One complaint I have about Apple and OS/X

[giza]

Well, I finally found something about Macs that I don't like very much.

Awhile back, Kito (dude, get an LJ!) was asking me some questions in IM about how to fix his iMac, which had been having some problems lately. When I was unable to help him fix it through "remote hands", I asked him to bring it over.

The first thing I did was to try starting it up normally. That didn't work so well. It just hung when the progress bar was about halfway through. So the next thing I tried was starting it up in Single User Mode, done by holding down Command-S when starting the machine. As the machine booted, I saw some lines like this about halfway down the screen:



In case it's hard to read, the above text says:

BSD root: disk0s3, major 15, minor 2
jnl: replay_journal: from: 8385024 to: 3450880 (joffset 0xe1000)
jnl: replay_journal: bad block list header @ 0x7400 (checksum 0x100077 != 0xfec6734d)
jnl: journal_open: Error replaying the journal!
hfs: early jnl init: failed to open/create the journal (retval 0).

Okay, that's not so good, especially since it would only mount the disk in read only mode. However, this is the sort of thing that the fsck can fix, right! In fact, the message right before the bash prompt appears even tells me how to run fsck. So I gave that a try:

** /dev/rdisk0s3
** Root file system
** Checking HFS Plus volume.
** Checking Extents Overflow file.
** Checking Catalog file.
Invalid sibling link
(4, 12533)
** Volume check failed.

Well, that was interesting, unexpected, and a little depressing.

I tried running fsck a few more times, but didn't have much luck.

I then figured that since the problem is apparently in the file system's journal, maybe I could turn off journaling and run fsck against that:



Again, very interesting. When I tried using hfs.util to turn off journaling, it said that the volume isn't journaled. When I tried using it turn journaling on, it said that the volume was not an HFS+ volume.

At this point, I investigated the idea of booting from the OS/X 10.3 install CD and reinstalling OS/X. One would assume that the volume is formatted in the process and this problem would go away. But lo and behold, when I got the list of volumes to appear, the icon for the hard drive was there, but it was grayed out and could not be selected. I guess the installer doesn't like messing with file systems that are in an unstable state. That's a bad design choice, IMHO.

I finally did some Googling on those errors, and discovered only one way to fix this problem. Other people suffered the same thing, and the only fix was to purchase and use a program called Disk Warrior. Disk Warrior comes with a bootable CD, which you can start from and use it to fix your file system.

I'm not happy that this problem could not be fixed with the tools that came with OS/X. I hope that Apple does something about that soon.

Comments

[unciaa.livejournal.com]

So there was a problem with the drive and the system locked it even from the root user? o.O
Not very *NIXy.

[rustitobuck.livejournal.com]

DiskWarrior is like magic. It doesn't try to fix the filesystem catalog, it completely re-creates it.

It could be a sign that the drive is failing and should be replaced. I had an aftermarket drive that I put in a machine get too hot (insufficient cooling in 7 year old machine for a new drive). I ended up getting the data off the drive by cooling the drive with an ice pack.

The journal has nothing to do with it, really. The journal has a list of changes to the catalog and attributes. If the catalog itself is too whacked, nothing Apple has can fix it.

[rustitobuck.livejournal.com]

When booting single user, only the root drive is mounted, and read-only. That's not uncommon for *NIX.

[unciaa.livejournal.com]

Yeah, but root can enter into maintenance mode, no? When my last Linux self destructed and the drive locked itself it still asked me of I wanted to [fully] mount it regardless as root.

[giza.livejournal.com]

That's standard procedure. You cannot run fsck on a partition that is mounted read/write since like, it would be really bad if the fs was modified while it was being checked, ya know?

[giza.livejournal.com]

Actually, after I ran Disk Warrior, I went into the next tab to check the S.M.A.R.T. status. The drive was in fact failing. :-P

[giza.livejournal.com]

Not very. As I mentioned in another comment (http://www.livejournal.com/users/giza/163234.html?thread=1135522#t1135522), the drive was in fact going bad, so all bets were off.

In hindsight, I should have just removed the hard drive and taken it trap shooting. That would have at least been more fun.

[furahi.livejournal.com]

Well, fsck that!

Sorry, couldn't resist :P

[cuprohastes.livejournal.com]

It's one of my personal annoyances over Apple - they have this UNIX system, they have this great compositing technology for the GUI...

