Skip to main content

Posts

How to check user and group associations on macOS

Sometimes we might have to know the list of users, groups and ids such as userid and groupid on macOS system. There are several ways to find this information. 

dsacacheutil:
The command dscacheutil -q groupwill output all groups with their name, ID numbers, and list of members. The command dscacheutil -q userwill output name,uid, gid, dir, shell, gecos details.
Note:  The above command will output all the groups and user details, including built-in system ones mortals were never meant to see.
Check user and group association:
We can run below command to check user and group associations to know whether a user belongs to a group or not.


dsmemberutil checkmembership -u 501 -g 1
user is not a member of the group
Or

dsmemberutil checkmembership -U user -G staff
The user user cannot be found There was an unknown error. User not found



Alternative methods to find group and user details on macOS
To list users in mac:
dscl . list /Users

To list groups in mac:
dscl . list /Groups


To list by group id:
dscl . list …
Recent posts

How to enable 64 bit testing mode in macOS Mojave 10.14

One can use 64-bit testing mode in macOS 10.14 to test software for 64-bit compatibility.


To enable the 64-bit testing mode: Boot to Recovery OS by restarting your machine and holding down the Command and R keys at startup. Launch Terminal Execute the following command: nvram boot-args="-no32exec" Restart the machine     
Note: The 64-bit testing mode prevents 32-bit processes from launching. Launching an app that depends on 32-bit software results in a notification that the application can't be opened. 


To disable the 64-bit testing mode: Boot to Recovery OS by restarting your machine and holding down the Command and R keys at startup. Launch Terminal Execute the following command: nvram boot-args="" Restart the machine 

How to get a certificate fingerprint as SHA-256, SHA-1 or MD5 using OpenSSL on mac

As per my old post ( http://anandmpandit.blogspot.in/2016/11/how-to-extract-signing-certificates.html ) , we can extract the binary signing certificates on mac using codesign tool. If you needed to get fingerprint details of the certificate in MD5, SHA1 or SHA256 format then you have run below steps on the extracted certificate file on macOS.


SHA256:

SHA256 Fingerprint=D3:0A:32:6C:77:77:93:B5:45:20:AC:C0:D4:7E:3A:84:34:50:96:54:08:7F:7D:63:4C:3E:06:3B:E8:1F:C1:90


SHA1:

SHA1 Fingerprint=BF:2C:93:1F:BD:88:E5:4C:96:D8:86:D5:F1:E6:9B:B7:DE:76:51:62

MD5:

MD5 Fingerprint=3C:A3:3B:76:6D:AE:3F:4B:4E:B2:AA:66:97:55:B8:76

How to boot into recovery mode on mac without holding Command + R Key on keyboard ?

Generally well known method to boot the mac into recovery mode is by holding the Command + R on keyboard while mac is turned on. However you can force the mac to boot into recovery mode upon next reboot by changing the nvram setting. To do that, Run below command.  

sudo nvram "recovery-boot-mode=unused" sudo reboot


How to enable specific part of System Integrity Protection(SIP) while keeping few sections of it disabled.

macOS SIP supports a set of hidden options to disable few sections of SIP by passing hidden options to csrutil tool. 


 Each of these can be selectively disabled by running one of the following commands while booted into Recovery mode:
csrutil enable --no-internalcsrutil enable --without kextcsrutil enable --without fscsrutil enable --without debugcsrutil enable --without dtracecsrutil enable --without nvram
You can disable two or more components by structuring the command as follows: csrutil enable --without kext  --without debug
How to disable /enable to SIP , refer to http://anandmpandit.blogspot.in/2015/11/how-to-disable-system-integrity.html.
 Note : These options are tested on macOS ElCapitan , on higher version of macOS some or all of them may not work.

How to rename filenames to their corresponding md5 hash on mac ?

The following command in terminal app renames the files located in directory to their corresponding md5 hash on macOS. 
Steps:
1. Open Terminal.app and go to the directory containing files. 2. Run following command in terminal to rename files by MD5 on macOS.

macOS-system$ for F in *.*; do mv $F "$(md5 "$F" | cut -d' ' -f4).${F##*.}"; done
The above shell command renames all files in the current directory to their md5.

How to make java point to right version of java on your Mac ?

A usual problem on mac where the even after upgrading or installing the latest version of Java, when queried in command line for java version it still refers to the old version of java. something like below:
$ java -version java version "1.7.0_79" Java(TM) SE Runtime Environment (build 1.7.0_79-b15)
Java HotSpot(TM) 64-Bit Server VM (build 24.79-b02, mixed mode)

This is because the /usr/bin/java is pointing to  /System/Library/Frameworks/JavaVM.framework/Versions/Current/Commands/java on the system.
$ ls -la `which java` /usr/bin/java -> /System/Library/Frameworks/JavaVM.framework/Versions/Current/Commands/java

This is because Oracle's installer puts java inside the/Library/Internet Plug-Ins/JavaAppletPlugin.plugin. And it doesn't overwrite /usr/bin/java. So to fix this we have remove the existing soft link to old java and point it to new java binary. which can be done by performing following steps.

$ sudo rm /usr/bin/java
$ sudo ln -s /Library/Internet\ Plug-Ins/JavaApplet…