[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 06/05/13 13:53, Simon Waters wrote: > I want your "OS X v Wheezy" opinion for working. I meant to reply to this quicker but annoying stuff (i.e., "work") kept coming up instead, and I really wanted to give this the proper treatment. Full disclaimer: I admin a LOT of Apple stuff, from iPads to Hackintoshes. My main computer for a couple of years was a 17" Titanium PowerBook and I use a (jailbroken) iPhone. I know of what I speak. Phil replied with some good general advice about some of the steps needed to smash OS X into a slightly more usable form, specifically a warning for Linux types that OS X has a BSD heritage and everything you may think you know about the underlying base tech is wrong. A lot of weird non-POSIX stuff happens in BSD land that will likely terrify and confuse the unwary user: remembering to issue 'ps aux' instead of 'ps -eawf' (note the lack of '-' in ps aux, that's not a typo) is just the tip of the iceberg. Sed behaves differently on OS X, even compared with BSD, which gets me every single damn time. The default Mac terminal is truly atrocious and even fully updated OS X tends to ship with rather ancient versions of all your regular Unix tools: as Phil rightly suggested, if you're even a light user of the command line you will definitely want to install a third party solution to get a functional toolchain. But be warned: he didn't mention that Fink, MacPorts and Homebrew all (can) have significant issues of their own and (can) require some non-trivial hand holding of their own. And he *really* wasn't joking about watching your $PATH and clobbering system scripts - Apple support will literally laugh at you if they find out your knackered iMac has 'dangerous' non-standard system utilities installed. I guess this is a good point for me to expand a little on Apple in general and OS X specifically - I think most of you are even less familiar with OS X than Windows so probably don't know little secrets like this. For example, did you know that as of OS X 10.8, there is an option - checked by default - in the security section of the system preferences that disallows the installation of ANY application not digitally signed by an approved Apple Developers key? (that's $99 to you sonny.) In practice, this means that any app not served up via Apple's delivery mechanism (Mac App Store) will refuse to install, unless you venture into the system preferences and disable it, ignoring the massive dire warnings of imminent death by hackers - I'm only slightly exaggerating here - this heinous act of free-thinking will throw up. This feature is called Gatekeeper and is admittedly currently probably responsible for keeping a lot of unskilled users out of at least some forms of trouble: but for all you freedom loving hippies and power users, this probably should serve as a warning for the sort of experience you can expect in Mac OS world. Tightly curated, relentlessly monetized, aggressively controlled. It's not called the walled garden for nothing: comparatively, Windows is a free-wheeling anarchistic paradise, as insane as that might sound. Other major unpleasantness, in no particular order: 1: Although it's possible to sidestep this (with relative difficulty), the App Store requires full personal info, specifically, a valid credit card. 2: Aforesaid App Store is now also the Apple software update mechanism. This *is* as bad as it sounds. 3: iTunes. Worst software in the world? Optional on Windows, absolutely inextricably embedded on Mac. 4: Licensing: draconian, stupid, self-serving. Example: only Macs may (legally) virtualize Macs, with many restrictions. 5: 'Phone-ification' - think Win8 Metro is annoying? You have no idea. Just try Mac's Launchpad. 6: Quicktime. Apple still bundle the limited shitware - the proper version costs. Lame. 7: Support period. Apple abandon software with great vigour. If you don't have the current or previous version, you're effectively unsupported. 8: iCloud. Way more than Win8, Apple virtually insist you will stay inside their ecosystem 100%. Credit card required later. 9: So called "umbrella effect" - you won't end up buying more Apple kit because you want to, but because it's the only stuff that will f*cking interoperate properly (by design). 10: Mouse scrolls the wrong damn way by default (seriously). Easily changeable, but it's another example of Cupertino's "we tell you how to do it" attitude. 11: Safari. Making Internet Explorer look good since... well, forever basically. 12: Xcode (developer framework, think Visual Studio/Eclipse, but for Mac/iOS). I have, through a customer, a very expensive ADC (Apple Developer) license so I get the latest versions. You don't, so you will have to make do with the crumbs they throw you. Added fun: GCC is a clusterf*ck on Mac 50/50. Good luck compiling anything non-trivial without major headaches. 