damontimm.com » mac

How To: Store iMovie ’09 Events and Projects on a Network Volume (NAS)

Damon — Sat, 10 Apr 2010 15:33:32 +0000

Purpose: while iMovie ’09 allows you to store your events and projects on physically attached hard drives (external or internal) it doesn’t offer an out-of-the-box way to store them on a network attached storage (NAS) device. I have a file serve and I want to use it.

how to set it up

The only way I have found to circumvent this annoyance is to play a little trick on iMovie. And that trick is to move the original ~/Movies folder under a different name and put a symlink in its place (to the network folder of your choice).

Here are the steps I took from the Terminal to do this (you will need to have Administrator privileges and you will need to know where your network folder is attached):

sudo mv ~/Movies/ ~/Movies-original
ln -s /Volumes/my-network-volume/Movies/ ~/Movies

Now, when I load up iMovie it will use the networked volume. If you don’t like this, you can always move your ~/Movies-original folder back where it was.

remaining issues

Unfortunately, this isn’t a perfect fix. There are two caveats or issues I have found.

One, is that now my hard drive (called Papa Bear) is listed twice in the Project Library:

And two, is that when you delete an event or project from within iMovie, it moves the project into a temporary folder rather than actually deleting it. The next time you open iMovie, it will show up again. I’m sure this is because it thinks it is working with a bona fide Trash system but its not (because it is network storage. See this example:

In order to get around this annoyance, I created a Python script which removes the temporary files for me and created a cron job to run the script from time to time (cleaning up the mess iMovie leaves behind).

#!/usr/bin/env python
'''
Simple script to remove all directories that match the name:
    /iMovie Temporary Items */  [note the star!]

'''
import os
import fnmatch
import shutil

# tuple of directories to search through (you can add more than one)
DIRS = ('/Volumes/leaker-damon/tps/Videos/',)

for directory in DIRS:
    for root, dirnames, filenames in os.walk(directory):
        for directory in dirnames:
            if fnmatch.fnmatch(directory,'iMovie Temporary Items *'):
                shutil.rmtree(os.path.join(root,directory))

make this more better

Am interested to hear how other people have been handling this — this approach certainly isn’t perfect, but it seems to work (for now).

How To: Test Connection Speed Between Two Machines

Damon — Sun, 25 Jan 2009 14:58:26 +0000

Purpose: as a quick diagnostic tool, sometimes it’s nice to know exactly how fast two machines can (theoretically) be connected. I was having some slow downs on my NAS and using these command line tools, was able to determine that it was my NIC (and not my hard drives) that was causing the slow down. I learned this from a thread at slashdot.

install nc and pv

If you are on a mac, you can use MacPorts to install this easily enough:

$ sudo port install netcat pv

If you are on Ubuntu, you just need to get pv installed (nc is already there):

$ sudo aptitude install pv

Once you have nc and pv installed, it’s really simple. On one machine, run the following command:

$ nc -ulp 5000 > /dev/null

On the second machine run the following command (you need the IP address of the first machine):

$ pv < /dev/zero | nc -u ip.addy.of.other.machine 5000

And you should get some output with a little <=> sign moving across the screen that resembles this (static):

1.15GB 0:00:19 [ 218MB/s] [             <=>                  ]

This will show you the number of MB/s the connection is averaging; if you watch if for a bit, you can get an idea of where things stand. Here are some of the results I got between my PowerMac, PowerBook, and EEE PC:

localhost:                      218MB/s
gigabit Ethernet:               143MB/s
100MB ethernet:                 11.5MB/s
wireless (poor connection):     141kB/s

If you read the original post on slashdot, it seems you can us pv to measure a lot of other stuff as well — I haven’t played with it yet but should, one day.

How To: Automated Encrypted Incremental Backups on Amazon S3 with Duplicity (OS X or Ubuntu)

Damon — Mon, 24 Nov 2008 22:26:46 +0000

Purpose: setup an automatic encrypted off-site backup system that utilizes Amazon S3 with incremental backups by duplicity on the Mac (Leopard) or Ubuntu. Currently, I do have my own on-site backup system in place (nightly backups via rsync to external hard drive), but I am wary that some day my house may explode and I’ll have nothing left. Enter my new friend: the encrypted off-site backup.

before you begin

Before you can start backing things up off-site in a secure fashion, you’ll need to get a few pieces of the puzzle in place. Namely, you’ll need software installed (duplicity), a GPG key (for encryption), and an Amazon S3 account setup (for storage), and then use a backup script that can be run automatically (for laziness’s sake!).

