June 01, 2005

Mac OS X: The Unix admin perspective


Introduction




My desire to own a PowerBook grew out of few failed attempts at switching to laptops running linux. It's been a month since I ordered a 12inch PowerBook G4 and this seems to be a good time to write down my thoughts for those of you who are still on the fence. Being a unix systems administrator myself, I was more interested in the things inside the Operating System rather than the jazzy user interface outside. Though this write-up doesn't do justice to the feature-rich OS which we all know as Mac OS X, hopefully it would give some of you an interesting perspective of what I noticed when I switched to it for the first time.


Background


I've always surprised myself at how engrossed I get every-time I lay my hands on a new toy. I remember looking for things which others miss (sometimes by breaking it). As a Unix systems administrator by profession, I officially have a job of hacking OS, scripts and looking for performance tune-ups wherever possible. Interestingly one of the qualities a Unix admin develops over time is the ability to solve problems before a user gets the opportunity to ask themselves. For example ask any unix admin and they will tell you the number of times users ask "Why is my server slow ? ", or "Why is my process slow when it does XYZ operation". Then there are times when the users may not even ask you a question until the servers crashes for good. Thats where monitoring, log analysis and an inquisitive brain comes into play.

My first Unix


Even though I have never qualified myself as an early adopter, I've always tried to be more open to technology on the edge which has enough rough edges to cut you. After getting bored of writing TSRs (Terminate and Stay Resident Programs) and playing with Software Interrupts in MS-DOS and early version of windows back in 1995 I played with my first Unix OS when I deployed linux on my desktop using 5.25 inch disks which I think was an Intel-386 back then. It was a lot of fun breaking out of MS-Dos and Windows into something different and it felt even greater to have such a grip over the Operating system on your Desktop.

Compiling kernel for 30 minutes at a time for a few times every night was as fun loving as it was important to keep up with the fast changes the kernel was going through. But more than the kernel it was the OS with its vast ocean of free utilities which fascinated me. From that day till today I've used linux almost every single day of my life.


Saying good bye to Windows (unsuccessfully)


I've tried many times to say good bye to windows for good but never been able to for one of the many reasons which come back and haunt me.

  • Drivers : Finding drivers for all your hardware has always been a problem. Unless you build a desktop for Linux it was difficult to find all the drivers to run your hardware optimally

    • Sound Drivers: This had been a pain point until a few years ago.

    • Network Drivers: This was a problem initially, but it wasn't anymore if one knew the host OS was going to be Linux. In fact until recently Wireless networking drivers had the same problem

    • Video Drivers: Again it was a problem initially, but if you were using one of the recognized drivers you were fine



  • Software: It didn't take me long to figure out that the only way to use Linux for 100% of your work is to make sure you have all your tools for Linux. In fact back in the old days when piracy was rampant in India when no one every bought any software, I actually payed 100 dollars for Linux Office suite, which was the first software I ever paid for in my Life. That was long before OpenOffice.But the line of work I've been in since then almost always required me to own a full blown Windows OS. It was hard to refuse the same guys who were paying you

  • VMware: Around the time when Redhat 7.2 came out I made one more effort to switch to 100% linux (sortof) by switching my primary OS to Linux and by running Windows under emulation in VMware. I think this was one of my longest lasting attempts to run Linux as my primary OS. This was also the time when I bought my own personal laptop for the first time (Dell Inspiron 5100) and went ahead to do the same on my laptop too.For the most part this worked fine, except that I realized that for most of the times I was was doing both Unix and Windows tasks at the same time. Switching between Unix and Windows in VMware worked too... but not as elegantly as I'd liked it to be. Copying files back and forth was also not as clean as I'd wanted it to be. But it was progress in the right direction.But VMware was not free. Everytime I upgraded kernel/OS to a new distribution I had to either spend time to look on the net how to make old vmware drivers work with the new kernel, or wait for some time before VMware comes out with a new version of their OS which supports your new Linux Distribution/Kernel. Ofcourse you would have to pay for it all over again

    My love affair with VMware ended when I got frustrated that I couldn't get VMware to work after a Gentoo updates.






Choosing the right OS for the right job


Choosing an OS for job is not a game of absolute numbers. If anyone says otherwise they are just lying... or they don't know any better. At different stages of my live I've been flabbergasted many times for using Microsoft Windows in a Unix environment and giving my MCSE certification while I was employed as Unix Administrator. To have an absolute perception of anything without seeing the alternatives, however, is the worst thing you can do. Its no surprise that I use different OS at my work and home hardware depending on what its supposed to do.

