TweetFollow Us on Twitter

Ghost In The Machine

Volume Number: 21 (2005)
Issue Number: 5
Column Tag: Programming

The Source Hound

Ghost In The Machine

by Dean Shavit

"The mind is not a non-physical substance residing in the body, 'a ghost in a machine,' but a set of capacities and abilities belonging to the body."

Gilbert Ryle, Concept of Mind (1949)

Mea Culpa

First, before I go any further, I have to say the following: I am a liar. In last month's Source Hound, I promised to bring MacTech readers an investigation into Tiger Server's new extended permissions a.k.a. Access Control Lists. While I am sure that I could have "bitten into the topic" with the Source Hound's special flair, it appears that Ed Marzcak, my fellow columnist, had an ace up his sleeve, so he'll be covering Tiger Server's ACLs.

One of Us, One of Us

If you've ever worked in corporate IT, the verb "Ghost" (as in 'to Ghost') is sure to conjure up an image familiar to many, that of a Help Desk Analyst, floppy disk in hand, with a big smile on their face: "So, your PC giving you a bit of the 'ol trouble no, well , go have yourself a cup of coffee and when you come back, it'll all be right as rain." One reboot later, a few keystrokes, and the Windows PC is back to pristine condition, barring no hardware trouble. It's magic.

Cloning hard drives has been the standard in corporate PC support and rollouts since the mid 1990s. It's a great way to cut the installation times for the Windows Operating System and applications down to minutes in some cases, rather than hours. Network home directories or "roaming" profiles, where the users' data resides on a server, rather than the local workstation, makes cloning almost standard operating procedure for fixing even the smallest of software glitches. While the "Imagists" are often thought of as a school of modern poets, whose ranks included William Carlos Williams and T.S. Eliot, today "imagists" are a highly-skilled loosely-knit group of tradesmen (and women) who spend their days managing a single image--operating system and software (sometimes referred to as a "standard image") that gets deployed onto dozens, hundreds, or even thousands of similar PCs.

The verb "Ghost" comes from the same type of lexical twist as calling every variety of Cola a "Coke." Symantec, the maker of antivirus and disk utilities for the Macintosh purchased the Ghost hard disk imaging solution from Binary Research Limited in June of 1998. As a defacto standard in the IT world, Ghost was and still is the preferred cloning solution for Windows PCs. At the time, I remember more than one person inquiring as to why Symantec didn't ship a Mac version of Ghost, since Symantec was a company that heavily supported the Mac with Symantec Anti-Virus (now Norton Anti-Virus) and the indispensable Norton Utilities suite of disk tools. The standard answer to that question was "with the Mac OS, you don't need to clone systems, as you can simply drag and drop a System Folder from the network or even pre-installed applications." That indeed was true. At the time, all you really needed to clone a Mac OS system and all applications was a SCSI hard drive big enough to hold everything.

In My Image

Working with images of floppy disks was nothing new to the Mac OS, even in the late 1990s. Until System 8.1, for example, Apple's installer technology used self-mounting disk images on the offhand chance someone would actually need to produce the nineteen floppy disks to install System 7.5.3 on, let's say, a PowerBook 5300 without a CD-ROM drive. Utilities such as DART (Disk Archiving Tool) and Disk Copy became more commonplace as installers grew larger and larger as Apple maintained compatibility between Macs with floppy drives and those with CD-ROMs.

Eventually, Apple did away with the floppy drive altogether, and now, with the retail release of OS X 10.4 Tiger shipping only on DVD-ROM, Apple is trying to do away with the CD-ROM as installer media as well. This is a pattern that repeats itself every time a type of media becomes unwieldy. It was not uncommon, for example, that an iMac or PowerMac G4 shipping in 2001 with OS 9.2.2 and OS X 10.1 would have a set of six or more restore CDs included. Running the software restore sequence would put the computer back into factory condition with all bundled software included. For those of us who were curious about the restore process, a little investigating led us to discover a nifty program called ASR (Apple Software Restore) hidden away on the first restore CD.

Figure 1. Classic Mac OS Disk Copy and ASR, Circa 2001

Those of us who played with the Classic Mac OS version of ASR found it could do some interesting things for deploying many Macs at the same time. In late 2001, I used ASR to roll out 35 iMacs at a customer's site in a single day. I prepped a single iMac and tested it for a while, made tweaks and updates until everyone agreed that it was ready, then used ASR to clone it to the rest of the iMacs using Firewire Target Disk mode.

The Ghost Reappeareth

Prior to the release of OS X 10.2, ASR (v1.1) was available only upon "special request" from an Apple System Engineer or an AppleCare representative. This first and unsupported version of ASR had a pretty short life span, because by the time August of 2002 had rolled around, Apple released OS X 10.2, along with a spiffy new version of Disk Copy and ASR as a supported command-line tool (Disk Copy was later rolled into Disk Utility with OS X 10.3).