13: Complexity. Setting many Apple-specific options in a terminal is bewildering, and I know what I'm doing. Makes even Windows PowerShell seem terse by comparison, and the auto-complete isn't nearly as good. 14: Incompatibility: oh god, the LDAP, the Kerberos, the Samba, the NFS... everything is just subtly wrong. Just google for "Lion NFS" to get a taste of the pain. Fixable, but why is it broken in the first place? 15: No server version. It's now just an optional download from the App Store to convert a regular Mac to a "server". I'm not joking. To be fair, it actually works better than expected. 16: Enterprise management - there is none. You will have to buy one of the (actually rather excellent) third party tools to integrate with your existing NIS/ADS infrastructure. 17: Security - bring me a Mac, any Mac (can even have full disk crypto). Watch as I abuse single user mode and EFI to unlock it and gain root. Truecrypt/BitLocker/LUKS don't have this problem. 18: HFS/HFS+ This filesystem should die a horrible death. Apple derped on licensing ZFS for reasons best known to themselves. 19: Interface inconsistency. Phil mentioned this too - it's rampant, even in Apple's own damn products. iTunes famously failed to check itself before it wrecked itself. 20: Skeuomorphism. Apparently Sir Ives also detests this so it's probably all going to be killed in time for 10.9, fingers crossed... 21: I should probably stop here. Trust me, I could go on for a *very* long time. So, to answer Simon's original question: Wheezy vs Mac OS X. Or indeed, any Linux vs Mac OS X. I imagine it's obvious by now, but I personally feel that currently Mac OS X is the worst OS on the face of the planet. Underneath it's hipster, achingly fashionable and beautiful shiny face lurks a monster. A monster that you should kill with fire with extreme prejudice if you ever encounter it. Time for a story... Trust me, it will start well: a friend asks you to fix their MacBook Pro. "Hmm, nice laptop" you think as you take it to work to show off a little. Connect to the corporate wifi (you have to, because it doesn't have an ethernet port - there is an adaptor dongle but guess what? $$$ bitches) with your freshly created admin account - what's this? Updates are available: OS X 10.8.3, a Photoshop fix and several of the App Store derived freeware tools are ready to freshen up. Adobe has it's own independent updater so you fire that off with no problem but weirdly, the OS X update seems to be downloading but the updates for Evernote, Quicksilver and your NFO viewer refuse: it's asking you to sign in as the original user who installed them. WTF? Of course you don't have your friends Appstore password, although you recognise the registered email (random_luser@xxxxxxxxxx). So, you shrug and ignore it - never mind, what could possibly go wrong with this unpatched software? But it makes you think: what if this was the family home computer, shared amongst everyone? Does this mean that as the overall admin (aka; *DAD*) that your daughter and wife, with separate accounts, can register for the AppStore, install stuff from it, and when it comes to the Mac equivalent of 'apt-get update && apt-get dist-upgrade -y' you won't be able to upgrade all the software without their username/password combination? Holy crap, that's weird. (Believe it or not, this is indeed how it works - I know this is batshit insane, but I'm not making it up.) Never mind you think, ignoring the fact that half of the apps running on your lovely 2880×1800 Retina display aren't optimized properly so render like crap and because Apple regularly implement and roll out unfinished and unratified features like 802.11ac ahead of schedule your network connection is flaky as hell because the Cisco AP rightfully hates it. After scrolling your mouse the wrong way for 5 minutes before eventually finding the cryptic shortcut for starting a terminal session, it's time to get to work. Safari won't display your internal website dashboard properly, but never mind, after another 10 minutes of googling you eventually find out about and how to disable the damned Gatekeeper setting and finally get Firefox installed - whilst you're at it, you bookmark a page listing all the bizarre multitouch gestures that your trackpad insists on doing even when you're just trying to scroll through the incorrectly formatted ticket list - hooray for non ACID compliance. At this point, your friends MacBook has finally finished installing it's updates, or at least, the updates it's deigned to let you download, and wants a reboot: feeling a little dejected, you reboot, noting how damn hot the surprisingly flimsy aluminium palmrest has got on one side, presumably just above where the overpriced and under-specced mobile Core I chip lives. After rebooting, you notice that for some reason there are still outstanding updates: more googling (at this point you've realised that anything you want to know about Apple