Recently in Mac Support Category

Since I am our sole Mac Administrator where I work, and our company produces and supports Mac software in addition to using a small number internally for graphic work, I'm often asked questions about Macintosh filenames and path names in OS X. What follows is what I've learned and gleaned during my administrative efforts and support activities, and I suspect is in no way a comprehensive discussion of file and path names on Mac OS X. However, it should answer most of the more common questions I've received over the years.

If the file is located on the disk OS X boots from, you should start the path name with a simple slash "/". For example, the path to the Terminal application would be specified as:

/Applications/Utilities/Terminal.app

If the file is on a different disk, however, the syntax is a bit different. All the disks attached to your Mac are represented with virtual directories under the "/Volumes" directory. So if you had a file named "information.txt" which resides in a folder called "Data" on a disk drive called "Workdisk" you would specify the path as:

/Volumes/Workdisk/Data/information.txt

If you want to specify a file that's on a mounted network volume, it's a little trickier because you need to know the name the Mac used to mount the disk in the "Volumes" directory. To do this, I would first execute the command:

ls /Volumes

This will generate a result something like the following:

Macintosh HD     Storage      Workdisk

Let's assume that the "Storage" volume is a shared directory on a Windows server that we've already connected to. Let's also assume that the file we're going to access from the command line is named "confidential.rtf" and that it's inside the directory "SecureDocs" which is itself inside a directory called "MacFiles1" on the Windows server. Our path in this case would look like this:

/Volumes/Storage/MacFiles1/SecureDocs/confidential.rtf

There are a couple of "gotchas" here that I haven't mentioned, intentionally, to keep the examples straightforward up to this point. Let's now have a look at some of those little gotchas, because the odds are that you're going to see them pretty soon in your use of the OS X command line.

One of the first gotchas I ran into is the fact that you can use spaces in file and folder names on OS X, but that OS X's UNIX command line doesn't handle spaces in the same way that Windows XP and Windows Vista do. Windows XP, for example, is perfectly happy with being given a path like this on the command line:

C:\Program Files\Apple\QuickTime Pro\sample.mov

XP will, at least in most cases, figure out what you mean. OS X, however, will treat the spaces in the command line as if they are part of the syntax of the command. For example, if you were to enter the path:

/Applications/QuickTime Tools/Some file.txt

OS X is going to think your path name is actually several parts:

/Applications/QuickTime
Tools/Some
file.txt

And it's going to at the very least generate an error, and in a worst case perform actions on the wrong files and folders. If you need to specify a path with spaces in it on the OS X command line, you need to "help" OS X understand that the spaces are a part of the path. There are two ways to do this, and there are circumstances where one may work better than the other (which you'll have to figure out through experimentation).

The first and simplest option is to simply put quotes around the path. Referring back to the previous example path, that would look something like this:

"/Applications/QuickTime Tools/Some file.txt"

The double-quotes help OS X understand that the entire string between the two quotation marks is a single entity. As I mentioned, there are circumstances where this is your best option. There are others, such as in scripting, where you may find that for some reason it simply doesn't work as expected. In that case, you'll want to use the alternative method.

The alternative is to place a backslash "\" in front of each space. Referring back to our previous example, that would look like this:

/Applications/QuickTime\ Tools/Some\ file.txt

In this case, the backslashes tell OS X to treat the following space as a part of the current string it's working with. This same technique can be useful if your filename contains other characters that could potentially confuse the command line, such as the apostrophe or single quote ('), the quotation mark or double-quote ("), or others. If you enter a path name that OS X doesn't like, you'll very likely get an error message or unexpected result. That will often be your clue to check the characters in the path name.

Ever wonder what actually got installed on your Macintosh when you applied an Apple Software Update, installed an application, or applied a patch?   Ever need to "completely remove" a Mac OS X application but weren't sure how to find everything it installed (not everything goes in the "Applications" folder!)?  This article will help you solve that little problem.

As discussed in another article on this web site, the OS X World Clock Dashboard widget can become a severe drain on system resources if it's left active on the screen for long periods of time since the last reboot.  Even when it has just been started up on a freshly rebooted system, it uses quite a bit of CPU.