Desktop at Work


Though I have always used Linux as my file server at home and for my website, I soon realized that using it at work may not be ideal in long run. My switch back to Windows was smooth and I was pleased with the speed gain. Since I we didn't actually use X11 on our Infrastructure there wasn't much I lost by the switch. Putty/WinSCP was good enough for most of my stuff, and Cygwin made up for the rest.

Time spent on hacking reduced

What shocked me was that I wasn't wasting much time upgrading the kernel and was focused on the real work at hand. I remember how many days I worked to get dual-head (two monitors) hooked up to my desktop running one of the older version of Gentoo. And even though I don't regret spending that time hacking X11 configuration files, I could have done something better if I had used Windows back then to do the same which had full support for dual head.


My hands were tied

I think the problem I was suffering from was that I couldn't control myself when I'm given too many options. Every new Linux Distribution out there and every release of of these distributions was an invitation to upgrade/migrate which I rarely refused. Funny enough, the very reason why I first switch to Linux for was the reason why I was frustrated of it and decided to switch back to Windows for Work.

The other problem I had was that unlike Microsoft Windows the life-cycle of Free Linux based Operating Systems were relatively shorter. After buying a Dell Laptop with Windows OS Professional on it, atleast I didn't have any desire to spend more money on Commercial Enterprise linux which had more support and longer shelf life. And unless I commit myself to one particular distribution I noticed that upgrade was always a challenge which kept on changing with the Distribution and version. Since my speciality was server security and Unix OS, I didn't have to worry much about Windows once I was part of my company NT domain. The patches were automatically served and I didn't have to worry about figuring out upgrades and driver incompatibility.



Linux Server for Home


At Home however, I preferred a little more control over the OS. After trying out Fedora for a while I quickly realized that it was not the same as RedHat which I was used to, and dumped it (and RedHat stock) in favor of Suse which has been running at home for a while now. Buy my choice of Linux didn't go uncontested. There was a brief period of few months when I was running both Windows and Linux at home. That was also the time I was experimenting with C# and .NET to see if I can use that instead of Linux/Perl for my web server.

Even though I was very impressed with .NET and C# (especially Visual Studio .NET), I soon realized that not only was it too bloated and expensive, it was also a one-way user lock-in technology, which wasn't the direction I wanted to go if I needed the flexibility of switching out of that architecture.

Features and applications like Squid, kernel-firewall support, ftp server, apache, php, perl, snort, bash, etc which most Unix admins take for granted in a Linux environment didn't come with windows. In fact for some of the stuff to really work well, you'd have to buy more Microsoft software which wasn't very cheap.


Windows for Laptop at Home


Laptop had a different problem. When I bought my 2.8Ghz Dell inspiron I quickly figured out that building kernels wasn't going to take as long as my older desktops. But I still had a very hard time getting drivers (sound/network/vpn/video) for all the devices on the laptop. Even if I were to use VMware on linux, it wouldn't be able to support all the devices which I need. Instead of spending time hacking and researching on the net, I made an executive decision to stay with windows+Cygwin ( I did try dual boot for short time without much success).




Thinking about Mac




Two years down the line I still have the same laptop and I still miss Linux a lot. When I got the opportunity to buy another laptop, it was not surprising that I was thinking about this all over again. Did I really want to spend more time to figure out if my laptop will work with linux ? Or should I pay premium and buy a pre-installed Linux laptop with some small no-name company ?

I have been using iPod for 6 months now, and have also been following interesting news about Apple's OS X, its Unix Internals, PowerBooks, 64Bit G5s and iPhoto. Its then that I realized that its not the Linux Operating system I'm seeking for, but the utilities provided by a Unix operating system to keep a Unix admin feel at home. I needed the drag and drop of windows and the power of kill -9 without having to install multiple 3rd party tools.

When I tried out Mac at the local Apple stores the only thing I could say was WOW. It seemed responsive, flexible, sexy and had very good driver support from 3rd party vendors. But coming from a Dell camp, the price was a concern. A 15inch laptop with just 512mb ram and 80GB drive costs significantly higher than a cheap laptop from Dell. The final decision to buy 12inch Powerbook however was made when I thought about all the troubles I had gone through in carrying around a 15inch 8 pound Dell Inspiron laptop. Trust me when I say that a 15inch laptop is the last thing you want to carry on an airplane.

First impressions


The powerbook which I bought "just to check it out", has changed my perception of Apple and OS X enough to say that "gosh, why I didn't do this before ?". Some of the impressions below were biased because I'd been stuck with a clunky 15 inch heavy dell laptop for 2 years. But again, these are just my personal impressions and you have the right to think otherwise.

