Skip to content

There is a scenario where i didnt think i could encounter in my years of computing, especially on a newly purchased ridiculously expensive 2019 macbook pro. Not knowing how Apple's hardware (T2 chip) works made this a tiny bit challenging when working on this 2019 Macbook pro. There was a happy ending to all of this but it took almost eight hours in clicking and waiting on download of a new Mac OS, and finally reinstall the latest MAC OS Catalina which differed from the original factory de facto OS. This was a bit of a hack and a bit of luck in revitalizing a Mojave into Catalina OS over the course of roughly a day.

Assuming a Macbook pro hardware would function just like an PC, i made a boot USB Catalina earlier in order to prep for a new OS install. There were obviously knowledge i wasnt aware of, when doing this install. Assuming installing a clean version of mac OS X Catalina would be the same as installing a new ubuntu linux.

After holding on the "option" button to boot the USB, it prompted me with a message informing me that i could not boot USB due to some security item i must first resolve or disable. Not caring what that was, i then rebooted this macbook pro using "Command + R". I ended up with a similar screen and started to use the Disk util software to wipe the native SSD disk. After formatting this disk to APFS and renaming the disk to something a bit more obvious, i then exited out of disk util and returned to the main screen. At this point, i was ready to install Catalina onto this new disk. Without realizing that i had just wipe the factory recovery partition, along with the existing Mojave OS which i didnt cared about and had yet to allow to boot external USB and set security to medium. I panicked for around 5 mins due to not able to boot into this Catalina USB after several reboots !

After several reboots trying and hoping to boot external USB, all these reboot failed miserably. Each of the screens came immediately after each reboot went directly to a screen prompting me to enter a wifi name and a password. There was nothing i could do to inform this POST that there is a USB connected to a type-C port on the machine. At this point, scratching my head was the next best thing for me to do. Now, the damage to this laptop has been done but this wasnt completely lost. I wasnt quite sure what this wifi screen was about initially. The good thing was that apple provided this wifi screen was for a last resort to install an OS directly from As long as a mac owner can connect to a wifi network without username and password credential set, this was satisfactory on the reinstall side. The wifi screen required a wifi network name and a router password for it to connect to for it to download a new leaner Mojave OS.

After some network magic, i was able to download a version of Mojave OS over DSL, but this isnt what you would call a safe approach. i didnt know whether it would be suffice to download something this large (5.5 - 7.5 gigs) over a 400-500 KBps network. Also, i wasnt sure if there is an internal bittorrent kind of software when streaming this large OS file rather than a simple ftp transfer kind of thing from apple's end. This certainly was some apple magic, but i was glad this was provided from Apple since T2 chip prevented me from booting from any external USB !

After realizing that i could use my local network by entering the network name and its password. I then gained entry to a boot software after holding "Command + R". Thirty or so minutes went by, i could now see that boot menu screen started to appear. I then had chosen an option to reinstall Mojave. I clicked to reinstall the factory Mojave OS but this literally took a long time over DSL. Once the download was completed, all of the boot software began to conduct a reinstall. Much relieve at this point, since the OS installation process was working after a long awaited download from some random apple place. There was nothing to inform me of where this Mojave OS was coming from, by looking at the re-installation menu screen. One has to trust apple at this point, probably even much earlier.

ultimately, this reinstallation using apple's approach with their recovery download network worked !!! At this point, i still dont have Catalina but i do have a USB to boot Catalina. With much hope, i found that there was a menu item i would need to conduct first once i see a Apple logo after a reboot by using "Command + R". I held down "Command + R" then a boot software came up, i immediately looked for a menu item called "Security utility". After clicking this drop down menu, i was presented with another dialog box to disable FULL-SECURITY and enabled USB boot. Woot Woot, Success !

Finally, we are getting somewhere logically and there is light at the end of this tunnel. I rebooted once again, i held down the "option" button and MAGICALLY booted into this usb with Catalina. Now, i then deleted this disk and used this "disk util" to recreate this blank slate for Catalina with APFS. After more clicking and waiting on this clean install of catalina, macbook pro rebooted and came up with Catalina.

The lesson was not to wipe disk after holding down "Command +R" but to click on the "Security Util" on the menu item and enable the external boot along with set the security to Medium on all apple certified boot ISO downloaded from apple store. After a reboot, this second phrase, we can now hold down the "option" key to install a new OS using USB.

When installing Node and NPM, it is best to download the node package rather than from your OS distribution source. For mac and linux, it is fairly straight forward yet window might be slightly easier.

