FileVault and TimeMachine over Network

There's some info available on how to use Apple's TimeMachine backup facility writing to network devices. Also you'd find information on how to set up encryption for the backup image.

I used the steps provided below (for Leopard that is) to have TimeMachine backup my hard drive including a FileVault encrypted home directory in such a way that the backup (including the contents of the home folder) can be browsed using the `galaxy' timeMachine frontend. The backup is contained in an AES-256 encrypted sparsebundle, so the data contained in it is similarly safe as in the encrypted FileVault folder on my hard drive.

1. Create a sparsebundle to be copied to your network drive. Important is to do this on your local hard drive, say in /tmp/, otherwise the creation will fail.
hdiutil create -size 250g -library SPUD -nospotlight -encryption AES-256 -fs 'HFS+J' -type SPARSEBUNDLE -volname "Backup of MACHINENAME" -verbose MACHINENAME_001e521fb852.sparsebundle

Hereby replace MACHINENAME with the name of your computer. This would be everything before the first dot in the output of uname -n. The number appearing in the file name of the sparsebundle is the Mac address of your ethernet adapter. You obtain it with
ifconfig en0| grep ether | sed -es/://g

During the creation of the sparsebundle you'll be asked for a password. Choose something safe and write it down for later. When you need to restore files from your backup, you'll need this password, without it your backup will be useless.

2. Copy the sparsebundle to your network share:
cp -r /tmp/MACHINENAME_001e521fb852.sparsebundle /Volumes/NetworkDrive

3. Mount the newly created image and have Keychain remember your password:
open /Volumes/NetworkDrive/MACHINENAME_001e521fb852.sparsebundle

Then unmount again.

4. In Keychain Access copy and paste the entry for the sparsebundle to your system keychain. If you needed a password to mount /Volumes/NetworkDrive it might be useful to do the same with those credentials as well. Important: Modify both entries such that they have unlimited access without you having to enter a your Keychain password. This way TimeMachine can work while you are logged out. Probably you can restrict acces to just TimeMachine and its helper applications, but I haven't tried this.

5. Enable non-supported TimeMachine drives:
defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1

6. In the TimeMachine Preferences tell TM to not exclude your mounted home directory from backups, but to not backup /Users/YOURNAME/IMAGEFILE. This way you will be able to browse your personal files using the `galaxy' frontend. Then point TimeMachine to your Network Share (/Volumes/NetworkDrive) and let it do the initial Backup. From there things should work smoothly. You could track that TimeMachine is backing up to the right location by issuing repeatedly df -h on the command line.

Note that while your backup is encrypted, the password for the backup image is —at least in the currently proposed configuration— possible open to attack on your computer. Ideally you would make sure that you'd be the only person who can access your computer by additional security measures, e.g. by following some suggestions in Corsaire's white paper on securing Mac OS X Leopard.

Deleting unused equation numbers from LaTeX code

Suppose you've written a long LaTeX document containing many many numbered formulas, like for example a scientific paper. Assuming that you have used AUCTeX' fantastic macro completion it may well be the case that many of the numbered equations that you have entered are never referenced. How to get rid of the unused equation numbers? Unfortunately, emacs itself (i.e., reftex) does not seem to offer a remedy. So I came up with a little bash script that finds all labels, all references, matches them up to see which ones are not actually used and then deletes those from your tex file (yes, it deletes all unused labels, not only unused equation labels). Moreover, it even inserts \nonumber commands in equations, so not only will the label definitions disappear, but also the line numbers.

Here's the code. The script takes a TeX file as command line argument and outputs the modified TeX source at the standard output.

 
#!/bin/bash 
 
# Copyright (C) 2010 by Bjoern Rueffer, Time-stamp: <2010-05-11 16:19:49 bjoern>
 
if [ $# -ne 1 ]; then 
    cat <<EOF  
Usage: $0 filename.tex
 
This will output a cleaned version of filename.tex on the standard
output. Every \label{...} definition with an unused label is deleted.
 
Note: Lines with references to labels should NOT contain the symbol #. 
Otherwise bad things will happen...
 
EOF
    exit 1
fi 
 
# do a sanity check 
grep \# $1 |grep 'ref{.*}' && (echo Error: An input line containing a \ 
reference also contains the; echo character '#'. Currently this is \ 
not supported by this script.;) >&2 && exit 1
 
# isolate list of all defined labels
grep \\label\{.*\} $1 | sed -e 's/^.*\\label{\(.*\)}.*$/\1/' \ 
 | sort -u > /tmp/labels
 
# find all references to labels, sorry this is a bit ugly
grep ref\{.*\} $1 | sed -e '
s/\(.*ref{[^}]*}\).*/\1/
s/ref{[^}]*}/FIRSTMARKER&/
s/^.*FIRSTMARKER//
s/ref{\([^}]*\)}/#\1#/g
s/#//
s/#[^#]*#/ /g
s/#//
' | xargs -n 1 echo | sort -u > /tmp/references
 
# identify the labels that have not been referenced
grep -vf /tmp/references /tmp/labels > /tmp/unusedlabels
 
# now delete labels from tex file and insert \nonumber commands
# into equations where necessary
rm -f /tmp/scriptfile
cat /tmp/unusedlabels \ 
    |xargs -n 1 -I % echo /%/s/\\label{%}/\\nolabelhere /g >> /tmp/scriptfile
echo /\\begin{document}/i\\>> /tmp/scriptfile
echo '\\def\\nolabelhere{\\leavevmode\\ifmmode\\nonumber\\else\\fi}%' \ 
    >> /tmp/scriptfile
echo >> /tmp/scriptfile
sed -f /tmp/scriptfile $1 
 
# clean up
rm -f /tmp/scriptfile /tmp/references /tmp/unusedlabels /tmp/labels
 

automate EEE remote website publishing

This is a University of Melbourne internal thing, probably not even relevant for anyone outside EEE.

If you are at home/overseas and want to update your webpage, then you have to use the VPN and mount the Samba share containing your personal web page. From my own experience, especially this last step is tedious, involves a lot of mouse usage and generally can take quite long if your connection isn't too fantastic. Especially so if you do update frequently. So is there a quicker way? Yes, there is: I use the following script to publish one file, say index.html automatically, which is sufficient for my purposes most of the time. But you can also upload a directory structure recursively, see the comment in the script.

I have deleted a few technical details from this script, that's where you have to put in your own credentials and the server name. Needless to say, this will only work in a unix environment like MacOS and you need to have the vpn client installed. This script should serve as a bare bone, of course there is room for more automation and more beauty...

#!/bin/bash 
SAMBASERVER=the samba server name, see below
SHARENAME=put share name here as in smb://SERVERNAME/SHARENAME
USERNAME=put username here in uppercase
PASSWORD=your password 

vpnclient connect staffvpn user $USERNAME pwd $PASSWORD&

# vpnclient needs some time, so lets just wait a little bit
sleep 10

cd ~/path-to-folder-containing-webpage
smbclient '\\.\'$SHARENAME -I $SAMBASERVER -U 'unimelb\'$USERNAME'%'$PASSWORD -c "put index.html"

# you can instead use `` -c "recurse; prompt; mput *.*" ''
# to recursively upload everything in this folder

vpnclient disconnect

Instead of this fiddling ideally there would be a (restricted) ssh account for this. This way one could use public key authentication, which can be much securer and more convenient. But that's not up to me, unfortunately.

A final disclaimer: It is not a good idea to store your password in a text file like this. I'd recommend to use an encrypted home directory and to harden your notebook using additional security measures, but that's a different story. Or even better: Do not store your password in a text file like this.