We already have AFS deployed and want to provide simple, file level access without requiring software to be installed on the client.
We're not trying to replicate AFS, just make it easier for people to access what's there. Users that need everything that AFS has to offer would be directed to the full AFS client.
Anyone have a pure kerberos or PLAIN+TLS SMB to AFS translator up and running? I love AFS, but it would be nice if users didn't have to install any extra software just to access their files.
With Apple making changes to numerous tools, this is going to become a bigger problem. With 10.4, Apple is modifying most file level tools to support forks, including rsync. That's a great feature, but unless Apple works on getting the patch into the main release, they have essential forked the tool, fracturing the market even further.
Apple's samba patches have also never made it into the main code because they break samba on windows.
Anyone can create a patch. The hard part is working with others.
Again, it's the "Power of open source. The Stupidity of Apple."
With that argument, it is a good idea. From umich....
The University Library will receive and own a high quality digital copy of the materials digitized by Google. With ownership of these materials, the University will be able to provide access to the content in ways that are consistent with its mission as a great public university. For example, U-M may choose to enhance the ability for a patron to use material that is out of copyright, including creating reprints and downloadable text. Some degree of access to the copyrighted material will also be possible, and will be done within the limitations of copyright law. These forms of access will transform the way faculty, as well as students, carry out research.
Google does the work, library gets and owns a copy, the state saves some money and the public gets access to the information.
I think it's really interesting that Turing chose a gender guessing game for his test. Maybe it was his attempt to step out of the closet a bit, or to suggest that gender is easily disguised.
Sure, this might be a secure OS, and you might be using "Systems Management," but unless you are using something like radmind to fully tripwire your machine, you really don't know what's there.
Doesn't prebinding only change executable Application Packages?
From the redo_prebinding man page: "Redo_prebinding is used to redo the prebinding of an executable or dynamic library"
Shouldn't the prebinding on programs only change at major OS updates or changes to the libraries they access?
Yes, but I'd even go further to say that the OS should never change a system file without my intervention.
Shouldn't Application Packages already be excluded from backups for the most part anyway?
Sure, but when you are talking about a large scale deployment, you can't always control what end users backup.
More importantly to me, prebinding breaks tripwire. When a file is rebound, it triggers a tripwire event, adding noise to my reports. With so much noise, it's hard to tell what's important what's not. Tools like radmind from U of Mich alleviates this problem somewhat by integrating tripwire and system updates. But unless it, and other tools that use checksums are taught the horrors of prebinding, they won't work right.
Sure, prebinding does speed up loading, but it also breaks everything from tripwire, to backup. Since the file is changed out from under you, all traditional unix tools that use checksums or file size to determine file changes break.
Apple, and other system vendors need to consider these types of management issues when making a change. Speed improvements are only good if they are "management friendly"
whois shows that the domain gmail.com was created back on Aug 13, 1995, which is actually before google.com domain was created (Sep 15, 1997).
wayback has some listings for gmail.com, but it's been blocked with a Robots.txt. I wonder what the history of the gmail.com domain is and if someone made some cash selling it to google?
We've been using radmind to deploy OS X to our entire group for over a year now. The best part is, we have a single 10.2.8 image that can boot all of our hardware ( old school iMacs to Dual G5 to new 15" laptops ) and is used by everyone including managers, developers, and support staff. Since applications are done as overloads, people can choose what software they want ala cart.
As the system administrator for the project, that best part is I can roll back any changes. Say, if apple were to release a bad update, I could just remove the overload and everyone would be back at say, a working 10.2.7.
Let's see you do that with windows.
If you are going to be in Michigan...
on
Urban Challenge
·
· Score: 1
The Go Game is just one of many different kinds of games out there. Here is an FAQ I wrote up for a game I hosted a while back. It was before the Urban Challenge was out, but it still applies.
What is a this all about?
There are several types of these events: "games", "mini-games", and "road rallies". They are often compared to scavenger hunts and treasure hunts, though they are usually much more complex. The hosts of the event spend months planning the events, preparing and testing clues, and recruiting teams to participate.
What is a "game"?
Games usually last 24 to 48 hours and are the most intricate and difficult type of road rally. Teams must apply to participate prior to the game and submit fees which can run into the hundreds of dollars. Games are usually held in large cities, only a few times each year.
What is a "mini-game"?
Mini-games are related closely to games. They last no longer than twelve hours and attract teams of different skill levels. They are often the gateway event to the more complex games.
What is a "road rally"?
Road rallies are the shortest of the game events. They usually last from three to five hours and entrance costs are minimal. They are often held in the evening ending at a restaurant where teams converge and a winner is declared. Road rallies can be found in many suburbs, large cities, and even rural areas. Often times road rallies are hosted by church groups, singles networks, neighborhood associations, or held as annual events.
What is a team?
Teams consist of typically four to eight people who enter the game event as a group. Skill levels of teams can range from total novices to veteraned experts depending on the type of event. Teams must provide their own transportation, required and suggested supplies, and clue-solving ability.
