The sections that follow list the more commonly used Unix commands in alphabetical order. The page footer on righthand pages references the last command listed on that page.
ac |
ac [ options ] [ users ]
Displays accumulative Aqua and shell login times for users , or for all users if none is specified. By default, ac reads from /var/log/wtmp (see also last ).
Show totals for each day.
Show totals for each user .
Read accounting data from file instead of /var/log/wtmp .
appleping |
appleping host [ packet- size [ npackets ]]
Sends AppleTalk Echo Protocol (AEP) request packets to host and displays transmission statistics if successful. The AppleTalk host is specified in either of the following ways:
The host's name and type , as shown by the atlookup command. If zone isn't specified, the current zone is used.
The host's network and node number in hexadecimal, as shown by the atlookup command.
Send packets of packet-size bytes (a value between 14 and 599). The default value is 64.
Send npackets number of packets before stopping. If npackets is not specified, appleping continues until you've sent an interrupt (using Control-C, for example).
appletalk |
appletalk options
Displays or configures AppleTalk network interfaces . Any user may display settings, but only the superuser may change them. appletalk allows you to start and stop AppleTalk on a single port (network interface), or configure AppleTalk routing or multihoming on multiple ports.
Deactivate AppleTalk.
Show current AppleTalk interface, network number, node ID, and zone name.
Show AppleTalk information stored in parameter RAM (PRAM).
Show AppleTalk statistics.
Set the computer name as seen on the network. Unprintable characters can be specified with hex characters between asterisks .
Change the default AppleTalk zone to zone , or if zone isn't specified, display the current zone.
Use with -u to start AppleTalk in quiet mode; doesn't prompt for zone selection.
Start AppleTalk on the network interface port ( en0 , for example).
Verify the AppleTalk configuration file, /etc/appletalk.cfg , without starting AppleTalk. Use with -r or -x .
Same as -c , but also display the AppleTalk configuration.
Use file instead of the default /etc/appletalk.cfg to start AppleTalk. Use with -r or -x .
Display AppleTalk router status.
Limit routing speed to a maximum n packets per second.
Use with -r or -x to start AppleTalk in quiet mode; doesn't prompt for zone selection.
Start AppleTalk in routing mode.
Show the AppleTalk routing table.
Set the maximum number of entries in the AppleTalk routing table to n . Use with -r or -x . Useful with large AppleTalk networks.
Set the maximum number of entries in the Zone Information Protocol (ZIP) table to n . Use with -r or -x . Useful with large AppleTalk networks.
Start AppleTalk in multihoming mode.
List all AppleTalk zones.
Stop AppleTalk, using sudo to gain superuser privileges:
$ sudo appletalk -d
Start AppleTalk on the en1 interface:
$ sudo appletalk -u en1
Start an AppleTalk router in quiet mode:
$ sudo appletalk -q -r
appletviewer |
appletviewer [ options ] urls
Connects to the specified urls and runs any Java applets they specify in their own windows , outside the context of a web browser.
Run the applet viewer from within the Java debugger, jdb .
Specify the input HTML file encoding.
Pass opt on to the java command. opt shouldn't contain spaces; use multiple -J options if necessary.
apply |
apply [ options ] command arguments
Allows you to run a given command multiple times, each time with a different argument. By default, apply pairs and runs command followed by each argument listed in arguments . To place the argument elsewhere in command , mark that location in command with % n , where n is the n th unused item listed in arguments (see "Examples").
Use character instead of % .
Instead of pairing arguments one at a time with command , use them number at a time with command . If number is 0, none of the arguments will be used with command , but command will still run once for each item listed in arguments . If command contains % n , number is ignored.
