General Information about macOS

Apple Keyboard

Table 1. Special Keys on Apple Keyboards

Command Key

Option Key

Shift Key

"command"

"option"

"shift"

[Cmd]

[Alt]

[Shift]

Table 2. Special Characters on Apple Keyboards

Special Character

Designation

Shortcut

@

At

[Cmd]+[L]

Euro

[Alt]+[E]

$

Dollar

[Shift]+[4]

£

British Pound

[Alt]+[Shift]+[4]

©

Copyright

[Alt]+[G]

®

Registered

[Alt]+[R]

Trademark

[Alt]+[Shift]+[D]

Apple

[Alt]+[Shift]+[+] 

§

Paragraph

[Shift]+[3]

~

Tilde

[Alt]+[N] (followed by Space Bar)

(

Open Round Bracket

[Shift]+[8]

)

Close Round Bracket

[Shift]+[9]

[

Square Bracket Open

[Alt]+[5]

]

Square Bracket Close

[Alt]+[6]

{

Curly Bracket Open

[Alt]+[8]

}

Curly Bracket Close

[Alt]+[9]

/

Slash

[Shift]+[7]

\

Backslash

[Alt]+[Shift]+[7]

|

Pipe (Vertical Line)

[Alt]+[7]

Right Double Quote

[Alt]+[^]

Left Double Quote

[Alt]+[Shift]+[^]

Low Single Quote

[Alt]+[S]

High Single Quote

[Alt]+[#]

»

Double Right Angle Quote

[Alt]+[Shift]+[Q]

«

Double Left Angle Quote

[Alt]+[Q]

Single Right Angle Quote

[Alt]+[Shift]+[N]

Single Left Angle Quote

[Alt]+[Shift]+[B]

=

Equal

[Shift]+[0]

Unequal

[Alt]+[0]

Less than Equal

[Alt]+[>]

Greater than Equal

[Alt]+[Shift]+[>]

>

Greater

[Shift]+[>]

<

Smaller

[Fn]+[>]

±

Plus or Minus

[Alt]+[+]

Approximate

[Alt]+[X]

ø

Average

[Alt]+[O]

Infinity

[Alt]+[,]

%

Percent

[Shift]+[5]

π

Pi

[Alt]+[P]

Check Mark

[Alt]+[V]

The opsi Product m-homebrew

There are a number of package management programs for macOS that you can use to install common open source applications on macOS:

We offer our own localboot product, m-homebrew, which installs Homebrew on macOS clients. After installation, the brew command becomes available, allowing you to download and install programs from the Internet. Homebrew can install fully compiled binaries or download source code and build the program locally.

Homebrew requires command line tools for developers. Consequently, the m-homebrew package depends on the opsi package m-xcode-tools, which is automatically installed.

For security reasons, Homebrew is designed so that the brew command cannot be executed as the user root. To accommodate this, a hidden user account named opsisetupadmin is created during the installation of the client agent (see the section The macOS Account opsisetupadmin). The opsisetupadmin account "owns" the entire Homebrew system, and you should use this account to install software on the computer with brew.

To execute the brew command as the opsisetupadmin user with root privileges:

sudo -H -u opsisetupadmin /usr/local/bin/brew

This procedure is also used by the product m-javavm to install the Java runtime environment:

[ShellScript_brew_install_java]
; https://github.com/SAP/SapMachine/wiki/Installation
EXITCODE=0
sudo -H -u opsisetupadmin /usr/local/bin/brew tap sap/sapmachine
EC=$?; if [ $EC -ne 0 ]; then EXITCODE=$EC; fi
sudo -H -u opsisetupadmin /usr/local/bin/brew install --cask sapmachine-jdk
EC=$?; if [ $EC -ne 0 ]; then EXITCODE=$EC; fi
exit $EXITCODE

Homebrew: Tips and Tricks

We have compiled a few links on the subject here:

The macOS Account opsisetupadmin

As noted, a hidden user account named opsisetupadmin is created when the client agent is installed. This account has no password and is not intended for login purposes. The home directory of opsisetupadmin is /var/opsisetupadmin. This user has permissions to use the brew command. The directory /var/opsisetupadmin/opsi_depot serves as the mount point where the opsiclientd mounts the depot share.

The share is mounted under the home directory of opsisetupadmin as access to shares that are not mounted in a user directory is severely restricted.

Granting Full Disk Access

Following the macOS updates officially released by Apple in December 2023, it has become necessary to grant full disk access to the opsiclientd process to facilitate normal functioning of the opsi-mac-client-agent. This adjustment can be made in the macOS system settings under Privacy & Security or through an Apple MDM message using the type PrivacyPreferencesPolicyControl. Note that this step is not necessary for operation in WAN mode.

opsi Directories under macOS

On a macOS client there are the following important opsi directories:

  • /var/log/opsi-script: opsi-script logfiles

  • /var/log/opsi-client-agent: other opsi logfiles

  • /usr/local/bin/opsi*: executable opsi programs

  • /Applications/opsi-script.app: program directory of opsi-script

  • /etc/opsi-client-agent: Configuration files of the macOS client agent

  • /etc/opsi-script: opsi-script configuration files

  • /usr/local/lib: auxiliary libraries, e.g. for SSL, Ncursesi, etc.

  • /usr/local/share/opsi-client-agent: client agent

  • /usr/local/share/opsi-script: opsi-script

  • /var/opsisetupadmin: home directory of the opsisetupadmin account

  • /var/lib/opsi-client-agent/opsiclientd: SQLite database for the timeline on the opsiclientd info page (see the section opsiclientd Info Page)

  • /Library/LaunchDaemons: configuration for opsi services

  • /Library/LaunchAgents: configuration of the systray program

Special Considerations for Packagers

macOS is based on BSD Unix, so it has a typical Unix file system structure. For security reasons, there are areas reserved exclusively for Apple. The following tips are essential for creating macOS opsi products:

  • /Applications: This is where the graphical applications reside. Each program has its own folder in /Applications; these directories are named <program>.app. However, Finder does not display these directories as folders but as program launchers for the respective applications. The <program>.app directories follow a specific structure.

  • The directories /sbin, /bin, /usr/bin, /usr/share, and /usr/lib are reserved for Apple. Use the directories /usr/local/bin, /usr/local/share, and /usr/local/lib for your customizations.