profile, which is part of the application itself. It's a different, but arguably more powerful, approach to the same problem.
- OpenBSD: W^X is a fundamental security policy that ensures a memory page is either writable or executable, but not both.
- macOS: This concept is directly implemented and has been a core security feature of macOS for many years. It is an integral part of the kernel and is enforced on all applications, making it impossible for an attacker to write shellcode to a memory page and then execute it.
- OpenBSD has long been a pioneer in security, and its implementation of ASLR is a core part of its "secure by default" philosophy.
- macOS introduced ASLR in Mac OS X Leopard (10.5) and has since continuously improved and strengthened it with each new release. Today, ASLR on macOS is a mandatory security feature for all modern applications.
- OpenBSD relinking
- Randomizing per-process: Instead of a single, system-wide reordering at boot, dyld randomizes the base addresses of shared libraries for every single process that is launched.
- Using a shared cache: To speed up program loading, macOS bundles commonly used system libraries into a single large file called the dyld_shared_cache. The location of this entire cache in memory is randomized at boot, and all processes then use this randomized location.
User mode vs Kernel mode
Väited
- User mode ja Kernel mode on kaks erinevat protsessori olekut
- esimesel puhul käitub arvuti nagu nö loogiline-masin, teisel juhul nagu riistvaraline-masin
- kontseptuaalselt võiks ette kujutada, et arvutis on kaks protsessorit - üks on pidevalt füüsilises ja teine loogilises olekus
- loogilist laadi tegevusteks on nt protsessi mällu laaditud mälu abil andmete sorteerimine, st kõik tegevused on taandatud matemaatikaks
- füüsilist laadi tegevusteks on nt võrku andmete saatmine, või plokkseadmelt andmete lugemine
Seadme draiver
Ettekujutuseks on nvme storage seade. Selleks, et andmed jõuaksid füüsilise plokkseadme pealt ühe user-space protsessi mällu nt postgresql andmebaas, liiguvad andmed läbi sellistest lõikudest koosneva teekonna
plokkseade
control plain peal toimuv käsu tulemusel -> plokkseadmega seostatud fragment arvuti rom mälust
-> cpu kopeerib andmed oma registrite abil user-space mällu
..
alt-grab - BetterTouchTool (BTT)
Tööpõhimõte
Tegevuse eesmärk on alt-grab kasutamine akna asukohta muutmiseks ja akna suuruse muutmiseks. Linux desktop (gnome, xfce4 jt) puhul paistab see olevat tavaline, et akna asukoha muutmiseks ei pea tingimata haarama hiire vasaku nupuga akna tiitelribast ja siis vedama; või akna suuruse muutmiseks haarama hiire vasaku nupuga täpselt nurgast või servast ja siis vedama. Piisab hoida vasakut alt klahvi all ja haarata kuskilt akna seest hiire vasaku nupuga ning vedada; või hoida vasakut alt klahivi all ja haarata akna seest nurga lähedusest hiire parema nupuga ning vedada.
BTT kopeerimine ja paigaldamine
Väited
- https://folivora.ai/
- tundub, et BTT on usaldusväärne tarkvara (nt https://www.macworld.com/article/551700/mac-gems-bettertouchtool-review.html)
- BetterTouchTool ei ole tasuta tarkvara
- BetterTouchTool ei ole kõige parem lahendus nn alt-drag jaoks, aga paistab, et paremat ka pole (ja tundub, et ei saa olla kuna MacOS nö sisemiselt eriti ei võimalda alt-drag laadi tegevusi)
- BTT abil saab akna suurust muuta ainult paremas alumises nurgas
- akent ei saa ekraanilt osaliselt välja suruda üles suunas (nt alla saab)
- tundub, et paigaldamisel antakse rakendusele rikkalikult privileege
Seadistamine
Tööpõhimõte
- seadistatakse nö 'Top Level Trigger' väärtusega 'Leftclick + left alt + mouse down', millele vastab tegevus (action) 'Start Moving Windows'
- seadistatakse nö 'Top Level Trigger' väärtusega 'Leftclick + left alt + mouse up', millele vastab tegevus 'Stop Moving Windows'
- seadistatakse nö 'Top Level Trigger' väärtusega 'Rightclick + left alt + mouse down', millele vastab tegevus 'Start Resizing'
- seadistatakse nö 'Top Level Trigger' väärtusega 'Rightclick + left alt + mouse up', millele vastab tegevus 'Stop Resizing'
alt-drag seadistamine paistab selliselt, rightclick triggeri ja vastava tegevuse (action) kirjeldamine, basic
kus
- valitud programmid on For All Apps st kirjeldatavad võimed tekivad kõigi programmide akendele
- valitud seade on Normal Mouse (mitte magic mouse)
- on valitud ka modifer - opt (magic keyboard klahv 'option')
ning advanced
kus
- Trigger Conditions - Trigger on Mouse Down (vaikimisi)
Analoogselt kirjeldatakse ülejäänud triggerid ja tegevused - seejuures tuleb kindlasti valida modifier, vastasel korral võib olla väga halb kasutuskogemus kuna hiire vasaku klahvi nö tavaline töö on häiritud).
Kasutamine
Kasutamine paistab välja natuke puudulikumalt kui linux desktop keskkonnas
- suurust saab muuta vaid alumist paremat nurka sisse või väljapoole surudes (linux all saab tegeleda igas nurgas)
- asukohta saab muuta kuid see mõjub fookuses olevale aknale (vahel on see üsna nö eba kogemus, et hiir on mitte fookuses oleva akna kohal ja kõrval oleva akna asukoht muutub)
- tegelemise ajal on aken nö täidetud (linux all saab valida kas aken paistab nö täidetuna või wireframe'ina)
Kasulikud lisamaterjalid
iterm2
TODO
timemachine
Tööpõhimõte
TODO
- võrgus failiserver
- võrgus avahi vms server
- macos süsteem
Ettevalmistamine
Väited
- tundub, et macos webgui kaudu ei õnnestu samba põhist tm lahendust ära seadistada, tuleb toimetada käsurealt (hüpotees on, et kuna cifs failisüsteemi monteerimisel Finder abil tekib .DS_Store vms faile automaatselt share peale, siis see eksitab tm lahendust
Samba serveri ettevalmistamine, Debian v. 12 (samba v. 4.17)
# apt-get install --no-install-recommends samba # apt-get install samba-vfs-modules # cat /etc/samba/smb.conf [global] client min protocol = SMB3 client max protocol = SMB3 workgroup = MORAALCIFS dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 panic action = /usr/share/samba/panic-action %d server role = standalone server [timemachine] path = /zpool_wdc/timemachine/ browsable =yes writable = yes guest ok = no valid users = timemachine smb encrypt = required vfs objects = catia fruit streams_xattr fruit:metadata = stream fruit:resource = file fruit:time machine = yes fruit:time machine max size = 500G
käivitamine