Light

My PowerBook 12inch G4 with 512MB Ram and a SuperDrive (DVD/RW) came within 10 days of placing the order. After working with heavy 15inch laptops for more than 2 years, I had gained a lot of respect for thin, light laptops.


Low Screen Resolution or 12inch

But I wasn't prepared for the 1024x768 resolution 12inch offered me. Programming or doing multi tasking is very difficult with a small screen. And after being spoit by using a Dual-Head 19inch monitors at work, a tiny 1024x768 can take some time to get used to. I wish they had something with higher resolution.


Asthetics


I don't own a red car, and I don't wear Red Flashy cloths. But there is something different about a PowerBook with a fruity laptop lid which lights up when you are working on it, showing everyone around you that you own a mac. Apple has a reputation of designing excellent functional yet beautiful hardware.


Compact

This 12inch laptop came with everything I needed for my work/home (except iPod) including DVDrw Drive and 802.11g built in which meant I don't have to carry my heavy external 2 year old DVDrw drive anymore.


Drivers

The Powerbook came with Panther installed, for which I found all the drivers I wanted, including Checkpoint SecureClient for Mac which was important for me if I planned to use PowerBook as my only laptop at home. As luck would have it, though, Tiger broke the driver and I'm still waiting for Checkpoint to release the new one.

I also found drivers for my Printer, but I couldn't get it to work with my Canon Scanner. The Help page on Powerbook suggests that I should buy hardware which they recommend on their website to maintain compability. Had I known that 3 years ago, I probably would have bought a different scanner, but for now I'll have to use my other laptop to scan photographs.


Unix Back-end

I'll jump into this in detail a little later. But I had to mention that I was impressed with the suite of tools which a Mac OS X comes with by default. Based on my first impressions OS X had all the important tools which I take for granted in all Unix servers, including utilities like "top" which doesn't even come with Solaris. The SSH client, rsync client, apache server (with perl/php), nfs support and a pretty good Terminal window blows away Window+Cygwin from miles away.


Office Productivity Tools

The powerbook came with a 30 day trial edition of Microsoft Office which did everything which I could on a regular Microsoft Office 2003 on Wintel hardware. I know there are some OpenOffice ports to Mac, but I haven't got to the point of testing that yet. PGP and MSIE were other tools which I needed to use in my line of work to keep in touch with others in organization.. and both of them worked just fine.


Plethora of features

Inspite of extremely strong unix foundation, Mac OS X continues to be designed with the end user in mind. Features like "Expose" which allows users to select an active window to switch to using thumbnails of current open windows helps solve a problem which I always have on a system which has been running for a while. Doing multi-tasking is important for some of us, and Expose goes a long way in helping me speedup application switching.


Open APIs

Last but not the least, I have to mention that iTunes is rock solid on OS X. Which was no surprise. But iTunes is not where iLife ends. iLife is a suite of products which helps you create and manage your collection of digital memories. The stability of iTunes had helped me make up my mind to try out iPhoto. With a collection of neatly cataloged 7000 photographs (using perl scripts and mysql database) I was looking for a newer tool to manage the collection. iPhoto, though a little slow and bloated, looked stable enough to trust my photographs to. With a little bit of hacking using Mac::Glue and Applescript, importing metadata was simpler than what I originally expected. As long as apple keeps its APIs open, I have have no problem trusting it with my gems. I'll talk a little more about Apples APIs later in this article


One button mouse

As windows users switch to more and more buttons on their mouse, somehow Apple thinks that "one" is still the golden number. This probably does give a consistent user experience across all Mac OS deployments, but to me it was just annoying. The convoluted way of pressing "Ctrl" while pressing "mouse-click" required me to use two hands which is doesn't need to be as complicated. [ BTW, I've heard u can connect 2 button mouse... but seriously, who buys a 12" laptop and then uses a 5" mouse along with it ? ]


Keyboard shortcuts

For users who haven't used Mac, this has got to be one of the nastiest things to get used to. the Mac OS X keyboard shortcuts took me a couple of days to get used to, and it took me another few days before I discovered a few more things. This however is pretty much the complete list of documented Mac shortcuts.


Long lasting batteries

I haven't done any empirical tests, but overall I found the batteries to last much more than my 15" Dell Inspiron. Without wireless, it seems like it can last for upto 4 to 5 hours. I'll update this section when I find this out for sure.