It was about this time that I re-discovered ASR as a useful tool for cloning Macs, mostly out of need for refreshing our ten training Macs at our office. At first, I'd set up NetInstall (which, by the way, deserves another look in Tiger Server) but had found it slow and awkward, even though I was able to automate the installation of OS X and several applications. ASR, it turned out, was exactly what I needed.

Like Peanut Butter and Chocolate

By itself, ASR is the "Peanut Butter" of the cloning process, and without disk images, the "chocolate," is only really useful for making a quick down-and-dirty copy of a hard disk, as I'd done back in 2001 with the 35 iMacs. But this is still a great thing. Let's take the retail Tiger Install DVD, for example. If you have a number of Macs without the ability to read a DVD drive, your only alternative is to order the $19.95 CD media exchange kit directly from Apple. This is hardly convenient. Not only that, you'll still have to swap out three or four CDs during the installation.

The solution to this dilemma's rather simple. You'll need to insert the Mac OS X Tiger install DVD into a computer, and attach a Firewire hard drive, making sure to uncheck the "Ignore Ownership on This Volume" checkbox in the "Get Info" window of the disk. If you don't want to use up all of the space on the Firewire drive, you might want to partition it beforehand, setting aside 4.2 gigs for the installation files. Insert the Installation DVD, attach the Firewire Drive, and issue the following command in the Terminal:

classadmin:~ classadmin$ sudo asr -source /Volumes/Mac\ OS\ X\ Install\ DVD/ -target
   /Volumes/Firewire/ -erase
        Validating target...done
        Validating source...done
        Erase contents of /dev/disk2s10 (/Volumes/Firewire)? [ny]: y
        Erasing target device /dev/disk2s10...done
        Validating sizes...done
        Restoring  ....10....20....30....40....50....60....70....80....90....100
        Remounting target volume...done
classadmin:~ classadmin$ 

Note the presence of the -erase flag in the ASR command. This is very important. Without the -erase flag, ASR will perform a file copy rather than a block copy, which will copy items "in place," overwriting folders that exist with folders of the same name from the install source, yet leaving in place any other extant folders. Not only can this potentially be messy, it can also be disastrous if you accidentally miscalculate what's going to be installed or think that somehow the source and destination will "merge." Possible data loss aside, the file copy or "restore in place" is going to be much slower than the fast block-level copy that the -erase flag enables. Using the block-copy, the whole process takes exactly nine minutes. Now, you can boot off of the Firewire disk by holding down the option key at boot time or selecting it in the Startup Disk System Preference (double-clicking the black "Install OS X" icon in the Finder won't work) and run that upgrade installation or archive-and-install or nuke-and-pave (erase and install) right from that same Firewire drive at an installation speed that'll average less than ten minutes. If you've got a lot of installations to do, and don't want to use a standard image, using a Firewire drive instead of the DVD drive is a real timesaver

Hey Tiger, Your Ectoplasm is Showing!

One of the new "features" of Tiger is a change in the way the Finder handles invisible files. Many of us veteran cloners have noticed that the ".hidden" file that lived at the root of the startup disk in previous version of OSX, has been sloughed off in favor of "genuine Mac OS 9 style" invisibility flags. While the ".hidden" file was a pretty elegant solution, allowing Mac admins to specify additional invisible folders such as /sw for Fink ( installations. What is rather inelegant, and at first glance pretty spooky, is what happens after OS X 10.4 is cloned--the formerly invisible links to /etc, /var, /tmp, and the /Volumes directory (and perhaps all of the rest, as in the figure below) become visible. To fix this, a cloner either needs to recreate the .hidden file (which is still respected by OS X 10.4) with the tmp, var, etc and Volumes entries, of course making sure to set the proper permissions when finished, or follow Apple's instructions, which requires having the Mac OS X Installation DVD inserted:

Figure 2. Ectoplasm On

Figure 3. Ectoplasm Off

Using a .hidden file:

\imacg4:/ mostadmin$ sudo vi .hidden
imacg4:/ sudo chmod 444 .hidden
Using Apple's Directions from Knowledge base article number 30167:

classadmins:~ classadmin$ cd /Volumes/Mac\ OS\ X\ Install\ DVD/System/Installation/
classadmins: /Volumes/Mac OS X Install DVD/System/Installation/Packages/OSInstall.mpkg/
   Contents/Resources classadmin$ sudo ./SetHidden /Volumes/Mac\ OS\ X\ Install\ DVD\ 1/
set invisible: "/Volumes/Mac OS X Install DVD 1/bin"
set invisible: "/Volumes/Mac OS X Install DVD 1/dev"
set invisible: "/Volumes/Mac OS X Install DVD 1/etc"
set invisible: "/Volumes/Mac OS X Install DVD 1/mach"
set invisible: "/Volumes/Mac OS X Install DVD 1/mach_kernel"
set invisible: "/Volumes/Mac OS X Install DVD 1/private"
set invisible: "/Volumes/Mac OS X Install DVD 1/sbin"
set invisible: "/Volumes/Mac OS X Install DVD 1/tmp"
set invisible: "/Volumes/Mac OS X Install DVD 1/usr"
set invisible: "/Volumes/Mac OS X Install DVD 1/var"
set invisible: "/Volumes/Mac OS X Install DVD 1/Volumes"
set invisible: "/Volumes/Mac OS X Install DVD 1/Desktop DB"
set invisible: "/Volumes/Mac OS X Install DVD 1/Desktop DF"
set invisible: "/Volumes/Mac OS X Install DVD 1/.Trashes"

