Eight Ball Rules

After playing several miserable games over the past few years, I thought I would publish the rules of Eight Ball (aka. Boston Ball). Hope this helps…

[Standardized World Rules 1997]

Except when clearly contradicted by these additional rules, the General Rules of Pocket Billiards apply.

1. OBJECT OF THE GAME. Eight Ball is a call shot game played with a cue ball and fifteen object balls, numbered 1 through 15. One player must pocket balls of the group numbered 1 through 7 (solid colors), while the other player has 9 thru 15 (stripes). THE PLAYER POCKETING HIS GROUP FIRST AND THEN LEGALLY POCKETING THE 8-BALL WINS THE GAME.

2. CALL SHOT. In Call Shot, obvious balls and pockets do not have to be indicated. It is the opponent’s right to ask which ball and pocket if he is unsure of the shot. Bank shots and combination shots are not considered obvious, and care should be taken in calling both the object ball and the intended pocket. When calling the shot, it is NEVER necessary to indicate details such as the number of cushions, banks, kisses, caroms, etc. Any balls pocketed on a foul remain pocketed, regardless of whether they belong to the shooter or the opponent.

The opening break is not a “called shot.” Any player performing a break shot in 8-Ball may continue to shoot his next shot so long as he has legally pocketed any object ball on the break.

3. RACKING THE BALLS. The balls are racked in a triangle at the foot of the table with the 8-ball in the center of the triangle, the first ball of the rack on the footspot, a stripe ball in one corner of the rack and a solid ball in the other corner.

4. ALTERNATING BREAK. Winner of the lag has the option to break. During individual competition, players will alternate breaking on each subsequent game.

5. JUMP AND MASSE SHOT FOUL. While “cue ball fouls only” is the rule of play when a match is not presided over by a referee, a player should be aware that it will be considered a cue ball foul if during an attempt to jump, curve or masse the cue ball over or around an impeding numbered ball that is not a legal object ball, the impeding ball moves (regardless of whether it was moved by a hand, cue stick follow-through or bridge).

6. LEGAL BREAK SHOT. (Defined) To execute a legal break, the breaker (with the cue ball behind the headstring) must either (1) pocket a ball, or (2) drive at least four numbered balls to the rail. If he fails to make a legal break, it is a foul, and the incoming player has the option of (1) accepting the table in position and shooting, or (2) having the balls reracked and having the option of shooting the opening break himself or allowing the offending player to rebreak.

7. SCRATCH ON A LEGAL BREAK. If a player scratches on a legal break shot, (1) all balls pocketed remain pocketed (exception, the 8-ball: see rule 9), (2) it is a foul, (3) the table is open. PLEASE NOTE: Incoming player has cue ball in hand behind the head string and may not shoot an object ball that is behind the head string, unless he first shoots the cue ball past the headstring and causes the cue ball to come back behind the headstring and hit the object ball.

8. OBJECT BALLS JUMPED OFF THE TABLE ON THE BREAK. If a player jumps an object ball off the table on the break shot, it is a foul and the incoming player has the option of (1) accepting the table in position and shooting, or (2) taking cue ball in hand behind the head string and shooting.

9. 8-BALL POCKETED ON THE BREAK. If the 8-ball is pocketed on the break, the breaker may ask for a re-rack or have the 8-ball spotted and continue shooting. If the breaker scratches while pocketing the 8-ball on the break, the incoming player has the option of a re-rack or having the 8-ball spotted and begin shooting with ball in hand behind the headstring.

10. OPEN TABLE. (Defined) The table is “open” when the choice of groups (stripes or solids) has not yet been determined. When the table is open, it is legal to hit a solid first to make a stripe or vice-versa. Note: The table is always open immediately after the break shot. When the table is open it is legal to hit any solid or stripe or the 8-ball first in the process of pocketing the called stripe or solid. However, when the table is open and the 8-ball is the first ball contacted, no stripe or solid may be scored in favor of the shooter. The shooter loses his turn; any balls pocketed remain pocketed; and the incoming player addresses the balls with the table still open. On an open table, all illegally pocketed balls remain pocketed.

11. CHOICE OF GROUP. The choice of stripes or solids is not determined on the break even if balls are made from only one or both groups. THE TABLE IS ALWAYS OPEN IMMEDIATELY AFTER THE BREAK SHOT. The choice of group is determined only when a player legally pockets a called object ball after the break shot.

12. LEGAL SHOT. (Defined) On all shots (except on the break and when the table is open), the shooter must hit one of his group of balls first and (1) pocket a numbered ball, or (2) cause the cue ball or any numbered ball to contact a rail.

PLEASE NOTE: It is permissable for the shooter to bank the cue ball off a rail before contacting his object ball; however, after contact with his object ball, an object ball must be pocketed, OR the cue ball or any numbered ball must contact a rail. Failure to meet these requirements is a foul.

13. “SAFETY” SHOT. For tactical reasons a player may choose to pocket an obvious object ball and also discontinue his turn at the table by declaring “safety” in advance. A safety shot is defined as a legal shot. If the shooting player intends to play safe by pocketing an obvious object ball, then prior to the shot, he must declare a “safety” to his opponent. If this is NOT done, and one of the shooter’s object balls is pocketed, the shooter will be required to shoot again. Any ball pocketed on a safety shot remains pocketed.

14. SCORING. A player is entitled to continue shooting until he fails to legally pocket a ball of his group. After a player has legally pocketed all of his group of balls, he shoots to pocket the 8-ball.

