We use the machine_specific_data.csv file to provide identity information at boot time. This turns out not to be such a hard step, as we have to enter all of this information somewhere anyway. I've just set up scripts so that we enter it once, into this file, and everything is automated. The file is installed into the netrestore install image, and it is also read and used to tell netboot filters that all the hosts listed there are ok to netboot.
We've made a few minor additions through scripting to the netrestore. We run my warranty script to fill in the Apple Remote Desktop Text1 information field with the warranty expiration date. We've also added a script which sets the hostame, as the this is not set by the script that sets the computer name.
I've seen many reports out on that InterWeb thingy that they have slow NFS performance. I can only report that in a fairly standard setup, I'm not seeing it in simple tests, and the users aren't complaining. A quick test copying a 13 Meg file both in and out of my home directory (served by a NetApp) shows that it completes in about 1.2 seconds, which is about as fast as anyone is going to see on a 100 Mbit connection. Another test copied a 282 Meg file in 26 seconds, this time from a Linux server to a local hard drive. Again, this is so close to maximum that no one could complain.
We have other automounted directories besides home directories, for various projects, and data directories (lots of data in astrophysics). Some served by Linux and some by Solaris. There are some problems with default settings for reserved ports. Things are fine on Suns and NetApps (in our configurations at least; I can't really tell you without looking if they're actually the default). But the default on Linux servers is to require a reserved port, while the default on OS X is to not use a reserved port, so you get "Operation not permitted" (note that this is not the same as "Permission Denied").
You can fix this problem on either end. On the Mac end, edit /etc/autofs.conf, and add ",resvport" to the AUTOMOUNTD_MNTOPTS.
To make Finder happy, we don't automount the applications directory with NIS maps. We use fstab, and we mount it under /Network, where Finder expects things to be mounted. Then a symlink from /Applications/whatever to /Network/Applications makes it extra easy for our users. Of course there's still a Finder bug where the contents don't always show up until you click a second time, but at least it's mostly consistent so users can get used to it.
fix-setup lives in a directory with a bunch of files to be installed, and it knows what the permissions and ownership should be on everything. It only changes files if they need to be changed, comparing contents, and permissions.
Specific hosts can have their own custom copy of a file, by making a subdirectory with the hostname, and putting the file in there. You can grab a blank copy of the script here. Edit one line near the top, and add your setup commands at the bottom.
Here's our current list of files we change, and why:
/usr/libexec/automountd | We install our own version to fix a bug with automounting replicated filesystems. |
/usr/libexec/ntpd-wrapper | We don't use the authentication option, and we initialize to a local server |
/etc/ntp.conf | We use multicast ntp. Works fine, but something keeps sticking apple back in as a time server every now and then. |
/etc/auto_master | Our Mac installation has some custom maps not used by our Solaris and Linux |
/etc/auto_opt | This is a custom map just for the Macs. It's for MacPorts. |
/etc/fstab | This mounts our centralized application directory into /Network/Applications |
/etc/autofs.conf | Set the resvport option so that aotomounting plays nice with the systems that expect that (Linux). |
/etc/hostconfig | I think the change we make here is MAILSERVER=-YES- |
/etc/ssh_config, sshd_config | Local changes to match our other systems |
/etc/postfix/main.cf | Local mail configuration, so command-line mail works properly. |
/etc/pam.d/su | Allow our local admin group to su straight to root. We haven't resolved differences in groups between Solaris, Linux, and OS X. It's a somewhat daunting problem at this point, but we'll get to it. |
/etc/paths | We take out the sbin directories from general users. |
/etc/paths.d/*, /etc/manpaths.d/* | We add f_MacPorts and t_Fink files into these directories to add appropriate paths and manpaths for macports and fink. The f_ and the t_ are arbitrary letters to get the path elements in the order we want (and after the X11 that's already in that directory). |
More Mac OS X Stuff
Fine's Home |
|
Send Me Email |