Ping three different hosts , sending three packets to each:
$ apply 'ping -c3' host1.com host2.com host3.com
Ping three different hosts, sending a different number of packets to each:
$ apply -2 'ping -c' 3 host1.com 4 host2.com 5 host3.com
Ping three different hosts, and write output to file pinglog :
$ apply 'ping -c3 %1 >> pinglog' host1.com host2.com ,
host3.com
apropos |
apropos keywords
Looks up one or more keywords in the online manpages. Same as man -k . See also whatis .
asr |
asr -source sourcepath -target targetpath [ options ] asr -imagescan imagepath
Copies the contents of a disk image or source volume onto a target volume. asr (Apple Software Restore) can also scan and prepare disk images when given the -imagescan option, allowing the images to be restored more efficiently . asr usually needs to run as root.
sourcepath can be the pathname of either a disk image or a volume, while targetpath can specify only a volume. Volumes can be specified by either their /dev entries (e.g., /dev/disk0s10 ) or mountpoints (e.g., /Volumes/Disk 2 ).
For disk image creation, use either Disk Utility or the command-line utility hdiutil . Once a volume has been restored, it might be necessary to use the bless utility to make it bootable. (See hdiutil and bless ).
For a complete description of the imaging and restoration process, as well as tips on optimizing restores using the buffer settings, see the asr manpage .
During block-copies, use n number of buffers instead of the default eight.
When used with -imagescan , insert only information relevant to block-copies. This makes the scan much faster, but an image scanned with -blockonly can't be block- copied ; an error will occur.
During block-copies, use buffers of size n bytes instead of the default 1000. n can also be specified in bytes, kilobytes, megabytes, or gigabytes by appending it with b , k , m , or g , respectively.
Use n number of buffers specifically for checksumming. By default, checksumming is performed with the same buffers used for copying.
Use checksum buffers of size n bytes. n can also be specified in bytes, kilobytes, megabytes, or gigabytes by appending it with b , k , m , or g , respectively.
Print additional information during operation to assist in troubleshooting.
Don't enable the owners for the source and target. By default, asr ensures that all owners are enabled, allowing for more accurate file-by-file copying. If given, this option is ignored during block-copies.
|
Erase the target volume before copying to it. If this option is not used, asr will instead restore in place, overwriting only those files that have the same name and location in both sourcepath and targetpath and copying from sourcepath anything not already in targetpath . Using the -erase option allows asr to perform a block-copy restore, which can be faster than the file-by-file copying procedure used when restoring in place.
Use format as the format of the target volume. Must be one of HFS+ , UFS , or HFSX . Only valid with the -erase option.
Print a brief help message. This option can only be used by itself.
Scan disk image imagepath and generate checksums. Scanning optimizes images that asr will use as source images for restores. This option can only be used by itself.
Don't verify copied data. By default, asr uses checksums generated during the image scan for verification. This option will bypass that verification, allowing asr to restore from images that haven't first been scanned.
Don't prompt before erasing targetpath when the -erase option is used.
Force an HFS wrapper to not be created on the target volume if the -erase option is used.
Rebuild the Classic system's desktop database on targetpath .
Print version information. This option can only be used by itself.
Print verbose progress and error messages.
Create an HFS wrapper on the target volume if the -erase option is used.
Typically, asr requires root privileges, provided by the sudo command in these examples :
Clone one volume to another:
$ sudo asr -source "/Volumes/Mac HD" -target "/Volumes/Disk 2" -erase
Restore in place from a disk image:
$ sudo asr -source /Volumes/Images/image1.dmg -target "/Volumes/Disk 2"
at |
at [ options ] [ time ] [ date ] [ + increment ]
Executes commands entered on standard input at a specified time and optional date . (See also batch and crontab .) End input with EOF. time can be formed either as a numeric hour (with optional minutes and modifiers) or as a keyword. date can be formed either as a month and date, a day of the week, or a special keyword. increment is a positive integer followed by a keyword. See the following lists for details.
at is disabled by default in Mac OS X. You must first enable atrun by uncommenting its line in /etc/crontab .
Execute commands listed in file .
Send mail to user after job is completed (if an MTA such as sendmail is configured to run).
