macOS System Administration & Optimization#

1 Modify Known Hosts#

# Add description
nano ~/.ssh/known_hosts
# To remove a specific host
ssh-keygen -R 10.1.1.14
# Clear the full file
cat /dev/null > ~/.ssh/known_hosts

2 Disk Management & Diagnostics#

2.1 Identify and Verify Disks#

# List all physical and virtual disks
diskutil list
# Verify a specific disk (replace X with disk number)
diskutil verifyDisk /dev/diskX

2.2 SMART Monitoring (via Homebrew)#

# Install smartmontools
brew install smartmontools
# Check health of the primary NVMe drive
smartctl -a /dev/disk0

3 Homebrew Package Manager#

Official site: brew.sh

3.1 Installation#

/bin/bash -c "$(curl -fsSL [https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh](https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh))"

3.2 Maintenance#

# List running background services
brew services list
# Update Homebrew and upgrade all packages
brew update && brew upgrade

4 Application Cleanup: Path Finder#

4.1 Brute Force Removal#

# Remove Application and Support files
sudo rm -rf /Applications/Path\ Finder.app/
sudo rm -rf ~/Library/Application\ Support/Path\ Finder/
sudo rm -rf ~/Library/Preferences/com.cocoatech.PathFinder.plist
sudo rm -rf ~/Library/Caches/com.cocoatech.PathFinder

4.2 Deactivate Updates#

defaults write com.cocoatech.PathFinder SUEnableAutomaticChecks NO

5 Permissions & Snapshots#

5.1 Remove Access Control Lists (ACL)#

# Recursively remove all ACL entries from a folder and its contents
chmod -RN /path/to/folder

5.2 Time Machine Local Snapshots#

# List all local snapshots
tmutil listlocalsnapshots /
# Delete a specific snapshot by date/ID
sudo tmutil deletelocalsnapshots 2025-12-29-030238
# Batch delete all com.apple.TimeMachine snapshots
for d in $(tmutil listlocalsnapshots / | grep 'com.apple.TimeMachine' | awk -F. '{print $4}'); do sudo tmutil deletelocalsnapshots $d; done

6 Time Machine: SMB Sparsebundle Resizing#

Use this workflow to effectively remove quotas from a network-based Time Machine backup.

# 1. Stop active backups
sudo tmutil stopbackup

# 2. Mount the SMB share manually
mkdir -p ~/SMB_TM
mount_smbfs //timemachine@UNAS-Pro/TimeMachine ~/SMB_TM

# 3. Resize the sparsebundle (e.g., to 10 Terabytes)
hdiutil resize -size 10t "~/SMB_TM/MacStudio (MO).sparsebundle"

# 4. Cleanup and Restart
umount ~/SMB_TM
rmdir ~/SMB_TM
sudo tmutil startbackup

7 Networking & File Transfers#

7.1 Flush DNS Cache#

sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder

7.2 Optimize SMB Speed (Disable Signing)#

echo "[default]" | sudo tee /etc/nsmb.conf && echo "signing_required=no" | sudo tee -a /etc/nsmb.conf

7.3 Remote File Transfers (SCP)#

# Upload specific images to Hugo project
scp -v /Users/marc/Downloads/to_convert/* root@10.1.2.202:/home/marc/hugo/inuvik/static/images/

7.4 SMB Shortcuts#

# Create a shortcut directory in Home for SMB Volumes
mkdir -p /Users/marc/SMBShares
ln -s /Volumes/Software /Users/marc/SMBShares/Software

8 Image Processing (Mogrify)#

Batch resize and optimize images for the web.

# Resize to 1200px width, strip metadata, and target 100kb size
mogrify -verbose \
  -path /Users/marc/Downloads/to_convert \
  -resize 1200x \
  -strip \
  -interlace Plane \
  -define jpeg:extent=100kb \
  /Users/marc/Downloads/to_convert/*.jpg

9 How to open the Developer Console#

On your Mac Studio, make sure Obsidian is the active window.

Press Cmd + Option + I (the letter ‘i’).

A side panel will open. Click the “Console” tab at the top of that panel.

10 Force nano to be used for crontab#

EDITOR=nano crontab -e

10.1 Make Nano the Permanent Crontab Editor on macOS#

Run these two commands in your Mac Terminal to stop macOS from defaulting to Vim:

1. Add the rule to your profile#

echo 'export EDITOR=nano' >> ~/.zshrc
# Apply
source ~/.zshrc

10.2 Verification#

From now on, you can simply type:

crontab -e

It will open in Nano every time without needing the prefix.

