Subscribe to
NSLog(); Header Image

QotD: One Change

Question: If you could change one thing about Mac OS X 10.3 or 10.4, what would it be and why?

My Answer: I'd elevate Services. It's a geeky thing I know, but I'd let people manage their services, turning some off and giving some keyboard shortcuts (or removing the predetermined ones). I'd also let users create quickie shell scripts and allow those to be services - for example, I have a "dict" shell script that looks up a definition. Calculator services are nice, but not in the cluttered menu we have now. Service Manager is nice, but it'd be nicer still if I could tell it to ignore all the services being offered by my second HD (which is cloned nightly).

You are encouraged to answer the Question of the Day for yourself in the comments or on your blog.

20 Responses to "QotD: One Change"

  1. One thing I could change? I'd have it run on x86 chips 😀

  2. It's hard to find something at all. If anything, I'd opt for a unified interface - a Carbon app shouldn't look and feel any different than a Cocoa app and I also don't like the two different themes ("texturized" vs. non-texturized windows). A unified widget set and more consistency is something one should be able to expect from Apple.

    Apple has done such an incredible job with the evolution of this OS that I also trust them to be able to clean up the GUI a little more. Regarding speed and robustness, OS X has gone through a fantastic maturing process - I booted up an old 10.1 Server system today - it's just incredible what a great job Apple has done during the past years...

  3. I would march the Workgroup Manager Team into the ocean until the bubbles stopped. WGM is a pile of shit, and causes FAR more problems than it solves. They really need to sit down and look at how Microsoft does the Active Directory tools. Opinions about windows and MS aside, getting admin tasks done in AD is SO much easier than in OD.

    I would also have them redo the installer until it had MSI - like functionality, and I could create nice, complex installers without HAVING to use shell. Right now, I just use AppleScript when D&D won't do the trick, the Installer's just a pile of shit to work with if you don't like shell.

  4. Ch-Ch-Ch-Changes

    Erik asks: If you could change one thing about Mac OS X 10.3 or 10.4, what would it be and why?That's an easy question. I liked his idea to elevate Services to a more prominent state in the OS.

  5. How about a ftp connection via Go -> Connect to Server?

  6. Oh... I sould add... if a third party developer is able to make an "add-on" that disables Apple's FTP connector (and replace it with a working FTP client) from the Finder and also provides SFTP's from the Finder I would be willing to pay for such an FTP app... sadly none exist.

  7. If you really COULD change things

    What about OS X would you change. Erik J. Barzeski asks this on his QotD for 16 Nov. 2004, and it's a good question.

  8. John: I don't really share your opinion on Workgroup Manager. Can it get any simpler than that? I certainly wouldn't like to exchange it for MMC. A person who doesn't know how to use this tool shouldn't ever touch my server. What's your problem?

    And regarding your second point: I wouldn't trust a developer's apps when I know he is afraid of touching the shell - what's so hard about that? In addition, it's OS X after all, what the hell do you need to do outside of your package anyway? Can't you just copy your stuff during the first app run like everybody else does?

  9. Samual, FTPeel can do what you've asked. All you do is set it as the default FTP client. When I click "ftp://" links, FTPeel takes over. SFTP and FTP-SSL are provided in FTPeel as well.

  10. QotD: One Change

    I must admit that i'm quite impressed by MacOSX features and capabilities. At leaat with Panther.

  11. Speaking of default application settings, wouldn't it be nice to have some sort of systemwide repository for protocol and filetype application preferences? Relying on an application to ask you upon running it, or selecting such preferences from the "Get Info" box for an item, seems a rather clunky way to go about it.

  12. There are a number of useful features from System 7 through OS 9 that haven't made it to OS X yet:

    Location Manager


    Trash lists how many files, total size before emptying

    Appearance Sounds (more and customizable)

    Print Finder windows

    Internet Config capability

    Recent Servers folder in Apple menu (Go menu would be acceptable)

  13. Eddie, I'll take your list except for "print Finder windows." You can either take a screenshot (PDF format) and print that anywhere or select all, copy and paste to a text file, and print that. Between those two options, it's quite flexible.

  14. Fix whatever it is that makes it necessary to run "Repair Permissions" before and after an update for stability. Whatever is screwing up the permissions needs to stop. If it's from that argument I recall about Apple's installer format (PAX was it?) borking stuff then change it. I want to be able to tell my mom and dad living in another state to go ahead and run those updates without fear... but instead I've had to turn them off and don't mention it. They are still running 10.3.3 I believe since I haven't had time to go update them manually.

    Also... a little more QA in those please, losing devices after an update really sucks.

    Oh yeah... and related to this... in classic Mac OS as well as X, why is it that the pref files always somehow manage to get corrupted? If a program opens a file that bonks it's internal state and it feels the need to put it's head between it's knees, why scramble the prefs when it bombs?

    Other than that... 😀 I luuuuv Panther!

  15. Workgroup manager is complete crap for complex directories. Try manipulating users across OUs, or viewing the hierarchy of your directories in it. Try writing your own custom policies that only take place for a specific OU at a given time in a specific domain in the overall tree. Try creating multiple domains in a forest. Try applying a policy to all machines in a forest, but allowing local domain admins to refuse that policy if they need to. Apple's tools aren't even in the same universe as Microsoft's or Novell's.