For example, here's what Activity Monitor showed me when I launched the World Clock Widget on a 933 MHz G4 running MacOS X 10.4.2:



As you can see, CPU usage is in the 7-10% range.  If left on screen long enough, it will grow to as much as 80-85% of the CPU while it's active (0% when not shown on screen).  It will also consume quite a bit of RAM, potentially all the RAM on the system.

If you make the changes I'm going to suggest below, you can reduce that CPU usage considerably (though the Widget will still gradually increase its CPU and RAM usage over time for reasons I haven't figured out).  The Activity Monitor image below is what resource consumption looks like on the modified World Clock:



The first "World Clock DashboardClient" process above is mine (the one that's using 1.30% of the CPU).  The second "World Clock DashboardClient" process is an unchanged OS X 10.4 World Clock widget that has been left running on-screen for the better part of 4 days.  As you can see, it's grabbed about 80% of the CPU, 200MB of RAM, and 350MB of virtual memory.  My modified client (which hasn't been running very long) is using a lot less CPU and RAM (though it shares whatever is wrong in the unmodified widget that increases CPU and RAM usage over time - but it seems not to consume them as quickly).

My changes reduce CPU consumption from 7-8% down to about 1.2%.  You still have a second-hand, but you are eliminating the "sweep" (or "wiggle") the second-hand does as it revolves around the clock.  Apparently that sweeping action increases the widget's CPU usage by around 600%.  (Making it a good example of why I hate little utilities that do cutesy graphical changes to the system or OS features that waste lots of CPU just to animate things.)

(There are updates for 9/21 and 9/22/05 that appear after the graphs and charts on this page. Don't miss them, because they help wrap this little project up...)

Last Thursday I was running a compile of an open source package on a 933 MHz Macintosh G4 running Mac OS X 10.4.2 with all of Apple's latest patches and updates.  The compilation seemed to be going more slowly than I expected, so I wondered if it was really using all of the available CPU.  I brought up the Activity Monitor and saw THIS:



World Clock was consuming over 46% of my CPU?! That seemed very wrong to me, since World Clock does nothing more than display the current time somewhere on Earth.  Why would it need 46% of my CPU to do that?  I figured maybe the process had been corrupted by a power outage or some other problem.  I used Activity Monitor to stop the process, which restarted itself automatically.

Given that Mac OS X has virtually nothing in common with its predecessor, Mac OS 9, the fact that Apple managed to build it to support all the same font types OS 9 did is quite an impressive undertaking.  On the other hand, they had to support legacy fonts or graphic designers would have stayed away in droves.  Most designers and shops have invested so much money in Mac fonts over the years that re-purchasing the fonts in some new format would have made an OS X upgrade cost-prohibitive.

Back when I began doing OS X administration, I asked myself how I could automatically keep the OS X systems updated without having to login to them remotely each day to run Software Update and without giving end users administrator access to the machines (which is a no-no in our corporate security policy). I found out that Apple makes it pretty easy to do this with the command line, which means it can be setup to run in a cron job.

For instance, to automatically get all the latest required updates from Apple installed on a machine without having to do it manually, you can create a cron task to issue the following command as root:

softwareupdate -q -i -r

This works fine for most users, most of the time. Unfortunately, what if you're a QuickTime Pro user and Apple puts out a QuickTime update marked as "required"? That's right, Software Update will dutifully download the new version and install it over top of the version you're registered for. Unless you have the time and money to call them and buy a new registration code for the new version of QuickTime, your "Pro" features are all locked down again.

This is precisely the situation Apple placed me in as an administrator a while ago. One of our artists' machines was automatically updated to Quicktime 7.0 from 6.5.2 Pro, rendering the "Pro" functionality inactive. Because of the way things work in our corporate environment, it's not a quick or simple process for him to just buy the new registration code. It means a lengthy purchase process that can take weeks, sometimes even months. An artist can't do without QuickTime for that long. But as the Mac Administrator, I couldn't do without the systems getting their security updates for that long. Apple had once again put me in a bind.

