> OSX is certainly a better choice for the pointy-pointy-clicky-clicky masses than windows by far. OSX is not, nor will it ever likely be made for serious hackers or sysadmins that actually care how things work at a low level
This is an extremely short-sighted, elitist point of view. Stuff like DTrace are absolutely fantastic and quite low-level, and applications like Instruments are quite helpful.
> like to
> choose their own window manager
Hmm that's 'low level' for sure.
> manage memory
OS memory management is incredibly tough. J. Random Hacker certainly has a hard time following LKML discussions on the subject, let alone diving into the code. echo'ing stuff in /proc/sys/vm/swappiness does not count as hackerdom on the subject.
> write/apply kernel patches to support new hardware
Nothing prevents you from writing kexts.
> run enterprise-level systems with rebootless kernel upgrades
I doubt the majority of linux servers are running Ksplice or kexec'ing into the new kernel. Your typical Debian install needs a reboot for the new kernel to be picked up.
> have low level file-system control/choices
I think HFS+ has done its time and needs to be phased out, and I would have loved for ZFS to not be acquired by Oracle. Still you can control journaled-ness and case sensitivity of HFS+ drives, which is nice. You can come up with whatever partition scheme you want since /etc/fstab is respected. Also, you can certainly implement/port all the filesystems you want, either 'natively' or through Fuse.
> get and apply same-day security patches
This is an area where the open crowd kicks ass. Many vulnerabilities though are not in the kernel or the base OS but in third party software, which can possibly run nicely on OSX and benefit from openness.
> have custom kernel-level security extensions that compile into every binary on the system
I'm not sure what you mean by that but if you have kernel security compiled in a userland program to be effective, you've got a problem.
> It is also certainly not for the wider range of users and developers that want an operating system they can install on their existing hardware that for most common tasks "just works"
This is true but ironically, I recently built a hackintosh on a Dell XPS 8300 which required much fewer hacks than Ubuntu to simply work. (Debian did not stand a chance as it would have been running half of Sid). Arch Linux fares better but needed quite some work to achieve a fully working environment. Yet in the end OS X is still a better fit for the machine.
> and/or want to easily manage all the software on their system with a mostly unbiased package repository system where everything is free, and where most of it can be legally modified.
Homebrew fits the bill. Also note how most of the Unix userland and a good part of the kernel is actually open [0].
So I assure you hackers can have plenty of fun poking around and living daily inside OS X.
A well constructed reply. I probably will not be as organized but here goes:
Certainly OSX is becoming a lot more open in some respects. There are clearly some people in Apple that have been trying to make some changes for a while, and I applaud that and hope to see it continue. The fact they ship with a lot of major open source tools makes me happy.
Even on my side of the fence I will go as far as to say there are plenty of tools in OSX to meet most needs of most developers.
Also a window manager is not "low level" in the traditional sense. I could of worded that better. It is however something at a lower level than one can have any control over on OSX. If you choose OSX you _must_ accept Apple's choice of window manager. I on the other hand use Awesome, a tiling window manger with a Lua driven UI which allows me to edit just about anything in the UI and reload it on the fly without logging out. Typically everything runs in a single process that consumes well under 20MB of ram. That's the kind of control that OSX does not offer. Sure it is not "low level" but it sure feels that way on OSX when you can't do anything about it no matter how much you program, it's simply outside of the range of what the platform allows short of hacking binaries or running an XServer on top of the existing OSX desktop.
As for memory management I would expect any novice linux sysadmin _should_ know how to go through and kill all unneeded processes, run headless, build a lean kernel tailored to the hardware etc. I make even interns learn how to do things like these. Any professional sysadmin should also know how to build in extensions like PaX or selinux, and recompile any user-land binaries as needed to to support it. For sensitive systems you can also build a hardened toolchain and compile every single binary on your system through it. This means you can force position-independent executables, stack smashing protection, and compile-time buffer checks, which can prevent a lot of 0days in other people's code that might otherwise work with "virgin" binaries. I do all of the above for all my production systems. I also at least always compile my kernels with Pax which randomizes memory addressing schemes at compile time. This way as well so kernels will map memory the same way for added protection against many 0days which will often assume stock memory mapping.