Getting an Amazon S3 account is easy to do: head over to http://aws.amazon.com/s3/ and sign up; grab your “Access Key ID” and “Secret Access Key” and you are ready to go. There is a lot you can do with S3 (and a lot of ways to access it), but for our purposes, this is pretty much all you need.

Lastly, I would recommend spending a little time reading about duplicity (see the man page) as well as GnuPG (man page). There is a lot to consider, and I just picked the options I thought would work best for me.

Install the Software: Duplicity

For this to work we need duplicity installed with all the correct dependencies. The easiest way to do this on your Mac is to simply use MacPorts, which has an up-to-date version in the repositories (see Installing MacPorts if you don’t have it installed already). If you already have MacPorts installed, all you should have to do is run the following from the Terminal:

$ sudo port install duplicity py25-socket-ssl py25-boto

If you are using Ubuntu, you could simply run sudo aptitude install duplicity to install the program (it is in the repositories); however, if you want to make sure you are using the latest version (which may not be available there yet), you can try this:

$ sudo apt-get build-dep duplicity
$ sudo aptitude install python-boto ncftp
$ wget http://savannah.nongnu.org/download/duplicity/duplicity-0.5.07.tar.gz
$ tar xvzf duplicity-0.5.07.tar.gz
$ cd duplicity-0.5.07/
$ sudo python setup.py install

If you ever want to upgrade again, just download and untar the latest version and run the last setup line again. It will install the newest version for you.

If everything has installed correctly, you can do a test run pretty easily on your local machine by backing up a folder to another local folder (first command) and then restoring it to a different folder (second command). If you look inside this /test/backup-location/ you’ll see what duplicity looks like:

$ duplicity --no-encryption /test/folder/ file:///test/backup-location/
$ duplicity --no-encryption file:///test/backup-location/ /test/restore-location/

Setting Up Encryption

For duplicity to really shine, it needs to have a gpg key to encrypt your files. If you don’t already have one, you can create it by running the following (read the documentation for more information):

$ gpg --gen-key

I used all the defaults when setting up my key and chose my own passphrase. Unfortunately, in order to make this work without user input (as an automatic cron job), the passphrase is going to have to be stored somewhere on your computer locally, so, I wouldn’t use one of your usual passwords (something really long and unique would be better). Also, if you already have a gpg key (or want to use one for other purposes), I would recommend making a different one for the Amazon S3 backups — because, in the end, your password has to be stored somewhere on your computer for it to work auto-magically.

Once you have your gpg key created you can check it out by running:

$ gpg --list-keys

This shows your new key, which probably looks something like this:

pub   1024D/CA4ZA320 2008-11-15
uid                  Damon Timm (thornomad) email@example.com
sub   2048g/C1E64A4F 2008-11-15

Note the public key identifier “CA4FA320″ (yours will be different); we will need that to go in our script.

final step: using a backup script

So, everything is on your system and, hopefully, working. Now, to run a backup takes a lot of typing (on the command line) and the easiest way to avoid this chore is to run a backup script. A script can store your Amazon and GPG key information and make it so you don’t have to type anything ever again!

Backing things up is a very personal task, and everyone is going to want to do it a little differently. I created my own backup script which you are happy to check out — if you have any neat features you add to suggestions, I would love to hear them and incorporate them.

Good luck!

Bash Script: Incremental Encrypted Backups with Duplicity (Amazon S3)

Damon — Mon, 24 Nov 2008 21:47:18 +0000

This bash script was designed to automate and simplify the remote backup process of duplicity on Amazon S3. After your script is configured, you can easily backup, restore, verify and clean (either via cron or manually) your data without having to remember lots of different command options and passphrases.

Most importantly, you can easily backup the script and your gpg key in a convenient passphrase-encrypted file. This comes in in handy if/when your machine ever does go belly up.

how to use

To get the latest latest code in the script you can download a zip copy of the source or clone the git repository like so:

git clone git://github.com/thornomad/dt-s3-backup.git

You’ll also need to have a number of things in place in order to utilize this script, specifically: gpg, duplicity, an Amazon S3 account, and (optionally) s3cmd. If you need help getting all these in order, I wrote another post about putting it all together. It’s not all that difficult, but does take a few pieces of the puzzle to be in order.