Whew! That's a lot of typing to stuff that Ectoplasm back into the ghostly area of the OS, as it should be. However, don't try running this command on the current startup disk before making your image! Can you say instant kernel panic? I can! Evidently Apple engineers haven't yet found a way to incorporate the "hidden_MacOS9" attributes into the imaging process, which brings us to the our next point: exactly what is the proper process to prepare a clone-able disk image for use for Tiger?

Ghosts of Images Past, Present, and Future

Up until the release of Tiger, the answer to that question was very straightforward: use Mike Bombich's amazing Carbon Copy Cloner (, which could automate several steps of the imaging process, and which is also, by the way, considered by many (myself included) to be one of the greatest AppleScript Studio Applications in existence. Carbon Copy Cloner also alleviated the need to boot off of another drive to make the disk image, saving some time in that regard. However, due to some drastic changes to the way AppleScript Studio handles authentication in Tiger, as well as some Tiger-specific imaging issues, such as the yucky ectoplasm above, Carbon Copy Cloner no longer works, although you can run it from a Mac booted from OS X 10.3 to clone a drive with 10.4 on it. Though Bombich is working on an update to CCC for Tiger, which we'll hopefully see soon, it's also useful to step through the process of creating an image using Apple's Disk Utility.

Step 1: Preparing to Make an Image

In last Month's MacTech, Clay Williams' excellent article "An Introduction to Builds, Creating Them and Using Them in Mac OS X" gave an overview of the process of creating an image for a deployment. While we're not going to concentrate on the nuances of building the "perfect" image here (which is an art form unto itself), let's just say that there's certain "gotchas" to look out for prior to cloning multiple Macs.

    1. Make sure none of the applications on your image require individual serial numbers. Often these will check the network and will simply complain and quit if they detect other copies of themselves running.

    2. Make sure you build your image on the newest, fastest Mac you can get your hands on. It'll make the imaging process snappier, as well as ensure that all of the proper driver-level support is in place for newer hardware, as well as the old.

    3. Create your users accounts after the cloning process, unless you absolutely have no other way to deploy the Macs. I'm not necessarily talking about the "admin" user that's on every Mac, but more so about the end-user. The main reason for this is to avoid the "ByHost" preferences issue where the wrong Ethernet hardware address is embedded in the .plist files. If you need to fix this issue post-imaging, you can download a nifty perl script from: (updatebyhostprefs) which can fix this issue post-cloning if you don't have network user accounts or can't/don't want to create local accounts after the fact.

    4. Make sure you clean up your Mac properly before imaging it and try not to "use" it too much between making images so that the log files, for example, don't reflect spurious information from the "master" imaging Mac. If necessary, force a log rotation by running the weekly maintenance process:

Dual2ghz:/etc/periodic/weekly dean$ sudo ./500.weekly

Then removing any archived log files:

Dual2ghz:/ dean$ sudo rm /var/log/*gz

    5. Another good practice is to "tag" your image with a small text file to identify it, who built it, what the imaging date was, and any other notes that might help you or others you work with remember when/who/did what. I favor naming the text file with a ".log" extension and saving it in the /Library/Logs folder in order to check it with the Console Utility.

Step 2: Creating the Image

In order to effectively make an image from the disk you want to clone, you'll have to boot your Master Mac from another drive, either an external Firewire disk (another Mac in target disk mode will also work quite well) or another partition (I've seen G5s with two 160 gig drives all partitioned up just for this purpose), or, if you just want to go really slow, from the OS X Tiger Install DVD (but you'll still need another drive or partition to save your image on).

    1. Open Disk Utility located in /Applications/Utilities, first, select your master disk on the left-hand side and make sure that "Repair Disk Permissions is not grayed out. If it is, you'll need to uncheck the "Ignore Ownership on this Volume" checkbox choose File > New > Disk Image from Folder. . .

Figure 4. Ignore Ownership toggle in "Get Info" Window

    2. Choose the Folder you want to image, in this case, it'll be /Volumes/YourMasterDrive. Do not choose "Disk Image from Device," as that could wreak havoc with the ASR restore process later on. The "From Folder" option results in a disk image with a flexible partition size that can easily fit the drive you're imaging to. The "From Device" option will cause the restore process to revert to a file copy process rather than a block copy that will slow things down, and might result in unexpected volumes sizes on older version of OS X. For the type of image, choose "Read/Write." Normally, we'd go straight to "Compressed" which is both compress and read-only. But we've got to nuke the ectoplasm first. . . so it's another step for us. . . wait until the image finishes, then go ahead and scrub the ectoplasm by creating a .hidden file, or issuing the command from Apple knowledge base article number 30167 (after inserting the Tiger Install DVD). If you then unmount/remount the disk image, you'll see that all's well again, no ghostly remnants.