1) download the LTS node v10.x.x binary node*.tar.xz file from

2) sudo mkdir /opt/node
3) cd $HOME/Download/
4) tar xJvf node-10.16.0-linux-x64.tar.xz
5) cd node-10.16.0-linux-x64
6) sudo cp -pr . /opt/node
*7) sudo chown -R username:username /opt/node
8) cd /opt/node/bin
8.5) cd /usr/local/bin; sudo ln -s /opt/node/bin/node node
9) ./npm install -g npm
10) If you are on linux use .bashrc file otherwise on mac try .profile
vim $HOME/.bashrc
insert the following items inside this file:
export PATH=$PATH:$NODEJS/bin
:wq (save data and quit the vim editor)
11) source .bashrc
12) npm -v
13) Now we have this latest npm package application, we can now installed any of the JS Framework as we pleased.
14) cd; mkdir nodeware
15) cd nodeware
16) npm install @angular/cli
17) npm install -g vue
18) npm install -g react

*we are using ubuntu 18.04.2 LTS at the moment and our user account could very well be different from your user account, so bare in mind that you should adjust your chown user accordingly. Also, to prevent root being use excessively in /opt, we 've decided that we would be using our own user account instead. You can easily create a simple nodejs user account and only have access to that /opt/node directory for this special software. There are other ways to remedy this ownership of this directory besides this approach.

This is in setting up tomcat 9 on linux with self-sign cert enable. It is with some discretion that the version of tomcat must align with the version of either OpenJDK or from Oracle's JDK. The version from Apache Tomcat website had mentioned that Tomcat v9 can be used with newer Oracle JDK or whereas Tomcat v8 can be used with Oracle JDK or newer.

Install Oracle's JDK can be super simple on linux. Download either their x86 or x86_64 bit version and plop it onto your local home download directory /home/username/Download .

Download Java:
Download Tomcat:

The following are commands where i had issued in order to move a binary JDK file to another directory location before extracting this tarball package.

sudo mv /home/username/Download/ jdk-8u211-linux-x64.tar.gz /opt
sudo mv /home/username/Download/apache-tomcat-9.0.21.tar.gz /opt
cd /opt
sudo tar xzvf jdk-8u211-linux-x64.tar.gz
sudo chown -R username:username jdk1.8.0_211
sudo mkdir tomcat9
sudo tar xzvf apache-tomcat-9.0.21.tar.gz
cd apache-tomcat-9.0.21/
sudo cp -pr . ../tomcat9
cd ..
sudo chown -R username:username tomcat9/

# Your /opt directory should look something like this.
drwxr-xr-x 7 username username 4096 Jun 20 12:51 jdk1.8.0_211
drwxr-xr-x 9 username username 4096 Jun 20 13:05 tomcat9

Now, oracle's JDK v1.8.211 and tomcat 9 have both been installed. There is a minor issue with executing both java and catalina server from the command line. We must configure a few files for this user named username on this linux VM with the following commands:

vim .bashrc

somehow paste the following lines onto this file if you are using ubuntu linux otherwise Fedora/CentOS/Redhat would be .bash_profile.

# for use of Java JDK
export PATH=$PATH:$JAVA_HOME/bin
export CATALINA_HOME=/opt/tomcat9

Save either your .bashrc or .bash_profile file by issuing when using vim :wq
Finally, we must use the command source one of those two files to activate the commands.
source .bashrc
source .bash_profile

Now, we must configure tomcat 9 since java is functional. Tomcat 6/7/8/9 must have a user before one could use its built-in management tools and system monitoring software. Therefore we must conduct the following items.

cd /opt/tomcat9/conf
vim tomcat-users.xml
paste the following items before the last tag of this tomcat-users.xml file.

We must now generate a keystore file and a new directory inside /opt/tomcat9/conf directory to hold the key and keystore file.

cd /opt/tomcat9/conf
mkdir pki; cd pki

keytool -genkey -alias tomcat -keyalg RSA -keysize 2048 -storetype JKS -keystore keystore.jks -storepass maythehobbitbewithyou -validity 1024

once you had decided to use JKS type using keytool, there should be a new file called keystore.jks. There is a warning since this JKS format is proprietary algorithm from former SUN Microsystem and now Oracle. There is an alternative approach to this madness.

# keytool -genkey -alias tomcat -keystore keystore.pfx -storetype PKCS12 -keyalg RSA -storepass maythehobbitbewithyou -validity 1024 -keysize 2048

we can then check the key to see the fingerprint and see if our tomcat key has been placed inside this keystore.* by issuing this command.

keytool -list -keystore keystore.jks

one last item we must now do would be to configure this /opt/tomcat9/conf/server.xml file to enable port 8443 for this self-signed cert we've created on the previous step. 🙂

Finally, after saving the above text in your server.xml config file. You can now start tomcat Catalina service with the following command:
$CATALINA_HOME/bin/ start

This command is to stop the service. You can also find some additional instructions to figure out a way to make this tomcat instance run when your OS boots up.