Like any UNIX based operating system, OS X has a pretty versatile command line. You can do quite a lot with it.  For example, I've written scripts that backup an OS X system to a server.  Using the SSH capability, I can connect to a Macintosh in another building and run that script, causing the machine to run a backup any time I need it to.  Sometimes, as a system administrator, I need to deal with programs that are hanging on the user's Mac and causing problems.  Fortunately, I can kill a program like that without ever having to leave my desk.  Here's how...

First, you have to have already setup an environment where you can remotely connect to the other Macintosh via the command line.  If you haven't done that, or don't know how, here's all it takes:

1. Go to the Apple menu and choose System Preferences.
2. Click the "Show All" icon.
3. Under "Internet & Network" click "Sharing".
4. Place a checkmark in the "Remote Login" box.
5. Close the System Preferences Window. You're done!

Now, to connect to a computer setup as above, do the following:

1. Launch a Terminal window.
2. Enter the command "ssh <admin>@<machinename>" where "<admin>" is the short name of an administrator account on the remote computer and "<machinename>" is the remote computer's name or IP address.
3. If you're prompted about an "RSA key", just enter "yes" at the prompt to continue connecting.
4. When the "Password:" prompt appears, enter the password for the administrator account you specified in your SSH command.
5. When the next command prompt appears, you are connected to the remote computer and are issuing commands that are running on THAT computer, not yours.

Let's assume that a user has called us to tell us that Internet Explorer seems to be locked up on their Macintosh.  We'd like to terminate Internet Explorer for them so that they can save the data in their other programs and reboot the Mac (just to be safe).  We connect to their computer via SSH and get to the command line.  Now we need to find Internet Explorer in their process list.  To do that, we issue the command:

ps -aux

This results in the Macintosh displaying a list of running processes that resembles the following:

USER     PID %CPU %MEM      VSZ    RSS  TT  STAT STARTED      TIME COMMAND
root       1   0.0  0.0    18072    132  ??  Ss   28Jun05   0:00.09 /sbin/init
root       2   0.0  0.0    18608    188  ??  Ss   28Jun05   0:36.65 /sbin/mach_init
root      78   0.0  0.0    18092    184  ??  Ss   28Jun05   0:05.11 /usr/sbin/syslogd -s -m 0
.
.
.
user   8735   0.0  1.2   179316  18452  ??  S     1:23PM   0:09.86 /Applications/Internet Explorer.app/Contents/MacOS/Internet Explorer /Applications/Internet Explorer.app/Contents/MacO
admin   8736   0.0  0.2   150340   2736  ??  S     1:23PM   0:00.26 /Applications/Timbuktu Pro/Timbuktu Pro.app/Contents/SharedSupport/Timbuktu Host Menu.app/Contents/MacOS/Timbuktu Host
admin   8744   0.0  0.2   151164   3040  ??  S     1:23PM   0:00.35 /Library/Application Support/Norton Solutions Support/SymQuickMenu/SymQuickMenu.app/Contents/MacOS/SymQuickMenu -psn_0
root    8745   0.0  0.1    28548   1496  ??  S     1:23PM   0:00.16 /Library/Application Support/Norton Solutions Support/Norton AntiVirus/DiskMountNotify.app/Contents/MacOS/DiskMountNot
admin   8746   0.0  0.1    98788   1300  ??  S     1:23PM   0:00.12 /Library/Application Support/Norton Solutions Support/Norton AntiVirus/ScanNotification.app/Contents/MacOS/ScanNotific
admin   8747   0.0  0.1    98676   1216  ??  S     1:23PM   0:00.15 /Library/Application Support/Norton Solutions Support/Scheduler/SymSecondaryLaunch.app/Contents/MacOS/SymSecondaryLaun
root    8837   0.0  0.3    30740   5488  ??  Ss    1:31PM   0:00.38 /usr/sbin/sshd -i

Notice the line which reads:

user   8735   0.0  1.2   179316  18452  ??  S     1:23PM   0:09.86 /Applications/Internet Explorer.app/Contents/MacOS/Internet Explorer /Applications/Internet Explorer.app/Contents/MacO

This tells us that Internet Explorer has the process ID number 8735 associated with it.  Now all we need to do is tell the user's machine to terminate that process.  To do that, we issue the command:

kill 8735

This sends a "TERM" signal to the process, which it may ignore and not quit.  If it still shows in the list after sending this signal, issuing the following command will force the termination:

kill -9 8735

Similarly, if you know the process name (in the example above, that's "Internet Explorer.app") you can kill the process by its name, such as:

killall "Internet Explorer.app"

Above would kill all running instances of Internet Explorer.