# systemctl restart smbd
Varundatava arvuti ettevalmistamine
Imres-MacBook-Air:~ root# tmutil setdestination "smb://timemachine:parool@192.168.10.168/timemachine" Imres-MacBook-Air:~ root# tmutil destinationinfo ==================================================== Name : timemachine Kind : Network URL : smb://timemachine@192.168.10.168/timemachine ID : 2E3ED96D-4626-4D55-BDD5-A0ED6CDDF973
Varunduse käivitamine
Imres-MacBook-Air:~ root# tmutil startbackup --auto Imres-MacBook-Air:~ root# log stream --predicate 'process == "backupd"' --info
ning
Imres-MacBook-Air:~ root# df -h Filesystem Size Used Avail Capacity iused ifree %iused Mounted on /dev/disk3s1s1 228Gi 15Gi 157Gi 9% 412k 1.6G 0% / devfs 205Ki 205Ki 0Bi 100% 709 0 100% /dev /dev/disk3s6 228Gi 20Ki 157Gi 1% 0 1.6G 0% /System/Volumes/VM /dev/disk3s2 228Gi 12Gi 157Gi 8% 1.3k 1.6G 0% /System/Volumes/Preboot /dev/disk3s4 228Gi 692Mi 157Gi 1% 301 1.6G 0% /System/Volumes/Update /dev/disk1s2 500Mi 6.0Mi 482Mi 2% 1 4.9M 0% /System/Volumes/xarts /dev/disk1s1 500Mi 5.8Mi 482Mi 2% 35 4.9M 0% /System/Volumes/iSCPreboot /dev/disk1s3 500Mi 1.6Mi 482Mi 1% 95 4.9M 0% /System/Volumes/Hardware /dev/disk3s5 228Gi 42Gi 157Gi 22% 579k 1.6G 0% /System/Volumes/Data map auto_home 0Bi 0Bi 0Bi 100% 0 0 - /System/Volumes/Data/home /dev/disk3s1 228Gi 15Gi 157Gi 9% 426k 1.6G 0% /System/Volumes/Update/mnt1 /dev/disk3s3 228Gi 1.9Gi 157Gi 2% 76 1.6G 0% /Volumes/Recovery //timemachine@192.168.10.168/timemachine 500Gi 20Gi 480Gi 5% 21M 503M 4% /Volumes/.timemachine/192.168.10.168/CEF57214-AE85-44D1-86EB-D0D69E41EA1C/timemachine /dev/disk5s1 15Ti 20Gi 480Gi 4% 383k 5.0G 0% /Volumes/Backups of Imre’s MacBook Air com.apple.TimeMachine.2025-09-05-012346.local@/dev/disk3s5 228Gi 42Gi 157Gi 22% 579k 1.6G 0% /Volumes/com.apple.TimeMachine.localsnapshots/Backups.backupdb/Imre’s MacBook Air/2025-09-05-012346/Data Imres-MacBook-Air:~ root#
Tulemusena
Imres-MacBook-Air:~ root# tmutil listbackups /Volumes/.timemachine/E66ECC48-9693-41FB-82C4-3860C334D43D/2025-09-05-014511.backup/2025-09-05-014511.backup /Volumes/.timemachine/E66ECC48-9693-41FB-82C4-3860C334D43D/2025-09-05-015533.backup/2025-09-05-015533.backup
ning
Imres-MacBook-Air:~ root# tmutil listlocalsnapshots / Snapshots for volume group containing disk /: com.apple.TimeMachine.2025-09-05-012346.local com.apple.TimeMachine.2025-09-05-015510.local com.apple.os.update-35F83766A7728F08A2DF1CFD45DF39CAB4C00F8C1A4A0DBECD314305426E5C549569F373D02B15DDC5C3E22E8E9D0A2F com.apple.os.update-4278EFCBF37708F6ABE958C2E59447D754411B4697E4891DE3D58BC37F433306 com.apple.os.update-MSUPrepareUpdate
Kasutamine - üksiku faili taastamine
TODO
Kasutamine - süsteemi taastamine
TODO
Storage
Mõisted
- Seal
- Secure Enclave
- FileVault
- Volume Group
Tööpõhimõte
- füüsiline salvestusseade on jaotatud partitsioonideks
- partitsioonile vastab nn konteiner
- konteinerile vastab midagi lvm volume group või zfs pool laadset
- konteineris sisaldub hulk volume'eid
- volumile vastab failisüsteem (apfs - apple file system)
- sama konteineri sees asuvad failisüsteemid opereerivad sama jagatud vaba ruumi tingimustes
Imres-MacBook-Air:~ root# diskutil list
/dev/disk0 (internal, physical):
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *251.0 GB disk0
1: Apple_APFS_ISC Container disk1 524.3 MB disk0s1
2: Apple_APFS Container disk3 245.1 GB disk0s2
3: Apple_APFS_Recovery Container disk2 5.4 GB disk0s3
/dev/disk3 (synthesized):
#: TYPE NAME SIZE IDENTIFIER
0: APFS Container Scheme - +245.1 GB disk3
Physical Store disk0s2
1: APFS Volume Macintosh HD 16.0 GB disk3s1
2: APFS Snapshot com.apple.os.update-... 16.0 GB disk3s1s1
3: APFS Volume Preboot 13.1 GB disk3s2
4: APFS Volume Recovery 2.1 GB disk3s3
5: APFS Volume Data 45.9 GB disk3s5
6: APFS Volume VM 20.5 KB disk3s6
ning
Imres-MacBook-Air:~ root# df -h Filesystem Size Used Avail Capacity iused ifree %iused Mounted on /dev/disk3s1s1 228Gi 15Gi 156Gi 9% 412k 1.6G 0% / devfs 205Ki 205Ki 0Bi 100% 713 0 100% /dev /dev/disk3s6 228Gi 20Ki 156Gi 1% 0 1.6G 0% /System/Volumes/VM /dev/disk3s2 228Gi 12Gi 156Gi 8% 1.3k 1.6G 0% /System/Volumes/Preboot /dev/disk3s4 228Gi 692Mi 156Gi 1% 301 1.6G 0% /System/Volumes/Update /dev/disk1s2 500Mi 6.0Mi 482Mi 2% 1 4.9M 0% /System/Volumes/xarts /dev/disk1s1 500Mi 5.8Mi 482Mi 2% 35 4.9M 0% /System/Volumes/iSCPreboot /dev/disk1s3 500Mi 1.6Mi 482Mi 1% 95 4.9M 0% /System/Volumes/Hardware /dev/disk3s5 228Gi 43Gi 156Gi 22% 582k 1.6G 0% /System/Volumes/Data map auto_home 0Bi 0Bi 0Bi 100% 0 0 - /System/Volumes/Data/home /dev/disk3s1 228Gi 15Gi 156Gi 9% 426k 1.6G 0% /System/Volumes/Update/mnt1 /dev/disk3s3 228Gi 1.9Gi 156Gi 2% 76 1.6G 0% /Volumes/Recovery com.apple.TimeMachine.2025-09-05-012346.local@/dev/disk3s5 228Gi 42Gi 156Gi 22% 579k 1.6G 0% /Volumes/com.apple.TimeMachine.localsnapshots/Backups.backupdb/Imre’s MacBook Air/2025-09-05-012346/Data com.apple.TimeMachine.2025-09-05-015510.local@/dev/disk3s5 228Gi 42Gi 156Gi 22% 579k 1.6G 0% /Volumes/com.apple.TimeMachine.localsnapshots/Backups.backupdb/Imre’s MacBook Air/2025-09-05-015510/Data
Juurika suhtes ressursid
Imres-MacBook-Air:/ root# ls -lO / total 10 lrwxr-xr-x 1 root admin - 36 Jan 15 2025 .VolumeIcon.icns -> System/Volumes/Data/.VolumeIcon.icns ---------- 1 root admin - 0 Jan 15 2025 .file drwxr-xr-x 2 root wheel - 64 Jan 15 2025 .nofollow drwxr-xr-x 2 root wheel - 64 Jan 15 2025 .resolve drwxr-xr-x 2 root wheel hidden 64 Jan 15 2025 .vol drwxrwxr-x 16 root admin sunlnk 512 Sep 5 12:56 Applications drwxr-xr-x 66 root wheel sunlnk 2112 Sep 3 21:05 Library drwxr-xr-x@ 10 root wheel restricted 320 Jan 15 2025 System drwxr-xr-x 5 root admin sunlnk 160 Sep 2 22:41 Users drwxr-xr-x 6 root wheel hidden 192 Sep 7 11:57 Volumes drwxr-xr-x@ 39 root wheel restricted,hidden 1248 Jan 15 2025 bin drwxr-xr-x 2 root wheel hidden 64 Jan 15 2025 cores dr-xr-xr-x 4 root wheel hidden 5047 Sep 5 01:14 dev lrwxr-xr-x@ 1 root wheel restricted,hidden 11 Jan 15 2025 etc -> private/etc lrwxr-xr-x 1 root wheel hidden 25 Sep 5 01:14 home -> /System/Volumes/Data/home drwxr-xr-x 2 root wheel hidden 64 Jan 15 2025 opt drwxr-xr-x 6 root wheel sunlnk,hidden 192 Sep 5 01:14 private drwxr-xr-x@ 77 root wheel restricted,hidden 2464 Jan 15 2025 sbin lrwxr-xr-x@ 1 root wheel restricted,hidden 11 Jan 15 2025 tmp -> private/tmp drwxr-xr-x@ 11 root wheel restricted,hidden 352 Jan 15 2025 usr lrwxr-xr-x@ 1 root wheel restricted,hidden 11 Jan 15 2025 var -> private/var
