I’ve installed the updates on all my test machines running Snow Leopard 10.6.3 and Leopard 10.5.8 and I’ve noticed the following problems:

Leopard

On Leopard there are the small known issues with postfix. To correct it perform the following steps after the updates:

Re-install postfix by going into your latest source directory you’ve used the last time and run

sudo make install

Next, comment out or delete the following line from ‘/etc/postfix/main.cf‘:

inet_interfaces = localhost

Restart postfix (reloading config does not work) with:

sudo postfix stop

Postfix should restart automatically (if not run sudo postfix start).

Snow Leopard

Could not detect any postfix problems which I find suspicious but I can’t find the same postfix problems on Snow Leopard. If you can confirm this please leave a comment.

To read more on the updates read the Apple Knowledge Base article on this update.

I had someone reporting a problem with php which got replaced, but he used the default apache installation. So if you use the default apache and did not compile it please check your version of php. It might have been updated.

I’ve never seen two Security Updates this close after one another. This is a minor fix which solved a 0 day security issue:

Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. This issue is addressed through improved index checking. Credit to Charlie Miller working with TippingPoint’s Zero Day Initiative for reporting this issue.

There are no changes to any of our software (yes even postfix is unaffected!) so you can run this without any problem. Read more about it in Apple’s Knowledge base article.

I’ve updated all my machines that run Snow Leopard with the update and I haven’t noticed any strange behavior or errors.

If you want to read more on what is affected in the updates I would suggest reading the Apple support site for the (security) update.

There are some reports on changes in the firewall which might affect the workings of your server if you are using the default firewall configuration. I use noobproof to configure my firewalls. It has a better level of control.

Update: the postfix binary is replaced and you need to run a “sudo make install” from the last version you used. This is a reminder on why you keep the compiled stuff lying around on the server and not clean it up after installation.

Sorry that I’m later than I’m supposed to be with this blogpost, but my new day job needs all the attention at the moment. The good news is there are not much problems when you update your Mac with the latest security update. Read more about it in Apple’s Knowledge base article.

On Leopard there is a small known issue with postfix. To correct it comment out or delete the following line from ‘/etc/postfix/main.cf‘:

inet_interfaces = localhost

Restart postfix (reloading config does not work) with:

sudo postfix stop
sudo postfix start

And all should be fine. If you find another issue please use the comments.

This is a small write-up of the installation I was asked to do for a client on his mini with OS X Server (Leopard). It took me a while to get this working because of the various issiues that I encountered and while googling for a sollution found that there are many people looking for an answer, hence the write-up. Please note that these instructions are not part of the normal documentation set, these instructions only work on OS X Server Leopard and not on the regular OS X Workstation.

First make a copy of the original php module for safekeeping:

sudo cp /usr/libexec/apache2/libphp5.so /usr/libexec/apache2/libphp5.so.apple

Then we need to make some preparations. First of them is get the MySQL include source files and the client libraries as documented in this knowledge base article. Remeber this is only tested on 10.5.x of OS X Server.

Please download http://www.opensource.apple.com/darwinsource/other/MySQL-49.binaries.tar.gz

Unpack and copy the following directories using the following commands:

tar -zxvf MySQL-49.binaries.tar.gz
cd usr/include/
sudo cp -R usr/include/mysql /usr/include/
sudo cp -R usr/lib/mysql /usr/lib/

Next we need to get the iconv library and compile it to get it properly working with PHP. The default iconv library on OS X gives linking errors. You can download it from: http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gz and unpack it.

Use the following commands to compile and install it:

export MACOSX_DEPLOYMENT_TARGET=10.6 \
CFLAGS=”-arch x86_64″ \
CXXFLAGS=”-arch x86_64″
./configure –prefix=/usr/local
 
make
 
sudo make install

Next download the source code for the JPEG library from the Freshmeat libjpeg project. I’ve used the source file jpegsrc.v7.tar.gz.

First unpack the source code and then go into the folder “jpeg-7″ for the source and execute the following commands:

cp /usr/share/libtool/config.sub .
cp /usr/share/libtool/config.guess .

Which will copy these files to the current directory. They are required for the configuration fase of this installation.

export MACOSX_DEPLOYMENT_TARGET=10.6
CFLAGS="-arch x86_64" \
CXXFLAGS="-arch x86_64" \
LDFLAGS="-arch x86_64" \
./configure --enable-shared
 
make
 
sudo make install

Next download PHP version 5.2.11 (this is the version installed on OS X Server 10.5.x) unpack it and use the following commands to configure, compile and install it:

export MACOSX_DEPLOYMENT_TARGET=10.6 \
CFLAGS=”-arch x86_64″ \
CXXFLAGS=”-arch x86_64″
./configure –prefix=/usr \
  --mandir=/usr/share/man \
  --infodir=/usr/share/info \
  --disable-dependency-tracking \
  --with-apxs2=/usr/sbin/apxs \
  --with-ldap=/usr \
  --with-kerberos=/usr \
  --enable-cli \
  --with-zlib-dir=/usr \
  --enable-trans-sid \
  --with-xml \
  --enable-exif \
  --enable-ftp \
  --enable-mbstring \
  --enable-mbregex \
  --enable-dbx \
  --enable-sockets \
  --with-iodbc=/usr \
  --with-curl=/usr \
  --with-config-file-path=/etc \
  --sysconfdir=/private/etc \
  --with-openssl \
  --with-xmlrpc \
  --with-xsl=/usr \
  --with-mysql-sock=/var/mysql \
  --with-mysqli=/usr/bin/mysql_config \
  --with-mysql=/usr \
  --with-gd \
  --with-jpeg-dir=/usr/local/lib \
  --with-png-dir=/usr/X11R6 \
  --with-freetype-dir=/usr/X11R6 \
  --with-xpm-dir=/usr/X11R6 \
  --with-iconv=/usr/local \
  --without-pear

Next do not start compiling but we need to edit the Makefile.

