Unresponsive Server in ARD

For the past several weeks at work I’ve been gradually working on upgrading our OS X server from Leopard to Tiger. The process has certainly not been without hiccups, but it has gone smoothly for the most part.

After an initial false start attempting to simply upgrade the server, I ended up simply installing the Leopard server from a blank disk. This seemed to take care of most of the really strange things that were happening after the upgrade.

This particular server is of the headless XServe variety, so we primarily use Apple Remote Desktop to access it in addition to the Server Admin Tools and SSH. Since installing Leopard on the server however, I’ve been noticing that at times it is acting erratically. Usually I’ll first notice that the server will either stop showing up in ARD or it show up as black, indicating that there is no ARD agent on the computer. I’ve tried restarting the computer, which will fix it, but that’s not a very good solution for obvious reasons.

I had also noticed while using Server Admin that sometimes the server CPU is running at completely full capacity, like in this screenshot:

OS X Server CPU gone crazy

The other day the server stopped responding in ARD again. As usual though, I was still able to access it through both Server Admin and SSH. After a little research, I found this useful page of commands, which includes this one-liner:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -restart -agent -menu

Running this command restarts the ARD Agent, which is what we want if it is frozen. Once I did this things got a little better, and the server came up in ARD as active. I tried controlling the server through ARD, but no dice, still no connection.

At this point I noticed that there was a user logged on to the server and I remembered that I had also been having problems with VNCDragHelper freezing. I found this on an Apple discussion page:

When remotely managing an XServe with OS 10.5.1 from a 10.4.11 client with ARD 3.2, several times (3 up till now) the server UI becomes unresponsive, at least finder. This even gets worse when trying to start the Application Monitor, then also the Dock freezes, and the Application Monitor UI never opens. When doing an ssh> sudo top, it shows that both “Application Monitor” and “VNCDragHelper” do consume almost 100% CPU. Luckily only on a Single core, but that keeps two cores (one processor 100% busy). killall “Activity Monitor” brings the activity monitor down, when sending it with Remote Desktop Unix command.

Perfect, that must be it. In SSH, I ran the following command:

sudo killall -9 VNCDragHelper

I also killed the loginwindow because that appeared to be frozen as well (judging from the top command that I ran):

sudo killall -9 loginwindow

Suddenly after running both those commands, the server leapt back to responsiveness. I was able to access it in ARD without problem. Also, after about an hour I checked the CPU diagram in Server Admin and was able to see a noticeable improvement.

OS X Server CPU back to normal

Now that’s a sight for sore eyes. For reference, I was running 10.5.3 and ARD 3.1 when this problem happened. I’m not sure that anything has been fixed in 10.5.4 though.

Firefox 3 and OS X Networked Home Directories

AFP548 is reporting a bug with Firefox 3 where apparently it doesn’t work with Macs that are set up to use a networked home directory.

When I updated to Firefox 3, I immediately noticed that Bookmarks were not visible under bookmarks menu. The Search engine field had a generic icon and when I selected ‘Manage Search Engines’, the dialog box was frozen and I couldn’t get out of it without quitting Firefox. When I tried to enter a URL into the URL field and press ‘enter’, nothing happens. However, when double-click on a URL in an e-mail message, that appears to work. […] When I switched to a local admin account (i.e., Firefox profile on the local hard drive), it seems to work fine. However, when I switch back to my network home account (on our XServe), it still displays the problems described above. I tried other user accounts on our XServe with the same problems.

This is kind of unbelievable to me that Firefox 3 was released with such a show-stopping bug on the Mac side. I’m pretty sure that most companies that use Macs use them with networked home directories (at least in the Academic world). It’s good to know though before I start adding Firefox to the images for fall semester.

Apparently this is a documented bug and as a commenter suggested, will be fixed in the future. You can read the bug track in Bugzilla to see how the fix is progressing.

Mac OS X Security

Preface and Disclaimer

This paper presents an overview of the security situation of Mac OS X. The purpose of this paper is to present security in a very easy-to-understand fashion. I firmly believe that there is an absurd amount of FUD about computer security in general, mostly propagated by vendors of antivirus software and their partners. In the case of Mac OS X in specific, it is very difficult to get accurate, non-sensational information about what the real security threats are. This paper began as a genuine effort to figure out, and then convey, what the real status of Mac OS X security is.

Please be aware that I am no security expert (nor am I a hacker), but simply a normal computer nerd with a passion for most things relating to computers and design. I have made every effort to consult the writings of security experts and convey accurate information. If any security ninjas out there find any inaccuracies, please let me know.

With the exception of the section “Out Of The Box Security and Additional Hardening Measures”, the entire report refers to Mac OS X 10.4 and prior versions. Where possible, I state specific versions of the operating system that I am referring to.

I’ve broken up this report into several pages because it is quite long. You can also download the report in its entirety in PDF format.


Take Screenshots From the Command Line

There is a command for Terminal in OS X which allows you to take screenshots from the command line. Creepy creepy. Here is the format:

screencapture -x FileToSaveAs

The -x option tells it not to make the shutter click sound. There is also an -i option which triggers an interactive mode, although I’m not sure why you would use the Terminal to do that.

There is also a cute little tidbit in the man page for screencapture:

Screencapture bug in man page

Outrageously Expensive RAM

A couple of weeks ago, I was helping to spec out some new iMacs for our computer labs. This is usually pretty straightforward; the only sticky part is actually deciding how much RAM to get. We run a lot of sophisticated software (Photoshop, Illustrator, Final Cut Pro, etc.), so I always want to make sure that we have enough RAM, now and down the road. These computers have to get us through a three year cycle.

Unfortunately, the options for built-to-order RAM on a Mac range from questionable to obscene. Keep in mind, there are only two slots for RAM in an iMac. Here’s how it breaks down:

Apple RAM Prices and Options

Thats right, 2 sticks of 2GB RAM will cost you $850 if you get it from Apple.

The 1GB option seems silly if you’re doing anything more than web browsing. 2GB is enough RAM for now, but the configuration of 2 sticks of 1GB stinks. This means that if you want to upgrade to 4GB of RAM later, those two sticks are worthless. There is no option for the obvious choice: to chose one stick of 2GB RAM, leaving an easy upgrade path.

All of this left me pretty annoyed at Apple, and feeling like no matter what I did, I was either wasting RAM (and money) now or later. So, I really had to laugh when I came across Mike Davidson’s post on RAM Arbitrage:

…to max out my MacBook’s RAM, Apple charges me $850, while if I go through my trusty RAM comparison shopping site DealRam, I am pointed to NewEgg, which ships me the same amount of RAM for $120. As a point of comparison, Dell charges $465 for an extra 4GB… still outrageous, but not a 700% markup!

He nails it. What really sucks about this practice by Apple is that I would guess many people who buy Macs don’t know that they can get the same kind of RAM from places like New Egg. They also probably don’t know how easy it is to replace RAM. It’s a racket.

Via Daring Fireball.