Mac OS X Server successes

My first experiences of Mac OS X Server 10.5 were terrible due to it being riddled with bugs. After finishing one install, for example, the very first thing I saw was the Server Admin app trying to start up and then crashing horribly. Nevertheless, I persevered with it on the assumption that it would improve over time via software updates, and I’m pleased to say I was correct to assume this.

We’re on version 10.5.6 now and our office server runs fairly hitch-free, with only the occasional bit of weirdness. Unfortunately Apple still don’t seem to have fixed the leak in the Directory Service which causes the ‘Potential VM growth in DirectoryService’ error and which eventually makes the server grind to a halt. However, it’s easy to plug this leak by using cron to run this script as root every five minutes:

#!/bin/bash

if tail /var/log/system.log | 
grep "Potential VM growth in DirectoryService" > /dev/null ; then
  logger "VM growth problem occurring: restarting servermrgrd and DirectoryService"
  killall -HUP servermgrd
  killall -9 DirectoryService
fi

Over time I switched on more and more services on our office server and now we make good use of the following things, all of which are easily administered with the Server Admin GUI unless otherwise indicated:

  • DHCP – dynamic allocation of IP addresses to everyone. Simple to set up and works fine.
  • DNS – works well as a caching DNS server and also allows you to easily add extra entries for local domains.
  • File sharing – fairly standard stuff, with different folders available to different groups and so forth.
  • Mobile homes – more commonly known as ‘roaming profiles’ in the Windows world, this means that each user’s home directory is synced with its equivalent on the server so that all their personal data is backed up and they get the same environment no matter which workstation they log on to. Very handy. The settings for this are in Workgroup Manager and are not immediately obvious, but it’s easy enough once you’ve got it up and running.
  • Mail – all our incoming mail goes to the office server where it can be picked up via IMAP. Most of the mail system can be easily administered via Server Admin, even much of the advanced stuff, although it’s occasionally necessary to fiddle with the underlying components which are a fairly neat combination of Postfix, Cyrus IMAP, Spamassassin for spam processing, and ClamAV for virus scanning.
  • iChat – previously we used Bonjour for instant messaging, which was quick and convenient but had some shortcomings. The iChat server, however, works very nicely and can be accessed by everyone regardless of their location. It’s actually a Jabber server so will work happily with Adium and other instant messaging clients as well as with iChat.
  • iCal – the calendar server provides personal calendars for everyone as well as a group calendar. Group calendars are particularly handy for collaboration and they work nicely with iCal on the desktop.
  • Open Directory – the tangible benefit for users here is the Directory application on the desktop which works as a shared address book, although I think this would be much better if it was accessible directly from Address Book so that there’s no need to run the Directory app as well.
  • Web services – provides various things such as web mail, web calendar and personal blogs. We use this primarily for the wiki which is great for documentation.
  • Software Update – allows Macs to query this server for software updates instead of having to talk to Apple over the Internet, thus speeding things up significantly and saving lots of bandwidth. Works well and is nice and easy to administer (a million miles away from the Windows Update equivalent, which in my experience is staggeringly confusing and complicated).

All of this is running happily on a Mac mini. For a while I was just using Time Machine for backups, but then I decided it was time to get a more robust backup system in place. We investigated the option of migrating to a bigger server with hardware RAID, but the only option for that is a Mac Pro which is a big expense and overkill for our needs. This is yet another example of why it’s annoying that Apple don’t do a headless midrange tower, somewhere between the Mac mini and the Mac Pro.

I ended up getting two decent external FireWire drives. I went for G-Technology G-DRIVEs because they’re fast, robust, and have FireWire pass-through (necessary because the Mac mini only has one FireWire port). On a Mac you can use FireWire disks just as if they were internal disks, so I migrated everything onto one of the FireWire disks and am now booting off that and using that as the live disk (which also happens to be an improvement over the internal disk because it’s faster). Every night I use rsync to clone the live disk onto the second disk so that the second disk can be used as a warm spare. It’s not as smooth as a RAID solution (in the worst case scenario, we’d lose all new email and data since that morning’s backup) but it works well, it’s much cheaper than getting a Mac Pro, and it’s very flexible, even enabling us to use our other Mac mini as a spare office server should the actual server itself fail.