Figure 5. New Image from Folder

    3. In Disk Utility, click the "Convert" button and choose the image you just created. For the format, choose "compressed," and give it a slightly different name if saving into the same location, like "image_compressed.dmg." Go grab a beverage or several, depending on the size of your image. When done compressing, you'll notice that the image, if a base install of OS X 10.4.1, has shrunk to 1.5 gigabytes all the way down from 3.5 gigabytes.

    4. Once done converting, we've got to prep or "scan" the image for ASR. This process double-checksums the image and aligns all of the blocks for the fastest possible restore times, and, new to Tiger, is the multicast option. So, regardless if you don't know what multicast streaming is, or if you think you're going to be imaging Tiger, read on, and make sure you use Disk Utility from OS X 10.4 for the next step (though you should be using it for all of the steps). Go to the Images > Scan Image for Restore. . . menu item and select your compressed image. Time for a beverage run. Once you're done, you've got an ASR-ready disk image.

Figure 6. Scanning Image for ASR Successful

But first, before we go off willy-nilly imaging and restoring every single Mac in sight, let's savor the taste of these two great tastes that taste great together, and look into a few other uses for the "chocolate" goodies that we can make with our Disk Utility.

Other Uses for Disk Images

Disk images aren't just useful for cloning or duplicating. You'll find that applications that don't require authentication for installation are often distributed on disk images (.dmgs) for drag-and-drop easiness. Even compressed .dmgs don't require an external helper application to open and mount the downloaded file. But beyond the standard distribute-it-on-a-.dmg practice, there are other great uses for disk images that would otherwise require third-party software or even extra disk drives.

Backup: using a combination of hdiutil, cron, and psync or rsync, you can keep a bootable clone of your hard drive-up-to date as often as you'd like. It's also a great way to "preserve" a configuration of a hard disk before an upgrade (as I did before upgrading to Tiger on my PowerBook) or before sending in a Mac for a hard drive replacement, allowing for a restore to that exact configuration, if the upgrade doesn't go exactly as planned. A compressed disk image is also a nice alternative to .zip archive for long-term file archiving or electronic transfer if you know for sure that it'll be opened on another Mac. A backup script such as the one below will keep a bootable image in sync on a schedule with cron or when double clicked, if wrapped in an AppleScript as below:

do shell script "hdiutil attach '/Volumes/MAC_BACKUP/Macintosh_HD.sparseimage'"
do shell script "/usr/bin/runpsync -d '/Users/$USER' 
   '/Volumes/Mac_HD/Users/$USER'" with administrator privileges
set disk to do shell script "diskutil list|grep Mac_HD|awk 
'{print $5}'"
do shell script "hdiutil detach /dev/" & disk

A couple of things to watch out for are to make sure that the .sparseimage is initially created to be big enough to encompass all of the data it might eventually hold, and also that the like which contains the "awk" statement is properly adjusted based on the capacity of the disk, and the version of diskutil you're using, whether it be Panther or Tiger.

Security: using the 128-bit AES encryption capability of hdiutil or Disk Utility, you'll be able to store the most sensitive files in a virtually unbreakable cipher. Apple's own FileVault, by the way, uses a combination of the growable .sparseimage format with the AES-128 cipher, but is actually less secure because the password's the same as the login password by default, can be unlocked with the system's "Master" password, and is also stored in the login keychain. For the most secure settings, create a standalone AES-128 encrypted disk image, and never save the password in your keychain.

A safe, FAT haven for your HFS files: Recently, with the price of large (one gigabyte and bigger) keychain (USB) flash drives coming down to below $100 or even $49, they've become viable as a data transfer tool, quickie backup device, or even a data recovery or troubleshooting tool. However, in these days of OS X applications that don't have resource forks or create documents with resource forks, it easy to sometimes forget that nearly all of these USB drives come formatted with the FAT16 file system, which is still unfriendly to Classic Mac Applications, as well as Postscript Fonts, and QuarkXpress Documents, just to name a few. If you copy a file from your Mac to a FAT16 keychain drive, you'll separate the resource forks of the files and find that your Applications, Fonts, and other document may be trashed beyond the point of recoverability. One way around this problem is to format your USB drive with the HFS+ file system using Disk Utility, however, this prohibits the flash drive from ever being used with a Windows or Linux computer. I simply created a "sparseimage" on my USB keychain drive. A sparseimage is the a disk image with a "growable" filesystem. When you create a sparseimage, you have to specify the maximum size it can grow to, but it won't reach that size unless you fill it up. Now, when you attach your USB drive to a Mac, simply double-click the sparseimage to mount it. Put your Mac files in there, and you'll enjoy the best of both worlds, without having to reformat your USB drive.