$CATALINA_HOME/bin/ stop

I also had to comment out the inner two lines of this file called context.xml inside each of these two directories in order host management on the web interface would appeared :

i believed this was all that i had done before tomcat 9 and oracle JDK were working rediculously well. This was an example only to demonstrate a simple semi-secure middleware web engine. One would need to make a production instance of any J2EE engine or other html engine such as Glassfish/WildFly/JBOSS/Weblogic/apache/IIS to be more secure in order to prevent data being leaked out over connection and prevent some random Hobbit in the Middle Attacks. Some recommendation would be to acquire an actual pem file which is publicly verified Cert from or other cert authorities and reconfigure your production Tomcat instance. Second, for development/testing environment, one could also place this entire deployment of JDK, Tomcat and configuration onto a container environment using Docker or Kubetnetty running one container as a service in your Linux environment. Running either dockers, or Kubernetty was ridicously slow inside windows ->VM(linux)->Dockers. Use some form of a linux distro(CentOS,Redhat,Ubuntu,Slackware) to deploy your container once this container environment has been installed and configured properly. Bare in mind that RAM is important ! and no, we are not talking about sheep or goat or a four legged animal with lots of white bushy hair on its body !

# Assuming you have your linux CentOS 7-1804 environment correctly installed with networking enabled.

sudo yum update;sudo yum upgrade
sudo yum -y install
sudo yum update
sudo yum -y groupinstall "development tools"
sudo yum install vim
sudo yum -y install
sudo yum update
sudo yum -y install php72-php
sudo yum -y install php72 php-opcache
sudo yum -y install php72-php-mysqlnd
sudo yum -y install php72-php-mbstring
sudo yum -y install vim mlocate ntp ntpdate

# installing Apache Server 2.4.x, you can also try nginx if you like

sudo yum -y install httpd

# the below instructions are meant to install MariaDB

sudo touch /etc/yum.repos.d/mariadb.repo
--paste the next 7 lines of stuff into this repo files and save--

# MariaDB 10.2 CentOS repository list - created 2018-05-12 04:10 UTC
name = MariaDB
baseurl =

# We've chosen to install MariaDB instead of Mysql from Mysql Repo
# you can Choose to install Mysql-server, which is also easy to install
# grab that mysql-server repo and follow some simple instructions online then you
# are Golden.
# for MariaDB-server 10.2

sudo yum update
sudo yum install mariadb-server mariadb-client
sudo mysql_secure_installation


# there might need to be two additional items inorder to get php72 to function in your centOS server.

  1. Disable SElinux: sudo vim /etc/sysconfig/selinux
  2. turn off firewalld: sudo service firewalld stop

# To Build:
# Ref:

# sudo yum -y install rpmdevtools && rpmdev-setuptree
# wget -O ~/rpmbuild/SOURCES/apache-tomcat-8.5.27-fulldocs.tar.gz
# cd ~/rpmbuild/SOURCES
# mkdir apache-tomcat-8.5.27-doc
# mkdir ./apache-tomcat-8.5.27-doc/docs
# tar xzvf apache-tomcat-8.5.27-fulldocs.tar.gz
# cp -pr ./tomcat-8.5-doc/ ./apache-tomcat-8.5.27-doc/docs
# tar czvf apache-tomcat-8.5.27-doc.tar.gz apache-tomcat-8.5.27-doc/
# rpmbuild -bb ~/rpmbuild/SPECS/tomcat8doc.spec
# this is kind of complicated, but i think more or less will work.

%define tomcat_home /usr/share/tomcat8
#%define _unpackaged_files_terminate_build 0

Summary: Apache Servlet/JSP Engine, RI for Servlet 2.4/JSP 2.0 API
Name: tomcat8
Version: 8.5.27
BuildArch: noarch
Release: 1
License: Apache Software License
Group: Networking/Daemons
Source0: apache-tomcat-%{version}-doc.tar.gz
Requires: java
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-docroot-%(%{__id_u} -n)

Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.

Tomcat is developed in an open and participatory environment and
released under the Apache Software License. Tomcat is intended to be
a collaboration of the best-of-breed developers from around the world.
We invite you to participate in this open development project. To
learn more about getting involved, click here.

This package contains the base tomcat installation that depends on Sun's JDK and not
on JPP packages.

