So here’s what happened:

Jan 12 09:22:36 Edit1 com.apple.loginwindow[26]: -xaDiskDisappeared: removing “_windowserver” with home “/var/empty” from DSLocal because disk disappeared.

‘xsDiskDisappeared’ is a function of external accounts in Leopard. External accounts are a new feature that you can use in managed environments. They allow you to let a home directory for a user be created on an external disk. Very handy, especially in (for instance) a school with a lab full of Macs. Let the students carry their home directory with them on a USB drive or an iPod.

What we have here, though, is a disk with Leopard installed is being treated as an ‘external accounts’ disk, and when it’s removed, the system is deleting the users. In this case all of the system users. If you disable external accounts on the Open Directory Master, this should stop happening.

On a related note, I tried to trick my trusty PowerBook G4 into letting me use External accounts without being bound to Open Directory. No dice. I did get a home directory on my iPod by adding a user using Workgroup Manager, and specifying my old iPod as the location for that user’s home. Automatic creation of the home directory will fail, though, and the whole thing was just ugly.

On a related note, you can use Workgroup Manager to manage a whole range of interesting things on your Mac. But I’ll get to that later.

This may not be a good idea. There’s only one quote relating to this that I can find, in the ARD Admin guide.

Note: Multiple users logged in via Fast User Switching can lead to confusing or
conflicting reports. When a second or third user logs in to a computer, there is no way
of knowing which user is the active user. Session length may not reflect actual usage,
and login and logout times overlap.

So, 3 users logged in using Fast User Switching can confuse ARD. Bad start. What I saw happen just today, though, was ARD getting so confused, that it wouldn’t let me Observe or Control the client any more. Kickstarting ARD didn’t help either. Did I mention this server was in a different time zone?

I ended up rebooting the server. Good thing SSH was turned on. I’m trying to reproduce this on another system. I’ll update if I can make it happen.

So, avoid fast user switching over ARD.

I heard a commercial on the radio the other day, pushing IT training as a way to become irreplaceable. That’s the way to job security!

This is a bad way to get job security, for a lot of reasons.

First, let’s take it from your point of view. Assume for a moment you achieve this goal. You’re the one source for (for instance) information and solutions when it comes to your server systems. You’re the go-to person. Then you get married, and you head off to a nice week (or two, if you’re lucky) of honeymooning bliss with your sweetie. Your phone will ring in the airport while you’re waiting to board your plane. Guaranteed. You’ll have voicemail when you get off the plane. You’ll spend a lot of time on the phone. Your significant other will not be amused.

I’ve been irreplaceable, and it sucked. My time was no longer my own. I had brought upon myself an obligation to serve the need I had created.

Now let’s look at it from you employer’s point of view. You have this IT guy (or gal), and he (or she) knows all. Irreplaceable.

Let’s first assume you’re a good person, and they trust you, and like you. And then you get married. And you’re off on your honeymoon, and your phone doesn’t work. Or you’re having a child. You’re in the hospital, and your phone is off. Something breaks, and you’re not available. Sure, you’ll be back in a couple of days, but now your employer is thinking, what if this person gets hit by a car? What if he dies? We’re screwed.

Congratulations, you’re now holding your company hostage, whether you want to or not.

Now let’s assume that you’re sort of a curmudgeon, prone to cynicism. Effective, but not exactly pleasant. At some point, your employer will think, what if this guy snaps? What small thing is going to push him from just cynical and unhappy to resentful and possibly vengeful?

Congratulations, you look like you could hold the company hostage at any time.

Either way, it’s your very irreplaceability that might push your employer to find a way to replace you before accident or malice put the company’s future in your hands.

So how do you achieve job security? I don’t know. I’ll tell you what I’m doing right now, that seems to be working well. I do the best I can. I try to be honest about what I can and can’t do, and be honest with myself about what I’m good at and what I’m not good at. I strive consciously to maintain my drive and my focus, because that doesn’t just happen, you have to push yourself to be motivated sometimes. You do your best.

bin/rm: Argument list too long

Ever seen that before? I ran into it while trying to clean out /var/virusmails on a Tiger Server system. It had about 230,000 items in it. The solution? find and xargs.

find /var/virusmails/ -name 'spam*' -print0 | xargs -0 rm -f

This will remove any file in /var/virusmails whose name starts with “spam”. Of course, if you just want to remove any file in there (like those virus and banned ones), regardless of name, you would instead use

find /var/virusmails/ -type f

which will just return anything that is a regular file. find has a lot of very interesting options. I highly recommend that you check out the manpage for it. And for xargs, while you’re at it.