Prepping for Emulators: often installing an emulator such as PearPC ( or Qemu (, or even Mini vMmac ( for those who want a Mac Plus emulated under OS X requires a blank hard disk image to begin installation of an operating system or host the applications.

Figure 7. Mini vMac Emulator

Disk Utility is Apple's way of churning out blank filesystems that can be in various formats, including UFS, HFS+ with case sensitivity, FAT32, UFS (UNIX File System) or even free space, so that your chosen emulator can recognize and re-format if its chosen filesystem (like NTFS, for example) isn't directly supported by Disk Utility. Simply create a new read-write disk image, mount it, and treat it just like any other disk! Here's a quick tip for emulation fans: don't try the sparseimage format with an emulator, it won't work.

Figure 8. File System Options in Disk Utility

Burning: just about any CD-ROM or DVD-ROM (single layer) that mounts under Mac OS X is a candidate for burning. Even though the Tiger's Burn Folders have made it quicker to make multiple copies of CDs or DVDs, nothing's quicker than using Disk Utility to burn disk images, since OS X preps the burn session as a disk image anyway, increasing processing time. If there are discs that need to be distributed, it's easier to burn them as needed from disk images rather than from another optical disc or from a folder. A multiple-session CD or DVD is also possible with the "Leave disc appendable" option--simply burn additional disk images to the media until you run out of space. Note that ISO-9660 format (used for cross-platform discs) doesn't support multiple sessions.

Figure 9. Burn Options in Disk Utility

Ready, Set, Ghost!

OK, I know you're all excited about what we can do with disk images. Now it's time to start slinging them via ASR. I'll start with the simplest, most straightforward way. Of course, if you're going to be wiping out an entire disk with the contents of another, it should be pretty clear that the drive that's going to be imaged can't be "in use," so I'll have to boot from another disk. In this first example, I'll work from a Mac that's got the hard disk of an iBook mounted in target disk mode. The image is coming from a server volume. It's a simple process to drag the source image into the "Source" section of the "Restore" tab in Disk Utility, tell it to erase the destination, and viola, in just a few minutes I have a perfect clone from my image.

Figure 10. Using ASR from Disk Utility

Alternately, you can boot from the OS X Installer DVD and grab the .dmg from a Firewire drive, then use the "Restore" tab in Disk Utility to image the target drive, but booting from the Installation DVD is quite slow, so you'd even be better off booting from a Firewire disk that had the Installation DVD copied to it as in our very first ASR example. If you're a little more hard core than that, you can always do it the via the CLI:

powermacg4:~ classadmin$ sudo asr -source ~/Desktop/System_asr.dmg -target /Volumes/Firewire/
   -noverify -erase
        Validating target...done
        Validating source...done
        Erase contents of /dev/disk1s10 (/Volumes/Firewire)? [ny]: y
        Erasing target device /dev/disk1s10...done
        Retrieving scan information...done
        Validating sizes...done
        Restoring  ....10....20....30....40....50....60....70....80....90....100
        Remounting target volume...done

There's absolutely nothing wrong with using "a different" hard disk to boot from and then clone your target disk. If you're deploying new machines, right out of the box, it can be a pretty efficient way to go, though you'll have to do one or two or three at a time. However, in some Mass Deployment situations, it's helpful to be able to "re-image" Macs say, at a semester break during a school year without having to go from machine to machine. If that's the case, then you're going to need to use NetBoot, of which the setup details, I'm sorry to say, are far beyond the scope of this article. However, if you've used NetBoot to re-image or deploy a lot of Macs, you'll know that running ASR over afp (Apple Filing Protocol) can put quite a drag on your network, with each additional ASR session taking up more and more bandwidth until all slow to a crawl.

The New Black

Luckily for us, Apple's been thinking a little ahead, and has, with Tiger, given us a new form of ASR: the multicast server. Mutlicasting is based on the concept of a group. The multicast "data stream" (often video or audio) is broadcast one way to a group of addresses that fall in between to, or what's also referred to as the class "D" IP address space. If you've ever heard of a "broadcast storm" you're not far from the concept of a multicast. Therefore, except for special networks such as the Multicast backbone or "mbone," multicasting is not allowed on the Internet. Basically, a multicast is a continuous, one-way stream of data that a group of clients tap into to receive that data stream, and because the mutlicast is delivered to all clients willing to accept it, it can move data much more efficiently than session-oriented afp connections.

While multicast ASR isn't going to help with the requirement to "boot from another disk" or to NetBoot, it could make the process of deploying multiple Macs much faster than ever before. I decided to put multicast ASR through its paces to see how well it worked in the early releases of Tiger. First, I was delighted to find that the ASR multicast server does not require OS X Server, but does require that the ASR multicast client be booted from a Tiger disk. That doesn't mean, for example, that the image being multicast couldn't be OS X 10.3, or even OS 9 for that matter.