internals you're going to have to find yourself) reveals you have to reboot again, holding down multiple keys like a concert pianist, before the firmware update applies itself. Boom, you now have a very hot and almost up to date MacBook, so back to work. The terminal looks ugly as hell, and you've already realised that you're going to need some updated GNU tools so you head off to MacPorts whilst ssh-ing one of your production servers. Too late, you realise that ssh -X and ssh -Y work strangely in Mac land, and that X wasn't included as an optional extra during the install phase so your Oracle Java installer GUI won't work properly remoted. By this point, you're getting pretty f*cking mad, and even more so when your MacPorts DMG finishes downloading and promptly tells you that you're going to need Xcode installed. You're even madder when you find out that you're going to have to create your own Appstore account to get the (outdated) version and it's several gigs - you realise that when you hand this laptop back to your friend she's not going to be able to update it without the username/password you create. More googling lets you figure out how to register for freeware downloads without credit card information. You set it to download and go to the pub for lunch. Rage ensues when you return and realise that after installing it, there's a line you missed on the MacPorts page: you need some optional components that weren't included by default. More downloading/installing ensues, and finally you get MacPorts installed. Reboot. Fix $PATH variables. Log out. Get X working, realise that despite promises that auto-launching when needed is 'fixed' in current Mac OS X, it doesn't actually work very well. Laptop is currently hotter than the sun, and has been plugged in since 10am for relentless power drain. 'Cos you're a pro, setting $PATH and getting all your GNU toolchain function wasn't that bad so now you're ready for work, right? Well, there's only an hour or two left in the working day by now but hey ho, 'ssh -Y -l admin oraclebox.fake.com' now works. Time to get 11g installed, just need to grab the documentation and implementation forms off the SAN - no problem, it's exposed over NFS and Samba so what could possibly go wrong? (Pro-tip - google Mountain Lion + NFS/+ Samba to see just how misinformed you were). Even with your elite skillz, just as you finally coax NFS into life and mount your essential documentation share read only on what looks like an increasingly arbitrary and incomprehensible filesystem layout the inability of your shiny MacBook to play fair with A: Kerberos tickets B: your Active Directory setup, despite firing up the custom Directory Utility tool and C: standard LDAP schemas finally pushes you over the edge at 3 hours past normal going home-to-the-family time. Fortunately, at this point, the £2000 MacBook has been running flat out for about 10 hours and it's heat signature is now visible from space - eschewing noisy fans and efficient cooling mechanisms (hey, the hipster tossers who actually buy these things can't stand actual engineering, it just has to look good and efficiency be damned) for the sleek look the poor thing has just about melted through your desk at this point and inevitably, it's massive kernel panic time. It looks like this, for the uninitiated: http://www.ourhangout.net/archives/Kernel_Panic-1p0f.png Strictly speaking, that entire diatribe was fictional inasmuch as it hasn't happened to me. But very similar things *have* happened to me though, and will happen to you. Pretty much all of the guru-level sysadmins/sysops I look up to have been through similar baptisms of fire. So, do I have anything positive at all to say about Macs? 1: The hardware *IS* nice, with many caveats. Just for a start, it's ludicrously overpriced. 2: Bash and SSH are installed out of the box. That alone differentiates it from Windows. 3: It is officially UNIX although quite frankly, that not only means nothing these days, it's a f*cking insult to Unix. 4: No legacy crap. No x86, no Rosetta, no PPC, no nothing extraneous. It's "clean" for developers. 5: Time Machine (the best feature of Mac OS, bar none - it's a braindead but excellent backup tool) 6: Integration -within the walled garden, OS X, iThings and it's infrastructure ties together well. It hasn't always been like this: as I said at the very top of this massive wall of text, I was once the proud owner of a spiffing top-end 17" titanium PowerBook - 1.5GHz PPC CPU, 1.5Gb RAM and OS X 10.4 (codename: Tiger). It was awesome. I'd rock up to a job with that sexy beast under my arm and secretaries would throw themselves at me (ok, I made that bit up). In all seriousness, in the bad old days of 2005-2007 I was still in London and admining serious shit on a daily basis, including a SGI Infinite Reality 8-rack constellation for an unnamed special effects company whom you have all seen the work of