kus
- sunlnk - apfs lahendusele iseloomulik nn sünteetline link (teine variatsioon on firmlink)
- /private sisuks on tegelikult volume /System/Volumes/Data
- / on unionfs laadne lahendus, st kokku on kogutud erinevad ressrussid, mõned on read-only, mõned on read-write
- / endale vastav /dev/disk3s1s1 on /dev/disk3s1 read-only apfs snapshot - sedasi on väga madalas kihis tagatud süsteemi osa immutability
ning
Imres-MacBook-Air:~ root# diskutil apfs list
APFS Containers (3 found)
|
+-- Container disk3 71D88332-123F-4F15-99AA-FDD26D7118F7
====================================================
APFS Container Reference: disk3
Size (Capacity Ceiling): 245107195904 B (245.1 GB)
Capacity In Use By Volumes: 77898416128 B (77.9 GB) (31.8% used)
Capacity Not Allocated: 167208779776 B (167.2 GB) (68.2% free)
|
+-< Physical Store disk0s2 F202FF0C-8102-4C98-8DEA-BFC6BE9C61B4
| -----------------------------------------------------------
| APFS Physical Store Disk: disk0s2
| Size: 245107195904 B (245.1 GB)
|
+-> Volume disk3s1 9D894F4B-1ADA-47A9-9864-CECA47F5CC54
| ---------------------------------------------------
| APFS Volume Disk (Role): disk3s1 (System)
| Name: Macintosh HD (Case-insensitive)
| Mount Point: /System/Volumes/Update/mnt1
| Capacity Consumed: 15970652160 B (16.0 GB)
| Sealed: Broken
| FileVault: Yes (Unlocked)
| Encrypted: No
| |
| Snapshot: E4EE5A50-F503-4DC3-BB9E-6C3EF76A9105
| Snapshot Disk: disk3s1s1
| Snapshot Mount Point: /
| Snapshot Sealed: Yes
|
+-> Volume disk3s2 5C7FF5F7-C059-4568-879D-AEE09DB60CF7
| ---------------------------------------------------
| APFS Volume Disk (Role): disk3s2 (Preboot)
| Name: Preboot (Case-insensitive)
| Mount Point: /System/Volumes/Preboot
| Capacity Consumed: 13066547200 B (13.1 GB)
| Sealed: No
| FileVault: No
|
+-> Volume disk3s3 8A6ADAED-7C32-4DFB-8731-005DA53BB3FF
| ---------------------------------------------------
| APFS Volume Disk (Role): disk3s3 (Recovery)
| Name: Recovery (Case-insensitive)
| Mount Point: /Volumes/Recovery
| Capacity Consumed: 2082414592 B (2.1 GB)
| Sealed: No
| FileVault: No
|
+-> Volume disk3s5 53270D80-303A-47F4-83DE-D2B9228E9FC7
| ---------------------------------------------------
| APFS Volume Disk (Role): disk3s5 (Data)
| Name: Data (Case-insensitive)
| Mount Point: /System/Volumes/Data
| Capacity Consumed: 45915893760 B (45.9 GB)
| Sealed: No
| FileVault: Yes (Unlocked)
|
+-> Volume disk3s6 5B9AA026-E765-4922-BFEA-B48FD11A79C6
---------------------------------------------------
APFS Volume Disk (Role): disk3s6 (VM)
Name: VM (Case-insensitive)
Mount Point: /System/Volumes/VM
Capacity Consumed: 20480 B (20.5 KB)
Sealed: No
FileVault: No
iostat esitab ainult füüsiliste seadmete kohta info, huvitaval kombel ka time machine lahendusele vastava seadme (disk4) oma
imreoolberg@Imres-MacBook-Air ~ % iostat 5
disk0 disk4 cpu load average
KB/t tps MB/s KB/t tps MB/s us sy id 1m 5m 15m
17.03 37 0.61 52.37 0 0.00 3 1 96 1.12 1.52 1.63
6.17 7 0.04 0.00 0 0.00 2 1 97 1.11 1.51 1.63
4.00 2 0.01 0.00 0 0.00 1 1 98 1.11 1.51 1.63
...
Automaatse monteerimise vältimine
Imres-MacBook-Air:~ root# diskutil info "/Volumes/macOS Restored" | grep "Volume UUID" Volume UUID: CB4A4A81-A9EE-471D-90CA-7A116C740AC6 Imres-MacBook-Air:~ root# diskutil info "/Volumes/macOS Restored - Data" | grep "Volume UUID" Volume UUID: 6AB10166-A262-4E22-8FE6-0D5C97C731FB Imres-MacBook-Air:~ root# vifs Imres-MacBook-Air:~ root# cat /etc/fstab # # Warning - this file should only be modified with vifs(8) # # Failure to do so is unsupported and may be destructive. # UUID=6AB10166-A262-4E22-8FE6-0D5C97C731FB none apfs rw,noauto UUID=CB4A4A81-A9EE-471D-90CA-7A116C740AC6 none apfs rw,noauto
Vastasel korral süsteem otsib teiselt volume'ilt ka nt Applicationid üles
Kopeerimine failisüsteemis
Imres-MacBook-Air:~ root# ditto /Applications/Yubico\ Authenticator.app/ /Users/imreoolberg/Documents/Yubico\ Authenticator.app/
Finder GUI liidesega programm.
USB pulk abil apsf opereerimine, volume lisamine
Imres-MacBook-Air:~ root# diskutil eraseDisk APFS "USBTEST" /dev/disk4 Imres-MacBook-Air:~ root# diskutil apfs unlockVolume /dev/disk5s4 Imres-MacBook-Air:~ root# diskutil apfs addVolume disk5 APFS volume-05 Will export new APFS Volume "volume-05" from APFS Container Reference disk5 Started APFS operation on disk5 Preparing to add APFS Volume to APFS Container disk5 Creating APFS Volume Created new APFS Volume disk5s5 Mounting APFS Volume Setting volume permissions Disk from APFS operation: disk5s5 Finished APFS operation on disk5 Imres-MacBook-Air:~ root# diskutil unmount /dev/disk5s5 Volume volume-05 on disk5s5 unmounted Imres-MacBook-Air:~ root# diskutil mount /dev/disk5s5 Volume volume-05 on /dev/disk5s5 mounted Imres-MacBook-Air:~ root# diskutil apfs deleteVolume /dev/disk5s4 Started APFS operation Deleting APFS Volume from its APFS Container Unmounting disk5s4 Erasing any xART session referenced by 9AC9146E-455D-45BA-99EC-3FE32D2CE59B Deleting Volume Removing any Preboot and Recovery Directories Finished APFS operation
Konteinerid ja volume'id
Imres-MacBook-Air:~ root# df -h | grep part- | sort /dev/disk5s1 1.9Gi 1.0Mi 1.9Gi 1% 109 19M 0% /Volumes/part-01-volume-01 /dev/disk6s1 3.7Gi 1.0Mi 3.7Gi 1% 109 39M 0% /Volumes/part-02-volume-01 /dev/disk7s1 11Gi 1.0Mi 11Gi 1% 113 119M 0% /Volumes/part-03-volume-01 /dev/disk8s1 12Gi 992Ki 11Gi 1% 105 120M 0% /Volumes/part-04-volume-01 /dev/disk8s2 12Gi 988Ki 11Gi 1% 105 120M 0% /Volumes/part-04-volume-02 /dev/disk8s3 12Gi 1.0Mi 11Gi 1% 105 120M 0% /Volumes/part-04-volume-03
ning
Imres-MacBook-Air:~ root# diskutil list disk4 /dev/disk4 (external, physical): #: TYPE NAME SIZE IDENTIFIER 0: GUID_partition_scheme *30.8 GB disk4 1: EFI EFI 209.7 MB disk4s1 2: Apple_APFS Container disk5 2.0 GB disk4s2 3: Apple_APFS Container disk6 4.0 GB disk4s3 4: Apple_APFS Container disk7 12.2 GB disk4s4 5: Apple_APFS Container disk8 12.4 GB disk4s5
kus
- füüsiline ketas on /dev/disk4
- füüsilise ketta partitsioonid on konteinerid /dev/disk5, /dev/disk6 jne
- konteinerite sees on volume'id, nt disk8 sees on kolm tükki, s1, s2 ja s3
ning
kus
- TODO
Failide arhiveerime ja kopeerimine süsteemist välja
imreoolberg@Imres-MacBook-Air ~ % ditto -ck --sequesterRsrc /Users/imreoolberg /Volumes/imre-data-01/users-imreoolberg.zip
