OS X Lion: Apple’s Continuing UNIX Dilemma

| Hidden Dimensions

“But I think Steve’s main contribution besides just the pure leadership is his passion for excellence. He’s a perfectionist. Good enough isn’t good enough. And also his creative spirit. You know he really, really wants to do something great.” — Andy Hertzfeld

OS X Lion looks to become a great operating system, an OS based on UNIX. While Apple has used its UNIX expertise to great advantage, UNIX gurus often scratch their heads about Apple’s philosophy. Now, we’re at a crossroads. Where Apple goes from here, how it handles the UNIX underpinnings, its attention to UNIX technical detail and how Apple’s warm embrace by consumers impacts its UNIX community becomes an even more interesting question.

First, let’s get past the newness of Lion. We all have gripes and new features to become accustomed to. Some will happily leap forward, some will look Lion in the mouth and pull back to old ways, and some will never know anything else as they grow up. And there are the usual, expected bugs. There’s no denying, however, that Lion sets the stage for the future evolution of a modern OS.

Let’s also get past the idea that Apple is going to fundamentally mangle or meddle with the stellar FreeBSD foundations of OS X, called Darwin. It’s been tuned, security tweaked, and refined for a decade now, so it would be foolish to suggest that Apple is, somehow, giving up on the foundation of OS X. Indeed, Darwin will continue to evolve and improve.

Instead, I suggest the questions are far more nuanced. It’s the little things that get blown out of proportion and make users fret, but it’s also the little things that constantly percolate in the technical community.


If Apple ever got to the point where UNIX professionals, serious influencers, were to publicly give up on OS X, then all of Apple’s prior work to establish the prestige of OS X would go down the drain. In an era of social networking, that influence can snowball out of control.

One might, these days, insist that Lion is a consumer OS, rushing headlong towards iOSification, and that Apple no longer needs the endorsement of influential technical customers. My premise here is that Apple is not yet ready to abandon this group so long as Apple continues to sell the Macintosh — a product whose sales continue to grow.

It’s the Little Things…

Little things accumulate and pile up in the minds of influencers. Here are some of the things that I have cataloged recently that are worrisome.

  1. Amongst much angst in the technical community, Apple rationalized its termination of the Xserve and coldly suggested we use Mac Pro towers and Mac minis. That’s the final blow to those who’ve been building small Apple clusters.
  2. According to Drew McCormack, Apple withdrew support for MacResearch.org, awhile back, and now it is languishing. That’s not the full story. Key contributors have moved on to other things. But it’s still a loss that looks bad. Appearance is everything.
  3. Lion continues to have VPN problems. This is confirmed by both TMO and contributors to Apple’s Fed-talk mailing list.
  4. Recently, Apple announced that, in order to move forward with Lion’s security infrastructure, formal support for Smart cards in Lion is being deprecated. It took us a while to figure out what Apple was doing, and it’s all okay, but until that happened, there was a big misunderstanding thanks to the way the company releases this kind of information.
  5. Apple’s science page is languishing. Links to cluster computing and the defunct Apple Workgroup Cluster go to dimly related OS X Server technologies that Apple seems to hope will substitute — but they do not. Or maybe it’s hoped that no one will notice. Or maybe no one is maintaining that page anymore.
  6. OS X Lion Server is being roundly ridiculed in the technical community. David Emery at DSCI USA thinks that Apple is repositioning Lion server for the home user rather than as a truly professional tool in the enterprise. In addition, Lion Server has been ripped at the Black Hat conference for admin tools that are riddled with security holes.
  7. Michael Pike with the U.S. Department of Health and Human Services noted on Fed-talk that he had problems with multi-homing in Apache in Lion Server — until he discovered a fix that Apple seems to have blindly left out. He also reported problems with APN and multiple SSL sites. He noted that Secure Certificates seem not to be working. His conclusion is that “…if Apple wants out of Server markets, why even release one?”
  8. I know from personal experience that Apple’s implementation of NFS, throughout the years, has caused a lot of customer heartburn. I was recently told about a scientist who bought an Xserve and some other expensive Apple equipment a few years ago. When the team couldn’t get OS X’s NFS working right on their network, while Linux worked fine, they asked for their money back. Apple refused. Perhaps NFSv4 will fix all that once and for all.

The Explanation

If it’s any comfort, this is nothing new. As far back as 2003, Apple OS engineers were known to focus heavily on issues that affected their millions of consumer customers — driven by the priorities set by their managers. The Federal sales team had to pull teeth to get enterprise support, culminating in a must-have Top Ten list — that never seemed to get anywhere. We eventually wrote our own interface to Microsoft’s Active Directory.

As a result, when the Apple field sales people complain about unfinished business in a new OS X release, the attitude is that the problem is obscure, the ROI is small, it only affects a few hundred scientists, and is way down the list in the Radar (bug tracking) system.

