Mac OS X Server AFP high CPU load problem

March 8th, 2009

This discussion thread over on Apple’s forums documents a large number of system administrators who have their AFP (Apple File Protocol) creating a high CPU load and thus making the server unusable for their users.

Suggested workarounds which have anecdotally provided varied success (including none :( ) include:

  • Turning off Spotlight on client machines
  • Turning off Spotlight indexing on the shared volumes
  • Executing

    defaults write /Library/Preferences/com.apple.AppleShareClient -dict-add afp_wan_threshold -int 1000
    defaults write /Library/Preferences/com.apple.AppleShareClient -dict-add afp_wan_quantum -int 131702

    on all 10.5.x client Macs.

  • Installing Security Update 2009-001 which states

    Description: A race condition in AFP Server may lead to an infinite loop. Enumerating files on an AFP server may lead to a denial of service. This update addresses the issue through improved file enumeration logic. This issue only affects systems running Mac OS X v10.5.6.

The problem was originally posted with respect to Mac OS X 10.5.4 on 29th of August 2008, and still seems unresolved for many people. And people wonder why it’s hard to argue that Mac OS X Server belongs in the data centre.

Tags: , , ,
Posted in Apple, Mac, Mac OS X 10.5 Leopard, Mac OS X Server, Software | No Comments »

Tags: , , ,
Posted at: 11:23 pm

Newsyslog rolls logs under Leopard

August 27th, 2008

Trying to work out how to roll logs on my Leopard server (that’s actually client configured as a server :) , I discovered that Leopard is using Newsyslog, on which NerdGirl.dk gives the lowdown.

Tags: , ,
Posted in Apple, Mac, Mac OS X 10.5 Leopard | No Comments »

Tags: , ,
Posted at: 6:52 pm

Leopard’s Apache2 doesn’t rewrite

August 7th, 2008

Have finally moved my postfix mail and blog servers to Leopard. Unfortunately none of the Wordpress permalinks would work, despite having tried everything I could think of to enable URL rewriting, and testing with a fresh test blog install. Seems others have similar problems here.
and here
 

Fortunately fink can do an Apache install, with a mod_rewrite that actually works.

So
fink install apache2-common
daemonic install apache2
(I think I must have done a fink install apache2-mpm-prefork somewhere along the line too, but fink’s not listing it as installed)
After this I noticed lots of error messages in the System log about launchd trying to start Apache unsuccessfully:

Aug  6 00:00:05 botrytis-local org.apache.httpd[90412]: (13)Permission denied: make_sock: could not bind to address [::]:80
Aug  6 00:00:05 botrytis-local org.apache.httpd[90412]: (13)Permission denied: make_sock: could not bind to address 0.0.0.0:80
Aug  6 00:00:05 botrytis-local org.apache.httpd[90412]: no listening sockets available, shutting down
Aug  6 00:00:05 botrytis-local org.apache.httpd[90412]: Unable to open logs
Aug  6 00:00:05 botrytis-local com.apple.launchd[244] (org.apache.httpd[90412]): Exited with exit code: 1
Aug  6 00:00:05 botrytis-local com.apple.launchd[244] (org.apache.httpd): Throttling respawn: Will start in 10 seconds

So I thought I’d disable the built-in System apache:

cd /System/Library/LaunchDaemons
sudo launchctl unload -w org.apache.httpd.plist

and then removed /System/Library/LaunchDaemons/org.apache.httpd.plist to a safe position in case I ever need it. Of course this is messing with a System file, which you shouldn’t do, but I figure I can probably live with that.

Meanwhile, blog permalinks now seem to be working properly. Yay!

Now I just need to work out why I keep getting this in the system log
fseventsd[67]: callback_client: ERROR: d2f_callback_rpc() => (ipc/send) timed out (268435460) for pid 263

Tags: , , , ,
Posted in Apple | No Comments »

Tags: , , , ,
Posted at: 12:30 am

Lingering Leopard Lepidoptera

July 23rd, 2008

Back in Mac OS X 10.5.0, Princeton University’s Office of IT identified some problems with Mac OS X. Sadly some of them still seem to be around in 10.5.4, namely the Location menu in the Network Preference pane that has deleted locations re-appear, or that just seems to randomly mangle itself if you make any addition or deletions.

Tags: , ,
Posted in Apple | No Comments »

Tags: , ,
Posted at: 1:43 am

Enable Apple Remote Desktop like features in Leopard’s Screen Connect

May 5th, 2008

A very cool article over at Macworld shows how to enabled hidden features in Leopard’s built in Screen Sharing to give Apple-Remote-Desktop-like features such as 

  • Drop colour resolution to improve performance on low bandwidth connections
  • Switch between controlling and observing the remote Mac
  • Locking out the remote Mac’s keyboard and mouse, or hiding on-screen activity
  • Taking screenshots

Tags: , , ,
Posted in Apple, Mac, Mac OS X 10.5 Leopard, Network, Software | No Comments »

Tags: , , ,
Posted at: 10:46 pm

Common Criteria tools for Mac OS X 10.5

May 1st, 2008

Apple has released Common Criteria security tools for Mac OS X 10.5. There’s also an Apple Common Criteria support page with links to whitepapers and the not-yet-updated-for-Leopard Admin guide.