many, many times. They proudly kept the Onyx2 head end in a neon-lit glass cabinet right in the reception of their main Soho office and every other Tuesday I'd breeze in fashionably late (on a skateboard), hook up my insanely expensive firewire400 > SGI serial adaptor (weird pin out) and run the logs. By complete chance, a skater friend of mine ended up working there initially as a runner, and now as a £100k+/year special effects editor specialising in Nuke: he told me a few years ago, long after I'd left, that he'd actually heard down the pub (probably actually a lap-dancing club from what I remember of that gig) from the exiting CIO why I'd been hired in the first place over the countless and doubtlessly better qualified people available in London, of all places. Image was everything apparently! Because I was (relatively) young, at least compared to the typical grey-haired nerds qualified to hack on SGI systems, had long hair and turned up on a skateboard I immediately hit their shortlist. Whipping out that fantastic old PowerBook with dual booting OS X 10.4/Debian Unstable during my interview cinched the deal and I was hired on the spot. Not only was that the easiest interview I ever had (thanks Apple!), it's the only job interview I had which ended with my new employer cutting lines of coke up on my laptop's pristeen titanium lid to celebrate*. Crazy times. But good times, when Apple were genuine underdogs and seriously, achingly cool. Over the next two years, I'd estimate that the value of the cocaine cut and snorted off my PowerBook's lid at that job probably equalled the value of the SGI hardware they were paying me to pretend to look after. Anytime anyone looked at me funny, I'd just whip out the PowerBook like a two grand defensive shield and they'd accept me straight away. Sad. Ok, so, what have we learnt so far? Apple were once cool as f*ck. Undeniable. Nowadays? Apple is the new Microsoft. You're all clever people so I know you pay attention to IPOs, shareholder valuations, stock indexes and all the other boring crap like that: as such, you know that Apple have currently got more money than god, more legal clout than, well, god, and are considered cooler than, umm, god. This of course is all total bullshit, and you want to pay attention to the man behind the curtain. Steve Jobs was a sociopathic arsehole and his terrifying offspring, the revitalised Mac ecosystem is nothing more than a cynical ploy to empty your coffers into his. Technically, idealistically and practically you CAN NOT MAKE A WORSE CHOICE THAN MAC OS X. I hope I have made that sufficiently clear, as I speak from bitter experience. Like Phil, I remember Mac OS from way before OS X - hell, I still admin some Mac 8.1 machines. I use a lovingly restored Lisa occasionally (with optional Xenix). If some weird demonic entity descends from the sky, takes away all your Linux/BSD/Unix machines and issues you a choice: Windows 8 or Mac OS X, for eternity, take windows, immediately. All you have to do is install Cygwin and Classic Shell, and you're totally back in business. Trust me, it will take years of pain before Mac OS even begins to make sense. TL;DR - Stick with Linux. Mac OS is a sin against god. Windows occupies a weird middle ground. Regards Post scriptum: * This is a fact, not an advertisement. Drug abuse is not funny, clever or in any way recommended. I paid *heavily* for this in my later life. * Why did I write such a ridiculously long email? I didn't intend to, but the missus is away, I've got nothing better to do and it was actually curiously cathartic. Mea culpa. * Do I get a prize for what I guess is probably the longest and most incoherent post to this mailing list so far? * A MacBook Air (late 2010, 13" model) is currently sat in my fix-me pile, literally 1m to my left. I wanted to write this email on it, but it won't boot. * MacBooks recently came out on top of a "most reliable windows laptop" research project! * Fun fact: because I got in so early, I actually have the ADC/iCloud login of "badapple". Exact details redacted for obvious reasons. * Beyond the obvious biblical/philosophical references, guess where my username "bad apple" (partly) comes from... * I was once offered £1500 for my 'badapple' ADC username - whilst I may be poor, I'm not cheap. I kept the name and my pride. And my debts. Gah. * No operating system or hardware I've ever used has ever, EVER, *EVER* impressed a lady (they are WAY too sharp for that) * The whole sleazy Soho thing made my skin crawl to be honest - I was dragged to a strip club once and it was the most demeaning, depressing experience ever. I swore never again, and it wasn't a hard promise to keep. * End on a good note: there was an Italian cafe around the corner that I basically lived in (wifi + ssh ftw). The (actually Italian) waitress was so beautiful it hurt. I live with her now :] -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq