Building my own NAS/Media center – Part 6 – NAS Software, WakeOnLAN

At the moment, I have a stable system and I can start installing the stuff I need. So let’s start.

NFS, SMB, SSHFS, AFP?

The main role of the NAS is to be a NAS, obviously, and this means being accessible from my laptop for storage. With this, comes the choice of which service/protocol to use among NFS (mostly used in the Unix world), SMB (windows), and AFP (Apple), and other less common alternatives, such as SSHFS and iSCSI. The choice is not necessarily exclusive: the same files or directories can be exported through all or some of these channels simultaneously, but staying simple, which one should I use?

I am a Mac user, and I am looking for a solution that is satisfying for both Linux (as a server) and Mac (as a client). I also have a Windows laptop, so it might put an additional requirement. Mac technically supports both NFS and SMB protocols, although its native protocol is AFP. When it comes to performance, NFS is the winner. SMB is slower, and can’t take advantage of multithreading, but in all fairness I don’t really care too much. Another option is SSHFS, which is basically a sftp made filesystem. All the traffic is encrypted and it’s relatively straightfoward to setup. Finally, there’s also iSCSI, something I may try out later, but unfortunately iSCSI is not supported by Mac, unless you use this iSCSI initiator software. A bit pricey, but I might be tempted to try and see how it goes just for fun.

Trying out SMB

I am the only user of the system, and I started with what I thought was the fastest to setup: SMB.  I followed this excellent guide, and configured a directory “Media” where I will keep all my media files. It took only a few minutes. On the OSX side however, it turned out to be a bit more tricky. I thought the computer would appear in the “Network” entries automatically, but I was wrong. Instead, I had to connect manually using “Go -> Connect to server” and specifying smb://ip-address/” in the dialog. Easy enough, but I honestly don’t understand why the computer does not appear in my Network. My other laptop (with ubuntu 12.04 as well) is found by my Mac immediately, and I didn’t do anything special except basic install.

After playing for a while with the shares, I realized the interaction was weird. Occasionally, the machine would actually appear in the “Shares” section of the Finder, then disappear, then appear again, with no apparent relation to my actions on the server or on the Mac. Occasionally, I was also unable to connect at all. I browsed around, and asked around, but apparently the only way to make the system detectable by the mac auto discovery was to change the avahi configuration to add the following smb.service

<?xml version=”1.0” standalone=’no’?><!—*-nxml-*—>
<!DOCTYPE service-group SYSTEM “avahi-service.dtd”>
<service-group>
    <name replace-wildcards=”yes”>%h</name>
    <service>
        <type>_smb._tcp</type>
        <port>139</port>
    </service>
<service>
<type>_device-info._tcp</type>
<port>0</port>
<txt-record>model=RackMac</txt-record>
</service>
</service-group>

Still, this didn’t fix the occasional hiccups of the service, that kept returning an “unable to connect to the share” error messaged occasionally, and a general strange behavior of what and how things are exported to a guest. Although I am sure there is a solution to my problems, I gave up on SMB, and moved on to SSHFS.

Trying SSHFS

On paper, SSHFS is trivial: a sftp session is established to the remote host, and the content is made available as a filesystem via FUSE. This makes the access to the remote NAS extremely transparent, secure (the traffic is encrypted), and easy to setup. The problem, however, is that if the connection is suspended (for example, if I put my laptop in sleep mode) it won’t restart when I turn it on again. Minor problem, but still…

Going with AFP

After so much experimenting, I decided to try out AFP support, and worry about other computers later on. There this an excellent tutorial, albeit old, if you want to use AFP on a Linux box, another, much shorter one, and a blog post. I went with the first one, to learn something new.

To enable AFP and serve files, I followed the tutorial step by step: installed netatalk (version 2.2.1 gets installed, so it should use encryption), configured the netatalk file /etc/default/netatalk with

ATALKD_RUN=no
PAPD_RUN=no
CNID_METAD_RUN=yes
AFPD_RUN=yes
TIMELORD_RUN=no
A2BOOT_RUN=no

Then added the home and share volume to /etc/netatalk/AppleVolumes.default

:DEFAULT: options:upriv,usedots
~/ "$u home" cnidscheme:cdb
/home/Share/Media allow:sbo cnidscheme:cdb options:usedots,upriv

And finally putting the following line in /etc/netatalk/afpd.conf (and it should be the only line in the file)

- -tcp -noddp -uamlist uams_randnum.so,uams_dhx2.so -nosavepassword -advertise_ssh

It is important that you use uams_dhx2.so, NOT uams_dhx.so, otherwise you will not be able to login. Also, I created an empty /etc/netatalk/afppasswd file, just to be sure. Apparently, Ubuntu does not ship the command afppasswd to administer this file. The authentication info should come from /etc/passwd anyway.