Launchd kasutamine
Imres-MacBook-Air:/ root# cat /Library/LaunchDaemons/com.myname.addroute.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.myname.addroute</string>
<key>ProgramArguments</key>
<array>
<string>/sbin/route</string>
<string>-n</string>
<string>add</string>
<string>192.0.2.1/32</string>
<string>192.168.64.2</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
käivitamiseks
Imres-MacBook-Air:/ root# launchctl load /Library/LaunchDaemons/com.myname.addroute.plist
tulemusena
Imres-MacBook-Air:/ root# netstat -nr | grep 192.0. 192.0.2.1/32 192.168.64.2 UGSc bridge100
Ta on olemas globaalses launched listis
Imres-MacBook-Air:/ root# launchctl list | grep myn - 0 com.myname.addroute
Põhimõtteliselt peaks töötama ka unload, aga antud juhul ei oma see toimet selle konkreetse nähtuse one-shot olemuse tõttu
Imres-MacBook-Air:/ root# launchctl unload /Library/LaunchDaemons/com.myname.addroute.plist
Cron
TODO
Imres-MacBook-Air:~ root# plutil -p /System/Library/LaunchDaemons/com.apple.tmp_cleaner.plist
{
"Label" => "com.apple.tmp_cleaner"
"LowPriorityIO" => 1
"Nice" => 1
"ProgramArguments" => [
0 => "/usr/libexec/tmp_cleaner"
]
"StartCalendarInterval" => {
"Hour" => 0
}
}
Virtualiseerimine
Süsteemis kirjeldatud virtuaalsed arvutid
Imres-MacBook-Air:/ root# /System/Volumes/Data/Applications/UTM.app/Contents/MacOS/utmctl list UUID Status Name DE2A3E49-B049-40F9-9D79-3C1448B446C9 started vm-deb13-01
Virtuaalse arvuti virtuaalne plokkseade
Imres-MacBook-Air:/ root# du -sh /Users/imreoolberg/Library/Containers/com.utmapp.UTM/Data/Documents/vm-deb13-01.utm/Data/2BBCF278-9AA7-4741-95B5-1886EC71C110.qcow2 5.9G /Users/imreoolberg/Library/Containers/com.utmapp.UTM/Data/Documents/vm-deb13-01.utm/Data/2BBCF278-9AA7-4741-95B5-1886EC71C110.qcow2
Virtuaalsele arvutile vastav võrgundus
Imres-MacBook-Air:/ root# ifconfig bridge100 bridge100: flags=8a63<UP,BROADCAST,SMART,RUNNING,ALLMULTI,SIMPLEX,MULTICAST> mtu 1500 options=3<RXCSUM,TXCSUM> ether fa:73:df:a0:51:64 inet 192.168.64.1 netmask 0xffffff00 broadcast 192.168.64.255 inet6 fe80::f873:dfff:fea0:5164%bridge100 prefixlen 64 scopeid 0x19 inet6 fda5:2ff0:49ee:6d45:14d7:6e80:6b22:c592 prefixlen 64 autoconf secured Configuration: id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0 maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200 root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0 ipfilter disabled flags 0x0 member: vmenet0 flags=3<LEARNING,DISCOVER> ifmaxaddr 0 port 24 priority 0 path cost 0 Address cache: 5e:7f:36:30:6b:51 Vlan1 vmenet0 1161 flags=0<> nd6 options=201<PERFORMNUD,DAD> media: autoselect status: active Imres-MacBook-Air:/ root# ifconfig vmenet0 vmenet0: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 ether b2:7a:48:40:de:47 media: autoselect status: active
Võrk
ipv4 ruutingutabeli esitamine
Imres-MacBook-Air:~ root# netstat -nr -f inet Routing tables Internet: Destination Gateway Flags Netif Expire default 192.168.134.77 UGScg en0 127 127.0.0.1 UCS lo0 127.0.0.1 127.0.0.1 UH lo0 169.254 link#12 UCS en0 ! 192.168.134 link#12 UCS en0 ! 192.168.134.2/32 link#12 UCS en0 ! 192.168.134.77/32 link#12 UCS en0 ! 192.168.134.77 64:d1:54:a7:cc:99 UHLWIir en0 1199 192.168.134.255 ff:ff:ff:ff:ff:ff UHLWbI en0 ! 224.0.0/4 link#12 UmCS en0 ! 224.0.0.251 1:0:5e:0:0:fb UHmLWI en0 255.255.255.255/32 link#12 UCS en0 !
Võrk - bluetooth
Kuigi 2025 aastal müüdavate Apple Magic Keyboard puhul paljuski väljendatakse, et nad on kasutatavad wireless režiimis ja jääb mulje, et ainult nii, siis osutub, et tegelikult neil on toiteks mõeldud usb kaabel usb siiski ka andmevahetuseks võimaline. non-radio kasutamiseks
- system setting - bluetooth osakonnas lülitada välja bluetooth terviklikult, näiteks
- klaviatuur jätkab töötamist
Võrk - wireless
Imres-MacBook-Air:/ root# wdutil info | head -n 44
————————————————————————————————————————————————————————————————————
NETWORK
————————————————————————————————————————————————————————————————————
Primary IPv4 : en0 (Wi-Fi / 9B1345E5-7303-47E8-9C98-5C1D150E7921)
: 192.168.134.2
Primary IPv6 : None
DNS Addresses : 8.8.8.8
Apple : Reachable
————————————————————————————————————————————————————————————————————
WIFI
————————————————————————————————————————————————————————————————————
MAC Address : <redacted> (hw=<redacted>)
Interface Name : en0
Power : On [On]
Op Mode : STA
SSID : <redacted>
BSSID : <redacted>
RSSI : -80 dBm
CCA : 11 %
Noise : -96 dBm
Tx Rate : 24.0 Mbps
Security : WPA2 Personal
PHY Mode : 11g
MCS Index : 0
Guard Interval : 800
NSS : 0
Channel : 2g1/20
Country Code : EE
Scan Cache Count : 1
NetworkServiceID : 9B1345E5-7303-47E8-9C98-5C1D150E7921
IPv4 Config Method : DHCP
IPv4 Address : 192.168.134.2
IPv4 Router : 192.168.134.77
IPv6 Config Method : Automatic
IPv6 Address : fe80::4e5:1ca6:3b6c:4355
IPv6 Router : None
DNS : 8.8.8.8
BTC Mode : Off
Desense :
Chain Ack : []
BTC Profile 2.4GHz : Disabled
BTC Profile 5GHz : Disabled
Sniffer Supported : YES
Supports 6e : Yes
SSH kaugligipääs
TODO
Tarkvara haldus
Üldiselt tekib tarkvara macos süsteemi kolmest allikast
- süsteemne tarkvara - nö süsteemi enda paigaldamise tagajärel, nt Safari brauser
- App Store - apple.com standardne viis tarkvara levitada, nt Yubico Authenticator
- tootja levitab - igasugused huvilised, ausama ja vähem ausamad levitavad .dmg formaadis tõmmist oma veebikohas/repos/jms - nt BetterTouchTool
Tarkvara paigaldamisel võiks eelistada App Store lahendust võimalusel
- tarkvara on läbinud teatud turvalisuse jms kaanonitega seotud protseduurid
- paigaldamise järgne uuendamine toimub automaatselt, sarnaselt põhisüsteemi tarkvaraga
Paigaldatud tarkvara nimekirja esitamine
GUI
System Settings -> General -> System report -> Software -> Applications -> not obtained-from Apple
käsurealt
imreoolberg@Imres-MacBook-Air ~ % system_profiler SPApplicationsDataType | grep -B 3 -A 5 "Identified De" | head -n 20
Google Chrome:
Version: 140.0.7339.81
Obtained from: Identified Developer
Last Modified: 30.08.2025, 01:47
Kind: Universal
Signed by: Developer ID Application: Google LLC (EQHXZ8M8AV), Developer ID Certification Authority, Apple Root CA
Location: /Applications/Google Chrome.app
Get Info String: Google Chrome 140.0.7339.81, Copyright 2025 Google LLC. All rights reserved.