When doing a full clone of Mac OS X Server from one disk to another, there are a few directories you need to exclude, and you need to make sure that the Mail service is off whilst the backup is running so that you don’t end up with a corrupt IMAP database. Also, don’t forget that rsync needs the ‘-E’ flag on Mac systems, otherwise important extended attributes such as ACLs and resource forks won’t get copied over. Here’s the script I put together for the nightly backup:

#!/bin/bash

BDISK="/Volumes/backup_disk"

# Stop the mail services
/usr/sbin/serveradmin stop mail; sleep 60

# Clone system disk
/usr/bin/rsync -aE --delete --exclude-from=/usr/local/bin/daily_backup.exclusions 
/ $BDISK/

# Recreate excluded system folders if necessary
if [ ! -d $BDISK/Network ] ; then 
  mkdir $BDISK/Network
  chgrp wheel $BDISK/Network
fi
if [ ! -d $BDISK/Volumes ] ; then 
  mkdir $BDISK/Volumes
  chmod 777 $BDISK/Volumes
fi
if [ ! -d $BDISK/dev ] ; then
  mkdir $BDISK/dev
  chmod 555 $BDISK/dev
  chgrp wheel $BDISK/dev
fi
if [ ! -d $BDISK/home ] ; then
  mkdir $BDISK/home
  chmod 555 $BDISK/home
  chgrp wheel $BDISK/home
fi
if [ ! -d $BDISK/net ] ; then 
  mkdir $BDISK/net
  chmod 555 $BDISK/net
  chgrp wheel $BDISK/net
fi

# Start the mail services
/usr/sbin/serveradmin start mail

And this goes into the text file containing the list of exclusions (/usr/local/bin/daily_backup.exclusions):

/Network/
/Volumes/
/dev/
/home/
/net/
/private/var/tmp/*
/private/var/vm/*

OpenArena

I recently discovered OpenArena. This is an open source first person shooter based on Quake 3, which means it is a very good free game that runs on a wide variety of hardware and operating systems (Mac, Linux and Windows). It doesn’t really have a story and is geared up for networkgames in which you test your skill against bots (as in robots, not bots) and other humans. Some of its content is amusingly ‘adult’ (i.e. juvenile) and it’s generally jolly good fun.

If anyone reading this is interested in trying out some excellent fragging fun, let me know. I am currently running a private server which I can give you the details for.

Spotify

I had a look at Spotify, which is a service that provides music in the form of a subscription rather than providing media which you own yourself. It’s a very slick application, nice and easy to use, with a pretty interface that sits nicely on my Mac.

They seem to have a reasonable selection of music available, and the range is apparently growing all the time. A key feature is the ease with which you can create and share playlists, so if a friend shares a playlist with you then you can immediately fire up the app and listen to the music on that playlist straight away. Very convenient, and a great way to get exposure to new music. I also approve of the fact that it already has support for scrobbling to Last.fm, although that raises an interesting comparison: personally, I think Last.fm is still more flexible and fun than Spotify for finding interesting new music.

That side, however, with their subscription service you either have to pay or put up with adverts. From what I understand from the explanation on their website, the adverts are bits of audio that happen whilst you’re listening to music. I’m not sure about anyone else, but I certainly wouldn’t want to be bothered by advertisements interrupting my enjoyment whilst I’m relaxing with one of my favourite albums. So, would I want to solve this problem by paying for a subscription?

Well, it was already enough of a concern that I became dependent on Apple to play my music for the few DRM-encumbered tracks that I purchased from the iTunes Store. Would I want to be dependent on a single small company for access to my entire music library? Would I want to have to keep paying them forever to retain access to that music? Would I be prepared to accept that I could only have access to my music in places where there was a sufficiently fast network connection? Would I be happy with the reduced audio quality of Spotify compared to high-quality AAC files or lossless audio? The answer to all those questions for me, at least for now, is a definite ‘no’.

Maybe it’s a bit old-fashioned of me but I like to own my own music, at least at the present time. I think the time may come when a subscription service does actually start to make more sense, but for many of us I don’t think that time has come yet. Best of luck to Spotify – it’s a nice application and a good way to find new music, but I’ll be sticking with CDs and iTunes for my music library.

Windows 7 beta

I decided to have a bit of fun today looking at the latest build (7000) of the Windows 7 beta. It never ceases to entertain me that Microsoft seem determined to press on with their plan for Windows to be the poor man’s Mac. Windows has now morphed almost completely unto a rather grim copy of Mac OS X, with the Taskbar now functioning similarly to the Mac OS X Dock, only without the clarity. It also lacks the flexibility of the OS X Dock, because it doesn’t seem to be possible to drag folders, Web links, etc onto the Taskbar in the same way you can with the Dock.

