Archive for the ‘Mac OS X’ Category

Problem description: An external disk is constantly spinning, never spinning down to sleep. This occurs even without any visible applications running.

If you are still stuck with your problem you can try to monitor low-level disk-operations using some of the utilities included in recent versions of Mac OS 10.x.

1. Use the fs_usage command to list file-system activity.
See to it that all unnecessary applications are closed before running this tool since it will produce alot of info.
a) Open a terminal window
b) Type: sudo fs_usage -w -f ”filesys” > ./fs_usage.log
c) Wait for a number of seconds while your disk is making sounds (hopefully working and not due to mechanical error), then press Ctrl + c to end the logging-session.
d) Type: nano fs_usage.log to view the log (or open it in your fav. texteditor)
e) There are just a couple of Columns which are interesting to us right now. The second column which shows us the action taken (i.e. open, stat, getattrlist, access_extended and so on), the fourth column containing path-data (i.e. /Volumes/My Drive, /Users/username/directory, /Applications/Appname.app) and the sixth column entailing which process is responsible for the action.

This may give you a hint what is causing your disk activity to be at a constant.
Try finding processes which use your disk and start killing those processes one by one.

2) Identify and kill processes to find the culprit
2 a) In your terminal window, type: sudo ps aux | grep [A]pplication
Example: sudo ps aux | grep [F]inder
jonathanjames 489 0.0 1.6 2925792 65644 ?? S Tue05PM 1:30.20 /System/Library/CoreServices/Finder.app/Contents/MacOS/Finder

The second value ”489″ is the PID (process-ID) which is our handle to the process.
2 b) Type: sudo kill PID
2 c) Check that the process got killed, if not, it is probably involved in some kernel or I/O-activity. Type: sudo ps aux | grep [F]inder – which should return an empty result meaning that the process is killed.

Did the disk-activity stop? Then we might have found the culprit. If not, it could be caused by a system-process, kernel-involved process or a process currently performing I/O-operations (which prevents kill from killing the process). In this case, see to it that you keep the amount of open applications to an absolute minimum (preferably no open applications at all) and perform the following kill-statement: sudo kill -9 PID

This should kill off any running process, even if it is currently doing I/O, certain kernel operations (at least storage-related ones).

This technique is enough most of the time, you could check out a service called diskarbitrationd (launchd is used to launch this in Snow Leopard, use the launchctl command). If you supply diskarbitrationd with a debug-flag you can get all disk-access logged to /var/log/diskarbitrationd.log.

The tftpd-server is included in Mac OS X but is not loaded by default.
The configuration-file is found in the LaunchDaemons directory /System/Library/LaunchDaemons/tftp.plist.
I’ll step through the whole process to get the TFTPd server up and running.

We will first have a look at the configuration file (use your editor of choice, I use nano):
$ sudo nano /System/Library/LaunchDaemons/tftp.plist


There are a couple of arguments which I want to add here and I’ll explain why. The first one I would like to add is logging to syslog.

Inside the span of <array></array>  just after <key>ProgramArguments</key> add:
<string>-l</string>

If you want extra verbose logging add the following
<string>-d</string>

We want to add some security by chroot:ing to the specified directory (/private/ftpboot in the xml-file displayed above) upon startup.
<string>-s</string>

Start the tftp daemon.
$ sudo launchctl load -wF /System/Library/LaunchDaemons/tftp.plist

The –w switch tells launchctl (same as launchd but takes arguments) to change the Disabled-key to true. The –F switch forces the loading of our plist-file, even though the key is set to “Disabled”. This all means that we will be able to pass our plist-xml-file without getting an error telling us “nothing found to load”.

We can check that our tftp is running by using the lsof-command:

$ sudo lsof –i:69
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
launchd 1 root 77u IPv6 0x08adc8ec 0t0 UDP *:tftp
launchd 1 root 89u IPv4 0x09bfeb2c 0t0 UDP *:tftp

or by using netstat

$ sudo netstat –a | grep ‘tftp’
udp4 0 0 *.tftp *.*
udp6 0 0 *.tftp *.*

Your tftpd should now be up and running. Remember, you may only upload files which are already created and which you have write access to (or you will get an “Access violation” error in both cases).

In the example displayed below I first create a text-file in our tftpd-directory /private/tftpboot with the contents of “testserver”. I then switch to my home directory and create another file called test.txt with the contents of “testclient” this is to illustrate that the tftp actually works once we get everything up and running.
In this example we get an access denied error, due to our file-access permissions not permitting us to write to the file.

$ cd /private/tftpboot
$ echo testserver > test.txt
$ cd ~
$ echo testclient > test.txt

$ tftp localhost
tftp> trace
Packet tracing on.
tftp> verbose
Verbose mode on.
tftp> put test.txt
putting test.txt to localhost:test.txt [netascii]
sent WRQ
received ERROR
Error code 512: Access violation
tftp> quit

We set our permissions so that the file becomes writable
$ chmod 666 /private/tftpboot/test.txt

Lets try it again:

$ tftp localhost
tftp> trace
Packet tracing on.
tftp> verbose
Verbose mode on.
tftp> put test.txt
putting test.txt to localhost:test.txt [netascii]
sent WRQ
received ACK
sent DATA
received ACK
Sent 12 bytes in 0.1 seconds [960 bits/sec]
tftp>

Now lets try to get the file.

tftp> get test.txt
getting from localhost:test.txt to test.txt [netascii]
sent RRQ
received DATA
Received 12 bytes in 0.0 seconds [inf bits/sec]
tftp> quit

If everything works, both our test.txt files which previously held “testserver” and “testclient” should now hold “testclient”.

$ cat /private/tftpboot/test.txt
testclient
$ cat ~/test.txt
testclient


We are up and running.
If we want to shut down the tftp daemon we execute the following command
$ sudo launchctl unload /System/Library/LaunchDaemons/tftp.plist

Check that the daemon isn’t running anymore
$ sudo lsof –i:69
$

More information on tftpd for Mac OS X:
Enter “man tftpd” (without quotes) in a terminal window or visit
http://developer.apple.com/mac/library/documentation/Darwin/Reference/ManPages/man8/tftpd.8.html