... Then they went around and carefully neutered the OS and slapped in a half arsed UI.

OS X problems

[fc-greyfox.livejournal.com]

Been there, Giza. That's where a good Linux for PPC boot CD comes in handy. Either that, or in most cases, using the Disk Utility from the OS X boot CD's install menu can wipe what's there even when it can't figure out how to install to a drive.

Side note: I have a G3 iBook that came with Jaguar. Jaguar, IMHO, is slow, glitchy, and painful to run, so I slicked it and loaded Linux. Voila! Problems disappear, and I have better hardware support, too!

Re: OS X problems

[giza.livejournal.com]

I've been told that successive versions of OS/X, Panther and Tiger, actually run faster because various parts of the codebase have been cleaned up and optimized. (As opposed to like, writing entirely new things like M$ seems to like to do...)

Re: OS X problems

[fc-greyfox.livejournal.com]

I've been told the same, but I'm not willing to spend $130 on an OS that won't let me use some of my hardware, won't run the software I have, and won't let me compile the software without them watching over my shoulder, let alone locate drivers for the aforementioned hardware. I'd rather run Linux and have OS X on MOL.

Besides.. I don't trust an OS where the pre-installed root user password is a secret even from the owner. Then again, that's just me.

Re: OS X problems

[giza.livejournal.com]

> OS that won't let me use some of my hardware, won't run the software I have

What hardware and software would that be?


> I don't trust an OS where the pre-installed root user password is a secret
> even from the owner.

Not really, no:

sudo bash
passwd root

The root account having a secret/locked password is to keep people who don't know what they're doing from becoming root and messing things up. Ubuntu Linux has the exact same security model. You can change root's password if you know what you're doing, but it's not recommended.

Re: OS X problems

[fc-greyfox.livejournal.com]

Let's see.. Unfortunately, the ports of openoffice.org have a long way to go on OS X, and I have yet to find a suitable replacement that's affordable (read: $free$) If you want to download a binary for a replacement web browser, it tends to be rather slow.. at least on this machine. Compiling requires a membership to one of Apple's clubs, and you can't even get the compiler for less than Tiger now.

Hardware? Well, at the least, my ZD1211 network won't work under OS X. Some of the other interface chips I use regularly are the same way.

As far as the root account password, I know it can be changed easily enough. The thing that worries me is that I have yet to see if it's randomly generated, or if it might be static (that someone in Apple and likely also hackers) may know. I haven't found any documentation to say either way.

Re: OS X problems

[giza.livejournal.com]

> Let's see.. Unfortunately, the ports of openoffice.org have a long way to
> go on OS X, and I have yet to find a suitable replacement that's affordable
> (read: $free$)

StarOffice can be run under Xwindows on OS/X. I do it regularly. It's not necessarily the optimal solution, but it does work for the little office stuff that I do on this machine. I'm not sure if that's what you were referring to.

> If you want to download a binary for a replacement web browser, it tends to
> be rather slow.. at least on this machine.

I haven't noticed any difference between FireFox and Safari on my G4 Powerbook. I use FireFox as my primary web browser on this machine, a laptop running Win XP at work, and a laptop running Linux at work. I haven't noticed any major speed difference between any of those installations.

> Compiling requires a membership to one of Apple's clubs, and you can't even
> get the compiler for less than Tiger now.

Um, I'm not sure I follow you. gcc comes with Xcode which came with Panther on my machine. If you need any more developer tools, you can download them from Apple's website (http://developer.apple.com/tools/) or install them with Fink (http://fink.sourceforge.net/).

> Hardware? Well, at the least, my ZD1211 network won't work under OS X. Some
> of the other interface chips I use regularly are the same way.

I don't have any experience there so I cannot comment.

> As far as the root account password, I know it can be changed easily
> enough. The thing that worries me is that I have yet to see if it's
> randomly generated, or if it might be static (that someone in Apple and
> likely also hackers) may know. I haven't found any documentation to say
> either way.

I do not see this as an issue since the default install (with Panther, at least) has no open TCP ports. I verified this with netstat locally and nmap remotely.