Find the line that starts with:

GDLIB_CFLAGS =

and add at the end of the line:

-arch x86_64

The nfind the line that starts with:

EXTRA_LIBS =

and add at the end of this multiline:

-lresolv

Next replace the line:

$(CC) $(MH_BUNDLE_FLAGS) $(CFLAGS_CLEAN) $(EXTRA_CFLAGS) $(LDFLAGS) $(EXTRA_LDFLAGS) $(PHP_GLOBAL_OBJS:.lo=.o) $(PHP_SAPI_OBJS:.lo=.o) $(PHP_FRAMEWORKS) $(EXTRA_LIBS) $(ZEND_EXTRA_LIBS) -o $@ && cp $@ libs/libphp$(PHP_MAJOR_VERSION).so

with:

$(CC) $(CFLAGS_CLEAN) $(EXTRA_CFLAGS) $(LDFLAGS) $(EXTRA_LDFLAGS) $(PHP_GLOBAL_OBJS:.lo=.o) $(PHP_SAPI_OBJS:.lo=.o) $(PHP_FRAMEWORKS) $(EXTRA_LIBS) $(ZEND_EXTRA_LIBS) $(MH_BUNDLE_FLAGS) -o $@ && cp $@ libs/libphp$(PHP_MAJOR_VERSION).so

Save the file and when your done you can start compiling and installing with:

make
 
sudo make install

This means it’s ready.

Now restart apache and check your site. Now you have a new PHP version with GD on your server.

Warning, be careful when updating your server. I noticed a few hick-ups on my machine. I will update this post with my findings through the day when I find out more.

Leopard Issues:

• Resolved: My remote desktop isn’t working anymore, still looking into this one. Solution: It somehow works again after some time waiting, probably I was trying to fast

Working: Everything else does not look to be affected, even Postfix is as is (in contrast to Snow Leopard)

Snow Leopard issues:

• Postfix binary get’s replaced, you’ll have to do a ‘sudo make install’ from the last install direcory to get it working again.

For the rest on Snow Leopard everything seems to be working as intended. Will do some more test during the day.

Read more about the update to 10.6.2 here and the security update 2009-006 here.

If you find anything please let us know in the comments and I will try to verify.

Update: No more problems found, I guess it was just a postfix problem and as Joe has commented I need to change the location to prevent future issues.

I’ve updated my test server with Mac OSX 10.6.1 The update went without any problem and my setup was not affected in a negative way. It took me some time to check everything.

If you want to read more on what is affected in the updates I would suggest reading the Apple support site for the 10.6.1 update.

In case of doubt, please make a full bootable disk image backup with Carbon Copy Cloner before you start. There are some people having reported problems with previous update so better be safe then sorry!

This update is only for Leopard and Tiger users (Snow Leopard is not affected). I have not tested this on Tiger as I have no longer a machine with Tiger installed but I’ve tested the Leopard based update and that went without a problem. My production server and two of my test servers received the update and installed it without any problem.

Read more about the security update here.

n case of doubt, please make a full bootable disk image backup with Carbon Copy Cloner before you start. There are some people having reported problems with previous update so better be safe then sorry!

Here is a quick update on getting Apache, PHP and MySQL installations working again after the Snow Leopard upgrade.

For Apache I did a recompile and install because the config was completely lost (and I had no backup!) and this was the quickest way for me. The normal 64 bit Leopard instructions did the job for now, will look later at possible enhancements.

MySQL I could just startup with the System Preferences MySQL panel. Will do a recompile later today and will update this post with the findings. This as MySQL is updated to 5.1.38

PHP gave the most issues, but a comment from Nico helped out. This problem is valid for 5.2.9 and 5.3.0 but it should be solved in 5.3.1 as the bug was listed as solved in 5.3.1.dev

To solve the problem, follow the normal instructions on this site but after the configure statement you need to edit the Makefile which is created by ./configure

You need to add ‘-lresolv‘ at the end of the line which starts with ‘EXTRA_LIBS‘ like:

EXTRA_LIBS = -lmysqlclient -lssl -lcrypto -lz -lssl -lcrypto -lm -lxml2 -lz -licucore -lm -lxml2 -lz -licucore -lm -lmysqlclient -lz -lm -lmysqlclient -lz -lm -lxml2 -lz -licucore -lm -lxml2 -lz -licucore -lm -lxml2 -lz -licucore -lm -lxml2 -lz -licucore -lm -lresolv

As noted earlier, I will keep updating this blogpost till most issues are resolved or properly documented elsewhere on the site.

Update 1: MySQL compiled without a problem using the 64 bits Leopard instructions.

Update 2: Finished some of the PHP documentation on Snow Leopard:

• Compiling PHP in 64 bits mode on Snow Leopard
• Adding the GD module to PHP on Snow Leopard
• Adding the mcrypt module to PHP on Snow Leopard

Update 3: Added Apache install instructions:

• Compiling Apache in 64 bits mode on Snow Leopard

Update 4: Made a new page with all related Snow Leopard instructions. MAMP stack documented, mailserver will follow!

Last update: Mailserver instructions.

I know a lot of you are awaiting news on Snow Leopard! The early release has put me into a tight spot as I’m on holiday now (I’m typing this in an internet cafe paying a ridiculus rate per hour). Snow Leopard is lying in my mailbox at home and I didn’t bring any Mac with me. So bear with me untill the next weekend when I’ll be back home and will post updates.

Postfix has released a new version 2.6.5 as well. Usually they are installable without problems so feel free to update and I will test is soon!

Sorry about this!