What's a clue?
Clues are the guts of any game event. Clues can be as simple as a crossword puzzle or a word search or as complicated as decoding a message using cryptographic algorithms. On the more creative side, clues can be hidden in objects requiring manipulation to find.
Why do I need transportation?
A clue's solution will lead a team to a destination where the next clue will be hidden, revealed, or opened. Some game events are designed so teams can walk between the clue locations while others cover hundreds of miles. The hosts of the game event will indicate what type of transportation is required.
What are typical supplies?
Game event hosts will provide a list of required supplies which could include a specific almanac, a ruler, spare change, specific maps, phone books, a compass, etc. Experienced teams will often supplement this list with supplies known to be useful: cell phones, graph paper, a collegiate dictionary, etc.
Sometimes it seems they don't care about security unless a lot of people scream about it.
This is exactly what my experience has been with Apple. I have worked with them on two serious bugs now and both times they have treated me like it was my fault their software was broken.
In one case it took Apple over a year to fix the problem.
If Apple is going to truly compete in the enterprise market, they need to change their thinking. First, security is important and trumps even user experience. Second, they need to stop letting the marketing department decided what gets fixed.
I want to see Apple succeed, but unless they get it, I'm afraid they are going to just become another Microsoft.
Sure, Apple should be doing this on their own schedule, but they already posted it - changing it now for an alpha release of 10.3 is just not a valid justification.
Of course it will be fun to watch Steve in his keynote production number, showing off non-existant hardware and features ( anyone remember Rendezvous inabled iTunes? ), but I'm going to the conference as a developer, not as an audience member.
Apple is going to lose face with this one. Not only are people going to have to change reservations, but I know of at least one other conference that is going to have to reschedule. What a pain.
After using Safari for a few hours, it's already kicked Omniweb out of my dock.
My only concern so far is how it handles cookies. Omniweb allowed me to accept any cookie and then delete it on exit unless I explicitly said keep it. That way, I could keep my google preferences, but delete the amazon.com tracking cookies. Safari has an all or nothing sort of attitude. I can either accept all cookies, accept no cookies, or be asked for each one. None of these are really acceptable.
After some poking around, I found that all the cookies are stored in an XML file found in ~/Library/Application Support/WebFoundation. For now, I'll have to setup my LogoutHook to remove this file for me. Better yet, anyone know of an easy way to parse the XML and only keep the cookies I want?
From what I've read, this is a NeXT feature that Apple was smart enough to keep around.
Apple hasn't written too much, but they do have this doc.
Also, macosxlabs.org has written a doc that fills in some gaps.
If you are going to be doing a lot during login/logout, you might want to checkout iHook from the University of Michigan. It's a great little tool that give a GUI to boring old shell scripts.
In conjunction with a LoginHook to mount the drive, you could use the LogoutHook to unmount it. You could even write the script to make sure that only drive X is made available to user X.
That way, you, your S.O. and the kids could have their own private porn collections.
The LoginHook is run as root and is passed the user name as $1. We use it to create dynamic AFS mounts on login now, so I don't see why it would work in this case.
OS X has support for PAM built in, so if you have hardware that runs on OS X and a PAM module to access it, it will "work" on OS X.
The problem is, Apple's LoginWindow use of PAM is broken in 10.2.2 (I've not had a chance to try it on 10.2.3) Without a LoginWindow that is PAM aware, there is really no point of using an authentication method beyond what Apple provides.
Slashdot Mirror
You can read more about this research and see some videos of the robots in action here.
We already have AFS deployed and want to provide simple, file level access without requiring software to be installed on the client. We're not trying to replicate AFS, just make it easier for people to access what's there. Users that need everything that AFS has to offer would be directed to the full AFS client.
Anyone have a pure kerberos or PLAIN+TLS SMB to AFS translator up and running? I love AFS, but it would be nice if users didn't have to install any extra software just to access their files.
For those who don't want to read the entire article, try the much shortened haiku version. It's the fourth haiku down.
Apple's samba patches have also never made it into the main code because they break samba on windows.
Anyone can create a patch. The hard part is working with others.
Again, it's the "Power of open source. The Stupidity of Apple."
AOLisa
I think it's really interesting that Turing chose a gender guessing game for his test. Maybe it was his attempt to step out of the closet a bit, or to suggest that gender is easily disguised.
Sure, this might be a secure OS, and you might be using "Systems Management," but unless you are using something like radmind to fully tripwire your machine, you really don't know what's there.
From the redo_prebinding man page: "Redo_prebinding is used to redo the prebinding of an executable or dynamic library"
Shouldn't the prebinding on programs only change at major OS updates or changes to the libraries they access?
Yes, but I'd even go further to say that the OS should never change a system file without my intervention.
Shouldn't Application Packages already be excluded from backups for the most part anyway?
Sure, but when you are talking about a large scale deployment, you can't always control what end users backup.