15. FOUL PENALTY. Opposing player gets cue ball in hand. This means that the player can place the cue ball anywhere on the table (does not have to be behind the headstring except on opening break). This rule prevents a player from making intentional fouls which would put his opponent at a disadvantage. With “cue ball in hand,” the player may use his hand or any part of his cue (including the tip) to position the cue ball. When placing the cue ball in position, any forward stroke motion contacting the cue ball will be a foul, if not a legal shot. (Also see Rule 39 in the General Rules of Pocket Billiards)

16. COMBINATION SHOTS. combination shots are allowed; however, the 8-ball cannot be used as a first ball in the combination except when the table is open.

17. ILLEGALLY POCKETED BALLS. An object ball is considered to be illegally pocketed when (1) that object ball is pocketed on the same shot a foul is committed, or (2) the called ball did not go in the designated pocket, or (3) a safety is called prior to the shot. Illegally pocketed balls remain pocketed.

18. OBJECT BALLS JUMPED OFF THE TABLE. If any object ball is jumped off the table, it is a foul and loss of turn, unless it is the 8-ball, which is a loss of game. Any jumped object balls are spotted in numerical order according to General Rules for spotting balls.

19. PLAYING THE 8-BALL. When shooting at the 8-ball, a scratch or foul is not loss of game if the 8-ball is not pocketed or jumped from the table. Incoming player has cue ball in hand. Note: A combination shot can never be used to legally pocket the 8-ball.

20. LOSS OF GAME. A player loses the game if he commits any of the following infractions:

a. Fouls when pocketing the 8-ball (exception: see 8-Ball Pocketed On The Break).

b. Pockets the 8-ball on the same stroke as the last of his group of balls.

c. Jumps the 8-ball off the table at any time.

d. Pockets the 8-ball in a pocket other than the one designated.

e. Pockets the 8-ball when it is not the legal object ball.

Note: All infractions must be called before another shot is taken, or else it will be deemed that no infraction occurred.

21. STALEMATED GAME. If, after 3 consecutive turns at the table by each player (6 turns total), the referee judges (or if no referee, both players agree) that attempting to pocket or move an object ball will result in loss of game, the balls will be reracked with the original breaker of the stalemated game breaking again. The stalemate rule may only be used when there are only two object balls and the 8-ball remaining on the table. PLEASE NOTE: Three consecutive fouls by one player is not a loss of game.

Automating Photoshop

One of the great benefits of using a computer is that they are best suited to repetitive tasks. Built into PhotoShop, is a scripting feature that anyone can use to save time. Suppose you have several images that you need to prepare for web site or for a catalogue. Normally each of the images would have to be opened and have several commands run on them. Using Actions you can automate these tasks and become more efficient. The first thing we will need to do is to create an action to perform the task.
Begin by opening PhotoShop’s Actions pallet. From the Windows menu, choose Actions. You’ll see a group (or set) of prerecorded actions named “Default Actions.atn”. You can add a new Action under this default set or create a new set to save your own. To use any action, open a file and choose an action and press Play.
At the bottom of the Actions Pallet, resembling the buttons on a VCR, are the controls to play a selected Action. You can start to record, stop, play an action, create a new set or delete an Action. Additionally, like most of the pallets on PhotoShop, there is a triangle at the top right of the pallet, where you can access the Action pallet’s command menu.
Examine each step that is used in an Action by clicking the triangle beside the Action name. Each step can also be “expanded” in the same manner. You can see the settings that were applied when the Action was created. The checkmark to the left of the Action name indicates whether the action is active. Between the checkmark and Action name, an icon will appear if a dialog box will open while that Action plays. If the icon is red then there is a dialog box inside one of the Action’s steps.
Begin by opening an image in PhotoShop. From the Action Pallet’s menu choose “New Action”. Next give the Action a name – enter “My Action”. You can also assign a Function Key to your action. Then click the Record button. PhotoShop will now record everything you do, until you click Stop. While you’re recording, the record icon will turn red at the bottom of the Action pallet.
Open the “Ducky.tif” from the Samples folder. Click “New Action”, and give it the name “My Action”. Then choose “Image Size” from the “Image” menu. Enter 75 in the Width field and change inches to “percent”. Click “OK” to make the change. Remember we’re still recording, so click the “Stop” (the square icon and the bottom of the Action pallet.) Examine the steps in “My Action” by expanding it. You can also change the settings in your action by double-clicking the step’s name. The Image Size dialog box will open, allowing you to can change any of the settings and revise the step.
You can now choose Play to apply your action to other images. You can also use the Fkey if you applied one. When you reduce an image, you may want to sharpen the image with the Unsharp Mask from the Filter menu. With your action selected choose “Insert Menu Item” and when the dialog opens, make a menu selection with the mouse, and then click OK. The new step will appear under your action. You can reorder the steps by drag them up or down.
If you have a lot of files to process, you can use Actions in Batch mode. Make a folder on the Desktop called “In”, to hold the originals, and another called “Out”. Copy some images in the “In” folder. Now we’ll create an action that will contain several steps and then apply them with the Batch command.
Choose New Action, and give it a new name. Choose “Open” from the File menu and open one of the files from the “In” folder. While still recording, choose Image Size and set the width to 600 pixels wide. Click OK, and then choose Unsharp Mask from the Filter menu. Use the default settings – 75 percent, Radius 2.0 and Threshold 1 level, and click “OK”. Choose “Save As” from the File menu then choose JPEG format and save the file into the Out folder. Close the file and then choose Stop to finish recording.
Now apply the same action to all the files in the “In” folder. Select the action you just recorded and choose “Batch” under Automate, from the File menu. When the dialog box opens you should see you action has already been selected. Under “Source” choose Folder, click “Choose”, and point to your “In” folder. Make sure “Overide action Open” is selected. Select your “Out” folder under Destination, and select “Overide Action Save As” – otherwise all your files will have the same name. Note: make sure you test you action first because the Action will overwrite any file with the same name.
When you have the Batch dialog box is set up, click OK. Now sit back and revel in the glory of watching PhotoShop do all the work. Your Action will “Open” each image in the “In” and transform the file and save them into your “Out” folder. Now isn’t why you bought a computer?