I restarted the daemon (service afp restart), then it’s time to configure avahi to advertise the service. As in the case of SMB, it’s a matter of creating a proper XML file. I created /etc/avahi/services/afp.service

<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">%h</name>
<service>
<type>_afpovertcp._tcp</type>
<port>548</port>
</service>
<service>
<type>_device-info._tcp</type>
<port>0</port>
<txt-record>model=Xserve</txt-record>
</service>
</service-group>

And restart avahi with service avahi-daemon restart. The service immediately appeared in my finder, but I could not access my Media directory, with the following error message “Something wrong with the volume’s CNID DB”. These problems were solved by following the last part of this blog post: I removed all the .AppleDB and .AppleDouble directories in my exported dirs, then changed the cnidscheme to dbd.

AFP now works like a charm, except for a couple of things: first, it comes with a range of caveats, the most striking one is the problem handling symbolic links. I don’t know how hard this can hit me, but I don’t think it’s a problem at the moment. Second, there might be problems in using the Share for anything mac-related such as the iPhoto library and similar stuff. The reason is that these tools rely on metainformation that is supported by the native HFS+ file system, but not by the underlying EXT4 filesystem my Ubuntu box is based on. I don’t know if HFS+ support on linux would solve this problem, but for now, I just transfer my iPhoto library there as-is, and see what happens. Worst case scenario, I can create a HFS+ volume as suggested in the post, and mount it remotely from the Mac.

UPnP/DLNA

A quick note on UPnP/DLNA server. My TV technically supports this protocol, so I tried to install a DLNA server, mediatomb. There’s a good guide on this blog. After installing it and trying it out, I decided to remove it for various reasons. The first is that mediatomb is not really intuitive, not particularly fancy in its setup. The configuration file is overly complex, and setting up the file database is counterintuitive and requires web access. Additionally, the daemon scans the directories, but not having any understanding of the actual content, you find a lot of spurious information, such as the thumbnails of iPhoto. Also, UPnP is very slow: accessing my photo directory took 5 minutes and, although I hope it’s cached, I don’t find the whole thing deserving of attention when I can use XBMC.

Wake-On-Lan

It would be very convenient to be able to turn on the system from my laptops, in case am in bed, I am lazy and I need to access some files. To this purpose, there’s Wake-On-Lan, a mechanism that allows to turn on the system remotely by sending a “magic ethernet packet” to its ethernet adapter. To enable this behavior, support in both the BIOS and the ethernet adapter must be present. When the system is off, the network adapter keeps listening for the magic ethernet packet, and when it receives it, it asks the BIOS to power up the system.

Technically, WiFi Wake-On-LAN does exist, but it’s not supported by my motherboard. This is unfortunate, as I did everything through WiFi until now. I bite the (minor) bullet and connect the system via ethernet cable.

I found a couple of good tutorials on how to setup WoL (here, and here), and I will detail the main points. First, I entered the BIOS, and in Advanced -> ACPI settings I set Wake On Lan to Enabled. While I was there, I also set “Restore from AC Power Loss” to “Power Off”. I don’t want my computer to start up arbitrarily if there’s a power outage, and this solves the minor inconvenience of having it power up when I turn on the PSU.

For the network adapter side, I need to start up Linux and do some tinkering. This post describes how to do it. I installed ethtool and peeked the current setup with ethtool eth0

Supports Wake-on: pumbg
Wake-on: g

So it appears that Wake-on-Lan is already enabled, and it will be triggered by the magic ethernet packet (option “g”).

To test it from my Mac, I downloaded WoM. This tiny but amazing program allows you to send the WoL packet with just a click. I took note of the IP address and ethernet address of my NAS, configured WoM appropriately, and turned off the NAS. With a click on “Wake”, I was able to start it successfully, and I am now a happy nerd.