More importantly to me, prebinding breaks tripwire. When a file is rebound, it triggers a tripwire event, adding noise to my reports. With so much noise, it's hard to tell what's important what's not. Tools like radmind from U of Mich alleviates this problem somewhat by integrating tripwire and system updates. But unless it, and other tools that use checksums are taught the horrors of prebinding, they won't work right.
Apple, and other system vendors need to consider these types of management issues when making a change. Speed improvements are only good if they are "management friendly"
wayback has some listings for gmail.com, but it's been blocked with a Robots.txt. I wonder what the history of the gmail.com domain is and if someone made some cash selling it to google?
Okay you are right. I should have said, asked "how can you do this with an free, open source solution on windows". My bad.
As the system administrator for the project, that best part is I can roll back any changes. Say, if apple were to release a bad update, I could just remove the overload and everyone would be back at say, a working 10.2.7.
Let's see you do that with windows.
I'm hosting two upcoming games in Michigan, one this fall and one next spring.
What is a this all about? There are several types of these events: "games", "mini-games", and "road rallies". They are often compared to scavenger hunts and treasure hunts, though they are usually much more complex. The hosts of the event spend months planning the events, preparing and testing clues, and recruiting teams to participate.
What is a "game"? Games usually last 24 to 48 hours and are the most intricate and difficult type of road rally. Teams must apply to participate prior to the game and submit fees which can run into the hundreds of dollars. Games are usually held in large cities, only a few times each year.
What is a "mini-game"? Mini-games are related closely to games. They last no longer than twelve hours and attract teams of different skill levels. They are often the gateway event to the more complex games.
What is a "road rally"? Road rallies are the shortest of the game events. They usually last from three to five hours and entrance costs are minimal. They are often held in the evening ending at a restaurant where teams converge and a winner is declared. Road rallies can be found in many suburbs, large cities, and even rural areas. Often times road rallies are hosted by church groups, singles networks, neighborhood associations, or held as annual events.
What is a team? Teams consist of typically four to eight people who enter the game event as a group. Skill levels of teams can range from total novices to veteraned experts depending on the type of event. Teams must provide their own transportation, required and suggested supplies, and clue-solving ability.
What's a clue? Clues are the guts of any game event. Clues can be as simple as a crossword puzzle or a word search or as complicated as decoding a message using cryptographic algorithms. On the more creative side, clues can be hidden in objects requiring manipulation to find.
Why do I need transportation? A clue's solution will lead a team to a destination where the next clue will be hidden, revealed, or opened. Some game events are designed so teams can walk between the clue locations while others cover hundreds of miles. The hosts of the game event will indicate what type of transportation is required.
What are typical supplies? Game event hosts will provide a list of required supplies which could include a specific almanac, a ruler, spare change, specific maps, phone books, a compass, etc. Experienced teams will often supplement this list with supplies known to be useful: cell phones, graph paper, a collegiate dictionary, etc.
This is exactly what my experience has been with Apple. I have worked with them on two serious bugs now and both times they have treated me like it was my fault their software was broken.
In one case it took Apple over a year to fix the problem.
If Apple is going to truly compete in the enterprise market, they need to change their thinking. First, security is important and trumps even user experience. Second, they need to stop letting the marketing department decided what gets fixed.
I want to see Apple succeed, but unless they get it, I'm afraid they are going to just become another Microsoft.
When the kerberos server dies? A sysadmin who runs a service with a single point of failure like should expect hell to break loose.
Of course it will be fun to watch Steve in his keynote production number, showing off non-existant hardware and features ( anyone remember Rendezvous inabled iTunes? ), but I'm going to the conference as a developer, not as an audience member.
Apple is going to lose face with this one. Not only are people going to have to change reservations, but I know of at least one other conference that is going to have to reschedule. What a pain.
My only concern so far is how it handles cookies. Omniweb allowed me to accept any cookie and then delete it on exit unless I explicitly said keep it. That way, I could keep my google preferences, but delete the amazon.com tracking cookies. Safari has an all or nothing sort of attitude. I can either accept all cookies, accept no cookies, or be asked for each one. None of these are really acceptable.
After some poking around, I found that all the cookies are stored in an XML file found in ~/Library/Application Support/WebFoundation. For now, I'll have to setup my LogoutHook to remove this file for me. Better yet, anyone know of an easy way to parse the XML and only keep the cookies I want?
Apple hasn't written too much, but they do have this doc.
Also, macosxlabs.org has written a doc that fills in some gaps. If you are going to be doing a lot during login/logout, you might want to checkout iHook from the University of Michigan. It's a great little tool that give a GUI to boring old shell scripts.
That way, you, your S.O. and the kids could have their own private porn collections.
The LoginHook is run as root and is passed the user name as $1. We use it to create dynamic AFS mounts on login now, so I don't see why it would work in this case.
OS X has support for PAM built in, so if you have hardware that runs on OS X and a PAM module to access it, it will "work" on OS X. The problem is, Apple's LoginWindow use of PAM is broken in 10.2.2 (I've not had a chance to try it on 10.2.3) Without a LoginWindow that is PAM aware, there is really no point of using an authentication method beyond what Apple provides.