Buzzword Decoder

Congratulations, your “Pre-Press Buzzword Secret Decoder Ring” has arrived! This month I am going to give you a quick tour of the buzzwords that you are going to hear and eventually start using over the next few months. As a pre-press “techie”, I speak in buzzwords and acronyms all the time. I could say, “We can’t RIP that PDF/X-1 because the JDF is missing and we can’t run OPI in our TIFF/IT workflow.” If I lost you with that last sentence, read on, because I’m going to teach what I just said. Then you’ll be prepared to visit Graph Expo, Print Ontario, and survive a sales call from your suppliers.
To begin with there are two basic image formats used in print: vector and raster (also called bitmap.) The vector format is used for graphics and text, and is composed of lines and fills. Each element that makes up a vector image is made up of text instructions written in the PostScript language. PostScript allows us to start with a point on a page and describe a line or curve to another point. When we have at least two points, we can fill the object with a color and/or stroke the line with a color. Since text is used to describe points and fills we can easily scale a vector graphic to any size.
Raster files are made up of pixels of color. These pixels (or picture elements) like dots of ink on a printed page, viewed from a distance appear to us as a continuous tone image. If we scale a raster image up in size we start to see the individual pixels and the illusion of continuous tone is spoiled. When we can see the individual pixels we refer to the stepping as “jaggies”. The resolution of the image is based on the number of pixels per inch (“ppi” also referred to as “dpi”,) so raster are larger in size than vector graphics.
In electronic pre-press all of our pages are made up of vector and raster graphics – and our file formats are combinations of these graphics. PhotoShop is the most frequently used program to edit raster graphics (although it can import vector graphics.) Vector graphics are generally created within programs like Adobe Illustrator, Macormedia FreeHand and Corel Draw. Fonts and typefaces are usually created with vector graphics; they can be scaled and colored and remain crisp.
Two of the popular raster formats that came out of the early desktop publishing days are TIFF (tagged image file format) and EPS (Encapsulated PostScript.) The TIFF format was created by Aldus (makers of PageMaker) back in 1987 and reached it’s final format in 1992 as TIFF 6. A TIFF file can be created in many color formats; Line art (black and white), grayscale, RGB, CMYK, as well as other formats. The line art and grayscale formats can be colorized which is useful in many graphic effects.
The Encapsulated PostScript format (EPS) can describe the entire page – because it is actually a PostScript program, the original page description language pioneered by Adobe. An EPS by design can contain any combination of text, graphics and images. As PostScript, the EPS format (sometimes called EPSF) is the most versatile file format. EPS files also contain a 72 dpi preview file, so that they don’t require a PostScript interpreter to preview the content. To get the best quality out of an EPS, we need to have a PostScript interpreter (also called a “raster image processor” – RIP) to transform the “program” into dots on film or paper.
In order to come up with a reliable format for exchanging digital advertisements and pages the TIFF/IT was finalized in 1996. TIFF/IT based on the TIFF format contains only raster data. TIFF/IT P1 was developed specifically for use on CMYK jobs. TIFF/IT P1 is what people are actually talking about when they mention TIFF/IT. The fact that a TIFF/IT P1 file doesn’t contain vector data implies that it is fixed. Like the “final film,” we used until recently, it is always going to be consistent as it is distributed. The TIFF/IT P2 format will support additional color formats, but at the rate that PDF is being adopted it may already be too late.
Out of PostScript, Adobe came up with a file format that could be independent of computer platform, or even output devices. This desire evolved into their “portable document format”. Adobe’s PDF format can describe all of the information on a printed page – but with some limitations. A PDF file can be created for use in a number of applications. This can introduce a problem for use in pre-press because the images may not have enough resolution. PDFs created for email are extremely compressed and down-sampled so that they are unusable on press. PDFs that are created for the press can be quite large. Images in a PDF are not compressed for press application.
PDFs can also support spot colors and can contain other elements that will create problems in press application (such as movies, annotations). Normally PDFs are created by sending PostScript to Adobe’s Distiller (using “Press Optimized” settings). Quark Xpress can export to PDF using the Jaws PDFcreator. On MacOS X Apple has added there own technology called Quartz, which allows Mac users to create PDFs from any file. There is also a version of PDF used by high end workflows called Extreme. Adobe Extreme is used by Apogee and Prinergy, to PDFs for Press. Other than using Extreme, using Distiller for press-ready PDFs or exporting from Adobe’s InDesign is your best bet.
In order to simplify the PDF format for press a subset was created – PDF/X format. Since there are two many variables in a PDF format, CGATS (Committee for Graphic Arts Technology Standards) began working on PDF/X-1 in 1999 so that PDF would more consistent and predictable in press applications.
PDF/X-1 is designed for CMYK workflows and can be created directly in Adobe’s Distiller 6 as well. PDF/X-1 files will have all its resources embedded, so there won’t be missing images or fonts. PDF/X-1a (released in 2001) is an ISO certified and adds better support for named spot colors. The file format can will ignore music, movies and non-printable annotations. PDF/X-1 will only support certain raster formats; TIFF/IT, DCS 1 and 2 and EPS. PDF/X1 also indicates whether the PDF has been trapped or not.
Another item that came out of Adobe’s PDF workflow is the latest term JDF. While developing a strategy for PDF workflows in their OEM products, Adobe came up with the portable job ticket format or PJTF to compliment the PDF format. The PJTF file contained information of how to handle a job that contained multiple PDFs.
The PJTF was relatively limited so it has evolved into the JDF or job description format. JDF is starting to appear in a lot of articles and brochures because it reaches into pre-press, press and post-press systems. In layman’s terms, it is an electronic docket bag. The docket bag contained instructions for several departments and could contain all of the elements that make up a job. It used to contain art boards, transparencies and galley type. Now dockets contain a CD-ROM or DVD. The JDF is a electronic file that contains information and instructions for pre-press, press, bindery, MIS and even accounting.
JDF is the final piece attempting to tie all the elements together.