Tags: , ,
Posted in Apple, Mac, Mac OS X 10.5 Leopard, Security, Software, Utilities | No Comments »

Tags: , ,
Posted at: 6:58 pm

Time capsule – take one a day

April 15th, 2008

Picked up a 500Gb Time Capsule. Got home and was somewhat in a hurry. Power cable was a bit hard to get pushed in properly, although there was no visible evidence of why this would have been the case in either the plug or the socket.
Ignored the “Install this first” CDs, as usual, and fired up Airport Admin utility under Leopard on the wired LAN and it found the existing Airport Express. Did a “Save As…” to save the config of the existing Airport Express (including passwords). Then unplugged the Airport Express and plugged in the Time Capsule, attached to the network cable that used to be plugged into the airport express. Interestingly the assistant offered me the chance to use the Time Capsule to replace an existing wireless access point, but it wanted me to find it (and I’d just unplugged it :) . So I plugged it back in to power and the LAN, but the Assistant couldn’t seem to find it. I gave up at this point, hit the Manual button and just imported the settings from the Airport Express (seemed like a safe bet) into the Time Capsule’s settings. This seemed to work. Changed security to WPA Personal and restarted the Time Capsule.
So, now turn on Time Machine on the Leopard box and get it started. That was at 18:30, and it’s now done 47.3 of 69.44Gb (1,396,130 items from my 80Gb drive) after some 5.75hrs (over Gigabit).
Meanwhile, every other machine had to have its Airport connection changed to WPA Personal, and even though I’m pretty sure I typed the password in several times, it took a while to register and stick (at least I hope it’s stuck now!).
Are network speeds faster? Hard to tell. I haven’t maxed out the speed as currently we need backward compatibility with 802.11g until the next round of upgrades. It offers 802.11n on 2.4 or 5GHz, and 802.11a compatibility as well as 802.11n/b/g.
Other noteworthy things are that the Airport Admin utility displays a set of warnings about the current Time Capsule configuration (ie no DNS, multiple DHCP, etc.).
The Time Capsule also offers to sync with a timeserver, and also flash its light if there’s a software update available. This is much less useful as it’s going to be stuck in a separate room where I’m unlikely to see its flashing light.
There’s also support to “Advertise configuration globally” via Bonjour, or so it seems to make it available globally over the internet. I don’t enable this.
I’d heard rumours of it running hot. Sure, it’s warm, but not really any warmer than my ADSL router, and it’s been doing a lot more work for the past 5 hours. Plus it’s got an internal power supply, so it’ll be warmer from that alone.
The other thing is now there’s an extra shared volume appearing in the Finder. Logging into it reveals a shared disk onto which I can put stuff. Cool. Checking in the Airport Admin shows it’s a guest read-writable volume, which is probably not good by default. Now locked down :)
So far, it seems to be behaving pretty much as expected. I could do setup in a hurry without too much pain. It claims to be backing up at a reasonable speed.
Now I just need to test recovery :)

Tags: , , , , ,
Posted in Airport and WiFi, Apple, Backup, Human interface design, Mac, Mac OS X 10.5 Leopard, Network | No Comments »

Tags: , , , , ,
Posted at: 1:02 am

10.5.2 Leopard Firewire bug

March 6th, 2008

According to this Apple technote you may find the Finder continuously restarts if you’ve got an external Firewire drive connected under 10.5.2 and you have a blank computer name or one that contains non-alphanumeric characters.

Tags: , , , ,
Posted in Apple, Firewire, Hardware, Mac, Mac OS X 10.5 Leopard, Software | No Comments »

Tags: , , , ,
Posted at: 10:58 pm

Leopard eats ITC Zapf Chancery?

February 26th, 2008

Having upgraded a PowerBook to Leopard, it seems that the “ITC Zapf Chancery SWA” font has vanished, which is annoying for all those documents that used it. Probably I’d guess it was being loaded from the Classic System Folder or something. Will have to hunt it down in the pre-Leopardisation backup.

Tags: , , , ,
Posted in Apple, Mac, Mac OS X 10.5 Leopard, Software, fonts | No Comments »

Tags: , , , ,
Posted at: 6:05 pm

Mac OS X 10.5.2 observations

February 12th, 2008

From the Mac OS X 10.5.2 release notes, here are some of my observations: User Interface:

  • Apple has added a Time Machine icon to the Menu bar (it can be turned on in the Time Machne control panel)
  • The menus are less translucent (who would have thought with everyone complaining that that would have been a problem) and transparency can be turned off in the Desktop & Screen Saver preference pane
  • List view is back in the Stacks (presumably they got a lot of complaints), and they have a new grid view background (presumably for better visibility)

It remains to be seen if they’ve added the Size column back to the Spotlight column view though.

Support for new things (ie you may want to try plugging some old stuff that didn’t work in again to see if it does now!):

  • You can now iSync Samsung D600E and D900i phones
  • Airports Express and Extreme now support more printers connected via USB
  • New RAW camera formats supported:
    • Canon EOS 1Ds Mark III
    • Canon Powershot G9
    • Hasselblad CF-22
    • Hasselblad CF-39
    • Leaf Aptus 75s
    • Nikon D3
    • Nikon D300
    • Sony Alpha DSLR-A700
  • Supports more 3rd party routers in iChat and Back To My Mac

Interesting bugs fixed:

  • Fixed a problem when ejecting a CD could write to it! (presumably instead of just ejecting it)
  • Fixed a problem where the Leopard Setup Assistant would re-appear (as noted in this TidBITs article by Glenn Fleishman)
  • Mail now automatically disables the (unsupported) third-party plugin GrowlMail version 1.1.2 or earlier to avoid issues.
  • Addresses “accuracy issues” with the web content filter (in Parental Controls) perhaps to now block unboxing porn?
  • The computer will now shut down if an automatic disk repair does not succeed during startup. (Hopefully it tells you why it just shut down?)

Tags: , , , ,
Posted in Airport and WiFi, Apple, Dashboard, Human interface design, Mac, Mac OS X 10.5 Leopard, Network, Security, Software, USB | No Comments »

Tags: , , , ,
Posted at: 4:50 pm
ADVERTISEMENT
« Older Entries