Ten years after the introduction of Mac OS X, that excuse rings hollow. These kinds of problems indicate a certain enforced austerity that hamstrings Apple engineers who really want to make sure OS X is considered a super-serious and rock solid UNIX OS by all of its customers. It could be perceived that Apple isn’t doing what every other UNIX vendor takes for granted. Apple is vulnerable to the argument that it has US$76B in the bank, but it can’t hire a few more engineers to nail the QA and security of OS X Lion Server.

This lack of supreme attention to UNIX detail for the professional is a problem Apple has had for a decade. Evidence of that has come to light when, occasionally in the past, an enterprise level service, like pieces of Common Criteria or PKI, that had been working become broken in a new OS release — instead of being further improved and refined. Of course, there are explainable reasons, but these lapses plus the other gotchas listed above suggest that current efforts need reinforcements.

Cowardly Lion

Preserving the Allure

On the bright side, Apple continues to put time and energy into Darwin’s components and make significant improvements in security like improved ASLR and Safari sandboxing. In July, Apple updated its “OS X for UNIX Users Technical Brief for Lion.” While it’s one part public relations, it’s also one part public commitment to important key components of its UNIX development. So there’s that. It’s Apple’s public template for what’s important.

That said, documents like the above won’t necessarily prevent Apple from losing the benefit of the precious mystique and allure of UNIX if it’s perceived as puffery and not an internal mandate for excellence. If Apple OS engineers were forced to make a technical decision, here and there, to support some new consumer feature that tinkers with or disables long standing UNIX essentials, the UNIX mystique and reputation that Apple has built would be at risk. It’s a delicate balance.

For example, the core functionality of OS X Lion as UNIX led to this remarkable project: “Would You Believe? A VT220 Connected to a Mac Pro.” That project was enabled because of a built-in UNIX legacy that’s worth preserving — even if the preservation requires a modest amount of brilliance.

The Path Forward

Apple’s challenge, in my opinion, is to preserve what’s great about Darwin, be as fussy about perfection at the low levels as Steve Jobs is at the GUI level, and yet prepare the path forward with new and imaginative ideas, like launchd, in support of both OS X and iOS.

Now that Bertrand Serlet has departed, the very capable Craig Federighi is in charge of OS X, and according to Will Shipley, he’s up to the task. He has his work cut out for him.

Popular TMO Stories


Gareth Harris

Although you and I tend to agree, in this case I think Apple is being seduced by their own shiny buttons and forgetting what lies underneath the hood of their vehicle. The engine that is pulling the Apple wagon is UNIX. If you don’t take care of your engine, your ride is over.

Apple makes consumer products. They are easy to use because of Apple’s use of UNIX, giving an interconnected platform of ipods, iphones, ipads, macbooks, imacs, and mac pros.

What gives UNIX its power is simplicity. If you forget that, as Scotty once said on Star Trek, “the fancier the plumbing, the easier it is to plug up.” And the ride is over.

Mike Howard

With both Lion and Final Cut X, Apple seems to be forgetting that they need the professional community. Need them for both credibility and for applications.

As an independent programmer, I simply don’t have time to waste repairing my system or finding new work-arounds after a buggy upgrade. People who use computers professionally for more than web access and word processing typically have different needs from the less technical consumers Apple seems to be exclusively targetting.

For example, the last OS upgrade I did cost me a week of lost time and required several re-installations - the last one started by reformatting the disk. As you can tell, I still have a strong distrust of Apple - who never (to my knowledge) has publicly admitted to the problems with the first several point releases of that OS.

Now that software is only distributed via the App store and we will have to buy additional hardware to access physical media - assuming we will be able to create it - the kind of problems I ran into could well be insurmountable.

Apropos is the fact that I am unable to download either Lion or Xcode 4 from the App store through my ISP. I’ve spent several days working with Apple to try to resolve the issue; the last thing I did was send them tcpdump output of the traffic between my machine and theirs.

So far I’ve heard no response. At this point I don’t think Apple takes this seriously. Their fix is for me to lug my machine to an apple store and download from there.

My opinion is that you’re incorrect and that Apple will continue to use an 80/20 rule which will provide a window of opportunity for Microsoft and any hardware manufacturer which seriously embraces Linux.


” And there are the usual, expected bugs. “

There are more bugs than I expected.


Depends on whether you believe Unix folk are mainly system admins or actually do development. In the latter case, you overlooked some of the techie good stuff, like the new Xcode. And how about Apple’s leadership on LLVM? Clang? Free C, C++, Objective-C, ruby, python, perl, and a whole host of interesting tools? Old things like Instruments (DTrace), newish things like Grand Central, and new things like widespread Apple use of sandboxing, and an API for doing it yourself (and as a user, requiring App Store apps to sandbox will be reassuring).

There is a LOT to like for long-time UNIX geeks like me.

On the downside, I’d expand your NFS comment to apply to all remote mounts: the latest MacOS will beachball you in a second when dealing with remote files and doesn’t even perform as robustly as Sun did 15 years ago.

Scott B in DC

Apple doesn’t want to support a server because they want to be the server. For individuals, iCloud is the server. For businesses and possibly the government, watch out for a iCloud server to support an enterprise clients as the server.