There are lots of things you can really only do to protect a system, if you have all the code sitting there. In OSX you just have to cross your fingers there are no 0-days in any system processes, or that if there are... that apple gets around to fixing them and deploying them fast.
In regard to ksplice, your right. I said enterprise here for a reason. Most sysadmins won't touch it for most uses. People that do know what they are doing with it however and can't afford downtime make use of tools like these to keep boxes online, and even can justify far more frequent kernel updates than they might ordinarily. In OSX you don't even have the possibility to do such things. Most system level updates require a reboot, period.
in response to OSX running better on non-apple PC hardware than Linux... I am hard pressed to buy that without more detail of your exact issues.
Homebrew... Homebew is neat. Truly a step in the right direction. Every OSX install I do, It is the first thing to go on. It only has perhaps a fraction of a percent of the number of packages in a modern Linux distribution, but it at least has a lot of the important command line tools. I really hope this project matures and gets more community support to bring a wider range of open tools to the table. I used macports for a while but broken packages at every turn made it rather unusable.
Regardless, it is still just a fledgling effort. Personal use? Sure, but I would certainly not trust it for a production system. Many packages are very out of date, or are having to deal with the most recent OSX-compilable builds. It's better... but they have a long way to go yet. I do welcome anything encouraging more open source adoption without the OSX crowd though.
Fear not, as your reply is perfectly organized to me :-)
It is all the more interesting because it goes to the point I willfully chose not to make in my previous comments, namely that Mac OS X (in its current form at least) is unfit for most server roles. I think that there is a use case for SOHO and that even then it needs improvements to seriously tackle that area.
For developers and hackers by large it's more than adequate though.
> in response to OS running better on PC hardware than Linux
The exact phrasing would rather be "running better on my PC hardware" :-) as it's of course purely anecdotal evidence.
> I am hard pressed to buy that without more detail of your exact issues.
I started writing something, but it's really growing out of scope, so I will probably end up writing a full-blown post about it (which includes details about window managers)
PS: Awesome rocks and is one of my WM of choice, together with xmonad.
This is an extremely short-sighted, elitist point of view. Stuff like DTrace are absolutely fantastic and quite low-level, and applications like Instruments are quite helpful.
> like to
> choose their own window manager
Hmm that's 'low level' for sure.
> manage memory
OS memory management is incredibly tough. J. Random Hacker certainly has a hard time following LKML discussions on the subject, let alone diving into the code. echo'ing stuff in /proc/sys/vm/swappiness does not count as hackerdom on the subject.
> write/apply kernel patches to support new hardware
Nothing prevents you from writing kexts.
> run enterprise-level systems with rebootless kernel upgrades
I doubt the majority of linux servers are running Ksplice or kexec'ing into the new kernel. Your typical Debian install needs a reboot for the new kernel to be picked up.
> have low level file-system control/choices
I think HFS+ has done its time and needs to be phased out, and I would have loved for ZFS to not be acquired by Oracle. Still you can control journaled-ness and case sensitivity of HFS+ drives, which is nice. You can come up with whatever partition scheme you want since /etc/fstab is respected. Also, you can certainly implement/port all the filesystems you want, either 'natively' or through Fuse.
> get and apply same-day security patches
This is an area where the open crowd kicks ass. Many vulnerabilities though are not in the kernel or the base OS but in third party software, which can possibly run nicely on OSX and benefit from openness.
> have custom kernel-level security extensions that compile into every binary on the system
I'm not sure what you mean by that but if you have kernel security compiled in a userland program to be effective, you've got a problem.
> It is also certainly not for the wider range of users and developers that want an operating system they can install on their existing hardware that for most common tasks "just works"
This is true but ironically, I recently built a hackintosh on a Dell XPS 8300 which required much fewer hacks than Ubuntu to simply work. (Debian did not stand a chance as it would have been running half of Sid). Arch Linux fares better but needed quite some work to achieve a fully working environment. Yet in the end OS X is still a better fit for the machine.
> and/or want to easily manage all the software on their system with a mostly unbiased package repository system where everything is free, and where most of it can be legally modified.
Homebrew fits the bill. Also note how most of the Unix userland and a good part of the kernel is actually open [0].
So I assure you hackers can have plenty of fun poking around and living daily inside OS X.
[0] 10.7.3 kernel, http://www.opensource.apple.com/source/xnu/xnu-1699.24.23/