Once you have the script, you will need to fill out the foobar variables with your own specific information. I suggest testing the script on a small directory of files and a local directory for your destination first to make sure it is working.

Usage

From the README file:

COMMON USAGE EXAMPLES
=====================

* View help:
    $ dt-s3-backup.sh

* Run an incremental backup:
	$ dt-s3-backup.sh --backup

* Force a one-off full backup:
    $ dt-s3-backup.sh --full

* Restore your entire backup:
	$ dt-s3-backup.sh --restore
    You will be prompted for a restore directory

	$ dt-s3-backup.sh --restore /home/user/restore-folder
    You can also provide a restore folder on the command line.

* Restore a specific file in the backup:
    $ dt-s3-backup.sh --restore-file
    You will be prompted for a file to restore to the current directory

    $ dt-s3-backup.sh --restore-file img/mom.jpg
    Restores the file img/mom.jpg to the current directory

    $ dt-s3-backup.sh --restore-file img/mom.jpg /home/user/i-love-mom.jpg
    Restores the file img/mom.jpg to /home/user/i-love-mom.jpg

* List files in the remote archive
	$ dt-s3-backup.sh --list-current-files

* Verify the backup
    $ dt-s3-backup.sh --verify

* Backup the script and gpg key (for safekeeping)
    $ dt-s3-backup.sh --backup-script

Changes

You can view the changelog at github.

How To: Install MacPorts on OS X Leopard (10.5)

Damon — Sat, 11 Oct 2008 12:58:56 +0000

Purpose: install MacPorts on OS X Leopard (10.5) to gain access to a host of open source applications and tools that make working on the Mac as cool as can be. Using MacPorts makes it easy to install applications you would otherwise have to build from source — which can be difficult for folks like me, who don’t understand what the hell they are doing in the first place.

Install MacPorts

First, we’ll need to make sure you have “XCode Tools” installed on your Mac — XCode Tools install all the programs needed to build applications from source. It comes standard with all Macs, however, it isn’t installed by default, so you’ll need your installation DVD (or you can download them). From the DVD, go to the “Optional Install” folder and then “XCode Tools” and run the installer package.

Second, we’ll have to download and install the MacPorts from: http://macports.org/install.php. Choose a .dmg disk image for whichever version of OS X you are using.

Third, after MacPorts has been installed, we’ll need to update our PATH variable in the Terminal to be able to find the MacPorts program (which is called port). If you have your own way of doing this, go for it — however, I created a ~/.bash_profile file to accomplish this task. If you don’t already have a profile file, you can do this by entering the following in the terminal (I also added two other common places programs get installed on the command line that save me trouble down the road):

$ echo "export PATH=/usr/local/bin/:/usr/local/sbin/:/opt/local/bin/:/opt/local/sbin/:$PATH" >> ~/.bash_profile

Restart the Terminal program for these changes to take effect. If this has been accomplished successfully, then you should be able to run (again in the Terminal) the following for a self-update and it should work:

$ sudo port -v selfupdate

If nothing happens and, instead, you get an error that says: -bash: port: command not found, that means your PATH variable wasn’t set correctly. If this is the first time you are running a command using sudo you’ll get a warning saying something to the effect of: if you don’t know what you are doing, turn back now. Ignore this warning.

What’s Next

With MacPorts installed by itself, nothing much is going to change. But you’ll be able to use it to install open source applications that are very exciting (like lame, flac, ffmpeg, gimp, etc).

How To: Network Trash on Ubuntu File Server (NAS) with SFTP (SSH + Fuse) and AFP (netatalk)

Damon — Sun, 22 Apr 2007 13:13:50 +0000

Purpose: create a Network Trash functionality for a Ubuntu Linux file server (NAS). Reason being: by default, files deleted from the command line on file server go away permanently. If I am connected to my file server from my Mac via AFP (through netatalk) or SSH (SFTP through Fuse) and delete a file, that file is gone forever! This is a problem, because often I find I want them back. Enter: libtrash!