Posted in Hardware, Linux, MacOSX. Tags: , , , . Comments Off »

Git hangs at clone? It could be a Type of Service issue.

Today I was trying to download some code via git, and I got into a strange problem. When I ran git clone, it simply reported cloning into ‘repo’ and was stuck there, until timeout. Same thing for pull. I could not understand what was happening, and it took me a while to figure it out but here is the solution, at least to my problem. Add this to your .ssh/config

Host *
  IPQoS 0x00

What was the problem? Here are the symptoms:

  • git worked on my NAS (Linux, connected to the router via cable), but not from my laptop (OSX, connected via WiFi)
  • ssh worked from the laptop. I could ssh to the NAS and to other external ssh machines.
  • However, I observed that the interactive ssh behaved strange when I ssh’d to an external machine. For example, if I asked for an ls, it kind of got stuck, and I had to press enter every time to get further data. It was like acting with a constant “more”.
  • using GIT_TRACE, I found out that ssh negotiation was completely successful and it got stuck at invoking git-upload-pack via ssh.

Google didn’t help. I changed versions of ssh and git, checked my router for strange setups, but nothing could solve. Until I smelled something about the way packets were exchanged. Don’t ask me how I did it. I don’t know. I just had the feeling that strange “enter to get more stuff” behavior had something to do with it. The fact that the laptop had the problem, while the NAS didn’t, made me think it was either a OS issue or a NAT configuration issue.

So I started checking something about NAT, adding NAT to the google query, and here I found a post of a Dane who had similar troubles, apparently caused by the router messing up due to Quality of Service. This sounded just about right. Quality of Service influences how packets are considered for priority routing. I did more searching until I found this other post, where I found the solution given above.

It was a fun hour.

Posted in Linux, MacOSX. Tags: , . Comments Off »

iSight stops working? Check google talk plugin.

Occasionally, my iSight stopped working, even in the middle of a Skype video session, with the camera in full control of Skype. Any effort to re-enable the camera failed with a “Camera in use by another application” message. I could not wrap my head around the issue, until I investigated a bit and I think I managed to understand what’s going on.

Occasionally, during video chat, Skype detaches from the camera in order to switch resolution, probably to scale it accordingly to current bandwidth conditions. During this split second, it may happen that the google talk browser plugin takes over the camera, and never relinquishes it. The camera is now stuck with google talk, Skype can’t grab it anymore, and so for all other camera applications. The only solution appears to be a reboot.

I was able to fix the problem by issuing

ps uaxw |grep Firefox

which may produce the following output

sbo     21173   0.0  0.1   414040   2492   ??  S     5May11   0:07.47 
        /Applications/Firefox.app/Contents/MacOS/plugin-container.app/
        Contents/MacOS/plugin-container /Library/Internet Plug-Ins/
        googletalkbrowserplugin.plugin -omnijar /Applications/Firefox.app/
        Contents/MacOS/omni.jar 21168 gecko-crash-server-pipe.21168 
        org.mozilla.machname.855559451 plugin

The solution is to kill this process with the appropriate pid (in this case, 21173).

kill 21173

this frees the camera without a reboot.

Posted in MacOSX. Comments Off »

Problems with MacOSX and Java “Plugin disabled”? Here is the solution

Apparently today February the 1st something happened in OSX so that Java plugins stopped working. I found the solution on the OSX forums at Apple, courtesy of user Shirkan79: you have to invoke the following command (on a single line)

sudo /usr/libexec/PlistBuddy -c "Delete :JavaWebComponentVersionMinimum" 
/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist

and type your password. Reopen your browser and Java plugins will work again.

Posted in MacOSX. Tags: , . Comments Off »

Mountain Lion: freedom is no longer cool.

This is a rant.

Here is a 10 years long Apple customer, generally satisfied with the quality of the product, but my stance started to change recently, and radically. Apple is pushing it too far. As I smelled long ago with the introduction of the App marketplace, their plan apparently is to make OSX like iOS: Apple uniquely decides what can or can’t run on your computer, it can remove software remotely from your device, force you to pay to develop and release your software, wants to inspect your code to approve it, and wants a share of your profits. If you didn’t expect it, then take a look at Mountain Lion “Gatekeeper” option, which, rest assured, will magically disappear as soon as convenient. Possible scenarios include:

  • Your software is “politically incorrect”? Won’t work on macs.
  • Your software competes with Apple’s applications ? Won’t work on macs.
  • Your software is stomping on someone else’s feet? Won’t work on macs.
  • Want to write some code ? Pay the Apple tribute or it won’t work on macs.
  • Have a scripting language interpreter ? Won’t work on macs.