--
iTerm:
Version: 3.5.14
Obtained from: Identified Developer
Last Modified: 16.05.2025, 02:59
Kind: Universal
Signed by: Developer ID Application: GEORGE NACHMAN (H7V7XYVQ7D), Developer ID Certification Authority, Apple Root CA
Location: /Applications/iTerm.app
Get Info String: 3.5.14
--
Üks viis on küsida failisüsteemis
imreoolberg@Imres-MacBook-Air ~ % ls -ld /Applications/* | grep imreoo drwxr-xr-x@ 3 imreoolberg staff 96 Sep 3 11:10 /Applications/BetterTouchTool.app drwxrwxr-x@ 3 imreoolberg admin 96 Aug 30 01:47 /Applications/Google Chrome.app drwxr-xr-x@ 3 imreoolberg staff 96 May 16 02:59 /Applications/iTerm.app drwxr-xr-x@ 3 imreoolberg admin 96 Apr 8 08:11 /Applications/UTM.app drwxr-xr-x@ 3 imreoolberg admin 96 Jul 25 15:41 /Applications/Visual Studio Code.app imreoolberg@Imres-MacBook-Air ~ % ls -ld /Applications/* | grep qdigi drwxr-xr-x@ 3 root wheel 96 Sep 8 16:56 /Applications/qdigidoc4.app
kus
- sõltuvalt paigaldusviisist on faili omanik erinev
- põhimõtteliselt tekib sellisest lähenemisest probleeme, nt mis siis kui süsteemil on mitu kasutajat, installinud kasutaja eemaldatakse jne - üks viis on kasutada süsteemis ühte non-personal administraator kasutajat kes tegeleb tarkvara paigaldamisega jms, ja ülejäänud kasutavad tarkvara
- @ tähistab asjaolu, et failiga on seotud apfs failisüsteemi extended attributs omadused, nt registreeritakse sedasi autor
imreoolberg@Imres-MacBook-Air ~ % xattr -p com.apple.appstore.vendor_name "/Applications/Yubico Authenticator.app" Yubico
Paigaldamine - App Store
TODO
kus
- pressida Get -> Install -> Open
- tarkvara 'Obtained from' väärtuseks on 'App store'
- online otsing - https://www.apple.com/us/search/yubico?src=globalnav
Paigaldamine - tootja juurest kopeerides
TODO
Tarkvara uuendamine
Väited
- tarkvara uuendusi ei väljastata kindlaksmääratud aegadel (nt nagu Ubuntu või OpenBSD puhul)
- tarkvara uuendusi väljastatakse mitmel korral aastas ja vastavalt vajadusele
- tarkvara uuendused jaotuvad: 1. turva-uuendused, 2. vigade parandused, 3. funktsionaalsed muudatused
- tarkvara uuendusi koheldatakse terviklikult, st ei ole eraldi nt süsteemi osas ja rakendustarkvara, või pakettide nimekiri, millest saab teha käesoleva uuenduse korra jaoks valiku
Nt 2025 aastal on olnud selline uuenduste ajalugu
- January 27: macOS Sequoia 15.3, macOS Sonoma 14.7.3, and macOS Ventura 13.7.3 were released with security patches.
- February 10: An urgent security update, macOS Sequoia 15.3.1, was released.
- March 11: macOS Sequoia 15.3.2 was released, addressing security vulnerabilities in WebKit.
- March 31: macOS Sequoia 15.4, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5 were released.
- April 16: macOS Sequoia 15.4.1 was released, providing security patches.
- May 12: macOS Sequoia 15.5, macOS Sonoma 14.7.6, and macOS Ventura 13.7.6 were released.
- July 29: macOS Sequoia 15.6, macOS Sonoma 14.7.7, and macOS Ventura 13.7.7 were released.
- August 20: macOS Sequoia 15.6.1 was released with security updates.
Käsundamine
imreoolberg@Imres-MacBook-Air ~ % sw_vers ProductName: macOS ProductVersion: 15.3 BuildVersion: 24D2059 imreoolberg@Imres-MacBook-Air ~ % softwareupdate -l Software Update Tool Finding available software Software Update found the following new or updated software: * Label: macOS Sequoia 15.6.1-24G90 Title: macOS Sequoia 15.6.1, Version: 15.6.1, Size: 6160384KiB, Recommended: YES, Action: restart,
Logi
TODO
Misc
Watchdog
Väited
- hardware watchdog on paratamatult sisse lülitatud
- software watchdog on seaditatav, vaikimisi on sisse lülitatud
TODO
Programm
Käivitamine
imreoolberg@Imres-MacBook-Air ~ % open -a BetterTouchTool
imreoolberg@Imres-MacBook-Air ~ %
imreoolberg@Imres-MacBook-Air ~ % "/Applications/Yubico Authenticator.app/Contents/MacOS/Yubico Authenticator"
13:09:53.164 [desktop.init] INFO: Logging initialized, outputting to stderr
13:09:53.173 [desktop.init] INFO: Window hidden on startup: false
13:09:53.174 [desktop.init] INFO: Starting Helper subprocess: /Applications/Yubico Authenticator.app/Contents/Resources/helper/authenticator-helper
13:09:53.175 [desktop.init] INFO: Helper process started
13:09:53.176 [main] INFO: Running Yubico Authenticator...
{app_version: 7.2.3, dart: 3.8.1 (stable) (Wed May 28 00:47:25 2025 -0700) on "macos_arm64", os: macos, os_version: Version 15.6.1 (Build 24G90)}
13:09:53.302 [helper.ykman.logging] INFO: Logging at level: INFO
13:09:53.302 [helper.helper.device] INFO: Log level set to: INFO
13:09:53.302 [desktop.init] INFO: Helper log level set
13:09:53.327 [desktop.devices] INFO: USB state change
{"data":{"state":5740354900026072187,"pids":{}},"actions":["get","scan"],"children":{}}
13:09:53.327 [desktop.devices] INFO: USB state updated, unaccounted for: {}
..
edasi
Imres-MacBook-Air:/ root# file "/Applications/Yubico Authenticator.app/Contents/MacOS/Yubico Authenticator" /Applications/Yubico Authenticator.app/Contents/MacOS/Yubico Authenticator: Mach-O universal binary with 2 architectures: [x86_64:Mach-O 64-bit executable x86_64] [arm64:Mach-O 64-bit executable arm64] /Applications/Yubico Authenticator.app/Contents/MacOS/Yubico Authenticator (for architecture x86_64): Mach-O 64-bit executable x86_64 /Applications/Yubico Authenticator.app/Contents/MacOS/Yubico Authenticator (for architecture arm64): Mach-O 64-bit executable arm64 Imres-MacBook-Air:/ root#
imreoolberg@Imres-MacBook-Air Documents % cat hello.c
#include <stdio.h>
int main() {
printf("Hello, World!\n");
return 0;
}
kompileerimine
imreoolberg@Imres-MacBook-Air Documents % clang hello.c -o hello
käivitamine
imreoolberg@Imres-MacBook-Air Documents % ./hello Hello, World!