Schedule the job in queuename . Values for queuename are the lowercase letters a through l . Queue a is the default queue for at jobs. Queue b is the queue for batch jobs. Queues with higher letters run with increased niceness (receive less priority).
Hours can have one or two digits (a 24-hour clock is assumed by default); optional minutes can be given as one or two digits; the colon can be omitted if the format is h , hh , or hhmm ; e.g., valid times are 5, 5:30, 0530, and 19:45. If modifier am or pm is added, time is based on a 12-hour clock.
Use any one of these keywords in place of a numeric time. now must be followed by an increment . teatime is 4:00 P.M.
month is one of the 12 months, abbreviated to its first three letters; num is the calendar day of the month; year is the four-digit year. If the given month occurs before the current month, at schedules that month next year.
Indicate the current day or the next day. If date is omitted, at schedules today when the specified time occurs later than the current time; otherwise , at schedules tomorrow .
Supply a numeric increment if you want to specify an execution time or day relative to the current time. The number should precede any of the keywords minute , hour , day , or week (or their plural forms).
Note that the first two commands are equivalent:
$ at 1945 Dec 9 $ at 7:45pm Dec 9 $ at now + 5 hours $ at noon tomorrow
at_cho_prn |
at_cho_prn [ type [ @zone ]]
Specifies the default AppleTalk printer to use with atprint . With no arguments, at_cho_prn prompts you to choose from the list of zones, and then from the list of network-visible entities (NVEs) of type LaserWriter and ImageWriter in the chosen zone. Use type to specify a different type of NVE to list. Use zone to specify a zone to search, bypassing the zone selection prompt. at_cho_prn requires superuser privileges to run.
atlookup |
atlookup [ options ] [ scope ]
Lists network-visible entities (NVEs) on the AppleTalk network. If scope isn't specified, atlookup lists all NVEs in the current zone.
Show only NVE names and types in the list; don't include network numbers .
When used with -z , display zones in several columns instead of one.
Print network numbers in decimal format instead of the default hexadecimal.
Retry unsuccessful lookups n times. The default is 8.
Retry unsuccessful lookups n seconds apart. The default is one second.
Convert nonprintable characters in lists to their hexadecimal equivalents, prefaced with / .
List all zones on the network. Used alone or with -C .
Specify the scope of the lookup by NVE name , type , and zone using this syntax:
[ name [: type [ @zone ]]]
You can use the = wildcard anywhere in name or type to match zero or more characters, except with older AppleTalk Phase 1 nodes, which ignore such lookups. The = wildcard works with all AppleTalk nodes, however, when used by itself to match all names or types. Lookups are not case-sensitive.
Display all NVEs of type darwin in the current zone:
$ atlookup =:darwin
Display all NVEs on printers named with sales in the current zone (not AppleTalk Phase 1 compliant):
$ atlookup sales=:=
atprint |
atprint [ printer ]
Sends data from standard input to AppleTalk printer printer , or the printer chosen with at_cho_prn if no printer is specified. Specify printer using the [ name [: type [@ zone ]]] syntax as described for atlookup . If the printer is a PostScript device, you must first reformat non-PostScript data, such as plain text, to PostScript before printing with atprint . You can do this easily using enscript , as shown in the first example.
Print text file addresslist to the AppleTalk PostScript printer sales :
$ enscript -p- | atprint addresslist | sales
Print grep 's manpage to the at_cho_prn chosen printer, using man 's -t option to format it for PostScript printing:
$ man -t grep| atprint
atq |
atq [ options ]
Lists jobs created by the at command that are still in the queue. Normally, jobs are sorted by the order in which they execute.
Show jobs pending in queue queuename .