Tested on: Ubuntu 6.06.1, 6.10, 10.04.

install libtrash and test it out

The version of libtrash in the repository is not the latest — I prefer to grab it from source which, in this case, is very easy:

sudo aptitude install build-essential
wget http://pages.stern.nyu.edu/~marriaga/software/libtrash/libtrash-latest.tgz
tar xzf libtrash-latest.tgz
cd libtrash-3.2/
make
sudo make install

Unlike a lot of software on linux, installing it isn’t quite enough to get it running. I think this is because it is a lib package and not an actual program — it seems to be meant to be used by other programs in the background and not directly interact with the user (in the way that I want it to).

To test it out briefly, run the following to start the libtrash engine in your terminal prompt:

export LD_PRELOAD=/usr/local/lib/libtrash.so

After the above command has run, you can do a little test by creating a file (the touch command doesn’t seem to work, so create a real file) and then delete it. It should show up in your ~/Trash folder.

If it isn’t working at this point, check out the documentation at: /usr/share/doc/libtrash/

To make sure libtrash is running every time you login you need to add the export command to the top of /etc/profile:



sudo nano /etc/profile

# /etc/profile: system-wide .profile file for the Bourne shell (sh(1))
# and Bourne compatible shells (bash(1), ksh(1), ash(1), ...).

export LD_PRELOAD=/usr/local/lib/libtrash.so

[...]
You should be all set in the terminal, at this point.
There are a few more steps that need to be taken in order to begin utilizing Trash folders for the users on your system.  For each method of connecting/utilizing the files on the server (through the command line, through sshFS, or AFP), the LD_PRELOAD option needs to be called for libtrash.  Also, I recommend you use one of the Trash cleaning scripts (outlined below).
using libtrash with SFTP (sshFS)
I like to mount my home server remotely using sshFS (which utilizes FUSE).  sshFS  can be used on the Mac through the MacFUSE project or on Ubuntu through Places/Go to Server Menu on 7.04).  To initialize libtrash, we need to create small script that loads the module just before the sftp-server is started and then tell openssh (in my case) to run that script (rather than starting the sftp-server directly).
I created by file at /usr/local/lib/libtrash-sftp-server and entered:
#!/bin/bash
export LD_PRELOAD=/usr/local/lib/libtrash.so
/usr/lib/openssh/sftp-server
Change permissions to make it executable:

sudo chmod +x /usr/local/lib/libtrash-sftp-server

Then open the configuration file for ssh (/etc/ssh/sshd_config) and make the following change near the very end of the file (comment out the original and add your own):
#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp /usr/local/lib/libtrash-sftp-server
Restart your ssh server and then, when you connect via sshFS (in Ubuntu go to Places < Connect to Server and choose a SFTP (SSH) server; on the Mac, you will need MacFuse and SSHFS) you'll be using your ~/Trash folder.

$ sudo /etc/init.d/ssh restart

using libtrash with AFP (netatalk)
I was able to use libtrash with netatalk by inserting the following line in the /etc/init.d/netatalk file (10.04 version shown here):
case "$1" in
	start)
        export LD_PRELOAD=/usr/local/lib/libtrash.so
		if [ "x$ATALK_BGROUND" = "xyes" ]; then
			echo "Starting Netatalk services in the background."
			atalk_startup >/dev/null &
		else
			echo -n "Starting Netatalk services (this will take a while): "
			atalk_startup
			echo "."
		fi
	;;

I added line 90.  After, simply restart netatalk.

sudo /etc/init.d/netatalk restart

how to empty the trash automatically
If you look in ~/src/libtrash-x.x/cleanTrash/ you will find a couple different cleaning scripts.  I like strash the best.  If you do this, you can extract the script, install it to a usable path, and setup the man file (so you can read about its cleverness).

cd ~/src/libtrash-3.2/cleanTrash/
tar xvf strash.tar.gz
sudo cp strash-0.9/strash /usr/local/sbin/strash
sudo mkdir -p /usr/local/share/man/man8
sudo cp strash-0.9/strash.8 /usr/share/man/man8/strash.8

You can read the man page for strash now, which will show you all the nifty options.  I added a line to my root crontab (by running: sudo crontab -e) that deletes all files over one week old:
# m h  dom mon dow   command
30 01 * * * /usr/sbin/strash --age 7d

Seems to work well.  Enjoy.