otool abil binary uurimine
imreoolberg@Imres-MacBook-Air Documents % otool -L hello hello: /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1351.0.0)
yubico authenticator binary uurimine
Imres-MacBook-Air:/ root# otool -L "/Applications/Yubico Authenticator.app/Contents/MacOS/Yubico Authenticator" /Applications/Yubico Authenticator.app/Contents/MacOS/Yubico Authenticator (architecture x86_64): @rpath/desktop_drop.framework/Versions/A/desktop_drop (compatibility version 1.0.0, current version 1.0.0) @rpath/file_picker.framework/Versions/A/file_picker (compatibility version 1.0.0, current version 1.0.0) @rpath/local_notifier.framework/Versions/A/local_notifier (compatibility version 1.0.0, current version 1.0.0) @rpath/path_provider_foundation.framework/Versions/A/path_provider_foundation (compatibility version 1.0.0, current version 1.0.0) @rpath/screen_retriever_macos.framework/Versions/A/screen_retriever_macos (compatibility version 1.0.0, current version 1.0.0) @rpath/shared_preferences_foundation.framework/Versions/A/shared_preferences_foundation (compatibility version 1.0.0, current version 1.0.0) @rpath/tray_manager.framework/Versions/A/tray_manager (compatibility version 1.0.0, current version 1.0.0) @rpath/url_launcher_macos.framework/Versions/A/url_launcher_macos (compatibility version 1.0.0, current version 1.0.0) @rpath/window_manager.framework/Versions/A/window_manager (compatibility version 1.0.0, current version 1.0.0) /usr/lib/libobjc.A.dylib (compatibility version 1.0.0, current version 228.0.0) /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1345.120.2) /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit (compatibility version 45.0.0, current version 2487.60.105) /usr/lib/swift/libswiftCore.dylib (compatibility version 1.0.0, current version 0.0.0) /usr/lib/swift/libswiftCoreAudio.dylib (compatibility version 1.0.0, current version 6.0.0, weak) /usr/lib/swift/libswiftCoreFoundation.dylib (compatibility version 1.0.0, current version 120.100.0, weak) /usr/lib/swift/libswiftCoreImage.dylib (compatibility version 1.0.0, current version 2.0.0, weak) /usr/lib/swift/libswiftCoreMedia.dylib (compatibility version 1.0.0, current version 3110.8.2, weak) /usr/lib/swift/libswiftDarwin.dylib (compatibility version 1.0.0, current version 0.0.0, weak) /usr/lib/swift/libswiftDispatch.dylib (compatibility version 1.0.0, current version 41.0.0, weak) /usr/lib/swift/libswiftIOKit.dylib (compatibility version 1.0.0, current version 1.0.0, weak) /usr/lib/swift/libswiftMetal.dylib (compatibility version 1.0.0, current version 343.19.0, weak) /usr/lib/swift/libswiftOSLog.dylib (compatibility version 1.0.0, current version 4.0.0, weak) /usr/lib/swift/libswiftObjectiveC.dylib (compatibility version 1.0.0, current version 8.0.0, weak) /usr/lib/swift/libswiftQuartzCore.dylib (compatibility version 1.0.0, current version 3.0.0, weak) /usr/lib/swift/libswiftUniformTypeIdentifiers.dylib (compatibility version 1.0.0, current version 791.2.12, weak) /usr/lib/swift/libswiftXPC.dylib (compatibility version 1.0.0, current version 36.100.8, weak) /usr/lib/swift/libswiftos.dylib (compatibility version 1.0.0, current version 1049.100.4, weak) @rpath/FlutterMacOS.framework/Versions/A/FlutterMacOS (compatibility version 0.0.0, current version 0.0.0) /usr/lib/swift/libswiftFoundation.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/lib/swift/libswiftAppKit.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/lib/swift/libswiftCoreGraphics.dylib (compatibility version 1.0.0, current version 120.100.0, weak) /Applications/Yubico Authenticator.app/Contents/MacOS/Yubico Authenticator (architecture arm64): @rpath/desktop_drop.framework/Versions/A/desktop_drop (compatibility version 1.0.0, current version 1.0.0) @rpath/file_picker.framework/Versions/A/file_picker (compatibility version 1.0.0, current version 1.0.0) @rpath/local_notifier.framework/Versions/A/local_notifier (compatibility version 1.0.0, current version 1.0.0) @rpath/path_provider_foundation.framework/Versions/A/path_provider_foundation (compatibility version 1.0.0, current version 1.0.0) @rpath/screen_retriever_macos.framework/Versions/A/screen_retriever_macos (compatibility version 1.0.0, current version 1.0.0) @rpath/shared_preferences_foundation.framework/Versions/A/shared_preferences_foundation (compatibility version 1.0.0, current version 1.0.0) @rpath/tray_manager.framework/Versions/A/tray_manager (compatibility version 1.0.0, current version 1.0.0) @rpath/url_launcher_macos.framework/Versions/A/url_launcher_macos (compatibility version 1.0.0, current version 1.0.0) @rpath/window_manager.framework/Versions/A/window_manager (compatibility version 1.0.0, current version 1.0.0) /usr/lib/libobjc.A.dylib (compatibility version 1.0.0, current version 228.0.0) /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1345.120.2) /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit (compatibility version 45.0.0, current version 2487.60.105) /usr/lib/swift/libswiftCore.dylib (compatibility version 1.0.0, current version 0.0.0) /usr/lib/swift/libswiftCoreAudio.dylib (compatibility version 1.0.0, current version 6.0.0, weak) /usr/lib/swift/libswiftCoreFoundation.dylib (compatibility version 1.0.0, current version 120.100.0, weak) /usr/lib/swift/libswiftCoreImage.dylib (compatibility version 1.0.0, current version 2.0.0, weak) /usr/lib/swift/libswiftCoreMedia.dylib (compatibility version 1.0.0, current version 3110.8.2, weak) /usr/lib/swift/libswiftDarwin.dylib (compatibility version 1.0.0, current version 0.0.0, weak) /usr/lib/swift/libswiftDispatch.dylib (compatibility version 1.0.0, current version 41.0.0, weak) /usr/lib/swift/libswiftIOKit.dylib (compatibility version 1.0.0, current version 1.0.0, weak) /usr/lib/swift/libswiftMetal.dylib (compatibility version 1.0.0, current version 343.19.0, weak) /usr/lib/swift/libswiftOSLog.dylib (compatibility version 1.0.0, current version 4.0.0, weak) /usr/lib/swift/libswiftObjectiveC.dylib (compatibility version 1.0.0, current version 8.0.0, weak) /usr/lib/swift/libswiftQuartzCore.dylib (compatibility version 1.0.0, current version 3.0.0, weak) /usr/lib/swift/libswiftUniformTypeIdentifiers.dylib (compatibility version 1.0.0, current version 791.2.12, weak) /usr/lib/swift/libswiftXPC.dylib (compatibility version 1.0.0, current version 36.100.8, weak) /usr/lib/swift/libswiftos.dylib (compatibility version 1.0.0, current version 1049.100.4, weak) @rpath/FlutterMacOS.framework/Versions/A/FlutterMacOS (compatibility version 0.0.0, current version 0.0.0) /usr/lib/swift/libswiftFoundation.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/lib/swift/libswiftAppKit.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/lib/swift/libswiftCoreGraphics.dylib (compatibility version 1.0.0, current version 120.100.0, weak)
kus
- @rpath viitab rakenduse kapsli sisestele ressurssidele
dtruss
Imres-MacBook-Air:/ root# dtruss -p 65630 2>&1 | tail -n 1 : probe description syscall:::entry does not match any probes. System Integrity Protection is on imreoolberg@Imres-MacBook-Air Documents % dtruss ./hello dtrace: system integrity protection is on, some features will not be available dtrace: failed to initialize dtrace: DTrace requires additional privileges
Screenshot
Tähistatud ala
Command + Shift + 4
Kogu ekraan
Command + Shift + 3
Vaikimisi asub pildistus iseloomuliku nimega failis desktopil.
Süsteemi taastamine
Recovery meedia ettevalmistamine
Imres-MacBook-Air:/ root# diskutil eraseDisk JHFS+ "MyVolume" /dev/disk4 Started erase on disk4 Unmounting disk Creating the partition map Waiting for partitions to activate Formatting disk4s2 as Mac OS Extended (Journaled) with name MyVolume Initialized /dev/rdisk4s2 as a 28 GB case-insensitive HFS Plus volume with a 8192k journal Mounting disk Finished erase on disk4 Imres-MacBook-Air:/ root# /Applications/Install\ macOS\ Sequoia.app/Contents/Resources/createinstallmedia --volume /Volumes/MyVolume Ready to start. To continue we need to erase the volume at /Volumes/MyVolume. If you wish to continue type (Y) then press return: y Erasing disk: 0%... 10%... 20%... 30%... 100% Copying essential files... Copying the macOS RecoveryOS... Making disk bootable... Copying to disk: 0%... 10%... 20%... 30%... 40%... 50%... 60%... 70%... 80%... 90%... 100% Install media now available at "/Volumes/Install macOS Sequoia" Imres-MacBook-Air:/ root# echo $? 0 # diskutil unmount /Volumes/Install\ macOS\ Sequoia
Protseduur
1. Create a New APFS Volume The first step is to create a new, separate volume on your internal drive where you will restore the backup.
Boot from your USB installer by holding the Option key on startup.
In the macOS Utilities window, select Disk Utility and click Continue.
In Disk Utility, go to the menu bar and select View > Show All Devices.
In the sidebar, select the APFS container (the device, not the volume) that holds your current macOS installation.
Click the + button in the toolbar to add a new APFS volume.