When it happens, remember you heard it here first! grin

K. M. Peterson

The issue from Lion that concerns me: decoupling the history stored by “Versions” - the Time Machine-like management of saving file states that Apple plans to supplant the Save/Save As functionality that we’ve all used “forever”. 

Document-centric apps that support Lion automatically save their state when the app is closed, because Lion offers the ability to easily see and recover from a history of modifications made to the document.  They have implemented this wonderfully, but: the history information is not associated with the file (document) in the filesystem.

This breaks the ability to copy a file and retain the ability to access history in the copied file.  Worse, though, it breaks backup systems.  Recover a document from backup, and all you have is the latest version.  There isn’t a way to access a file with its version data through normal Unix/shell commands.  And there is no way to turn this behavior off, so that none of these apps will signal the user that changing the content of a file makes the old content inaccessible to backup/archive systems (other than, presumably, Time Machine).

I do think that Versions is an advance for individual users.  But it is, as of now, a closed data store, and that there isn’t even a way to dump/package the version history with a file is a problem for any networked enterprise.

Dorje Sylas

Apple ditching the Server side of the business is about as stupid as licensing the OS was back in the 90s. Appliances are great but that kind of mentality doesn’t help Enterprise, Enterprise I mean Schools, and by Schools I mean K-12. By K-12 I mean the most formative years of a consumers life.

We have to be able to control the computer environment in-house or we get sued. Why? Because of all the laws that require us to protect childeren from all kinds of things. Apple can’t be the Cloud for us because if you dig into FURPA it’s actually a bit of an issue regarding child privacy. All cloud and Web 2.0 tools are an issue when viewing child privacy conservatively.

You can see the shit storm coming when trying to mass deploy iPads in a highly controlled way. It’s virtually impossible. Fine, we’ll all move to Android and end up having incentives for people to use Android based home systems because those are what work with School/Work systems and Apple can go back to the shit hole of losserdom they were in back in the 90s… because their “appliances” don’t function well for 90% of a person’s life (Work & School).

This cloud shit is totally reliant on ISPs continuing to play nice, which they’ve been indicating they aren’t. Once they start putting data caps in place you can kiss the fluffy white daydream goodbye.

I give Apple 5 years to correct this course, otherwise in 10 Apple’s dominance in the board room will slip, and the consumer market shortly after. In their own way they’re pulling a Nintendo, by focusing solely on “casual”. It’s great, it brings in money, and it’s where most of the focus should be… but if you neglect the “hard core” then loose the people who make the tools and show the “casuals” how to use your “appliance”. Look at Microsofts flip flop on the letting “hard core” tinker with the Kinect. They weren’t going to do it, but they finally did, and that’s going to save MS down the line. Even Apple seems to be filing patents to ape the Kinect. 

(This rage post brought to by a frustrated education worker. All typed on an iPad by a guy without a single non-Mac computer within reach. Even fanboys can see an iceberg on the horizon.)


Dorje said - “...because their ?appliances? don?t function well for 90% of a person?s life (Work & School). ”  (The ‘quote selected text’ function seems to have stopped working)

Fortunately I’m in the other 10%.  If I still worked (in any environment ) I’d make sure I had access to a PC. Nowadays my music, photos and movies are more important than sharing documents, presentations and spreadsheets with other people. And I don’t rely on email. (How come Mail just ignores some PowerPoint files emailed from PCs?)

If I have problems with my mac I just wait for Apple to issue updates. Nothing is “mission critical” - thank goodness.

This reminds me of the early days of PC penetration into the work place. The new section created in my company was known as “the toy department”.  Not because the machines were toys, but because the people had a casual approach to IT. As my boss once remarked - “thank God the Salaries & Payroll systems don’t run on PCs” I’m not saying Apple have a casual approach to designing, writing and testing software. But from my perspective - thousands of miles from Cupertino - it sure looks that way; otherwise I wouldn’t find glitches within 10 minutes of upgrading to Lion.

I’ve always lived in places where ISPs impose data caps - so I’ve never, ever downloaded a movie. The local DVD store is still the least expensive option, by far.


I have searched in vain for the OS X for UNIX Users Technology Brief for Mountain Lion.  If you know where it can be found, I’d appreciate an e-mail.

But if it’s absence is yet one more indication that Apple doesn’t really care anymore about the hardcore UNIX geeks and scientists, then I’ll be saddened but not surprised.

Apple - please, PLEASE don’t force me into abandoning you for Ubuntu…

John Martellaro

Kevin: When I click on the link in the article, it downloads as a PDF. Anyone else having problems?

John Martellaro

Kevin, Sorry I misunderstood.  Here is the Mountain Lion equivalent:


It is linked to from the bottom of this page:



Hi John,

Thanks for the link ... I have downloaded that document.  It’s not the same as the previous UNIX TB’s, but I would imagine it’s as close as we’re going to get for Mountain Lion.

I appreciate your taking the time to respond to my comments.  And thanks for a good article that prompted me to comment in the first place!


Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account