%package fulldoc-webapp
Group: System Environment/Applications
Summary: The docs web application for Apache Tomcat
Requires: %{name} = %{version}-%{release}-doc

%description fulldoc-webapp
The docs web application for Apache Tomcat.

%setup -q -n apache-tomcat-%{version}-doc


install -d -m 755 %{buildroot}/%{tomcat_home}
cp -R * %{buildroot}/%{tomcat_home}

# Put docs in /var/lib and link back.
install -d -m 755 %{buildroot}/usr/share/doc/%{name}-%{version}
mv %{buildroot}/%{tomcat_home}/docs %{buildroot}/usr/share/doc/%{name}-%{version}
cd %{buildroot}/%{tomcat_home}/
ln -s /usr/share/doc/%{name}-%{version}/docs docs
cd -

rm -rf %{buildroot}

%files fulldoc-webapp




* Tue Feb 27 2018 Freeman Lo <[email protected]>
- updated to 0.0.1

Solaris system disk nomenclature:

healthy disk indicated by ^++

There are two additional commands to discover if SAN, NAS disks are bad on your Storage system. "iostat -En" , "zpool status", "dmesg | grep -i error"

[email protected]:~$ hd -c -d -s


-----------------------------SunFire -------Rear-----------------
 3:    7:   11:   15:   19:   23:   27:   31:   35:   39:   43:   47:
c1t3  c1t7  c2t3  c2t7  c3t3  c3t7  c4t3  c4t7  c5t3  c5t7  c6t3  c6t7
^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++
 2:    6:   10:   14:   18:   22:   26:   30:   34:   38:   42:   46:
c1t2  c1t6  c2t2  c2t6  c3t2  c3t6  c4t2  c4t6  c5t2  c5t6  c6t2  c6t6
^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++
 1:    5:    9:   13:   17:   21:   25:   29:   33:   37:   41:   45:
c1t1  c1t5  c2t1  c2t5  c3t1  c3t5  c4t1  c4t5  c5t1  c5t5  c6t1  c6t5
^b+   ^++   ^b+   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++
 0:    4:    8:   12:   16:   20:   24:   28:   32:   36:   40:   44:
c1t0  c1t4  c2t0  c2t4  c3t0  c3t4  c4t0  c4t4  c5t0  c5t4  c6t0  c6t4
^b+   ^++   ^b+   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++
-------*---------*-----------SunFire ---*---Front-----*-------*---
Broken Disk indicated by: ^--
-----------------------------SunFire -------Rear-----------------
 3:    7:   11:   15:   19:   23:   27:   31:   35:   39:   43:   47:
c1t3  c1t7  c2t3  c2t7  c3t3  c3t7  c4t3  c4t7  c5t3  c5t7  c6t3  c6t7
^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++
 2:    6:   10:   14:   18:   22:   26:   30:   34:   38:   42:   46:
c1t2  c1t6  c2t2  c2t6  c3t2  c3t6  c4t2  c4t6  c5t2  c5t6  c6t2  c6t6
^++   ^++   ^++   ^++   ^--   ^++   ^++   ^++   ^++   ^++   ^++   ^--
 1:    5:    9:   13:   17:   21:   25:   29:   33:   37:   41:   45:
c1t1  c1t5  c2t1  c2t5  c3t1  c3t5  c4t1  c4t5  c5t1  c5t5  c6t1  c6t5
^b+   ^++   ^b+   ^++   ^--   ^++   ^--   ^++   ^++   ^--   ^++   ^++
 0:    4:    8:   12:   16:   20:   24:   28:   32:   36:   40:   44:
c1t0  c1t4  c2t0  c2t4  c3t0  c3t4  c4t0  c4t4  c5t0  c5t4  c6t0  c6t4
^b+   ^++   ^b+   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++   ^++
-------*---------*-----------SunFire ---*---Front-----*-------*---

Solaris disk naming scheme is somewhat confusing until when one has cracked open a SUN SunFire server and seeing so many disks,  one shall at that very instance realize the reason  of solaris's madness with its logical disk nomenclature.

First of all, a DVD/CD disk loaded on the solaris system is identified as /dev/dsk/c0t0d0s0 aka cotodoso.

The reason why this was a logical method was that, on these large scale SUN systems, there were actually disk controllers available to control hard disks. In the above example, we could see that there were controllers.  one controller controlling each  two columns of drives.    'c' is translate into controller, so if there were a drive failed in either of the first two column. It would be located in the first controller. The next character is 't'. no clue what it means but in my own term, it is the value for type of disk or the range of disks in a given controller. sadly, 't' could not be translate into the row value as we can see it is listed as the number of disks in a controller.  Starting with 0 on the front panel and count up towards the rear. Kind of like the first slot in an array in terms of CS, all things in CS starts with 0.  next, we have 'd', it is the disk number. 't' and 'd' may have similar meaning.

