I am running VMWare’s free vSphere Hypervisor (formerly known as ESXi) on my Mid-2011 Mac Mini Server (Macmini5,3) for many years . Earlier this year VMWare introduced vSphere Hypervisor 6.7 but as it was not really clear what it would add and I had a stable environment I decided not to upgrade (yet) when it came out.
However, ever since Apple introduced the APFS filesystem with MacOS High Sierra, special care was required to install (or upgrade) a MacOS VM on vSphere Hypervisor as the built-in EFI boot did not support this. Since I had to create a new MacOS Server today, I decided to give this update a try to see if it would support MacOS High Sierra. Documentation was not very clear on this, but it turned out that with this version of vSphere Hypervisor, MacOS 12.13 (as well as 12.14!) is supported, as this is how the dropdown when creating a new VM now looks like for MacOS:
This post contains the steps to perform an upgrade from vSphere Hypervisor 6.5u1 to 6.7 on my Mid-2011 Mac Mini Server, including the installation of the (not included) VMWare Tools image for MacOS.
Continue reading “VMWare vSphere Hypervisor 6.7 supports MacOS 12.13 (and 12.14!)”
For a few year I have been playing with Raspberry Pi’s. I started off with a 1B, then moved to a a 2B and for some time am heavily using a model 3B as my monitoring (nagios) server while the 2B is being setup for other use (as well as a few Pi Zero’s being used for other things).
Since the switch to the 3B I started to have more and more issues with the SD card getting corrupt. Actually, it wasn’t the card itself but critical files tended to get corrupted, making the system unusable after a while – one of the reasons I scripted the setup of my monitoring server using Ansible). Recently I found this discussion on stackexchange which hinted me on the root cause of my problems – the Raspberry Pi 3B really needs a 2.5A power supply to function correctly.
Continue reading “Raspberry Pi power saving (disable HDMI port and others) – the SystemD way”
As part of the migration of my MacOS Server to Linux the next service to migrate is my PostgreSQL engine. Although PostgreSQL had already been hidden in MacOS Server for some time, it still was included (as internal services like ProfileManager and Calendar and Addressbook Server depend on it. Despite it being hidden, I had still enabled it (manually) and hosted my PostgreSQL databases on my MacOS Server for ages. Despite migrations sometimes being a pain (i.e. not automatic) this worked well so far, including integrating it with the MacOS Server way of using transaction logs for offline backups. (so I will also have to look for a new way to do this). Continue reading “MacOS Server Replacement #2 – Migrating PostgreSQL”
Today I noticed that VMWare has released a partial solution for the Spectre security issue ( CVE-2017-5715), according to VMWare:
This ESXi patch provides part of the hypervisor-assisted guest mitigation of CVE-2017-5715 for guest operating systems. For important details on this mitigation, see VMware Security Advisory VMSA-2018-0004.3.
It can be downloaded from their site and is also available for the free ESXi 6.5 version, the file to download is ESXi650-201803001.zip, see also VMWare Knowledge Base article 52456. Installation is quite straightforward. Continue reading “VMWare ESXi 6.5 Spectre patch available”
As part of the migration of my MacOS Server to Linux the first service to migrate is my MySQL 5.7 engine. Although MySQL is not part of MacOS Server anymore for a long time (and I had installed it separately), I will cover the migration here as 1) I still had it running on my MacOS Server and 2) the migration wasn’t smooth so decided to share my learnings here. Continue reading “MacOS Server Replacement #1 – Migrating MySQL to MariaDB”
Today I noticed that there was a new update for MacOS Server that had quite a lengthy explaination:
As per Apple Knowledge Base article HT208312, the once great Apple Server product as this fall will be reduced to:
- Profile Manager
- Open Directory
The rationale of this is, according to Apple:
In fall 2018, Apple will stop bundling open source services such as Calendar Server, Contacts Server, the Mail Server, DNS, DHCP, VPN Server, and Websites with macOS Server. Customers can get these same services directly from open-source providers. This way, macOS Server customers can install the most secure and up-to-date services as soon as they’re available.
Continue reading “Apple totally strips MacOS Server”
For quite some time I am an happy user of Open Whisper Systems’ Signal Messenger phone application as alternative to WhatsApp. The fact that this solution is open source and that the exchange of messages (and now also calls) is secure and that this can be verified by anyone are important and valuable. I use it on my phone but as I spend most of my time behind a laptop and still (call me old-fashioned) prefer a real keyboard over a touch screen I have been looking for a way to use it from my laptop as well. Continue reading “Signal Desktop stand-alone OS X Application”
Today morning I noticed that my blog had been altered as it looked as displayed in the picture above. The first thing I did when I noticed this was to take my webserver offline until I could check what actually happened and to assess the impact of this breach of security. Fortunately the damage turned out to be very limited and easy to resolve so after a short research I was able to reconnect my webserver again and write about it. Continue reading ““Hacked” due to security issue in WordPress 4.7.1″
Happy New Year and best wishes for 2017!
It’s a new year so the design of this blog has been refreshed as well. As I wrote a few weeks ago, some important things changed in my private live. On the short time it causes some stress and will be distracting me, but I have no doubts that this will be only for a short time. For now it means that I will probably have some more time for this blog and will be posting more frequent again, how this will develop on the longer term is still unsure.
For now I still have some time off to spend on my family and IT… keep posted for some updates the coming days. Anyway again all the best for this new fresh year!
After installing of OS X (MacOS) Sierra update 10.12.2 I noticed that SSH connections started to ask for the password of my RSA key. This wasn’t how it worked before and not what I want (as I trust my MacBook Pro) as it is quite annoying.
For the current session the solution was quite simple, just run the command:
There seem to be many discussions online in what is causing this (i.e. here) with strange theories and odd (or not working) solutions. As documented also here, the root cause seems to be that the upstream OpenSSH code has changed and that Apple’s developers are following the changes.
The solution is fortunately quite simple: just create a file called
~/Library/LaunchAgents/org.openssh.plist with the following content:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<string>Add SSH Keys to SSH Agent</string>
And from the next login onwards your SSH key will be added to ssh-agent again.