Give the new volume a name (e.g., "macOS Restored") and click Add. This process is very fast as APFS volumes share the same free space.
Once the new volume appears in the sidebar, close Disk Utility.
2. Restore the Backup to the New Volume Now that the new volume is ready, you can restore your Time Machine backup to it.
From the macOS Utilities window, select Restore From Time Machine Backup and click Continue.
Follow the on-screen instructions, selecting your Time Machine backup drive when prompted.
When the installer asks you to choose a destination disk, you will see your original macOS volume and the new "macOS Restored" volume you just created.
Select the new "macOS Restored" volume as the destination for the restoration. The installer will then proceed to restore the system to that specific volume only.
After the restoration is complete, you can restart your Mac and, by holding down the Option key, you will be able to choose between your original macOS system and the restored system on the second volume.
homebrew
imre@imre-mac ~ % /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
==> Checking for `sudo` access (which may request your password)...
Password:
==> This script will install:
/opt/homebrew/bin/brew
/opt/homebrew/share/doc/homebrew
/opt/homebrew/share/man/man1/brew.1
/opt/homebrew/share/zsh/site-functions/_brew
/opt/homebrew/etc/bash_completion.d/brew
/opt/homebrew
/etc/paths.d/homebrew
==> The following new directories will be created:
/opt/homebrew/bin
/opt/homebrew/etc
/opt/homebrew/include
/opt/homebrew/lib
/opt/homebrew/sbin
/opt/homebrew/share
/opt/homebrew/var
/opt/homebrew/opt
/opt/homebrew/share/zsh
/opt/homebrew/share/zsh/site-functions
/opt/homebrew/var/homebrew
/opt/homebrew/var/homebrew/linked
/opt/homebrew/Cellar
/opt/homebrew/Caskroom
/opt/homebrew/Frameworks
==> The Xcode Command Line Tools will be installed.
Press RETURN/ENTER to continue or any other key to abort:
==> /usr/bin/sudo /usr/bin/install -d -o root -g wheel -m 0755 /opt/homebrew
==> /usr/bin/sudo /bin/mkdir -p /opt/homebrew/bin /opt/homebrew/etc /opt/homebrew/include /opt/homebrew/lib /opt/homebrew/sbin /opt/homebrew/share /opt/homebrew/var /opt/homebrew/opt /opt/homebrew/share/zsh /opt/homebrew/share/zsh/site-functions /opt/homebrew/var/homebrew /opt/homebrew/var/homebrew/linked /opt/homebrew/Cellar /opt/homebrew/Caskroom /opt/homebrew/Frameworks
==> /usr/bin/sudo /bin/chmod ug=rwx /opt/homebrew/bin /opt/homebrew/etc /opt/homebrew/include /opt/homebrew/lib /opt/homebrew/sbin /opt/homebrew/share /opt/homebrew/var /opt/homebrew/opt /opt/homebrew/share/zsh /opt/homebrew/share/zsh/site-functions /opt/homebrew/var/homebrew /opt/homebrew/var/homebrew/linked /opt/homebrew/Cellar /opt/homebrew/Caskroom /opt/homebrew/Frameworks
==> /usr/bin/sudo /bin/chmod go-w /opt/homebrew/share/zsh /opt/homebrew/share/zsh/site-functions
==> /usr/bin/sudo /usr/sbin/chown imre /opt/homebrew/bin /opt/homebrew/etc /opt/homebrew/include /opt/homebrew/lib /opt/homebrew/sbin /opt/homebrew/share /opt/homebrew/var /opt/homebrew/opt /opt/homebrew/share/zsh /opt/homebrew/share/zsh/site-functions /opt/homebrew/var/homebrew /opt/homebrew/var/homebrew/linked /opt/homebrew/Cellar /opt/homebrew/Caskroom /opt/homebrew/Frameworks
==> /usr/bin/sudo /usr/bin/chgrp admin /opt/homebrew/bin /opt/homebrew/etc /opt/homebrew/include /opt/homebrew/lib /opt/homebrew/sbin /opt/homebrew/share /opt/homebrew/var /opt/homebrew/opt /opt/homebrew/share/zsh /opt/homebrew/share/zsh/site-functions /opt/homebrew/var/homebrew /opt/homebrew/var/homebrew/linked /opt/homebrew/Cellar /opt/homebrew/Caskroom /opt/homebrew/Frameworks
==> /usr/bin/sudo /usr/sbin/chown -R imre:admin /opt/homebrew
==> Searching online for the Command Line Tools
==> /usr/bin/sudo /usr/bin/touch /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress
==> Installing Command Line Tools for Xcode-16.4
==> /usr/bin/sudo /usr/sbin/softwareupdate -i Command\ Line\ Tools\ for\ Xcode-16.4
Software Update Tool
Finding available software
Downloading Command Line Tools for Xcode
Downloaded Command Line Tools for Xcode
Installing Command Line Tools for Xcode
Done with Command Line Tools for Xcode
Done.
==> /usr/bin/sudo /usr/bin/xcode-select --switch /Library/Developer/CommandLineTools
Password:
Sorry, try again.
Password:
==> /usr/bin/sudo /bin/rm -f /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress
==> Downloading and installing Homebrew...
remote: Enumerating objects: 310493, done.
remote: Counting objects: 100% (16399/16399), done.
remote: Compressing objects: 100% (608/608), done.
remote: Total 310493 (delta 15991), reused 15838 (delta 15791), pack-reused 294094 (from 3)
remote: Enumerating objects: 55, done.
remote: Counting objects: 100% (34/34), done.
remote: Total 55 (delta 33), reused 33 (delta 33), pack-reused 21 (from 1)
==> /usr/bin/sudo /bin/mkdir -p /etc/paths.d
==> /usr/bin/sudo tee /etc/paths.d/homebrew
/opt/homebrew/bin
==> /usr/bin/sudo /usr/sbin/chown root:wheel /etc/paths.d/homebrew
==> /usr/bin/sudo /bin/chmod a+r /etc/paths.d/homebrew
==> Updating Homebrew...
==> Downloading https://ghcr.io/v2/homebrew/portable-ruby/portable-ruby/blobs/sha256:20fa657858e44a4b39171d6e4111f8a9716eb62a78ebbd1491d94f90bb7b830a
################################################################################################################################################################ 100.0%
==> Pouring portable-ruby-3.4.5.arm64_big_sur.bottle.tar.gz
==> Installation successful!
==> Homebrew has enabled anonymous aggregate formulae and cask analytics.
Read the analytics documentation (and how to opt-out) here:
https://docs.brew.sh/Analytics
No analytics data has been sent yet (nor will any be during this install run).