I left Windows because I considered it a trap, and I moved to Linux. I then left Linux for OSX because it gave me the freedom of a Unix environment with a nice and polished interface. I am not your slave Apple. Keep your controlling crap away from my computer, away from my life.

Posted in MacOSX, Opinion. 1 Comment »

SeisMac and Quake-Catcher Network – turn your mac into a seismograph

Occasionally, I get to find very interesting scientific apps for the Mac. In light of the recent events, SeisMac is definitely one of those. While not technically useful for the general public, it is a very important application for research.

All Mac laptops include the so-called Sudden Motion Sensor, a Micromechanical system (MEMS) accelerometer. This sensor is a very cheap integrated circuit which can be found in iPhones, iPod touch, the WiiMote, and many others gadgets. In the case of laptops, its main purpose is to park the hard drive head in case of a sudden drop, reducing the chance of damage to hard disk platters due to impact with the reading head. The sensor can however be queried and used for many other applications, from the facetious (like LiquidMac) to the more serious, like SeisMac. The idea is to use the Sudden Motion Sensor to detect earthquakes, effectively converting your laptop in a seismometer. It is interesting to see how sensitive the Sudden Motion Sensor can be. This is a tracking of my laptop with SeisMac

SeisMac image

The nervous, black oscillations you see on the left hand side are produced by a fan on my table, which I then removed. As you can see, these oscillations are uniform on the x, y and z axes. The single spike along the z axis you see in the center it’s me doing a touchpad click to take a screenshot, and the series of strong impulses on the right it’s again me, typing the filename. Don’t be deceived by the stronger than usual gravity. I never calibrated the reading, so the absolute values can be wrong.

SeisMac is great, and you can configure its sensitivity to disregard human-generated events and catch the big deal when the quake strikes, but it does not beat another similar program, with a very interesting distributed project behind it: the Quake Catcher Network. The idea is simple, but very powerful: laptops and desktops volunteering to be part of the network constantly collect seismic data through the Motion Sensor, and alert a central server of any movement. If the laptop is moved, hit, or a local, non-seismic event occurs (such as a truck passing by), the signal will be considered by the central server as spurious due to its locality. However, if multiple unrelated laptops feel the same event, the server will validate it as an actual quake. Knowing the position of each laptop it is possible to obtain the intensity of the quake at each location, the speed of propagation, and the kind of oscillation. All these data provide precious details not only on the quake itself, but also on the terrain and the buildings, a very important dataset to improve prevention and emergency response.

Additional Links

Posted in Earthquakes, MacOSX. Comments Off »

Upgraded my mac to SSD == pure bliss

I recently bought this 240 Gigabytes of awesomeness, conveniently packed into a 2.5″ SATA box. It’s an Other World Computing Mercury Extreme Solid State Hard Drive. It has no moving parts, it consumes less battery, and it’s fast. Damn fast. This thing is so fast it opens applications before you lift your finger from the touchpad after the click. It’s also bloody expensive.

I have a MacBook 13″ unibody, the first model, also known as MacBook5,1. The hard drive is conveniently seriviceable, right under the large battery lid.

To perform the migration, I needed:

  1. The SSD drive, of course
  2. A small Phillips screwdriver
  3. A small Torx screwdriver (I managed without one)
  4. A USB-to-SATA external drive case.
  5. Carbon Copy Cloner. The software is free but consider making a donation.

I had two or three options to perform the migration. I don’t have the original OSX install disk here with me (and I don’t want to go through a total reinstall in any case), but I did have the OSX from my iMac, which may be useful as a safety installation if I screw up. As I quickly learned, the iMac install DVD does not work on the MacBook, but it allows, at least, to perform some basic operation, such as disk partitioning.