Show jobs that have completed but have not yet been deleted.
atrm |
atrm jobIDs
Removes jobs queued with at that match the specified jobIDs .
atstatus |
atstatus [ printer ]
Displays the status of AppleTalk printer printer or the printer chosen with at_cho_prn if no printer is specified. Specify printer using the [ name [: type [@ zone ]]] syntax as described for atlookup .
automount |
automount -help automount -V automount [-m map_directory map [-mnt mount_directory ] [-1]]... [-a mount_directory ] [-d] [-D { mount | nsl | options | proc | select | all }]... [-f] [-s] [-tcp] [-tl timeout ] [-tm timeout ]
Provides transparent, automated access to NFS and AFP shares. When running, any filesystem access to map_directory is intercepted by automount . Typically, automount will then set up a symbolic link from map_directory or one of its subdirectories to a mount point under mount_directory , automatically creating directories and mounting remote volumes as needed. It will also unmount remote volumes that have been idle for too long. Directories or mounts set up by automount are removed when automount exits.
automount makes use of maps to determine how to mount volumes. When using a file as a map, the format is similar to that used by NFS automounters on other Unix platforms. Each entry in the file consists of a single line, either a comment beginning with a hash mark ( # ) or a mount directive of the form:
subdirectory server:/pathname
If this line were included in a file named /etc/mountmaps , and automount were called like so:
# automount -m / mount_directory /etc/mountmaps
upon accessing /mount_directory , automount would mount the NFS-exported server :/ pathname on /private/mount_directory/ subdirectory and create a symlink to that mount point from /mount_directory/ subdirectory .
It was once possible to use a map stored in a NetInfo database under /mountmaps/ , but that functionality has been deprecated in more recent versions of Mac OS X.
In addition to map files, there are several special maps available. Foremost among them are those used by default on Mac OS X systems, -fstab , -static , and -nsl . The following commands are run from the NFS startup item:
automount -m /Network -nsl automount -m /automount/Servers -fstab -mnt /private/var/automount/
Network/Servers -m /automount/static -static -mnt /private/var/automount
Both -fstab and -static maps use similar configuration formats, stored in an Open Directory database under /mounts/ . The following configuration line triggers automount when using the -fstab map:
server :/ subdirectory / mount_point url net,url= =afp://;AUTH=NO%20USER%20AUTHENT@server/share_name 0 0+
|
There are several options for getting this configuration into Open Directory; one is to use niload fstab domain , then enter the configuration line, followed by Control-D. It's stored in Open Directory like this (as displayed by nidump -r /mounts domain ):
{ "name" = ( "mounts" ); CHILDREN = ( { "dir" = ( "/mount_point" ); "dump_freq" = ( "0" ); "name" = ( "server:/subdirectory" ); "opts" = ( "net", "url= =afp://; AUTH=NO%20USER%20AUTHENT@server/share_name" ); "passno" = ( "0" ); "vfstype" = ( "url" ); } ) }
The net option is the signal for this configuration line to be used by automount with the -fstab map. Without the net option, this configuration line is picked up by the -static map.
With this configuration, and automount called like so:
# automount -m /automount/Servers -fstab
- mnt /private/var/automount/Network/Servers
upon accessing /automount/Servers , automount would mount share_name from server on /private/var/automount/Network/Servers/ server / subdirectory , and create a symlink from /automount/Servers/ server . (Alternatively, the mount may be accessed via /Network/Servers/ server , thanks to a symlink created by the NFS startup item.) The configured mount point (the value of the dir property) is ignored by the -fstab map.
|
While the -static map uses a configuration very much like that for -fstab , its mounting and linking behavior is significantly different. With a configuration like this ( viewed as the output of nidump fstab domain ):
server :/ subdirectory / mount_point url url= =afp://;AUTH=NO%20USER%20AUTHENT@server/share_name 0 0
and automount called like so:
# automount -m /automount/static -static -mnt /private/var/automount
upon accessing /mount_point , automount would mount share_name from server on /private/var/automount/ mount_point , create a symlink to this from /automount/static/ mount_point , and then another from / mount_point to /automount/static/ mount_point . The configured server :/ subdirectory (the value of the name property) is ignored by the -static map for AFP shares. (Incidentally, the term "static" is a misnomer. Mounts are made dynamically when they are accessed, just as with the -fstab map.)
