Wednesday, May 1, 2013

MacBook kernel_task fix for CPU throttling (consumes all processor power)

The problem that most macbook (pro, air, etc) owners had encountered, especially when replacing a battery or running with a faulty one (or just for no reason, as has happened to me recently), is that kernel_task process takes up 100% times the number of cores of CPU time, making your Mac halt.

No usual solutions (SMC, PRAM reset) helps; dtrace showed kernel sitting in a loop forever. Turns out, it's a silly kernel extension that throttles CPU when it considers something is wrong. The idea is to prevent your Mac from overheating, by consuming all CPU power in an idle loop, but, since it is buggy, it very often does so for no real reason. Saving for future reference, instructions on disabling that extension, original post if you are interested in full details.

And the meat of that article:

sudo rm -f /System/Library/Extensions/IOPlatformPluginFamily.kext/Contents/PlugIns/ACPI_SMC_PlatformPlugin.kext/Contents/Resources/*.plist

All the credit goes to Rhys Oxenham, thanks for saving us all and an excellent blog!

Wednesday, November 14, 2012

Your own VPN/proxy (pptpd config on Amazon AMI)

Update 2015: since pptp is not longer supported on Mac and is generally insecure, please follow this excellent guide for a similar l2tp setup

Simple steps to quickly configure your own vpn.

Intro - VPN means a virtual private network, a secure channel between two machines. As you can, thanks to the cloud, have the second machine running in any part of the world, and you also can forward all your internet traffic through that second machine, this could be useful in numerous cases - if you don't want your provider to know everything about you, or if your crazy government thinks it can decide for you what you can or can not see, or if you are tired with DMCA restrictions, list goes on.

Requirements - Amazon AWS (or any other cloud provider) account. Amazon now runs a promo, giving you free usage for one year on the basic tier, which would be enough for the task.

Go ahead and create a new t1.micro EC2 instance in amazon control panel. I use Amazon AMI images: it's a small headless linux similar to CentOS with no preinstalled software, just what we need here. Settings for your new instance: 64bit version, EBS backed, 2GB of root partition would be absolutely enough, generate a new keypair and save it in a safe place, create a new security group for your VPN. Everything else you can leave at default values.

First of all, let's open some ports in your cloud firewall - go to Security Groups and edit the group you assigned to your instance (or default if you don't remember assigning any groups). You should open TCP port 1723 and UDP port 500, as well as ssh port 22 :) You can either open these ports to the world (, or specify your ip address there.

Login into your new box:

ssh -i your_key_file ec2-user@your_instance_address

Install ppp/pptpd:

sudo yum install ppp -y
sudo rpm -Uhv pptpd-1.3.4-2.el6.x86_64.rpm

Edit /etc/pptpd.conf, uncomment the lines with localip and remoteip. You can also add google's (, or amazon's () DNS servers, to avoid using your provider's DNS, edit /etc/ppp/options.pptpd and uncomment/edit ms-dns lines.

Create the VPN user - edit /etc/ppp/chap-secrets and add a line (you would want your own user and a secure password):

<USER> pptpd <PASSWORD> *

That's it for the VPN, time to setup our traffic forwarding so that we would be able to access the rest of the Internet from this server. Enable ipv4 forwarding, edit /etc/sysctl.conf and switch net.ipv4.ip_forward setting to 1.

Create iptable forwarding rule, persist it, enable pptpd and restart our server

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo service iptables save
sudo service iptables restart
sudo chkconfig pptpd on
sudo init 6

That's it. To test your new VPN, open your Mac network preferences, Create new service (click on + in the list of services):

After that, enter your Server Address, your Account name, select Encryption: Maximum (128bit), Authentication Settings - enter your password. In the Advanced dialog, don't forget to check Send all traffic over VPN connection. Click Connect, if all went well you should see this:

Enjoy. Some more things which are not necessary but can be helpful - as we created an EBS-backed instance, we can safely stop it and start when needed, as Amazon charges you per hour of a running instance. Ip address is dynamic and might change on restart, so it would make sense to assign an Elastic IP to your instance, or use DynDNS. Unless, of course, you need for some reason to complicate tracing you back, then dynamically assigned address will help a little.

Wednesday, October 31, 2012

Installing ffmpeg on Amazon AMI (CentOS 6)

An easy way to install ffmpeg on Amazon AMI (special distro for Amazon AWS EC2 service) without using any source packages. Basically, it is a rebranded CentOS using Amazon's repository, which does not have many packages, including ffmpeg and it's dependencies. Your version may vary:
$ cat /etc/issue
Amazon Linux AMI release 2012.09
Determine which CentOS this is based off (version is in Red Hat X.X.X-x):
$ cat /proc/version
Linux version 3.2.21-1.32.6.amzn1.x86_64 (mockbuild@gobi-build-31004)
(gcc version 4.4.6 20110731 (Red Hat 4.4.6-3) (GCC) ) #1 SMP Sat Jun 
23 02:32:15 UTC 2012
So here we basically have CentOS 6. Go ahead and create /etc/yum.repos.d/centos.repo :
name=CentOS-6 – Base
That's not all. Some libraries are hidden in EPEL repository, it should be already added but not enabled, so edit /etc/yum.repos.d/epel.repo and make sure you have enabled=1 there (don't need source and debuginfo sections,  we won't be building anything today). And do the same for /etc/yum.repos.d/rpmforge.repo - should enable extras section.

Now we're ready for some magic:
$ sudo yum -y update
$ sudo yum -y install ffmpeg
Be warned that there might be some small conflicts between CentOS and Amazon repositories. Resolve using common sense. This guide should work as is for Amazon AMI 2012.09