Re: OS X problems

[fc-greyfox.livejournal.com]

Most likely then, Firefox was optimized for G4. It's a huge speed difference on a G3. As far as downloading Xcode, I know that it's an option. The downside is Apple updated it to run with Tiger only. Unless you got it before the Tiger release, you can't run it on a previous version. Did you buy Panther retail, or did it come with the machine? The pre-packaged copy of Jaguar I have didn't come with the developer's tools. It was the core OS and extra apps only.

Yes, StarOffice is an option.. same as openoffice.org running under XWindows. Still, you need to compile it, leading back to the missing XCode package and the lack of ability to compile without it.

I'm glad to hear the TCP ports are all closed off. However, it's still an issue if someone decides to fiddle with SSH or something like that. In what limited IT training I received, one of the first rules was that obfuscation is NOT security. Out of sight, out of mind, afterall. Hackers love that sort of stuff because no one looks for someone to exploit it.

Oh well, the limitations are all thanks to working primarily on 'obsolete' hardware.

Re: OS X problems

[giza.livejournal.com]

> Did you buy Panther retail, or did it come with the machine? The pre-packaged
> copy of Jaguar I have didn't come with the developer's tools. It was the core
> OS and extra apps only.

Panther came with the machine, and I got the DVDs to install it from. Apple actually included their developer tools with the default install. There's a file in /Applications/Installers/Xcode Tools/ that is the installer package for Xcode. All I had to do was fun that, and I got gcc.

> Yes, StarOffice is an option.. same as openoffice.org running under
> XWindows. Still, you need to compile it, leading back to the missing XCode
> package and the lack of ability to compile without it.

Sorry, I must have had memory corruption there, I really meant to say Open Office. Anyway, I have Open Office 1.1.2, and it does not require any compiling. It's just like any other Mac app, it comes in a (compressed) .dmg file and has an installer.

> I'm glad to hear the TCP ports are all closed off. However, it's still an
> issue if someone decides to fiddle with SSH or something like that.

And how? Someone would need root/admin access to the console of your machine in the first place, since sshd listens on port 22 and needs to be started by root. If an intruder is able to get that, then the game is pretty much over anyway.

Re: OS X problems

[fc-greyfox.livejournal.com]

SSH can be started from Aqua, under the network settings (at least in Jaguar, anyway) It never asked me for a root password when I set it up on a fresh install. For that matter, it didn't ask for -any- password to turn it on. I just needed local console access to do it. From there, it likely could be exploited from remote.

As far as OpenOffice, I did just find a copy on their page that includes both the X11 base and OOo in the installer. That takes a load off. :)

Xcode must have either been packaged starting with Panther, or maybe I just have special discs. If it was included with Jaguar, I can't find it on the CDs directly, and I haven't been able to locate an installer post OS install.

Re: OS X problems

[megadog.livejournal.com]

Solve your problems - try Yellow Dog Linux for PPC - it gives you the power without the stupidly-restrictive eye-candy getting in the way.

Re: OS X problems

[giza.livejournal.com]

> SSH can be started from Aqua, under the network settings (at least in Jaguar,
> anyway) It never asked me for a root password when I set it up on a fresh
> install. For that matter, it didn't ask for -any- password to turn it on. I just
> needed local console access to do it. From there, it likely could be exploited
> from remote

Technically, I believe it requires a user with administrative rights to be able to turn it on.

As for turning on sshd, yes, it requires manual action by a human. Otherwise it stays off. I don't see that as being a problem at all. In fact, I see that as a very safe default.

Re: OS X problems

[fc-greyfox.livejournal.com]

One step better. I installed Gentoo (http://www.gentoo.org) on my iBook. KDE's a little squirrely with sound, but everything else is fast and solid.

Re: OS X problems

[fc-greyfox.livejournal.com]

I agree that it's a safe default. I just don't like the potential hole opened if someone that is just getting started turns ssh on to play with it without first re-setting the root password.

Re: OS X problems

[giza.livejournal.com]

I did some Googling, and this is also not an issue. It seems that the root account is disabled by default:

http://edge.i-hacked.com/archives/354
http://www.xdarwin.org/forum/read.php?f=1&i=3260&t=3260

Re: OS X problems

[fc-greyfox.livejournal.com]

Excellent! There's the answer I wasn't able to find. I didn't think Apple would let an M$-esque giant hole slide into their software. :)