AFP URLsThe format of the AFP URLs in the automount examples is described in the manpage for mount_afp , but there are constraints you should be aware of:
automount:afp://;AUTH=NO%20USER%20AUTHENT@ server / share_name If user authentication is required, you have two options. The first is to specify the necessary authentication information in the URL like so: afp:// username : password @ server / share_name However, this makes the authentication password available to anyone with access to the configuration stored in Open Directory. The other option is to leave out the authentication parameters: afp:// server / share_name In this case, the user logged into the graphical console is presented with an authentication dialog to enable access to the share. Of course, if no one is logged into the GUI, this won't work, and the mount attempt will fail. |
The -nsl map uses the Network Services Location service discovery API to automatically find available shares on the network (just as the Finder's Connect to Server... menu item does) and create mounts for them. With automount invoked like this:
# automount -m /Network -nsl
discovered shares are mounted on subdirectories of /private/var/automount/Network/server , with a symlink created from /Network/server .
|
Another special map is the -user map. It doesn't actually cause any remote filesystems to be mounted on its own; it merely sets up symlinks to every user account's home directory from the map_directory , which may be useful if you want a single place to look in for everyone's home directory. But proceed cautiously if you have a very large number of user accounts.
The -host map is meant to automatically mount NFS exports from hosts listed in a NIS hosts map, when accessing a subdirectory of the map_directory with the same name as the host. For example, accessing /net/hostname/export should mount hostname:/export , if /net is the map_directory . This is similar to the -hosts map of other NFS automounters.
The -null map mounts... well, nothing. It will, however, intercept filesystem calls for the map_directory , thus effectively mounting an empty directory over whatever might have been there before. In the original automount , from which NeXT's and Apple's versions are descended, this was meant to nullify configuration entries included from a network-wide NIS map.
When running in daemon mode, automount stores its PID in /var/run/automount.pid and responds to SIGHUP by reloading its configuration.
Create directories on the path to a -fstab mount point one at a time, as they're traversed, rather than creating the entire path to a mount point when the mount is accessed. However, using this option leads to I/O errors when trying to access the mount.
Specify the directory in which mounts are made. Symbolic links from the directory specified in the -m option are used to access these mounts. The default is /private/var/automount .
Send debugging output to standard error and prevent daemonization.
Output debugging messages of the specified type. If the -d option is used, output is to standard error; otherwise, it's via syslog . Multiple occurrences of this option may be used to specify multiple types.
Used internally by automount to indicate that the process has already forked during daemonization. (You can see in the output of ps -ax that the automount daemon runs with the -f flag, even though it isn't invoked that way from the NFS startup item.)
Print a usage statement to standard output.
Use the specified map to mount shares and create symlinks from the specified directory to the mount points. The map argument can be an absolute pathname to a file, a map in the /mountmaps/ directory of an Open Directory domain, or one of the special values -fstab , -host , -nsl , -null , -static , or -user . Multiple -m options enable the use of multiple maps. In the absence of a -m option, automount attempts to find maps in Open Directory.
Like -a , but specific to a single map.
Supposedly create all mounts at startup and never unmount them. However, mounts are still only attempted upon access, at which point automount prints a bus error and dumps core when using this option.
Attempt to mount NFS volumes over TCP, instead of the default UDP.
Specify a time-to-live (TTL) for mount names, in seconds. After the timeout expires , mounts are rechecked. A timeout of 0 sets an infinite TTL. The default is 10000.
Specify a timeout to retry failing mounts, in seconds. The timeout roughly doubles with each mount attempt, until giving up after a few tries . The default is 20.
Print version number and host information to standard output.
banner |
banner [-w width ] message
Prints message as a poster on the standard output.
Specify the maximum width of the poster. Default is 132.
basename |
basename pathname [ suffix ] basename [-s suffix ] pathname [...]