Sendmail vrs DSL MTU setting

I was getting an error with recieveing some users email. Most messages would come through – but occasionally messages would get bounced.

I checked the log (/var/log/mail.log) and found this error:
sendmail stat=timeout waiting for input during message collect

After spending the better part of a day on Goole and Sendmail.org – I discovered that it was a common problem encountered by other people with my DSL/Cable router. The MTU setting was too high.

By default MTU is set to 1500 on MacOSX – but my provider sets the limit at 1460 or so. Once I set the MTU to 1400 all the mail started coming through.

To set the MTU on the command line enter:
sudo ifconfig mtu 1400

You can make a start up script to automatically set this limit, because the setting will revert to 1500 when you reboot.

Becoming root with sudo

This month were going to take a closer look at taking control of MacOS X by becoming a super user. The underpinnings of MacOS X are after all UNIX, so you should be aware of the power a super user wields.
The root account is a “super user” account built into every UNIX system, which you may remember is a multi-user environment. Other systems such as AppleShare IP or Windows Servers had highly privileged administrator accounts, however on a UNIX system the level of access that root has have seems to have no limits.
There are many processes and files are “owned” by root. We’ve looked at “permissions“ in past articles, and you may remember that permissions control what you can do and see. Keep in mind that the all-powerful root account must be treated with respect and root access should be limited to a small group of users. There is no way to stop the root account from altering any file on the system.
You have already experienced becoming a super user while using the Aqua GUI. Whenever you try to install an application or an update, you will have been asked to enter you username and password. Although you’ve already logged in, the “Authentication Manager” is challenging you to prove that you’re an administrator. This is one of the ways that Apple allows users to administrate their own machine.
The “sudo” application is included so you can become a super user on the command line. If you try to run an application or see the contents of a file or folder that belongs to root, you will get an error like “permission denied”.
I’ll tell you a secret – Built into MacOS X is the Apache Web Server. Unlike “Personal Web Sharing”, your Mac can become a fully functional web server. In order to enable it you’ll have to edit a file while becoming a super user.
Let’s start by opening the Terminal application. (Applications => Utilities => Terminal) At that command prompt (%), we’ll change directories to “etc”.
% cd /etc
“etc” is a system directory that contains, among other things, configuration files. The mystery here is that one of the files in “etc” enables the Apache Web Server. Last month I showed you the “fgrep” program, which allows us to find text strings inside files. We’ll look for “WEB” in “etc”. Type this:
% sudo fgrep “WEB” *
Password:
Unlike last month, this time we’re going to precede the “fgrep” with “sudo” so that we’re running the application as a super user. “sudo” , or “super-user do” allows us to assume a high level of authority to search through the files. The first time you use “sudo”, you’ll get a short lecture about respecting others and most importantly “Think before you type.”
If UNIX were like a car, it would be a tank . You can start the tank, put it gear and it will drive forward. Even if parts fell off, it would continue. If you, the driver, fell off – It would continue to drive forward! So, think before you type.
After you enter your password (and hit “Return”) your program will run, and you will see something like this:
fgrep: cups: Is a directory
hostconfig:WEBSERVER=-NO-
fgrep: httpd: Is a directory
…
Ah ha! The file we’re looking for is “hostconfig”. In order to activate the Apache Web Server we’ll change the “NO” to “YES”. Let’s use the “ed” program (you can use “pico” or “vi” if you prefer) but we’ll have to precede the command with “sudo” again. If we don’t start with “sudo”, we won’t have permission to save the file.
First let’s backup the file. Type “sudo cp hostconfig hostconfig.backup” to copy (cp) the original. Just in case! You can also use “ls” to confirm that you made a copy… Then we’ll edit the file with “sudo ed hostconfig”
Begin by printing the file to screen with “1,$p” which will print (p) the file from line “1” to the end ($).
1,$p
AFPSERVER=-YES-
WEBSERVER=-NO-
APPLETALK_HOSTNAME=”Tims G4″
…
Type “/WEB”, to jump to the line that contains the string “WEB”. Next type, “s/NO/YES/p” to substitute (s) “NO” with “YES”, and then print (p) the line.
/WEB
WEBSERVER=-YES-
s/NO/YES/p
At any time, you can type “f” to confirm the name of the file you’re editing. You should also use “1,$p” to confirm your changes before you save the file by writing and quit. Type “w” to write the file and “q” to quit.
You have now enabled the Apache Web Server. Open your browser, and enter “localhost” or “127.0.0.1” in the URL and you will get the default Apache page. This was possible because you became a super user with “sudo”. Now you can put on your “HTML” hat and start writing your web site.