(Thanks to "kainjow" and "lurk" on macosx.com for filling in some gaps in my knowledge of this capability after I posted a link to this article on the OS X forum! :-) )

If you ever need to set up a local user account on a remote machine from the command line, this script can help.  It will allow you to create a local account on the machine you're running it on, whether it's local or remote.  

The script below combines the functions of several others on this site into one "optimization" script.  It cleans up the various caches, updates prebindings to improve system performance, repairs permissions on the startup disk, and reboots the computer.

It must be run with administrator privileges in order to work properly.

As with all my scripts, this one is offered "as is" without warranty or support.  If you choose to use it, you accept all liability and responsibility for whatever might happen to your system (good or bad).

A good description of what "re-prebinding" is and why you would want to do it appears here:

http://macusertalk.com/discuss/lofiversion/index.php/t119.html

The basic gist of it is that your applications may launch faster and the system may run better overall if you periodically re-prebind things.

The script below, when executed with administrator permission, will re-prebind all the software on your boot drive, potentially improving performance.

The script was designed for and tested on OS X 10.3.x and may or may not work with earlier or later OS X releases.  As with all my scripts, by downloading and attempting to use them you agree to accept all responsibility and liability for whatever may happen.  That means if you run this script and your system wipes its hard drive, catches fire, and burns down your entire city (highly unlikely) or anything else goes wrong, you agree that I'm not responsible.  I don't support or warranty these scripts in any way. I just share them here in the hope that they'll help others.

(The following article is intended for experienced and knowledgeable system administrators only. If you find parts of the discussion below contain verbs you don't understand, techniques that you aren't comfortable with, etc., I recommend NOT attempting to follow these instructions or use the provided script. This technique requires some pretty-advanced skills and experience.)

What is this article about?

As an OS X system administrator, you may want to change the default appearance of OS X the first time a new user logs into it. For example, you might be writing lab instructions for students and want a particular file to be "guaranteed" to be in their home directory or on their desktop when they first login. You might want to be sure that certain applications are in everyone's Dock, or avoid having to require users to enter a serial number the first time they launch a particular program. Whatever your reasoning, the bottom line is that you want to change (from Apple's or some third party's defaults) the way a user's OS X interface or applications behave from the first time they login. There are two ways you can do that.  The first is to create an account for the user, login as that user, and make the changes.  That's the safest and best way to do it, but if a user logs in who doesn't have a local account on that machine (e.g., they authenticated through Active Directory or UNIX NIS), they won't have your customizations.  But there's another way that "doesn't care" if there is a local account on the system already, that will get the right set of customizations in place for every user who ever logs in (local or via the network).

In this article, I'll tell you how I did that at my company, and how you can do it, too.  But, please, before you make the decision to go down this path, read this entire article.  If you follow my instructions here carefully and test the changes you make thoroughly, you shouldn't have too many problems.  If you miss a step or don't test something, I can practically guarantee that you're going to have problems - and some of them you might not see for a week, a month, or more. 

Before you can understand the procedure for doing this, you need to know a little about how OS X stores a specific user's preferences, and how it decides what those preferences should be to begin with. Once you know that, you'll know much of what you need to know to be able to customize those defaults (but I promise you, you won't know everything you need to know).

How do initial user preferences get set by OS X?

When a local user account is created on an OS X system, OS X automatically creates a directory for that user in the "/Users" directory.  If you don't authenticate locally, you may have a script in place that creates that initial user directory for the user.  That initial user directory is where Apple sets the "default" user preferences for everyone on that particular machine.

For example, when a local user with the short name of "Fred" is setup on the system, a "/Users/Fred" directory is created on that computer. Inside this directory are files OS X creates to keep track of Fred's favorite settings (e.g., icon or list view in the Finder), files that OS X applications use to keep track of what Fred likes (e.g., his word processor's default font setting or his dictionary words), settings saved by his third-party software (like Microsoft Office), and files he's placed in his home directory. But if there wasn't a "Fred" directory before Fred's account was created, how did it get there?