No hibernation : Just Instant on

Powering off an Apple Powerbook is not as common as you would think. Unlike Windows OS, Powerbooks don't hibernate, they go into extremely deep standby sleep mode and wake up instantly at the press of a key. This gives an "Instant On" feel which is definitely better than waiting for ever for all your heavy applications to start up.


Application Binaries are actually Application Package Directories

Another interesting observation was the fact that unlike most Windows applications, the Mac OS X applications didn't have all the resource files embedded within the application binary itself. The application which is listed as "Mail.app" or "iCal.app" is not actually an application binary, but a directory on the file system. Finder application which launches applications hides the fact that its a directory which can be browsed. There are two ways you can see the actual contents of which one is click on "Show Package Contents" in the Finder menu. The other way to browse is to use the terminal to cd into the directory. Do a "find /Application/Main.app" on your Mac OS X to see the files inside.


    Royans-Tharakans-Computer:/Applications/Mail.app/Contents rkt$ ls -la
    total 32
    drwxrwxr-x 8 root admin 272 May 16 20:20 .
    drwxrwxr-x 3 root admin 102 May 16 20:20 ..
    -rw-rw-r-- 1 root admin 5014 May 3 20:16 Info.plist
    drwxrwxr-x 3 root admin 102 May 16 20:20 MacOS
    -rw-rw-r-- 1 root admin 8 Mar 22 02:22 PkgInfo
    drwxrwxr-x 3 root admin 102 Mar 22 02:26 PlugIns
    drwxrwxr-x 343 root admin 11662 May 9 21:11 Resources
    -rw-rw-r-- 1 root admin 460 May 3 20:19 version.plist



2. file system performance
3. packaging adding removing packages by hand


Spotlight

If you know google desktop search then you probably know what I'm talking about already. Tiger was perhaps the first OS ever released which has such a good indexing and search capability built into the OS itself. I found the feature very helpful, but it could have been better if it support "Microsoft Entourage" as well... but hey, nothing is perfect.



Unix Tools



Shells



Mac OS X comes with a number of shells for the end user including bash, tcsh, zsh, korn, Perl, PHP ,Ruby, Tcl/Tk and Python.


Tools


The complete list of tools available in default PATH in bash is attached as Appendix I. This list of more than 1000 commands is very impressive and powerful enough to entice a hardcore Solaris enthusiast. Not only does the PowerBook come with all the bells and whistles attached, unlike some operating systems its actually in Path so you don't have to do a "find / -name $tool" to look for the tool.


Directory Structure



Root Directory (/)



    drwxrwxr-t    2 root  admin       68 Jan  9  2004 cores
    d-wx-wx-wt 2 root admin 68 Jan 13 10:41 .Trashes
    -rw------- 1 root admin 589824 May 3 15:00 .hotfiles.btree
    -rw-r--r-- 1 root admin 0 May 3 17:55 User Guides And Information
    drwxr-xr-x 4 root admin 136 May 3 17:56 automount
    drwxr-xr-x 11 root wheel 374 May 5 23:45 usr
    lrwxr-xr-x 1 root admin 11 May 9 21:01 etc -> private/etc
    drwxr-xr-x 40 root wheel 1360 May 9 21:01 bin
    lrwxr-xr-x 1 root admin 11 May 9 21:04 tmp -> private/tmp
    lrwxr-xr-x 1 root admin 11 May 9 21:05 var -> private/var
    drwxr-xr-x 63 root wheel 2142 May 9 21:08 sbin
    drwxrwxr-t 6 root admin 204 May 9 21:08 Users
    drwxr-xr-x 4 root wheel 136 May 9 21:08 System
    drw------- 7 root admin 238 May 9 21:34 .Spotlight-V100
    -rw-r--r-- 1 root wheel 4313056 May 10 18:16 mach_kernel
    drwxrwxr-x 47 root admin 1598 May 12 19:53 Library
    drwxrwxr-x 2 root admin 68 May 13 12:02 opt
    drwxrwxr-x 15 root admin 510 May 14 07:41 Developer
    drwxrwxr-x 48 root admin 1632 May 27 19:53 Applications
    dr-xr-xr-x 2 root wheel 512 May 28 19:51 dev
    dr-xr-xr-x 2 root wheel 96 May 28 19:51 .vol
    drwxr-xr-x 6 root wheel 204 May 28 19:51 private
    -r--r--r-- 1 root admin 597984 May 28 19:51 mach.sym
    lrwxr-xr-x 1 root admin 9 May 28 19:51 mach -> /mach.sym
    drwxrwxr-t 31 root admin 1156 May 28 19:51 ..
    drwxrwxr-t 31 root admin 1156 May 28 19:51 .
    drwxr-xr-x 1 root wheel 512 May 29 23:10 Network
    -rw-r--r-- 1 root admin 321698 May 30 00:34 Desktop DF
    -rw-r--r-- 1 root admin 61952 May 30 12:41 Desktop DB
    -rw-rw-r-- 1 root admin 12292 May 30 15:22 .DS_Store
    drwxrwxrwt 5 root admin 170 May 30 15:37 Volumes