Viruses, Spyware and SPAM

This month we should turn our attentions to the PC platform and address some sinister issues. I am referring to viruses and Spy-ware. You may be unaware of the presence and the growing impact of these “mal-wares”. For the past months several new types of viruses wreaking havoc on the Windows platform, adding to list of underlying problems associated with Spy-ware.
You may be in the position to support PC users or you may be a part-time PC user. Perhaps you can pass on the following advice. If you have simply visited the Internet, you may have inadvertently installed software on your PC. There are several versions of Spy-ware and Mal-ware that are secretly installed on your PC. These applications are gathering information about your surfing habits. They can record the sites you visit and even record your keystrokes, passwords etc. When a connection to the Internet becomes available, they transmit their finding back to their source.
By products of these applications are pop-up windows, and other annoyances that come with visiting the World Wide Web. They are created by marketers and hackers who want to data mine information about you without your knowledge. So you owe it to yourself to visit http://www.lavasoft.com and download their free program Ad-aware. This program will scan your PC, much like a virus scanner and allow you to quarantine these applications.
We have been installing it on every PC that comes within our reach. One PC user that had the benefit of an Ad-aware scan found over 400 of these programs on her PC. You may find that your Internet browsing experience will improve after running Ad-aware. The makers of Ad-aware are providing this software in the hopes that you will be impressed enough to by the automatic version of the program.
There are also some nasty new viruses haunting us lately. While we Mac users can be tempted to feel smug about the lack of viruses, we should be aware that PC viruses affect everyone. The latest Widows viruses such as NetSky, Bagle and MyDoom are getting more sophisticated using spy-ware like technology.
These new viruses when they are activated install their own SMTP programs. An SMTP program is normally responsible for sending email on a server. The virus scans the hard drive for any valid email, not just the ones in the address book, and send out copies of the virus to infect other users. The virus program also authors the email as if it was sent by one of the addresses it found.
System administrators often run virus-scanning software on our mail servers. We do this not only to stop viruses but also to send an email back to the sender to inform them that they may be infected. These “sender” addresses on these new viruses may be hiding the actual sending machine. This is a common practice for spammers, who want you to visit their site while they hide behind a phony email address.
Once again, you owe it to your self to install virus software. If you don’t you may be infected right now. You can visit http://free.grisoft.com and download their free AVG virus software. They provide this as a service (and also with the hope that you will buy their full version,) as well as free updated virus definitions. You can also try to use MacAfee or Norton Anti Virus software for around $60.00 Canadian.
One of the strains of the Bagle virus will disguise itself as an email from your own domain. It may be addressed from “support” or “management”. The payload is a zip archive called “information.zip” and provide a password to unlock it. If your fooled into opening this zip archive and enter the password… you will be infected. Pretty sneaky, Eh!
Generally, if you notice an unusual amount of activity on your PC – it may seem sluggish, or have a lot of hard drive activity, or activity on the network. You may have a virus. Once one PC becomes affected, the other PCs and servers on your network can be affected. Certain viruses can “worm” their way onto other machines that “never” go on the Internet.
A finally, a note my favorite annoyance – spammers! Spam, or unwanted email, is quickly outnumbering legitimate messages. I found another free spam scanner, called PostArmor which I use on my Mac at home. This great program is written in java, so that it can run on several platforms, Windows, Macintosh OS 8.6 – 9 and MacOS X. The program sits on your machine and gets your email from the mail server. It then, lists the suspicious messages, and passes “good” email through. You have 24 hours to look at the list after which the spam is automatically deleted. You can run PostArmor on one address and pay to use it on multiple addresses.

Remote control with ssh

In past few months we’ve talked about using the command line on MacOS X. This month were going to look at connecting to other computers and connecting to our own Mac from another workstation. As we’ve discussed in the past the MacOS X system is at it’s heart built on the UNIX operating system. So there are tools built in for controlling the computer remotely from the command line interface.
In the early days of UNIX systems the expensive resources of a computer were designed to be shared. The concept of having an user account was created to allow several users to log in. Users would sit down in front of a monitor with a keyboard that was connected to the main computer. These remote connections were referred to as “terminals”. When an operator wants to connect to a computer via command line, we refer to it as “opening a terminal”.
Since that time the use of command line interface has been available. There are telnet and ftp applications for both Macintosh and Windows machines, as well. It is possible to connect to a single machine on your network, via the Internet or with a modem. All you need is an account to access them.
Ftp and telnet are limited because both of those programs run with out encryption. That means someone watching you with a packet sniffer, will see your username and password as plain text. Remote access over the Internet should not be done without the use of Firewalls and/or some kind of encryption. Firewalls and “tcp wrappers” can further limit who can connect and from which machine. The upcoming “Panther” version of MacOS X will include the ability to use virtual private networks (VPN) that will allow us to connect to remote computers with encryption.
Telnet is an older program that allows you to connect to another machine and work as if you’re on the same machine. For security reasons Apple ships MacOS X with the telnet service disabled. They have included OpenSSL so that you can use SSH (secure shell) instead. All of the traffic used by SSH is encrypted.
To start the SSH service, open the Sharing pane in System Preferences. Check the box next to “Remote Login”. That’s it! Apple has scripted the steps to enable SSL on your machine.
Once SSH is turned on try this with your own machine:
Open the Terminal application, from the Utilities folder in Applications.
At the command prompt type “ssh timmitra@127.0.0.1”. Here we are entering “ssh” and a username and IP address. (“localhost” and “127.0.0.1” are special unix addresses that mean “this machine”.)
The first time you log in the ssh command will send a unique key or “RSA key” to identify your machine. It asks you to enter this information in it own database.