There are two ways files can "automatically" end up in Fred's home directory. One way is that the files are created when Fred first tries to execute a particular application (for example, after the first time he launches Adobe PhotoShop). The other is that they were put there by OS X before Fred logged in, to provide a "base" environment for him to work in. That "base" environment comes from the files stored in the following directory:

   /System/Library/User Template/English.lproj

(This assumes that you're using the English settings in OS X. If you're using another language, your defaults may be coming from one of the other subdirectories in the "User Template" directory.)

When a new account is created, OS X copies the files in the above directory into a new subdirectory under "/Users". This creates the new user's initial "sandbox" environment.

So, the theory on which this article is based is that by modifying the contents of the above directory ("English.lproj") we can customize what new users will see when they first login to OS X.  Sounds very straightforward, right?  It's not.

So what's the catch?

Earlier, I mentioned that being thorough and careful in your testing is critical. While it is true that many kinds of customizations are indeed as simple as adding or replacing files in the "User Template" directory, some are not. Some customizations may not even be possible at all, without some major "hacking" at the files in that directory. You have been warned!

There are several things that can go wrong here, and I'm probably not going to be giving you a comprehensive list of the things I've seen go wrong because I can't honestly remember them all. Even if I remembered all the issues I saw, you may have different software or configuration issues in your environment that I haven't seen, and I can't warn you about something that didn't happen to me. Again, you have been warned.  Testing the changes after you make them is absolutely critical.  Testing the new user template thoroughly after any change is equally critical.

At a high level, all the problems boil down to one thing: There are some preferences files that store information which identifies the original user who made the customization. If those same preferences files are given to another user, when the user tries to do something involving the data stored in that preferences file, OS X will try to modify the files belonging to that original user. Since OS X's security will generally prevent one user from screwing around with another user's files, this new user is going to get security warnings, application errors, crashes, lock-ups, and other unpleasant results from our customization attempt. The only way you can be sure that this doesn't happen is to test, test, and re-test. Even if you test very thoroughly, odds are that your users are going to find something you didn't expect that isn't working. Mine did, and still do occasionally.

What's the procedure?

The process is pretty straightforward, really. First, begin with a Macintosh that you can afford to "trash" if need be.  That is, don't do this with a Mac whose configuration you can't easily and quickly put back to normal.  It is possible to render a machine partially (maybe completely) unusable by performing this little "trick".  Again, you've been warned...

You will begin by logging in as root or administrator and locating the following directory on the boot disk:

  /System/Library/User Template/English.lproj

Having found that directory, you should back it up somewhere on another drive, another partition, etc. This way, if you really screw things up badly later, you can restore this directory from the backup and start over again. My first time trying this, I had to start over more than once. Consider that another warning!

Next, while logged in with administrator privileges, create two new accounts on the Mac. One should be called "default" (because my script below depends on that particular name... if you change the name, change the script accordingly or it won't work). The other can be any name you like, but I suggest using the name "test" to keep things consistent with these instructions.  Neither of these accounts should have administrator privileges.

You will notice that there is now a "default" directory inside the "/Users" directory on the boot disk. This directory contains the base settings that OS X has provided for a new user, customized slightly for the new user called "default".  This "default" user directory is where we'll make the customizations that we'd like all our users to have.  Once we've made the customizations we want to make, we'll copy this "default" user directory over top of (and replacing the matching files within) the "/System/Library/User Template/English.lproj" directory.  When a new user is created, that user will (as normal) get a copy of the "English.lproj" directory which contains our customized settings.  In this example, we'll use the "test" user to simulate someone logging in for the first time and getting our new settings.  Later, ANY first-time user will get the new settings.
With your environment setup as recommended here, it's time to begin. Login as "default". Make all the changes you want to make for your users. For example, change the desktop pattern to the company logo, adjust the default Finder views to "list", turn on the screen saver, etc. When you have configured the "default" user's environment to your standards or needs, log out.

