Show logs on macOS(10.12 Sierra or later)


Use `log`.

Streaming (like tail command)

`log stream`

Find from past log

`log show`

See `man log` for detail.



$ log stream --info --predicate 'process == "cron"'
$ log show --info --predicate 'process == "cron"' --start '2017-05-25'


$ log stream --info --predicate '(process == "smtp") || (process == "smtpd")'
$ log show --info --predicate '(process == "smtp") || (process == "smtpd")' --start '2017-05-25'

If you doesn't know process name to specify

$ log show --info --start '2017-11-08' | grep 'xxx'

and guess process name.

Certificate without subjectAltName causes NET::ERR_CERT_COMMON_NAME_INVALID error on Chrome

When I visited a site that uses a self-signed SSL certificate for development environment with Chrome, "Your connection is not private. NET::ERR_CERT_COMMON_NAME_INVALID" error occurred.

Although I use a self-signed certificate, I installed it for the clients and trusted it. (Keychain Access on Mac and Certificate Manager on Windows.)
The CN(Common Name) also matches the host name being accessed.

There is no problem with browsers other than Chrome.
Even Chrome could access without problems, but suddenly it got an error.

There is "[missing_subjectAltName]" in the error, so I thought the certificate without subjectAltName caused the error.


For Chrome 58 and later, only the subjectAlternativeName extension, not commonName, is used to match the domain name and site certificate.


Create self-signed certificate with subjectAltName extension

Copy openssl.cnf and set subjectAltName, use it on creating certificate.

  1. Copy openssl.cnf(Below is example on Red Hat family. Change the path to openssl.cnf for other platforms.)
    $ cp /etc/pki/tls/openssl.cnf
  2. x509_extensions in [ req ] section is v3_ca. So it seems I should add subjectAltName in [ v3_ca ] section.
    $ vi
    [ req ]
    x509_extensions = v3_ca # The extentions to add to the self signed cert

    Add subjectAltName in [ v3_ca ] section.

    [ v3_ca ]

    You can also set multiple subjectAltNames.,

    See `man 5 x509v3_config` for detail.

  3. Create private key
    $ openssl genrsa -out 2048
  4. Create certificate(Specify your cnf file for the -config option
    $ openssl req -new -x509 -days 36500 -sha256 -config -key -out

Installing scl devtoolset on CentOS6

When trying to build nodejs (v6.9.1) on CentOS6, `make` got an error.
It requires gcc and g++ 4.8 or later, but CentOS6's gcc is 4.4.7.



* `gcc` and `g++` 4.8 or newer, or
* `clang` and `clang++` 3.4 or newer
* Python 2.6 or 2.7
* GNU Make 3.81 or newer

So I decided to install gcc and g++ 4.8 or later with scl.

$ sudo yum install centos-release-scl
$ sudo yum install scl-utils
$ sudo yum install devtoolset-4-gcc devtoolset-4-gcc-c++ devtoolset-4-binutils
$ scl enable devtoolset-4 bash
$ gcc --version
gcc (GCC) 5.2.1 20150902 (Red Hat 5.2.1-2)
Copyright (C) 2015 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO

There are devtoolset-3 and devtoolset-4. I installed devtoolset-4.
I installed only gcc, g++ and binutils necessary for building nodejs, because it is massive when installing all with devtoolset-4.

$ scl enable < collection1> [< collection1> ...] bash

This makes bash start with the environment where the installed collection can be used.

To enable software collections for users after reboot, create under /etc/profile.d with the following content.

$ cat /etc/profile.d/
source scl_source enable devtoolset-4


When devtoolset-4 is enabled, sudo is sometimes broken such as `sudo -i` results in error.

$ sudo -i
[sudo] password for foo:
/var/tmp/sclXXXXXX: line 8: -i: command not found

In such cases, you can use `/usr/bin/sudo` explicitly.