 [localhost:/etc] timmitra% ssh timmitra@127.0.0.1
 The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
 RSA key fingerprint is 00:f3:c3:88:98:d2:95:3a:b8:ce:d8:9c:28:06:ef:b9.
 Are you sure you want to continue connecting (yes/no)?

After we type “yes” it adds our machines information and then it asks for the user’s password!

 Warning: Permanently added '127.0.0.1' (RSA) to the list of known hosts.
 timmitra@127.0.0.1's password:

Once we’ve been authenticated it give us the local machine prompt.

 Last login: Fri Oct 10 16:57:36 2003 from localhost
 Welcome to Darwin!
 [localhost:~] timmitra%

At this point we are on the “other” mchine. What we can do there depends on what we have permission to do based with our account. When were finished we can log out by typing “exit” at the prompt.

 [localhost:~] timmitra% exit
 logout
 Connection to 127.0.0.1 closed.

Once you’ve established a connection to a remote machine you can edit files and control processes. Imagine you are locked out of your own workstation. Many PowerBook and iMac users have experienced an issue with the Energy Saver. The screen goes to sleep, but that Mac won’t “wake up”. To further aggravate the situation the keyboard and power key won’t restart the machine. The only alternative seems to be available is to pull the power plug.
But wait! The quick thinking Mac user can go to another machine and log in to the troubled machine. Using SSH they logon to their machine’s hostname or IP address and at the command prompt they type:

 [localhost:~] timmitra% sudo shutdown -r now

“sudo” as you may remember form last month allows that user to issue a command as the “root” user. Of course they have to be an administrator to use “sudo”. The “shutdown” command will turn off the server (or Mac in this case) but the shutdown command needs a few options such as “-r” which means restart and “now” to tell it when to shut down. The Mac will properly shutdown, quitting all applications, including the SSH session and then restart.

Permission Denied

This month we’re going to look at permissions, in MacOS X. In past articles I’ve explained that MacOS X is a multi-user environment, due to its UNIX underpinnings. UNIX systems, since their introduction, were designed to be multi-users machines. There are various real and virtual users on your Mac belonging to groups, such as staff, admin and wheel. By default we Mac users belong either to the admin group or the staff group. If you’ve already tried to install any applications on you Mac you will have had to authorize the installation by giving your username and password. If you were successful, it was most likely due to the fact that you belong to the admin group.

You may have also been exposed to File Sharing in earlier versions of MacOS. Access to file servers and other services are also controlled using the same model as that designed into early UNIX systems. Every single file and every directory has a property that controls how it can be accessed. There is the owner or user, the group he belongs to, and everyone else or others. Along with each of these three associations, is whether the user or group can read, write or execute the file or folder.

Let’s have a closer look, as I explain more. Open up the Terminal application (Applications >> Utilities >> Terminal.) Once again we start in your ho0me directory. At the prompt, type ls -l to do a long list. You’ll see a variety of files and folders listed:
-rw-r–r– 1 timmitra staff 4707 Jun 12 2002 stickers.pdf
-rw-r–r– 1 timmitra staff 37 Feb 2 19:59 test.txt
drw-r–r– 1 timmitra staff 387 Oct 23 22:27 systems
At the beginning of the list we can see the type of item and the permissions. After that we can see the user, the group, the size in bytes, the modification date and finally the name.

Lets create a directory where we can play with the permissions. Type mkdir test and we’ll make a directory called test (Choose a different name if you already have a file or folder called test.) Type cd test to call (or enter) the directory test. Let’s make some files; Enter touch file1 file2 file3 and we’ll create three files at once. Type ls – l to check our progress.
[timsg3:~/test] timmitra% ls -l
-rw-r–r– 1 timmitra staff 0 Apr 9 00:42 file1
-rw-r–r– 1 timmitra staff 0 Apr 9 00:42 file2
-rw-r–r– 1 timmitra staff 0 Apr 9 00:42 file3
What we see in the permissions area is 10 characters. The first in either a – for a file or a d if the item is a directory. The next nine characters are groups of three, The first three are for the owner, the second the group and the third everyone else. In the example the user timmitra can read and write. Members of the group staff can read and so can everyone else (other).

To change the permissions we’ll use the chmod program. There are two ways to use chmod , We’ll look at the relative method today. User is represented by the letter u, group is g, others is o and to change all three we’ll use a for all. To add a permission we’ll use “+”, to take away “-” and we’ll use “=” to make it exact. The syntax is chmod permissions file(s).