==> Homebrew is run entirely by unpaid volunteers. Please consider donating:
https://github.com/Homebrew/brew#donations
==> Next steps:
- Run these commands in your terminal to add Homebrew to your PATH:
echo >> /Users/imre/.zprofile
echo 'eval "$(/opt/homebrew/bin/brew shellenv)"' >> /Users/imre/.zprofile
eval "$(/opt/homebrew/bin/brew shellenv)"
- Run brew help to get started
- Further documentation:
https://docs.brew.sh
imre@imre-mac ~ %
pyhton 3.13
imre@imre-mac ti % brew install python@3.13 ==> Fetching downloads for: python@3.13 ==> Downloading https://ghcr.io/v2/homebrew/core/python/3.13/manifests/3.13.7 #################################################################################################################### 100.0% ==> Fetching dependencies for python@3.13: mpdecimal, ca-certificates, openssl@3, readline, sqlite and xz ==> Downloading https://ghcr.io/v2/homebrew/core/mpdecimal/manifests/4.0.1 #################################################################################################################### 100.0% ==> Fetching mpdecimal ... `idle3.13` requires tkinter, which is available separately: brew install python-tk@3.13 See: https://docs.brew.sh/Homebrew-and-Python ==> Summary 🍺 /opt/homebrew/Cellar/python@3.13/3.13.7: 3,620 files, 66.6MB ==> Running `brew cleanup python@3.13`... Disable this behaviour by setting `HOMEBREW_NO_INSTALL_CLEANUP=1`. Hide these hints with `HOMEBREW_NO_ENV_HINTS=1` (see `man brew`). ==> No outdated dependents to upgrade! ==> Caveats ==> python@3.13 Python is installed as /opt/homebrew/bin/python3 Unversioned symlinks `python`, `python-config`, `pip` etc. pointing to `python3`, `python3-config`, `pip3` etc., respectively, are installed into /opt/homebrew/opt/python@3.13/libexec/bin `idle3.13` requires tkinter, which is available separately: brew install python-tk@3.13 See: https://docs.brew.sh/Homebrew-and-Python imre@imre-mac ti % (py_venv) imre@imre-mac ti % brew tap hashicorp/tap ==> Tapping hashicorp/tap Cloning into '/opt/homebrew/Library/Taps/hashicorp/homebrew-tap'... remote: Enumerating objects: 5818, done. remote: Counting objects: 100% (1132/1132), done. remote: Compressing objects: 100% (221/221), done. remote: Total 5818 (delta 1015), reused 913 (delta 911), pack-reused 4686 (from 3) Receiving objects: 100% (5818/5818), 1.01 MiB | 1.18 MiB/s, done. Resolving deltas: 100% (4104/4104), done. Tapped 2 casks and 32 formulae (93 files, 1.3MB). (py_venv) imre@imre-mac ti % brew install hashicorp/tap/vault
Xcode Command Line Tools
Xcide CLI koosseisu kuuluvad muu hulgas
- git
- clang
- gcc
Paigaldamiseks sobib öelda
# xcode-select --install
to check
imreoolberg@Imres-MacBook-Air ~ % xcode-select -p /Library/Developer/CommandLineTools
Spaces
Väited
- Spaces võimaldab tegeleda macos peal virtuaalsete desktop'idega
- käitumist kontrollib üldiselt 'System Settings -> Desktop & Dock -> Displays have separate Spaces' väärtus (vaikimisi 'On')
- F3 klahv abil saab Spaces riba kuvada monitoride üleosas
- Space'i saab liigutada monitoride vahel hiirega tirides, v.a. aktiivset space'i
- Space'ide vahel saab liikuda Control + left/righ arrow key abil
- Rakendust saab liigutada space'ide vahel minnes nn Mission Control vaatesse ja siis hiirega rakenduse akent lohistades
- Space sulgemisel paigutatakse vastavad aknad eelmisele space'ile
Kellaaeg
Süsteemi aeg
Imres-MacBook-Air:~ root# date Sat Sep 13 23:36:17 EEST 2025
NTP serverilt kellaaja küsimine
Imres-MacBook-Air:~ root# sntp time.apple.com +0.049514 +/- 0.014280 time.apple.com 17.253.38.35
Väärtuse küsimine
Imres-MacBook-Air:~ root# systemsetup -getnetworktimeserver Network Time Server: time.euro.apple.com
Väärtuse muutmine
Imres-MacBook-Air:~ root# systemsetup -setnetworktimeserver time.euro.apple.com
Logist kellaajaga seotud sündmuste kohta küsimine
Imres-MacBook-Air:~ root# log stream --predicate 'subsystem == "com.apple.timed"
Kas kellaaeg automaatne hoidmine on kasutuses
Imres-MacBook-Air:~ root# systemsetup -getusingnetworktime Network Time: On
BSD pärand
Imres-MacBook-Air:~ root# ssh -V OpenSSH_9.9p2, LibreSSL 3.3.6 Imres-MacBook-Air:~ root# pfctl -v No ALTQ support in kernel ALTQ related functions disabled Imres-MacBook-Air:~ root# netstat -nr -f inet
Süsteemsete kasutajate nimed algavad alakriipsuga (nt sarnaselt toimib OpenBSD), nt timed (ntp local protsess) töötab kasutajana _timed
Imres-MacBook-Air:~ root# ps aux | grep timed _timed 373 0.0 0.0 426967056 4576 ?? Ss Tue02PM 0:03.41 /usr/libexec/timed
/etc/passwd failis on palju nö legacy kasutajad mille nimi viitab nö klassikalisele lahendusele
Imres-MacBook-Air:~ root# egrep "_postgres|_dovenull|_postfix|_avamis|_clamav|_cyrus|_mailman|_cvs|_mysql|_jabber|_ftp" /etc/passwd _postfix:*:27:27:Postfix Mail Server:/var/spool/postfix:/usr/bin/false _cvs:*:72:72:CVS Server:/var/empty:/usr/bin/false _mysql:*:74:74:MySQL Server:/var/empty:/usr/bin/false _cyrus:*:77:6:Cyrus Administrator:/var/imap:/usr/bin/false _mailman:*:78:78:Mailman List Server:/var/empty:/usr/bin/false _clamav:*:82:82:ClamAV Daemon:/var/virusmails:/usr/bin/false _jabber:*:84:84:Jabber XMPP Server:/var/empty:/usr/bin/false _ftp:*:98:-2:FTP Daemon:/var/empty:/usr/bin/false _postgres:*:216:216:PostgreSQL Server:/var/empty:/usr/bin/false _dovenull:*:227:227:Dovecot Authentication:/var/empty:/usr/bin/false
Süsteemi paigaldamine
Eesmärk
- paigaldada töötav töökoha keskkond
- valmituda juhtumiks kui kasutaja parool kaob ja on vaja seda taastada (teha reset)
TODO
Google Chrome brauser
TODO
Google Chrome brauseril on lubatud kuvada ssh privaatset võtit, nt
file:///Users/imreoolberg/.ssh/id_ed25519
Analoogliselt on see lubatud Ubuntu 24.04 platvormil, aga nt OpenBSD puhul mitte (tänu unveil tehnoloogiale).
GateKeeper
Kui kopeerida internetist tarkvara nt .dmg kujul ja paigaldada, siis esimesel käivitamisel küsib süsteem, et kas ikka käivitada see internetist kopeeritud programm, küsimus ja vastusega tegelemine on seotud xattr parameetriga com.apple.quarantine
Imres-MacBook-Air:~ root# xattr -p com.apple.quarantine /Applications/KeePassXC.app 0181;68c6f083;Chrome;AF698614-F806-4A2B-B66C-4B09CB133779
ja
# spctl
ja
Imres-MacBook-Air:~ root# sqlite3 /Users/imreoolberg/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 SQLite version 3.43.2 2023-10-10 13:08:14 Enter ".help" for usage hints. sqlite> .schema CREATE TABLE LSQuarantineEvent ( LSQuarantineEventIdentifier TEXT PRIMARY KEY NOT NULL, LSQuarantineTimeStamp REAL, LSQuarantineAgentBundleIdentifier TEXT, LSQuarantineAgentName TEXT, LSQuarantineDataURLString TEXT, LSQuarantineSenderName TEXT, LSQuarantineSenderAddress TEXT, LSQuarantineTypeNumber INTEGER, LSQuarantineOriginTitle TEXT, LSQuarantineOriginURLString TEXT, LSQuarantineOriginAlias BLOB ); CREATE INDEX LSQuarantineEventIndex ON LSQuarantineEvent ( LSQuarantineEventIdentifier ); CREATE INDEX LSQuarantineTimeStampIndex ON LSQuarantineEvent ( LSQuarantineTimeStamp ); sqlite> select * from LSQuarantineEvent; 9446C9BF-45BE-49C7-8EBE-2F15796AC8C8|778543831.0|com.google.Chrome|Chrome||||0||| BDC2404B-51CD-4561-B50B-97C0C4272BF4|778543831.0|com.google.Chrome|Chrome||||0||| 295142B0-B654-4691-9F45-774441058E9A|778543831.0|com.google.Chrome|Chrome||||0||| E806F7A8-856B-4A57-ADD6-0FFC2CAEECCB|778543833.0|com.google.Chrome|Chrome||||0|||
Transparency, Consent, and Control (TCC)
Esmakordsel käivitamisel küsitakse vahel kataloogide ja failide avamise õiguse kohta, sellega tegeleb TCC. Tulemus on paista nt
System Settings -> Privacy & Security -> KeePassXC -> xxx
Imres-MacBook-Air:~ root# mdls -name kMDItemCFBundleIdentifier /Applications/KeePassXC.app kMDItemCFBundleIdentifier = "org.keepassxc.keepassxc"
ning eemaldamiseks
Imres-MacBook-Air:~ root# tccutil reset All org.keepassxc.keepassxc Successfully reset All approval status for org.keepassxc.keepassxc
Kasutajate haldamine
Kasutaja tekitamiseks sobib
System Settings -> Users & Groups -> Add User -> ...