Log in as "root" (rather than admin, because it will work more easily for this process). Run the script provided below to overwrite the system's base "User Template" with the files from "/Users/default". Now, locate the "/Users/test" directory if it exists. Delete the "test" directory, leaving the rest intact. Log out as root. Login as "test". You should see that things look a lot like they did when you were logged in as "default". (If not, I've given you bad instructions here and what you should do is log back in as root, delete the "test" account, then re-add the "test" account. It's been a while, and I'm working from memory here.)

At this point, you should try everything you possibly can. Browse files in the Finder, click on all the shortcut buttons in the Finder window, change system preferences for things, etc. When you've done all the "OS X" stuff that you can, start testing the applications. For example, launch Safari, add a bookmark, remove a bookmark, change the default home page, download some files, etc. Continue for every other application and function on the system that you think your end users might possibly ever use. You're going to find that some things don't work. I can almost guarantee that. What do you do if something doesn't work?  Cry. No, just kidding. Don't do that. You might get the keyboard wet, and that could cause other problems.

Here's where you become a sort of "Sherlock Holmes of OS X". The "crime" you're investigating here is that the application (or part of OS X) that is misbehaving is doing so because in one of the many preferences files in "/Users/test", some piece of information is telling that application that it needs to be modifying something (a file or directory) that belongs to "default" rather than "test". Since OS X's security won't let that kind of activity take place, the application is behaving oddly for "test" but quite normally when "default" is logged in. Your job is to figure out which file(s) in "/Users/test" are causing this problem.  (If you ignored my instructions earlier and setup the "test" account as administrator, some things will work normally that shouldn't, because an administrator COULD modify some of "default's" files.)

I recommend starting in the "/Users/test/Library" directory to find your culprit (but it may not be there, so branch out if you have to). Most likely it will be a file in the "Preferences" subdirectory whose name ends in ".plist" but it could be elsewhere. The files in this directory are all given names that should clue you in to the fact that they relate to the application that's misbehaving. For example, in my own Preferences directory there is a file named "com.microsoft.Word.plist". If I was troubleshooting a Microsoft Word problem, I'd suspect this file first, especially if it shows a modification date that is around the time I setup my Word preferences in the "default" account.

To see if this is the file where the problem exists, I'd log in as "root" and move that file from "/Users/test" to somewhere else. Then I'd log back in as "test" and try doing the thing in Word that didn't work. If it works now, I've found the right file. What you do next is going to be one of the following:

• Don't include the file in the User Template. In this case, you'll adjust the script below to delete that file from "/System/Library/User Template/English.lproj" after it has synchronized with the default directory. This will ensure that you don't later on forget that this file is a problem and include it for other users.
• Fix the problem within the file. This is a lot harder, and maybe not even possible depending on the setting that's at fault. Open the file in TextEdit. It will often (though not always) be in somewhat-readable XML format. You may find as you scan through the contents of the file that there is a line in there that references "/Users/default" or something that points to a resource "owned" by default. In some cases you can delete these lines from the file and the preference gets filled in with the name of the user who just logged in when they try to launch that application. If so, you'll need to make a note for yourself that you have to delete such-and-such line from such-and-such file to make the application work for other users.
• Fix the problem by merging some preferences from the "default" directory plist file with those in the backup of the original "User Template" directory. In other words, you might find that by adding a line or two from the original Word preferences file in the backup of the original "User Template" directory you can create a new file for the new "User Template" that works for all users.
• Use the file from the backup of the original "User Template" that you made before changing anything. (Some applications may require a "blank" preferences file to be there the first time they're launched.)

If you haven't guessed, the second and third options above are a lot of work, and fraught with error. Plus, to implement them properly you need to document what you did, adjust the script below to automate that in the future (if you can), etc. I found it to be more trouble than it was worth to me in nearly all cases, and I went for the first option (or the last, if that didn't work).

Each time you think you've fixed a problem, I recommend that you delete the "test" directory in "/Users" and try the same test again. Then test everything else you can think of in that same application. You may find that in fixing this issue, you've created another. I don't have any good scientific way to figure out what works and what's broken other than to test and re-test.

So there you have it. That's how you setup a profile to be customized, but the same for all first-time users.