Try this: chmod go+x file1 then type ls -la to see the result. You should see that we’ve added execute to file1;
-rw-r-xr-x 1 timmitra staff 0 Apr 9 00:42 file1

Here’s how permissions work. With directories the read permission means a user can list the contents with ls. The write permission means the user can add, rename and delete items in the directory. The execute permissions allows a user to access (cd) the directory. The user also has to have access to the parent directories. This how your files are protected from and or shared with other users. (Note: system superuser aka root can access any file on the system.)

With respect to files, the permissions affect the contents of the file. Read allows a user to read, write allows a user to modify the file. Execute allows the user to run the file if it’s a program (like a shell script.)

I’ll leave you with some examples to try. (Note: I’ll use commas to separate user permissions.)
To protect a file from others use: chmod u+rwx,go-rwx filename
The owner can read, write and execute while group and others will have no access. To protect a file from accidental writing use: chmod a-w filename
No one will be able to modify the file. To protect a directory from group and others: chmod go-rwx directoryname
To give read only access to a directory use: chmod u=rwx,go=rx directoryname

Next month we’re going to look at remote access, where permissions also play a big part.

My friend ed

This month we’re going to look a little closer at working with files. Beyond simply creating files, it is also important to know how to edit them. If you take a look at most Unix textbooks or MacOS X books you probably won’t find a reference to my favorite editor, “ed”. The editor that gets the most press is “vi”, I have found “ed” the simplest to learn, easiest to use and elegant in its simplicity.

The most interesting part of working with MacOS X and it’s Unix underpinnings, as I have said in past articles, is the applications that come with the OS. You wont have to send any money to the folks in Seattle or pay any shareware fees. If you’re running Unix you already have “ed”.

Before we get started on “ed” lets have a look at what we’ve learned so far and add a few new tricks. We’ve looked at an application called “cat”. Short for concatenate, “cat” will “print” the contents of any file in your Terminal window. (Applications >> Utilities >> Terminal.) You should also remember that, you start working in your home directory when you start your Terminal app.

You can confirm where you are at any time by typing “pwd” and “Return” (or “Enter”.) “pwd” returns your “present working directory” which is always helpful, as you’re navigating without the familiar Windows and directories on your Mac or PC. What I see when I run “pwd” is:
/Users/tim
Under MacOS X our home directories are always in the “Users” directory which is under the root directory “/”. When I list the contents of my home directory with “ls” I can see all the files and folders I have stored. Get in the habit of using “pwd”, “ls” and “ls -la” and you will always know where you are what your doing.

If you’ve been with us since October, you may still have a file called “text.txt” that we created. Here’s a different way to create a new file. At your command prompt type this:

cat > newtest.txt
here's some text

To end the cat program enter “control-d”. You will then get a new prompt. Use
“ls -la” and you will see a new file called “newtest.txt”. The “>” is used to input any text that follows into the file “newtest.txt” that we created with the “cat” application.

To add or append more text to our file we can do the following. Type this:
cat >> newtest.txt
and now a second line

End again with “control-d”. You can also use “control-c” to end any program that you’re running. Once again you can see the contents of the file simply using “cat” without the “greater than” symbols:
cat newtest.txt
here's some text
and now a second line

We’ve seen a few ways to create files and add data, so now we can use “ed” to edit our files. “ed” is a line editor, so you will work on one line at a time. Type this:
ed newtest.txt
The screen will print “39” which is the number of characters in this file. To see the contents of the first line enter “1” and “Return”. “ed” will return this:
here's some text
Enter “2” or simply hit “Return” again and “ed” will print the next line:
and now a second line
You can see the whole file at once by entering “1,$p” the following will be displayed:
here's some text
and now a second line

What you’ve asked “ed” to do is; starting at the first line “1” until the end of the file “$”, print “p”. The “$” usually indicates the “end” (The “^” also means the start, but in this case the start of a line.) You might think that we could have entered “^,$p” but that would confuse “ed”. When “ed” doesn’t understand or if it encounters an error it replies with a question mark “?’.

To add more text to your file you might append with “a”. To start appending enter “a” and enter the new text. When you are finished appending, enter a period on a line by itself.
a
this is the third line
and this is the fourth
.

By entering “a” (or “i” insert, or “c” change”) “ed” enters input mode. The period on a line by itself ends the input mode. Insert “i” will enter the new text before the current line, and “change” “c” will replace the current line. To look at the whole file again, I enter “1,$p”:
here's some text
and now a second line
this is the third line
and this is the fourth

Remember you can go to any line by entering it’s number. You can search through a file with a forward slash “/” and the text your searching for. Type this:
/second
and “ed” will print the first occurrence of “second”. Enter “/” again and “ed” will find the next occurrence. (If there is one.)

To make a change to a line, start to substitute with “s”, then type which word or phrase to be replaced between slashes. Type the replacement text next and close with a slash. Don’t forget to enter “p” to print the line. (eg. s/this/that/p) We should still be on the second line, so enter this:
s/a second/another modified/p
Our second line now reads “and now another modified line”. If you make a mistake you can undo your change with “u” (and “p” to print.) Type this:
up
“ed” returns “and now a second line” . The second line is restored. To duplicate a line enter “t.p” The “t” duplicates the current line “.” and again we print it. Entering “d” will delete the entire line. Be careful with that command. I usually use it with a “p”, and don’t forget you can undo if you make a mistake.

To save the changes to your file, enter “w” to write the file. Of course you can only save a file that you have permission to write to the file. To end your session with “ed”, enter “q” to quit. If you haven’t saved your work “ed” will prompt you with a “?”