The steps for setting up an ASR multicast server are rather simple. First, prepare the image as in the instructions above, but if using an image prepared under Disk Utility for OS X 10.3, be sure to scan the image for ASR again, which will make it multicast compatible. Then, setup the server from the CLI:

imacg4:~ mostadmin$ defaults write ~/Desktop/asrcast "Data Rate" -int 3000000
imacg4:~ mostadmin$ defaults write ~/Desktop/asrcast "Multicast Address" 
imacg4:~ mostadmin$ defaults write ~/Desktop/asrcast "DNS Service Discovery" -bool true

Note that although the man page for ASR suggests that you create the ".plist" file (asrcast in the example above) in the /tmp directory, I've had problems with that, so I just throw it on my desktop or in another folder. The two required settings govern the rate of the multicast, which is very important for both performance and "network safety," which I'll get to in a minute. The second is the multicast address that the server uses. That's not the address for the client to connect to, however, but note that third, optional setting "DNS Service Discovery" -bool true, which activates Bonjour (a.k.a Rendezvous or Zeroconf) for the multicast server. Once all those are entered, the multicast server can be started with:

imacg4:~ mostadmin$ sudo asr -source ~/system_asr.dmg -server ~/Desktop/asrcast.plist/
Multicast server configuration:
DNS Service Discovery: true
Data Rate: 3000000
Multicast Address:
Ready to start accepting clients
Starting stream Tues May 31  05:09:31 2005

And the multicast client, when ready to connect can do it this way:

classadmins-power-mac-g4:~ classadmin$ sudo asr -source asr://imacg4.local -target 
   /Volumes/System -noverify -erase
        Validating target...done
        Validating source...done

        Erase contents of /dev/disk0s3 (/Volumes/System)? [ny]: y
        Erasing target device /dev/disk0s3...done
        Retrieving scan information...done
        Validating sizes...done
        Restoring  ....10....20....30....40....50....60....70....80....90....100
        Remounting target volume...done

It's interesting how well that works: even if the ASR multicast server has a dynamic IP address, you can connect to it by its "computername.local" if you've enabled the "DNS Service Discovery" setting, but then that only works on your local subnet, which incidentally, is where the ASR multicast would most likely be contained, unless multicast forwarding has been properly configured on your LAN.

Multicast Ups/Downs

After giving ASR mutlicast a workout, I've come to several conclusions, none of which are very surprising. At its peak performance, a multicast ASR restore is a little bit faster than a single restore over an afp connection or even a locally attached Firewire disk. The difference is really apparent, however, when you run several concurrent multicast restores, which all take virtually the same amount of time as a single restore, whereas the afp restores start to bog. I could see, that under ideal conditions, multicast ASR could cut the restore times by nearly 75% for a group of 100 network-booted Macs, depending on the size of the image.

Yet running an ASR multicast server isn't without its pitfalls. You have to carefully evaluate how much multicast traffic your LAN can handle. . . as I found out when I first fired up my multicast server. A tcpdump of the network interface of all of the computers in my lab revealed the following multicast traffic:

04:05:58.625372 IP > UDP, length: 1466
04:05:58.626846 IP > UDP, length: 1466
04:05:58.628306 IP > UDP, length: 1466
04:05:58.629778 IP > UDP, length: 1466
04:05:58.631251 IP > UDP, length: 1466
04:05:58.632740 IP > UDP, length: 1466
04:05:58.634217 IP > UDP, length: 1466
04:05:58.635730 IP > UDP, length: 1466
04:05:58.637169 IP > UDP, length: 1466
04:05:58.638630 IP > UDP, length: 1466
04:05:58.640113 IP > UDP, length: 1466
04:05:58.641579 IP > UDP, length: 1466
04:05:58.647351 IP > UDP, length: 1466
04:05:58.648753 IP > UDP, length: 1466

which seemed to be a little bit too much for some of our other network services such our 3Com NBX VOIP phone system, which went offline, or my internal Nagios test server, which promptly emailed me the following warning:

***** Nagios  *****

Notification Type: PROBLEM

Service: current users
Host: nagitest

Date/Time: Monday May 30 05:38:43 CDT 2005

Additional Info:

CHECK_NRPE: Socket timeout after 10 seconds

And then a minute or so after shutting off the multicast:

***** Nagios  *****

Notification Type: RECOVERY

Service: current users
Host: nagitest
State: OK

Date/Time: Monday May 30 05:43:22 CDT 2005

Additional Info:

USERS OK - 1 users currently logged in

Other anomalies included DNS lookup timeouts, web pages that failed to load, as well as afp authentication hangups. It seems that the multicast rate suggested by Apple in the ASR man page is a little too high for practical use for the network at our office, so cutting it in half seemed to help somewhat, but realistically it seemed safer to cut it to a third of the suggested rate, 2000000. Also, any other multicasting devices (phone systems, video streaming, etc.,) or running two multicast servers simultaneously will absolutely kill your network. Also to take under consideration is lowering the data rate at the client side to account for Macs with slower hard drives, less RAM, or slower network connections. It's pretty obvious to me that ASR multicast would be best run on an isolated switch or on a network where everyone had gone home for the day or the weekend. It's a pretty harsh mistress.