I found something you missed!

If you discover some changes that should be made to my script, perhaps you'll drop me a line and suggest how I can improve it. If you have specific tips on how to correct problems with a given application, I'm interested in those, too. I'll add the information here for others to use if you share it with me. (Since this web site isn't my full-time job, don't expect me to perform instant updates, but I will get around to it as soon as I can.)

Disclaimer:  As with all my scripts and articles, this has worked for me on the systems I administer. Carefully implemented and tested, it ought to work for you in many cases as well. But I provide this information and the script below on an "as is" basis. If it works for you, great! If it doesn't, you agree that by using the information or script that you've assumed all liability and responsibility for what happens to you, your network, and your computers (and anything else I've forgotten that might be affected).

This script, which can be executed from a command line or via cron, will attempt to repair permissions on all the drives attached to the system.  If, for any reason, permissions can't be repaired on a given volume (e.g., permissions are turned off on that volume), it will generate an error and move on to the next volume.

This script has been tested on OS X 10.3.x.  It may work on earlier or later OS X versions, but I don't warrant that.  By choosing to use this script, you assume all responsibility for the outcome (good or bad).  I do not support this script but will except bug fixes if you make any, or improvements.

By default, Mac OS X drops a lot of ".DS_Store" and ".localized" files on systems.  These files don't need to be a part of your backup and recovery process.  They can also be the source of some problems in the Finder (or so I am told).  This script attempts to locate and delete all the ".DS_Store" and ".localized" files it can find on your boot disk.  It can be run from the command line or as a cron task.

Although I've tested this script and believe it functions as designed on Mac OS X 10.3 systems, I provide it "as is" without warranty or support.  If you choose to try this script on your own Mac system, you assume all responsibility and liability for what happens (i.e., if it wipes out all your data, that's not my fault or my problem, and all I will do is apologize for your loss). 

Our IT department has a policy that all non-work-related software (especially games) be deleted or locked down in some manner so that employees aren't tempted to be doing non-work activities during the work day.

In my early OS X testing, I tried just deleting the games that ship as part of OS X.  This had the unintended side effect of "breaking" the software update process.  When OS X tried to update wireless networking components or iPod software and couldn't find it, it complained.  Since OS X is a UNIX system, I realized that I could achieve the company's policy goals by simply setting up a cron script that changed the UNIX permissions on the relevant files so that end users could not access them.

You might ask why this can't be a "one time" deal.  Good question. The reason is that the first time you repair permissions on a system locked down in this way, OS X dutifully restores the original permissions for you and would allow the users to run the prohibited software.  While I could trust that I'll remember to lock the applications down every time I run a disk or permission repair, I'm not the only one in the office doing this kind of administration work.  And my memory's not that great anyway.  So I set this script up as a cron task and have it lock down those applications my users aren't permitted to use.  That way, even if I forget to run this script after doing a permission repair, cron will see that the files are locked down for me after work tonight. 

Since your organization's (or household's) policies may differ, you'll need to modify the script below to suit your specific needs.  I will not provide assistance doing this, but I think if you look at the code below and have any scripting experience, you'll easily see what to do to adjust the script to your needs.

As always, I provide this script "as is" without warranty or support.  If it works for you, or you can make it work for you, great.  If not, or if it causes any loss of data or work, all you can expect is an "I'm sorry" from me.  BY using the script, you assume all liability for the consequences (good or bad) that arise.

The lookupd process is a component of Mac OS X which allows programs running on the system to request information about other users and computers on the network.  This process uses an in-memory cache to store information about recent activity.  This cache can become outdated, inaccurate, or incomplete as a result of changes on the network, or through bugs in lookupd.  To correct some kinds of network problems, it is helpful for troubleshooting purposes to clear out or "flush" the lookupd cache.

The script below attempts to flush the lookupd cache, then kill the relevant processes.  Those processes will be automatically restarted by OS X after they're killed.

As with all my scripts, while I've tested this on a number of Mac OS X 10.3.x systems and it appears to work as designed, I provide it "as is" without warranty or support.  If you choose to use it, you assume all responsibility and liability for whatever happens (good or bad).

This script can be run from the command line or a cron task.