Before I let you go here’s a couple of more features of “ed”. While you’re working on a file you can hit “f” and “ed” will print the name of the file your working on. It’s handy to check the filename now and again.

You could also begin your session with a brand new file. From the command prompt enter:
ed brandnewfile.txt
“ed” will print “0” indicating that this is a new file with nothing in it. To start entering text type “a” and return, enter your copy, and remember to end with a period.

There are a just a few more things that I’ll cover later. This article has covered the basics, yet I think you will find that, since these are most of the commands available, “ed” is a really simple program. It will become the “Swiss Army Knife” of your Unix editing repertoire. You won’t find it covered in most texts, so it can be our little secret. Now off you go. Practice creating and modifying a few files on your own.

Navigating the command line

Back in October we started down the road of learning Unix. You may also remember that I said that with Apple’s new operating system MacOS X, we weren’t just given a new look . In fact MacOS X is built on top of a Unix kernel, which makes for a stable, relatively crash-free experience. It benefits from multi-threading and multi-tasking. The most important part of using a Unix based operating system is the great assortment of Unix applications that come installed.

Unix is a collection of small but efficient applications. Each one performs a basic task. In the October article, I introduced a simple one, whoami, which returns a basic answer. The application, who, “prints” the result, or “returns” (geek-speak) the answer on the Terminal screen. (Applications>>Utilities>>Terminal.)
If you type it formally;
who am i
The result printed back is;
tim ttyp1 Nov18 22:47
This is what is returned; “tim” is the name I logged in as, “ttyp1” is the name of the terminal, and the date.

I should also point out that who and whoami are really different applications. If you check their manuals you’ll see that they both have different options. Manual? “What manual.” you say? Another cool thing about most of these little utilities is that they come with manuals installed. These manuals are referred to as “man pages”.
Type this on the command line;
man whoami
Your Mac will go off and find the man page for whoami and print in on the Terminal. MacOSX opens the man pages one screen at a time, for easy reading. Each screen full will end with a “:” and a prompt. Hit the “Space Bar” and the page will scroll down, one page at a time (“B” will scroll upwards.) until you see “(END)”. Hit the Space Bar once more, the man program will exit and you’ll be back at the prompt.
Hint: It is helpful to open a second terminal window, File>>New Shell (Cmd-N). Now you can read the manual while running the application in the first window.
If you look at the man page for who you’ll see a list of available options. I alluded to options in October. Options are added to the command line to extend an application. They are usually separated by a space and begin with a hyphen.
As an example;
who m
tim ttyp1 Nov 18 22:45
This returns the user information about the current terminal, just like whoami does.
who u
tim console Nov 18 22:45 00:36
This returns the user information and the idle time. You may remember that Unix is designed to be a multi-user environment, which is why it can be important to know who is logged in to the system.

You may not realize it if you’re on a single user machine, but you have in fact logged in. When you installed MacOSX the Setup Assistant created a username and password for you. It also assigns you a “home” folder. All users on a Unix system have a home folder and on MacOSX it’s created in /Users directory.

This brings up another Unix mystery “What are all these other folders for and how do we navigate them?” Remember the pwd application tells you where you are. When you start a new terminal window (or shell) you are in your home folder. If I enter pwd at the prompt and hit Return (or Enter.)
[Tims-G3:~] tim% pwd
/Users/tim
It returns “/Users/tim”, which translates the actual (or absolute) path to the folder. What I have been loosely referring to as the prompt on Mac is:
“[Tims-G3:~] tim%”, which gives me the Rendezvous name of my Mac ( a Jaguar technology,) a colon “:”, a tilde “~” (short for home) and my username and a percent sign (to indicate that I’m a regular user.) The pwd app returns the “present working directory” on the next line.

The metaphor that is used in Unix, similar to Mac or Windows, is of a directory tree. On your Mac it may start at “Macintosh HD. On Windows it starts at “C:” In the Unix shell the tree starts with a “forward slash – /” which we call the “root” directory. We then navigate down (I prefer to say “down”, to say that things are under the root directory) with a utility, “cd”, to call or change directories.
To get to root ry this:
cd /
ls
and you will list (ls) the contents of the root directory. You will see items such as Applications, Library, System, Users, but you will also see a number of Unix directories that are made invisible to the Finder. The directories; bin, dev, etc, sbin, tmp, usr, var are present on most Unix systems.

System wide applications are stored in “bin” (binaries), “dev” contains information about devices, “usr” stores user scripts, “var” contains preferences or variable items, and “etc” contains systems settings and apps. They are the Unix equivalents of Applications, System, Utilities and Work In Progress.

To get back home you can enter;
cd /Users/tim (enter your username instead of mine.)
or
cd /~
as the tilde is the short cut for Home.

Starting at root again (cd /) you can also get to Home by calling the directories relatively, by first entering cd Users and then cd tim. Starting at the root directory “Users” is a subdirectory (or relative to root) but “tim” is not. From root cd tim will result in a “no such file or directory” error.

If there were another user on the system you can navigate to her directory by entering the path relatively or absolutely. cd ../ will navigate up a directory, so from your home
cd ../carol will go up to the Users directory and down into the carol directory. Of course you can also get there by entering cd /Users/carol .

Now your homework is to get into the shell and navigate around. Use ls and ls la and try to cat and more some files Not sure what I’m talking about? Check the man pages See you next month.