Something to note: putting sudo before the command will sudo the find, but not the rm. Better to run the whole thing as root. Just be careful. Avoid tyops.

I had a situation where I had a directory with about 230 subdirectories, comprising about 900GB. I had a number of 450GB drives I needed to back it up to, and I didn’t want to have to do a 230 different cp commands. Enter xargs. I love xargs. You give it a source of input, and a command to run, and it will run the command, using the supplied input as arguments.

So for my 230 directories, I need to hand a certain number of those directories as an argument to cp. I decided to copy anything starting with a through i to one drive, j through r to another, and s through z to a third. From the source directory, you do this:

ls -d [a-i]* | xargs -J name cp -Rp name /path/to/backup/folder/

The -d flag is important, as that will make ls just return the name of the directory. The [a-i]* will match anything starting with a through i, followed by any number of characters. The -J lets you specify a replacement string. This takes the input supplied via the pipe, and for each line of input (in this case, the name of a directory), runs cp, replacing “name” with, in this case, the name of a folder.

And, of course, -Rp to recursively copy everything in those folders, preserving permissions, special attributes, ACLs, etc.

I ran into a Leopard system the other day that was behaving erratically. I looked at system.log, and encountered some errors I’d never run into before.

Jan  6 10:04:42 Edit1 /System/Library/CoreServices/coreservicesd[60]: _scserver_ServerCheckin: client uid validation failure; getpwuid(92) == NULL
Jan  6 10:05:13 Edit1 com.apple.launchd[1] (com.apple.launchd.peruser.92[183]): getpwuid(”92″) failed
Jan  6 10:05:13 Edit1 com.apple.launchd[1] (com.apple.launchd.peruser.92[183]): PID 182 “SFLSharedPrefsTo” has no account to back it! Real/effective/saved UIDs: 92/92/92
Jan  6 10:05:13 Edit1 com.apple.launchd[1] (com.apple.launchd.peruser.92[183]): PID 166 “SecurityAgent” has no account to back it! Real/effective/saved UIDs: 92/92/92

Lots of those, and for various UIDs and myriad processes. I thought I’d open up dscl and see what was up with the system users.

Edit1:~ user$ dscl

Entering interactive mode... (type "help" for commands)

 > cd /Local/Default/users

/Local/Default/dsRecTypeNative:users > ls

daemon

user

root

Apparently, this system had all of 3 local users. This is a bit strange, as any normal Leopard system should have at least 40.

Gene:~ gene$ dscl . -list users | wc

      41      41     378

I’m sure I’m not the only Technology Professional who has heard something like this:

I click on the Start, and then the big E, and that’s the Internet.

At this point in the conversation, it will be very difficult to convince Mom/Dad/Grandparent/Whoever that the Internet is anything other than what you get to with the Big E. It’s not Internet Explorer. It’s the Internet.

This is not an insurmountable obstacle. You just need a good metaphor.

Firefox? It’s like a new TV! (Yes, exclamation point. You need to be enthusiastic. Sell it!) You get all the same channels, it’s just got a different name on the front panel, and the remote is still a little different. No, no, it’s still the Internet! I promise! It’s still HBO when you have a new TV, right? Hey, it might even work a little better. You won’t have to reset all your breakers once a week any more to make the TV come back on!

I got the “Haiku error list” message from a family member the other day, and while contemplating the Salon Haiku Contest (which is where most of those originated), I wrote this. I’m rather pleased with it, though of course I’m not planning on making a living writing poetry. Actual Haiku experts are welcome to tell me what I’ve done wrong.

Red sun, warm evening
stillness, your deadline draws near
gray plastic sits cold.

Bird across the moon
Fed-Ex has come now and gone
PC Load Letter.