Finally, 's' is the slice or the partition. So... if we had something categorized as such c6t3d3s5. This would be partition 5 disk 3 row 3 in controller 6.  Solaris does care for the exact location of disk in any multi-disk system. This was an straight forward approach in location disk for all large scale systems.  if we were to translate *c6t3d3s5 into linux jargon, we believed that it might be *sdd5, this means that your third {ssd||spinningDisk} connected to your mobo via sata cable partition 5 might be having an issue.  Overall, linux does provide an abstracted layer approach in disk orientation unlike Solaris, where it provided more of a logical approach in identifying each individual disk based on controller location.

* Correction, we had it sdc5, but disk in solaris starts with 0 so its actually the fourth disk in linux jargon. Linux's disk is based on solely with SATA cable orientations and depending on the number of SATA ports available on the MOBO. Starting with sda, which is the first SATA cable connected to SATA0 on MOBO unless this is a DVD/CD rom drive otherwise, we are claiming it to be HD. sda = firstHD, sdb = secondHD, sdc=thirdHD, sdd = fourthHD. A normal Desktop MOBOs might be able to insert 4 HDs. A super charge MOBO might be able to insert 8 HDs or more. the number after the sda is the partition value. For example sda3. This means the first HD or first SATA cable connected to the MOBO where partition 3 on this disk call sda. This is one perspective we have based on each individual controller controlling the 8 HDs. If you were to look at it from a large picture, then this drive is a part of the entire set of disks. In a second linux jargon, it might actually be sdar5 if you were to count from bottom left hand corner to this particular drive location. surely, its one confusing mess. Depending on how you look at it, one controller (tree) or the entire shebang (forest), its either drive 'sdd' or drive 'sdar'. we kind of enjoy looking at it at a tree perspective, so sdd will be.

Often times, it is challenging to install OS such as any distributions of Linux, but installing Linux has come a long way when compared to RedHat versions 7.x in the olden days. We've experience installing various OSes in the past. The most difficult OSes to install would be the {net||open||free} BSDs from scratch. Bare in mind, Linux distributions had come a long way.  With its archaic menu driven installation process with complicated disk partitioning schemes, which perhaps drove some users away from using and learning Linux OS. It was actually worth using a disk utility to partition the disk first before popping in your favorite distro into the DVD drive.  Kudos to all Linux OS Communities, who came together and made the installation process simpler with prettified GUI installation steps for all non-hardware experts like myself.

Many of these installation processes for many *nis distros had all been simplified with a click of a button to choose packages, automatic partition your {SSD||spinningDisk}.  Many popular Linux distributions can be found here: Distrowatch *nix OSes

One interesting thing about one particular OS, where it has not changed much with its installation system. With its archaic menu installation driven steps and disk naming nomenclature, installing this particular OS is more or less climbing mount Everest.

Success in installing this the first try came in far and wide; second try, a long shot; third, so close......; fourth SUCCESS ! With all its ugliness,  we believed this OS is truly designed and made for certain types of hardware in mind.

By default, Solaris 10 is built with low maintenance, stability, long uptime in mind. Installation Solaris 10 or Solaris 11.3 on a typical desktop machine defeat its designed purpose. This OS should really be installed on one of the Sun SunFire server 4U servers.  If you are lucky enough to overcome all of the installation steps with the OS up and running. Congrats !

One issue could arise if networking is not chosen properly. There was one incident where DNS was not selected during an installation process and we found ourselves scratching our head as to the reason why 'ping' doesn't work. We then cooked coffee and decided to check a few files, if they existed after this installation process. Luckily, /etc/resolv.conf was missing.  We then added the following:



nameserver DNSSERVER1

nameserver DNSSERVER2

we then tried one last time to 'ping', still no luck. Make sure that /etc/defaultrouter has your gateway IP address. With more head scratching, we then poked at nsswitch.conf, looked correct at first glance, yet feeling something which was missing there. With some quick browsing, we came across one line where it needed help.  Also, there was this one other nsswitch file called, nsswitch.dns in solaris 10, which we would need it to overwrite nsswitch.conf.

The line was missing the word 'dns' at the end of this line.


hosts files


should be


hosts files dns


svcadm restart svc:/system/name-service-cache:default

ping is alive.

Success !

If you wish to try to install this OS on your desktop, the ISO can be obtained from the following link along with some documentations on how to install Solaris.

download: Solaris 10 Solaris Installation Guide