The Start Menu is just as cluttered and confusing as it has been in all the recent versions of Windows – goodness knows why they can’t improve that; maybe it’s because they’ve got nowhere else to copy a better one from. One thing I really do wish they’d implement is better behaviour for cycling through windows and applications. On the Mac you cycle through applications with cmd-tab, then once you’re in the application you want you can cycle through its windows with cmd-~. This is lovely and simple and enables you to get to the window you want quickly and with the minimum possible fuss. On Windows 7, you only have ctrl-tab which still cycles through all open windows regardless of application, so if you’ve got lots of windows open then cycling through them all becomes an RSI-inducing nightmare. Since Microsoft have copied pretty much everything else from Apple, I don’t know why they don’t rectify this annoyance. Oh, and why don’t Microsoft put back the useful stuff that used to be on the Desktop – My Computer and suchlike? The Trash – sorry, I mean the Recycle Bin – looks very lonely on its own.

Microsoft still don’t understand that for the user experience to be good, the operating system needs to be as transparent as possible. Within seconds of starting Windows, I was bombarded with the usual array of annoying messages about security issues and software updates. I tried to follow the prompts in the way a regular user might and consequently found myself downloading a trial version of Kaspersky Antivirus. This caused error messages about confusing clashes with the Windows firewall, and I had no idea whether I should turn off Windows firewall or not. After the inevitable reboots, Kaspersky started complaining every time I tried to do anything, starting off with a message about SVCHOST.EXE – seriously, how would most users know whether to allow something called SVCHOST.EXE to do stuff on their system? It’s absurd. Kaspersky continued to prevent me from doing things I wanted so I was forced to uninstall it again. Hardly the ideal solution, but I can’t see how a regular user could have figured out how to have that running whilst actually using their computer.

Firing up the newest version of Internet Explorer, IE 8 beta, I was once again amazed at the barrage of questions I had to answer before I could actually start browsing the Web. Just let me use the program, for goodness’ sake! If I want to change settings I’ll do it myself later. IE 8 seems to follow Microsoft’s current user interface strategy which, as far as I can make out, is ‘copy Apple but then add loads of complicated nonsense, thus missing the whole point of what makes Macs so nice to use in the first place’. It really is an awful mess with buttons and menus everywhere, with no simple way to understand what’s going on, how to change the settings, or why you might want to. At least it doesn’t seem to do too badly with rendering pages – I’d heard that Microsoft had made a right mess of things with their new ‘standards compatibility’ drive, but I didn’t see any obvious problems with sites such as BBC News and Facebook.

I had a look at Windows Media Player too, which at least has a reasonably uncluttered interface, but it seems to lack a lot of the power of iTunes. To be honest, though, I didn’t spend too long fiddling about with it so maybe I missed something there.

I tried to think of applications I might want to use on Windows, and the only one I could think of was Google’s Chrome web browser, because Google still haven’t released a Mac version of it. Wow, what a breath of fresh air this was after Internet Explorer! It seems very snappy and has a nice, simple, uncluttered interface (I’m using it now to write this entry). I love the way it uses just one box for Web addresses, Web searches, retrieving sites from your history, etc. I also quite like the list of recent bookmarks, most-visited sites, etc which comes up when you open a new tab. With its speed, simplicity and underlying WebKit rendering engine, this seems comparable to the Safari experience on a Mac, and I’m surprised more Windows users aren’t using it in preference to IE or even Firefox.

Getting Windows 7 up and running on my MacBook Pro was a pleasantly straightforward affair. I have it running as a virtual machine in VMware Fusion, and for the install I just told VMware that I was installing Windows Server 2008 in the new virtual machine. Everything happened seamlessly from that point on, and I soon had a fully functioning install of Windows 7 with all the necessary drivers and so forth. It even works perfectly in Unity mode, so I can run Windows applications completely transparently within the OS X environment as if they were Mac applications.

So, those are my thoughts based on the fiddling around I’ve done today. If this is better than Vista, as many seem to be saying, then I just thank goodness that I’ve never had to use Vista for anything. I guess some aspects of the interface seem to be nicer than XP, but that might just be because it’s more Mac-like and therefore more comfortable for me, although clearly it’s a very poor substitute for an actual Mac. Having said that, a lot of things seem to be more messy and complicated than they were in the days of XP, so I’m not even sure it really is an overall improvement. Oh well… at least I have a couple more Web browsers I can use, should I ever wish to do so.

Dicepeople update

During the Christmas break I was able to tidy up some of my songs:

  • Wormsign got a production clean up and has some musical additions and improvements.
  • I gated the pulse width bass sound on The Fear so that the song now sounds more spacious and exciting (hopefully).
  • Seek, Locate has been made huger and beefier so its sound fits in better with the rest of the songs.
  • I tweaked the kick drum level on Invader again. I think I’ve finally got it right this time.

The new versions of Wormsign, The Fear and Invader can be heard on the Dicepeople MySpace page.

There’s only one more song to go before I have enough for the album, and that one’s being frustratingly held up due to personnel issues. It was one of the first songs I started, yet it will be the last one to be completed (if it ever is).