My first attempt was based on the assumption that I had to physically copy the partition, low level. I thought this because I wanted to transfer the system while not active (you may have troubles), and I didn’t know how the boot worked, so I assumed I had to copy the partition boot record as well… something I did with Linux once. In addition, moving stuff via USB takes a long time, and trasferring 160 GB would have left me with no laptop for a while. So here was the idea:

  1. Disassemble the original disk, and put it in the external case (yes, Mac can boot from this disk once in USB, just press “C” at boot with the USB drive powered and no DVD disk)
  2. Put the OWC disk in the laptop. Partition in two: one with the original size of my old disk, the other with the remaining space
  3. Install a bare OSX on the remaining space, and start copying low-level from the external drive to the other partition. I thought to do this via “Disk Utility” restore.
  4. When the system is done copying, boot from the first partition, delete the second one (with the bare OSX) and find a way to enlarge the partition including the now-free space.

This turned out to be not possible, because the OSX DVD I have does not allow me to install. I could, however, still use this process, using Disk Utility from the DVD, which runs. I tried with no luck, as Disk Utility complains about not being able to allocate memory. In addition, I could no longer boot from USB after this event. The reason was not clear. To address this event, I restored the original disk into the laptop, and proceeded with a different strategy, which is the one I did.

The successful strategy

1. Preparing the new disk

I booted my system back with the old disk, and put the OWC SSD in the USB enclosure. It was clear I had to transfer the system while live, so I logged in with a new bare account with admin privileges, instead of my own. This allows not to have active files or mounted FileVaults, which could give trouble.

I plugged in the SSD in the enclosure, created and formatted a single, whole partition with Disk Utility, exactly in the same format as my system partition. Check in either Disk Utility or from the command line, with the command “diskutil info /dev/disk0s2″. It should be Journaled HFS+, because it’s the one that allows boot. DO NOT enable case-sensitive. You will have a lot of troubles, in particular with File Vault,  (yes, workarounds exist, but I haven’t tried them). I loathe case-preserving/case-insensitive FileSystems, but Mac works this way. Also check to use Partition Type “GUID_partition_scheme” when partitioning.

2. Copying the system

Once formatted, I started Carbon Copy Cloner, specified the source as my system disk, the target as the SSD disk, and ticked “backup everything”. The documentation in Carbon Copy Cloner is perfect. Check also the “typical usage cases” shown there, you will find the one you need. Make sure Carbon Copy Cloner tells you the cloned system partition will be bootable.

3. Swapping the disks

Carbon Copy Cloner will copy your whole system to the external disk, something that may take many hours. Let it go. When done, I turned off the computer, flipped it, and opened the battery lid. There’s a small Phillips screw keeping the hard drive in place via a simple plastic brace. I unscrewed this brace and took it away, then pivoted the hard drive to lift it and unplugged the SATA cable (gently).

Now, I disassembled the SSD drive from the external casing. On the sides of the old hard drive there are four small Torx screws that provide support. The plastic brace kept two of these screws pushed down, while the other two allowed for the pivoting on the side of the battery compartment. I had to remove these screws to put them in the SSD drive, but since I didn’t have a Torx screwdriver, I resorted to pliers both for removing them and putting them on. I then plugged in the SATA cable in the SSD, put the disk in the compartment, screwed the brace back and tried to run the laptop with the new setup. Note: conventional wisdom says “first test, then close”, but in this case the assembly/disassembly was so trivial I preferred to put everything back in. Also, the battery does not stay in its place without the lid, so you have to close it anyway, or put the battery aside for a while.

4. Booting the new disk

The boot was smooth and uneventful. Not really as fast as I expected, but notably faster. The real difference is in launching applications and logging in. It used to take 10-15 seconds to get to work. Now I have the desktop open in just 2 seconds.

5. Conclusion

I now have the old hard drive and an external USB-SATA case. I could format it and use it as an external disk, or keep it as a safety backup system. I decided for the latter.

Posted in Hardware, MacOSX, Software. 1 Comment »

Snow Leopard first impressions

I just installed Snow Leopard, MacOSX 10.6, on my laptop.

It is indeed much faster. Considerably faster. I don’t have actual measures, but you can appreciate it. The interface is much snappier in response. There are many tiny improvements around, minor things, nothing revolutionary, although I really appreciate the new Expose’: now you can recall specific windows from the dock while in Expose’ mode.

Problems?