In the Black

If you've followed along with me up to this point, you might have already formulated the question that'll I'll answer for you right now. Is ASR Open-Source software? The answer's a big en-oh. So what's the Source Hound doing writing about something not-open-source? Well, it's free, which is close enough for me. Oh, and did I fail to mention that Symantec Ghost starts at $69 a seat? Of course, the cost goes down with volume buys, but the last group of thirty licenses I purchased for a Windows customer came in at about $400, and who knows what the upgrade will cost when Longhorn arrives. Who was it that said Macs were more expensive than PCs?

In Next Month's Source Hound

If you think I like Open-Source software, tune in next month as I sit down for a virtual interview with the grand pubah of Mac Geekery, Drunkenbatman of Drunkenblog ( We'll be discussing a wide range of topics from Open-Source to software development at Apple, QuickTime 7, Intellectual Property and the GPL, and oh my! Everything, including the cow!

Dean Shavit is an ACSA (Apple Certified System Administrator) who loves to use a Mac, but hates paying for software. Since he's not into breaking the law, his most common response to any cool solution is: "Does that cost money?" If it does, you can bet he's on the hunt for an Open-Source or freeware alternative. Besides surfing for hours, following the scent of great source code, he's a partner at MOST Training & Consulting in Chicago, where he trains system administrators in OS X and OS X Server, conducts large-scale Mac Deployment and Upgrade projects, and writes for his own website, If you have questions or comments you can contact him:


Community Search:
MacTech Search:

Software Updates via MacUpdate

Unite 3 3.1 - Turn websites into full-fe...
Unite 3 lets you turn websites into apps on your Mac and change the way you use your computer forever Creating your app It all starts with the new Unite creation tool. Simply enter a name for your... Read more
App Tamer 2.5.2 - Efficiently manage you...
App Tamer tames your processor-monopolizing apps and keeps them from chewing up excessive CPU time and battery life. Powered by a unique AutoStop feature, App Tamer stops each application when you... Read more
Sid Meier's Civilization IV 1.74 -...
Note: Sid Meier's Civilization IV is no longer under development and the developer provides no support for it. With Civilization IV, history as you know it, is history. Rule throughout time and... Read more
Day One 4.15.3 - Maintain a daily journa...
Day One is an easy, great-looking way to use a journal / diary / text-logging application. Day One is well designed and extremely focused to encourage you to write more through quick Menu Bar entry,... Read more
Backblaze - Online backup serv...
Backblaze is an online backup service designed from the ground-up for the Mac. With unlimited storage available for $6 per month, as well as a free 15-day trial, peace of mind is within reach with... Read more
Visual Studio Code 1.47.0 - Cross-platfo...
Visual Studio Code provides developers with a new choice of developer tool that combines the simplicity and streamlined experience of a code editor with the best of what developers need for their... Read more
Apple Pages 10.1 - Apple's word pro...
Apple Pages is a powerful word processor that gives you everything you need to create documents that look beautiful. And read beautifully. It lets you work seamlessly between Mac and iOS devices, and... Read more
Shimo 5.0.2 - VPN client for everyone.
Shimo is the most versatile VPN client for OS X and it enables really everybody to master secure network. It supports more protocols than any other VPN application out there! CiscoVPN, AnyConnect,... Read more
Yasu 6.0.1 - System maintenance app.
Note: Yasu is not being sold anymore and is listed only for people who had purchased it in the past. Yasu was created with system administrators who service large groups of workstations in mind, Yasu... Read more
Keynote 10.1 - Apple's presentation...
Easily create gorgeous presentations with the all-new Keynote, featuring powerful yet easy-to-use tools and dazzling effects that will make you a very hard act to follow. The Theme Chooser lets you... Read more

Latest Forum Discussions

See All

Puzzle & Dragons welcomes the cast o...
Puzzle & Dragons has a history of wild crossovers, and its latest is no exception. The gates of hell are now open, and the cast of Devil May Cry have made their grand entrance into the world Puzzle & Dragons. The collaboration is set to... | Read more »
Meteorfall: Krumit's Tale is launch...
Meteorfall: Krumit's Tale is getting an iOS & Android beta test this Thursday, and you can sign up now to get involved. [Read more] | Read more »
Marvel Duel, NetEase's promising ca...
Marvel Duel, NetEase's collectable card battler, has now opened for pre-registration in Thailand, Indonesia, Malaysia, and the Philippines. [Read more] | Read more »
PUBG Mobile teams up with Yamaha for a l...
PUBG Mobile has had various collaborations with various companies since it first burst onto the scene. The latest sees the popular battle royale title teaming up with vehicle and marine products company Yamaha, meaning players can take one of... | Read more »
Marvel Super War launches its third seas...
Marvel Super War, NetEase's popular MOBA, has kicked off its third season today, introducing its Zone Invasion beta and an all-new playable superhero. [Read more] | Read more »
Brave Dungeon, Unlock Games' idle-R...
Brave Dungeon, Unlock Games' idle-RPG and auto chess title, has been downloaded over 1 million times since it launched last week. To commemorate reaching this milestone the developers have decided to host a series of in-game events. [Read more] | Read more »
Clash Royale: The Road to Legendary Aren...
Supercell recently celebrated its 10th anniversary and their best title, Clash Royale, is as good as it's ever been. Even for lapsed players, returning to the game is as easy as can be. If you want to join us in picking the game back up, we've put... | Read more »
Steam Link Spotlight - Disco Elysium
Steam Link Spotlight is a feature where we look at PC games that play exceptionally well using the Steam Link app. Our last entry was Signs of the Sojourner Read about how it plays using Steam Link over here. | Read more »
Distract Yourself With These Great Mobil...
There’s a lot going on right now, and I don’t really feel like trying to write some kind of pithy intro for it. All I’ll say is lots of people have been coming together and helping each other in small ways, and I’m choosing to focus on that as I... | Read more »
Pokemon Go's July Community Day wil...
Pokemon Go developers have announced the details concerning the upcoming Gastly Community Day. This particular event was selected by the players of the game after the Gas Pokemon came in second place after a poll that decided which Pokemon would... | Read more »

