Entries (RSS)  |  Comments (RSS)

Taming the Leopard

Retina.net runs on a Mac Mini, co-located through business cable service. For the last 8 months it’s been running on Mac OS X Tiger (10.4) with very little in the way of problems. Yesterday I started an upgrade to Leopard, which created many more problems than expected.

Major issues and caveats I experienced

  • No more NetInfo – All of the scripts that I wrote to use ‘niutil’ now use dscl, the directory services editor. This is more of Apple’s push to get people off of NetInfo and onto a pure LDAP solution. The Leopard installer migrates most of this for you, but can’t deal with duplicate user accounts.
  • Postfix users now listed as _postfix instead of just postfix – This broke my postfix installer and dovecot install. My existing user had UID 27, so _postfix and postfix had the same UID. oops!
  • Ruby/Rails now in the OS – Yay! This is great, but watch out for existing installed gems, which might get cooked as part of the process. Prior to your upgrade to 10.5, go into your existing rails apps and run “rake rails::freeze::gems”, or pay the price.

Postfix and Dovecot problems:

  • Both experienced a problem where users would disappear after awhile. (Dovecot: “AUTH FAIL” and in Postfix: “Local recipient unknown”)
    • Restarting them would fix this problem for an indeterminate amount of time
    • Recompiling from source against the 10.5 SDK barely fixed the problem
    • Replacing my build, deleting the OSX default install, running ‘port install dovecot; port install postfix +pcre +tls +sasl’, and then migrating all of my configuration files to /opt/local/etc/postfix fixed everything!
    • It also helps if any user IDs that you add to Directory Services also exist in /etc/passwd  and any new groups in /etc/group Apple says  in their comments that the files are not consulted unless the system is in single user mode, but that’s completely not true. Some programs are linked to old code which will still consult the flat files, like mailman and certain python libs.
  • Ownership of the mailqueue needs fixing after the 10.5 install
  • postfix check still fails with strange errors, like claiming that basic Unix commands (ps,ls…) don’t exit. PATH issue?


  • Need to add “AcceptMutex flock”, otherwise Apache loses control of the mutex and cannot accept any further connections on children. Crashes occur randomly when a child doesn’t release the lock in time. This is certainly an issue with mutexes on 10.5

Aside from these issues, all is well. The Mini’s second job in life is to sit below our 46″ LCD TV, and play movies. Having some of Leopard’s features for that (like an improved Front Row) really helps.

Off I go to check /var/log/mail.log for the 10000th time today…

This entry was posted on Monday, February 25th, 2008 at 8:01 pm and is filed under apple, OS X, systems administration. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.


Leave a Reply