To Serve Man

dogfood

It’s nice that Apple has bundled all the tools necessary to turn a Macintosh into a server (mail, web, file sharing, DHCP, DNS, &c.) into a $20 app store purchase. I think the Server version of Mac OS X used to cost $500, and the new low price really puts the power of a server into the hands of the masses.

Unfortunately, Apple has also dumbed down the whole server interface. I can see what they were trying for; they want to turn the experience of editing config files into the experience of clicking on something that looks like an on/off switch. Problem is, there’s still a need for server administrators and there’s still a need to know how to edit config files. It would be like buying a button for your car’s dashboard that says FIX IT and telling you, hey, congratulations, you’re a mechanic now! But if you press that button and nothing happens, then, well, you’re in trouble.

So this morning I got myself into trouble. My Mac OS X Server has been complaining at me for days, informing me that the custom self-signed certificate for my server will be expiring on August 3! No problem, says I; the Server app has a button that says “Renew Certificate”. I pushed that, it told me it successfully renewed the certificate, and now all is good.

Except that this broke the email server. Every ten seconds it would try to start, then die.

Jul 6 09:45:24 www com.apple.launchd[1] (org.dovecot.dovecotd[2775]): Exited with code: 89
Jul 6 09:45:24 www com.apple.launchd[1] (org.dovecot.dovecotd): Throttling respawn: Will start in 10 seconds
Jul 6 09:45:34 www com.apple.launchd[1] (org.dovecot.dovecotd[2777]): Exited with code: 89
Jul 6 09:45:34 www com.apple.launchd[1] (org.dovecot.dovecotd): Throttling respawn: Will start in 10 seconds
Jul 6 09:45:44 www com.apple.launchd[1] (org.dovecot.dovecotd[2779]): Exited with code: 89
Jul 6 09:45:44 www com.apple.launchd[1] (org.dovecot.dovecotd): Throttling respawn: Will start in 10 seconds
Jul 6 09:45:54 www com.apple.launchd[1] (org.dovecot.dovecotd[2781]): Exited with code: 89
Jul 6 09:45:54 www com.apple.launchd[1] (org.dovecot.dovecotd): Throttling respawn: Will start in 10 seconds

And this is why I have “System Administrator” on my resume. Everything I ever learned about computers, I learned by breaking something and then panickedly digging through documentation to figure out how to un-break it. (In the same way, I wonder whether the road to becoming a good chef goes through many very messy kitchens.)

So I googled the error and compared my config files with my Time Machine automatic backups (Time Machine really is the eighth wonder of the world), and found the problem: in /Library/Server/Mail/Config/dovecot/conf.d/10-ssl.conf, every reference to certificates had become commented out. It’s as if some helpful process had said “hey, I see your old certificate is gone now! I’ll just remove these references to it.” And that killed the mail server.

I found the new certificate’s name in /etc/certificates/, updated the conf file, and now email works again.

Well, getting email works. Sending email gives me an error in the Mac’s mail client about the server not responding. I had a hunch this might be another SSL thing, so I went back into the Server app, under the Certificates section, and found a menu for “Secure services using:” that was set to “Custom…” I don’t know why it was Custom, I don’t care why it was Custom, I chose my new certificate from that menu, and now I can get and send email.

Except now my web site stopped working. A little research into that determined that my web site settings had been completely reset. No idea why that happened, but I’m sure some process somewhere thought it was helping me. I pointed my web settings back at the correct document root, enabled php and .htaccess, and now I’m all good again. I think.

Douglas Adams was a great fan of Apple and its products. He was one of the first people to use Mac OS X, shortly before he died. I think he would have been greatly amused to learn that the chore of administering a Mac is becoming more and more like a scene from his novels.

Leave a Reply

Scroll to Top