Price Scanner via

Apple has 2020 13″ 4-Core MacBook Airs availa...
Apple has a full line of Certified Refurbished 2020 13″ 4-Core MacBook Airs available for $200 off the cost of new models. Each MacBook features a new outer case, comes with a standard Apple one-year... Read more
Apple restocks clearance 2019 13″ MacBook Pro...
Apple has restocked Certified Refurbished 2019 13″ 1.4GHz 4-Core Touch Bar MacBook Pros starting at $979 and up to $440 off original MSRP. Apple’s one-year warranty is included, shipping is free, and... Read more
US Cellular offers $300 off any new Cellular...
US Cellular is offering a $300 discount on any new Cellular Apple iPad, iPad Air, iPad Pro, or iPad mini with a new line of service. According to US Cellular, “Promotional pricing requires purchase... Read more
Sale! 16″ MacBook Pros for $400 off Apple’s M...
Amazon has 16″ MacBook Pros on sale for $400 off Apple’s MSRP today with prices starting at $1999. Shipping is free: – 2019 16″ 2.6GHz 6-Core MacBook Pro Space Gray: $1999.99 $400 off MSRP – 2019 16... Read more
Lowest price ever: Apple AirPods Pro for $214...
Amazon-owned Woot has new Apple AirPods Pro on sale for today only (Monday, July 13th) for $214.99 including free shipping for Prime members. Their price is $35 off Apple’s MSRP, and it’s the lowest... Read more
Woot is selling refurbished Apple iPhones tod...
Amazon-owned Woot is selling refurbished unlocked Apple iPhones today for as low as $99. Shipping is free for prime members. The following models are available, and note that many will sell out... Read more
Take $50 off the 64GB Apple iPhone SE at Simp...
Use coupon code SUMMER2020 at Simple Mobile through July 31, 2020, and take 20% off the 64GB Apple iPhone SE + service plan. This is in addition to their standard $50 discount on the iPhone SE.... Read more
Weekend Sale: Woot offers clearance MacBook,...
Amazon-owned Woot is blowing out a wide range of MacBooks, MacBook Airs, and MacBook Pros starting at only $389. All models are open-box returns, and according to Woot, “these MacBooks are in New-... Read more
Apple’s 2020 Mac minis on sale for up to $100...
B&H Photo has Apple’s 2020 Mac minis on sale today for $40-$100 off MSRP, each including free expedited delivery for many US addresses. These are the same Mac minis sold by Apple in their retail... Read more
Apple restocks refurbished 10.5″ iPad Airs fo...
Apple has restocked 10.5″ WiFI iPad Airs models for up to $100 off MSRP, Certified Refurbished. Each iPad comes with Apple’s standard one-year warranty and includes a new outer case. Shipping is free... Read more

Jobs Board

Blue *Apple* Cafe Student Worker - Fall - P...
…to enhance your work experience. Student positions are available at the Blue Apple Cafe. Employee meal discount during working hours is provided. Duties include food Read more
Geek Squad Advanced Repair *Apple* Professi...
**769390BR** **Job Title:** Geek Squad Advanced Repair Apple Professional **Job Category:** Store Associates **Store Number or Department:** 000580-Reading-Store Read more
Executive Team Leader GM Sales (Assistant Man...
…(Assistant Manager General Merchandise and Operations) - Apple Valley, CaliforniaApply NowJob ID:R0000082364job family:Store Managementschedule:Full Read more
Executive Team Leader Assets Protection (Assi...
…Assets Protection (Assistant Manager Loss Prevention) - Apple Valley, CaliforniaApply NowJob ID:R0000082365job family:Store Managementschedule:Full Read more
*Apple* Computing Sales Professional - Best...
**768543BR** **Job Title:** Apple Computing Sales Professional **Job Category:** Store Associates **Store Number or Department:** 002509-Riverdale-Store **Job Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.