Home Directory (/Users/rkt)



    drwxr-xr-x   24 rkt   rkt      816 May 30 16:07 .
    drwxrwxr-t 6 root admin 204 May 9 21:08 ..
    -rw-r--r-- 1 rkt rkt 3 May 3 17:55 .CFUserTextEncoding
    -rw-r--r-- 1 rkt rkt 15364 May 30 16:13 .DS_Store
    drwx------ 14 rkt rkt 476 May 30 15:20 .Trash
    -rw------- 1 rkt rkt 11578 May 30 13:50 .bash_history
    drwx------ 5 rkt rkt 170 May 10 18:58 .gnupg
    drwxr-xr-x 15 rkt rkt 510 May 30 12:45 .jedit
    drwxr-xr-x 3 rkt rkt 102 May 20 21:17 .netbeans
    drwx------ 3 rkt rkt 102 May 5 22:45 .ssh
    -rw------- 1 rkt rkt 8109 May 30 16:07 .viminfo
    drwx------ 5 rkt rkt 170 May 30 00:14 Desktop
    drwx------ 13 rkt rkt 442 May 13 14:58 Documents
    drwx------ 39 rkt rkt 1326 May 22 16:14 Library
    drwxr-xr-x 6 rkt rkt 204 May 13 20:31 Magazines
    drwx------ 42 rkt rkt 1428 May 28 19:29 Movies
    drwx------ 6 rkt rkt 204 May 3 23:44 Music
    drwx------ 5 rkt rkt 170 May 5 21:44 Pictures
    drwxr-xr-x 5 rkt rkt 170 May 5 07:54 Public
    drwxr-xr-x 6 rkt rkt 204 May 5 07:54 Sites
    drwxrwxrwx 4 rkt rkt 136 May 7 00:16 System Volume Information





/etc/group



    ##
    # Group Database
    #
    # Note that this file is consulted when the system is running in single-user
    # mode. At other times this information is handled by lookupd. By default,
    # lookupd gets information from NetInfo, so this file will not be consulted
    # unless you have changed lookupd's configuration.
    ##
    nobody:*:-2:
    nogroup:*:-1:
    wheel:*:0:root
    daemon:*:1:root
    kmem:*:2:root
    sys:*:3:root
    tty:*:4:root
    operator:*:5:root
    mail:*:6:
    bin:*:7:
    staff:*:20:root
    lp:*:26:
    postfix:*:27:
    postdrop:*:28:
    certusers:*:29:root,jabber,postfix,cyrusimap
    utmp:*:45:
    uucp:*:66:
    dialer:*:68:
    network:*:69:
    www:*:70:
    mysql:*:74:
    sshd:*:75:
    qtss:*:76:
    mailman:*:78:
    appserverusr:*:79:
    admin:*:80:root
    appserveradm:*:81:
    clamav:*:82:
    amavisd:*:83:
    jabber:*:84:
    xgridcontroller:*:85:
    xgridagent:*:86:
    appowner:*:87:
    windowserver:*:88:
    accessibility:*:90:
    tokend:*:91:
    securityagent:*:92:
    unknown:*:99:





Files under /etc directory





FileSystem Domains



User Domain

Files under this domain are under full control of the user who is logged in. (For example in my case it was under /Users/rkt).
Every user account under Mac OS X comes with a standard set of directory under it which are "Applications", "Desktop", "Documents", "Library", "Movies", "Music", "Pictures", "Public", "Sites". Some of these directories are similar to the ones found under Microsoft Windows user directories.
Local Domain

Non-System Files shared among all users on the Operating System
Network Domain

Shared among all users on a Network File System
System Domain

Core OS files which the users can't modify. /etc directory is one example of the directories under this Domain.




Open Source, APIs and Documentation



Darwin, BSD and Open source


Apple's Mac OS X Unix page describes the rock solid Unix core on which it is build upon.
Here are a few more links you should have a look at to understand more about how much of Mac OS X comes from open source.