  • Some strange change of font in some application
  • Unusual behavior from the Logitech control center (for my mouse), which pretends to quit and restart the System Preferences dialog every time I access it. This is due to the fact that the new System Preferences is by default in 64 bit mode. The Logitech control center is in 32bit mode, so System Preferences must relaunch itself in 32 bit mode to access it. Click on the ? in the appearing dialog to get a hint on how to solve this issue.
  • Apparently, the Logitech control center does not play nicely with Snow Leopard, but you can tweak it a bit to your needs. Expose’ access via mouse operations does not work anymore.
  • Another unusual event was the removal of development utilities. After the upgrade, make was gone, so I had to install XCode and the development utilities.
  • Inkscape does not work anymore.
  • NeoOffice 3.0 does not run, unless you install patch-7.
  • Cyberduck does not work anymore. Does not even pop up. Updating did not solve. I don’t know if it’s a problem of Snow Leopard or some setup issue on my side.

Considering the very affordable price, and the increase in performance, it’s definitely worth the upgrade. The troubles I am facing are, however, not trivial to workaround.

Posted in MacOSX. Comments Off »

Hard disk going ballistic on OSX ?

Sometimes it happens to me that my hard drive starts being accessed in a very aggressive and noisy way. I found a couple of commands to see who is responsible:

sudo fs_usage -f filesys

and also

sudo iotop

In the last one, you could get error messages like

dtrace: error on enabled probe ID ....

but if you check the whole output, you will see the bytes moved by some processes.

In general, I saw that these frequent disk access are due to the mds process, who is the responsible for updating the Spotlight indexes. The process will last some minute.

Posted in MacOSX. Comments Off »

MacOSX Leopard extended ls

Apparently, something changed in the ls command with the release of Leopard. I don’t remember seeing this kind of report on Tiger, although it looks like the features already existed since long time. Now, take this information with a grain of salt, as I am not a MacOSX expert, just a (very busy) occasional tinkerer on this OS.

drwxr-xr-x   5 stefano  stefano     170  9 Ott 10:11 Programs
drwxr-xr-x+  4 stefano  stefano     136  1 Ago 01:48 Public
-rw-r--r--@  1 stefano  stefano  221814 20 Ott 20:12 executable network.eps

This is an extract of an ls run in my home directory. As you can see, the long -l option produces an output containing two additional characters in the file mode field: an “at symbol” and a “plus symbol” permission.

According to the manual page, the plus symbol means that the file has extended security information, meaning ACLs. It is possible to print out this information with the option -e to the ls command.

stefano:~ stefano$ ls -led Public/
drwxr-xr-x+ 4 stefano  stefano  136  1 Ago 01:48 Public/
 0: group:everyone deny delete

Of course, you can also change the ACL information using chmod

stefano:~ stefano$ chmod +ai "guest allow write" Public/
stefano:~ stefano$ ls -le Public/
total 0
drwxr-xr-x+ 4 stefano  stefano  136  1 Ago 01:48 Public/
 0: group:everyone deny delete
 1: user:Guest inherited allow add_file

And you can remove the ACLs

stefano:~ stefano$ chmod -a# 1 Public
stefano:~ stefano$ chmod -a# 0 Public
stefano:~ stefano$ ls -led Public/
drwxr-xr-x  4 stefano  stefano  136  1 Ago 01:48 Public/

As you can see, the plus symbol disappears. Ideally, you can do these changes also from the Finder, Information window. However trying to do this lead to a crash of the Finder on my machine. Don’t know if this behavior is due to my setup or an actual bug.

Then, what about the at symbol? This feature is undocumented, but if you add the -@ option to ls -l you will obtain the meaning:

stefano:~ stefano$ ls -l@ executable\ network.eps
-rw-r--r--@ 1 stefano  stefano  221814 20 Ott 20:12 executable network.eps
    com.apple.FinderInfo    32
    com.apple.ResourceFork 547102

So, apparently there are extended attributes, and this is the meaning of the at symbol.
the first entry is the name of the extended attribute, the second entry is the size of the contents
of the attribute.

You can peek into the contents of the attributes with the command xattr:

stefano:~ stefano$ xattr -p com.apple.ResourceFork executable\ network.eps >unknown_content
stefano:~ stefano$ file unknown_content
unknown_content: MS Windows icon resource

Apparently, the resource fork contains a icon file. ResKnife also confirms it. If I understood correctly, the old file/..namedfork/rsrc resource fork is mapped to com.apple.ResourceFork attribute, but you are welcome to correct me in the comments. I think I should read this book for a better understanding.

Here some relevant links:

Posted in MacOSX. 2 Comments »