10.3 Troubleshooting#

If for some reason you are using an older version of macOS (pre-Catalina) and the above doesn’t work, you might be using Bash. In that case, run: echo 'export EDITOR=nano' >> ~/.bash_profile && source ~/.bash_profile

11 How to Enable Cron for Automated Syncing#

11.1 Locate the Hidden Cron Binary#

  1. Open System Settings > Privacy & Security > Full Disk Access.
  2. Click the [ + ] button at the bottom of the list.
  3. When the Finder window appears, press Cmd + Shift + G on your keyboard.
  4. In the box that appears, paste the following path exactly: /usr/sbin/cron
  5. Hit Enter. The cron file will be highlighted.
  6. Click Open.

11.2 Enable the Permission#

  1. Look for cron in the Full Disk Access list.
  2. Ensure the toggle switch is moved to the ON (Blue) position.
  3. (Optional) While in this menu, ensure Terminal is also toggled ON.

11.3 Step 3: Grant Network Volume Access (For SMB Shares)#

If your scripts or notes are stored on an SMB share (/Volumes/...):

  1. In the same Privacy & Security menu, click on Files and Folders.
  2. Find cron in that list.
  3. Ensure the toggle for Network Volumes is turned ON.

12 Troubleshooting: iMac 2014 5K Built-in Ethernet Self-Assigned IP (169.254.X.X)#

Problem Description The iMac 2014 5K built-in Ethernet port fails to obtain a valid IP address via DHCP from a known good switch and cable configuration. The interface assigns itself a link-local address (169.254.51.50) with no DNS servers or search domains populated. Other client machines using the exact same cable and switch port successfully negotiate a valid lease (10.1.2.X).

Technical Analysis Because the physical infrastructure (cable, switch port, and upstream DHCP server pool) is verified functional, the breakdown occurs at the software link layer or driver initialization state on this specific machine. The presence of *-pre-upgrade-* configuration files inside /Library/Preferences/SystemConfiguration/ points to a legacy upgrade migration that corrupted active network preference property lists (.plist), causing the network daemon (configd) to fail to bind DHCP discovery packets to the hardware interface.

12.1 Purge Corrupt Network & Daemon State Files#

  1. Open Finder and press Cmd + Shift + G to bring up the “Go to Folder” prompt.
  2. Enter the system configuration path: 
    /Library/Preferences/SystemConfiguration/
  3. Locate and move the following configuration files to the Trash (administrator password authentication required):
    • com.apple.dhcp6d.plist (Resets corrupt DHCPv6 state loops)
    • com.apple.network.eapolclient.configuration.plist (Clears Ethernet authentication profiles)
    • com.apple.vmnet.plist (Removes legacy local virtual interface bridges that might block physical hardware mapping)
    • com.apple.airport.preferences.plist (Clears wireless state conflicts)
    • com.apple.network.identification.plist (Resets interface network location profiles)
    • com.apple.wifi.message-tracer.plist (Clears legacy Wi-Fi telemetry states)
    • NetworkInterfaces.plist (Forces macOS to rediscover physical hardware cards on boot)
    • preferences.plist (Clears global network configuration frameworks)
  4. Note: Leave the historical -pre-upgrade-* files intact as they are inactive backups and do not interfere with system initialization.

12.2 System Cold Reboot#

Restart the iMac immediately after trashing the files. On boot, the macOS network subsystem detects the absence of active hardware mappings and queries the logic board’s physical Ethernet controller directly to rebuild the interface stack natively.

12.3 Hard Reset Interface via CLI (If UI Remains Stuck)#

If the interface remains in a self-assigned state after rebooting, open Terminal to force the driver to unload and reload:

# Bring down the physical interface to break any hung driver locks
sudo ifconfig en0 down

# Bring the physical interface back up to trigger a fresh DHCP discovery sequence
sudo ifconfig en0 up

(Verify if built-in Ethernet is assigned to en0 by running networksetup -listallhardwareports if necessary).

12.4 Bypass Hardware Auto-Negotiation Degradation#

If aging PHY chips on the logic board struggle to complete auto-negotiation handshakes with modern gigabit switches, force manual speed/duplex settings:

  1. Open System Settings > Network > Ethernet > Details…
  2. Navigate to the Hardware tab in the sidebar.
  3. Switch Configure from Automatically to Manually.
  4. Explicitly define the following parameters:
    • Speed: 1000baseT (Drop to 100baseTX as a fallback diagnostic test if the chip is failing)
    • Duplex: full-duplex (Ensure energy-efficient Ethernet / flow-control variants are disabled)
  5. Click OK and apply the network modifications.

12.5 Post-Verification Checklist#

  • Ensure the status indicator next to the Ethernet interface transitions from yellow (Self-assigned IP) to green (Connected).
  • Confirm the IP Address field populates within the local 10.1.2.X subnet mask boundaries.
  • Verify upstream routing behavior by checking that the Router field matches your gateway address and that DNS Servers are automatically populated by the DHCP payload.
Backward Linux Desktop Configuration Guide Markdown Reference Guide for Obsidian Forward