How to: Install Netatalk (AFP) on Ubuntu with Encrypted Authentication
Damon — Sun, 08 Apr 2007 20:42:02 +0000
Purpose: Install Netatalk (AFP) on Ubuntu with encrypted authentication (using OpenSSL), which is not enabled by default with the Ubuntu netatalk package.  By default, the package installed from the Ubuntu universal repositories will transmit your password via clear text (you’ll know this because Mac OS X Tiger will throw a warning and Leopard won’t do anything useful at all).

This is because, apparently, OpenSSL has a license that is incompatible with Debian’s GPL.  Regardless: clear text is bad; encryption is good.  And since Ubuntu doesn’t package netatalk with the appropriate encryption support, one must do it oneself.
Updated 05.08.09: Just tested this with Jaunty (09.04) and the package in the repositories works with no extra steps.  If you are using an older version of Ubuntu, however, you will want to follow these instructions.  Tested with Intrepid Ibex (8.10) as well as: 6.06, 7.04, 7.10, and 8.06.
about this guide
When I first found that Ubuntu’s netatalk package didn’t support encrypted authentication, I tried to compile netatalk from the source.  I didn’t get very far.  Throwing up my hands in frustration, I spent some more time on google and found some ideas at the Ubuntu Forums.  Pulling it all together, with ideas and fixes from comments (below), this is what I came up with (which I think is a lot easier than building from source).
steps to follow
NOTE: If you have already installed netatalk you should remove it before proceeding with a sudo aptitude purge netatalk before you get going.

sudo aptitude update
mkdir -p ~/src/netatalk
cd ~/src/netatalk
sudo aptitude install cracklib2-dev libssl-dev
apt-get source netatalk
sudo apt-get build-dep netatalk
cd netatalk-2.0.3
sudo DEB_BUILD_OPTIONS=ssl dpkg-buildpackage -us -uc
sudo debi
echo "netatalk hold" | sudo dpkg --set-selections

The basic trend of this set of operations is to: create a directory where all the messy files can be stored, download necessary packages, get the netatalk source, compile the source with the ssl option, install the package, then tell Ubuntu never to update the package (because if it did, it would break).
Settings for the netatalk service can be found on your Ubuntu machine at /etc/netatalk/.  There are a couple configuration files in there with instructions.  Good luck.
configuration files
One of the first changes I make after installing netatalk is to disable some of the services that I don’t need running (and start those that I do).  To do this, I edit: /etc/default/netatalk, changing  the daemons that run so that it ends up looking like this (which allows netatlk to restart a lot quicker without the atalkd daemon — which is a holdover from pre-OS X times):
# Set which daemons to run (papd is dependent upon atalkd):
ATALKD_RUN=no
PAPD_RUN=no
CNID_METAD_RUN=no
AFPD_RUN=yes
TIMELORD_RUN=no
A2BOOT_RUN=no
These are the settings I am using since I only need the afp file server — one thing to note, however, is that if you want to use the dbd databashe scheme rather than cdb, you need to set CNID_METAD_RUN to yes.  cdb is supposed to be faster, while dbd is supposed to be “corruption-proof”.  You can read it about in the docs.
After you’ve saved changes to this configuration file, run the following to restart netatalk:

sudo /etc/init.d/netatalk restart

other tips and tricks
Here are a couple other thoughts and pointers that I’ve picked up over the years …
multiple afp servers running on the same network
I never thought much of it, but I did notice: if you have two different servers on your network running netatalk, you are unable to login to both of them at the same time.  JET posted a solution to this and it works flawlessly.  It has changed my life.
multiple network interfaces causing errors
Update (9/24/07 & 10/22/07): I’ve noticed a few people mentioning they get an error when compiling and/or starting netatalk (from ubuntuforums.org as well).  Folks with more than one available network adapter (like eth1 and eth2, or virtual adapters created by vmware) seem to run an error when they compile and during runtime .  During compile time you might have have an error that ends in:

dpkg: error processing netatalk (--install):
subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
netatalk
debi: debpkg -i failed

After this, you would probably get an error at runtime that looked like:

Starting Netatalk services (this will take a while): nbp_rgstr: Connection timed out

Tim Pope wrote a suggested fix in the comments below that should eliminate the conflict between the multiple adapters.  I only have one adapter myself (and don’t use vmware) so I haven’t had a chance to try it yet myself.  Let me know if this works for you as well.