    If all you have is a *very* simple directory, WGM is okay. But once you start trying to have multiple forests, it's essentially impossible to use anything but the command line tools, and those fall down when you want to easily manage a couple thousand machines.

    As far as the command line crack, sorry, this is bidness, not a penis size contest. Here's how you do updates of an app on two hundred machines with Apple's tools. you build the installer, then copy all the files in the installer to two hundred machines, then run the installer, and hope no one was using those files when you did it. because you can't tell unless you run top or ps on two hundred machines.

    WIth MSI, you build the MSI and use a group policy to target the machines you want to upgrade. The next time the user starts the application, they get the new version. There's a delay to upload the data, but it doesn't interrupt work, and you don't have to schedule things. It also works for laptops, as they pull down the new version the next time they connect. With Apple tools, you have to watch for the laptops, and push the installer out to them.

    Sorry, but Apple's tools are still only suitable for overly simplistic networks.

  16. John: in a deployment situation like that, I would take a _very_ close look at Remote Desktop's software inventory and distribution features and / or Netinstall to keep it all up to date. Choose the right tool for the job and it will work. Moreover, I don't see how the command line fails with a large number of machines. After all, automation is the real point of using all that stuff, not comparing penis sizes 😉

  17. ARD is okay, but again, you have to copy that installer out to n machines at n bandwidth. ARD is serial, so you can't install to ten groups at once, you have to wait for each group to finish the install completely before the next one starts, or you have to do them all at once. For large numbers of machines, that's not going to work.

    For a file copy to work, I have to make sure the User isn't using any of the files I'm installing.

    NetInstall is even more disruptive, as it requires two reboots per install image.

    ARD is really only good for small scale installs, and then only for situations where you can have everone off the computer, and all the computers you need to install to are powered on and on the network. If a computer's off, you have to deal with that separately, because it's all push.

    As well, the command line option isn't going to do what I want, which is transparent updates on a pull basis for the user that are, in effect, user initiated. I can set up an MSI so that the ONLY time the update happens is the next time someone uses the software to be updated on a given machine. This is particularly nice since it lets me stagger my installs in a more natural way, and it's a pull feature. I don't have to kick the user off the machine, wait until they aren't there, or tell them to stop using an app.

    If Apple had an MSI technolgy, then when i wanted to update mail, I'd set up the installer, stick it on a server, and push the new policy out to the clients. They click on Mail in the dock, and get a dialog telling them to please wait for the update. It's slightly disruptive, but not as much as other options, and much nicer to deal with in a complex directory.

    Secondly, if I'm going to do everything via Shell, what the hell do I need OS X for? I can do shell on a cheap POS linux box running AFS and get secure connections from there, unless resource forks are involved.

    Take a look at how MSI works in principle, (MS of course, created some real problems with their lame implementation) and imagine scripting that, along with the full GPO mechanis m that allows it to work, in shell so that you can set up a staggered update to 40,000 machines in different OUs and allow the OU admins to refuse the update if they need to.

  18. Ok, John, I have never come close to such an enormous amount of client machines, but if we are really talking about 40k machines here, you should consider that Apple has only just begun. If you remember the days when the Mac had nothing but AppleShare IP or even AtEase (yuck!), you will notice the difference here. I have tried NetBoot for the first time back in the Rhapsody days and Mac OS X has come a long way since that time. Give them a chance, the Steve himself said Apple is still very "humble" on this topic. I am quite confident Apple will be able to solve the issues you are seeing with those tools. I have never thought of it that way because every time I have had to use these tools, the machines were updated overnight or over the weekend when nobody is there. Moreover, I find it really helpful that one is able to schedule shutdowns and boot processes on the Mac. I have never tried updating clients while people were working.

    I have seen some really impressive WebObjects deployments with heavy traffic on Apple hardware and Panther Server just doesn't stop impressing me with regard to what it can do and how stable it is. With 40k machines at stake, you should be talking directly to Apple, last time I checked they had some really helpful people and Tiger Server is also around the corner.

  19. Workgroup Manager has a lot of serious problems. The entire "sharing" part is really annoying .. you can't change settings (such as disabling guest access) for a share until after you've shared it? Stupid! And you've gotta love the bug where if you have any custom settings for an NFS export (made manually in the NetInfo database) Workgroup Manager will stomp all over them randomly.

    The account management part is better, but it has a lot of stupid problems too. (The interface for setting the home directory certainly sucks) .. and there are lots of stupid bugs (like the "sn" field in a user's LDAP record is always set to "99" .. uhh.. "sn" means "surname" and I sure don't know many people whose last name is "99")

    WGM is definitely one of the things which most needs changing in Mac OS X Server. Another thing I want to see is UFS2, with ACLs, softupdates support, and snapshot support.

    In Mac OS X (non-server) the biggest thing I want is more consistency and easier (and more complete) integration between Carbon and Cocoa.

  20. THey're going to have ACLS in HFS+, along with (finally) using metadata properly. They get rid of more of the 32-bit file access cruft in the OS, and the FS will look muck better. GOing to UFS2 would be a lot of pain with no real end gain. HFS+ is, as designed, showing itself to be very flexible with regard to improvements in implementation.