Given a pathname , strips the path prefix and leaves just the filename, which is printed on standard output. If specified, a filename suffix (e.g., .c ) is removed also. The suffix may also be specified with the -s option, in which case multiple paths may be passed and stripped. basename is typically invoked via command substitution ('..') to generate a filename. See also dirname .
Removes suffix from the filename, if found.
Given the following fragment from a Bourne shell script:
ofile=output_file myname="'basename $0'" echo "$ myname : QUITTING: can't open $ofile" 1>&2 exit 1
If the script is called do_it , the following message is printed on standard error:
do_it: QUITTING: can't open output_file
batch |
batch [ options ]
Executes commands entered on standard input. Ends with EOF. Unlike at , which executes commands at a specific time, batch executes commands one after another (waiting for each one to complete). This avoids the potentially high system load caused by running several background jobs at once. See also at .
batch is equivalent to issuing the command at -q b now .
Execute commands listed in file .
Send mail to user after job is completed (if an MTA such as sendmail is configured to run).
$ batch sort in > out troff -ms bigfile > bigfile.ps EOF
bc |
bc [ options ] [ files ]
Interactively performs arbitrary-precision arithmetic or converts numbers from one base to another. Input can be taken from files or read from the standard input. To exit, type quit or EOF .
Make available functions from the math library.
Quiet, don't print welcome message.
Don't use extensions to POSIX bc .
Print version number.
Warn if extensions are used.
bc is a language (and compiler) whose syntax resembles that of C. bc consists of identifiers, keywords, and symbols, which are briefly described here. Examples follow at the end of this section.
An identifier is a single character, consisting of the lowercase letters a-z. Identifiers are used as names for variables , arrays, and functions. Within the same program, you may name a variable, an array, and a function using the same letter. The following identifiers would not conflict:
Variable x .
Element i of array x . i can range from 0 to 2047 and can also be an expression.
Call function x with parameters y and z .
ibase, obase, and scale each store a value. Typing them on a line by themselves displays their current value. More commonly, you would change their values through assignment. Letters A-F are treated as digits whose values are 1015.
Numbers that are input (e.g., typed) are read as base n (default is 10).
Numbers displayed are in base n (default is 10). Note: once ibase has been changed from 10, use digit "A" to restore ibase or obase to decimal.
Display computations using n decimal places (default is 0, meaning that results are truncated to integers). scale is normally used only for base-10 computations.
A semicolon or a newline separates one statement from another. Curly braces are needed only when grouping multiple statements.
Do one or more statements if relational expression rel-expr is true; for example:
if (x = = y) i = i + 1
Repeat one or more statements while rel-expr is true; for example:
while (i > 0) {p = p*n; q = a/b; i = i-1}
Similar to while ; for example, to print the first 10 multiples of 5, you can type:
for (i = 1; i <= 10; i++) i*5
Terminate a while or for statement.
Exit bc .
Begin the definition of function j having a single argument k . Additional arguments are allowed, separated by commas. Statements follow on successive lines. End with a } .
Set up x and y as variables local to a function definition, initialized to 0 and meaningless outside the function. Must appear first.
Pass the value of expression expr back to the program. Return 0 if ( expr ) is left off. Used in function definitions.
Compute the square root of expression expr .
Compute how many digits are in expr .
Same as previous, but count only digits to the right of the decimal point.
These are available when bc is invoked with -l . Library functions set scale to 20.
Compute the sine of angle , a constant or expression in radians.
Compute the cosine of angle , a constant or expression in radians.
Compute the arctangent of n , returning an angle in radians.
Compute e to the power of expr .
Compute the natural log of expr .
Compute Bessel function of integer order n .
These consist of operators and other symbols. Operators can be arithmetic, unary, assignment, or relational.
Type | Operator |
---|---|
Arithmetic | + , - , * , / , % , ^ |
Unary | - , ++ , -- |
Assignment | =+ , =- , =* , =/ , =% , =^ , = |
Relational | < , <= , > , >= , = = , != |
Enclose comments.
Control the evaluation of expressions (change precedence). Can also be used around assignment statements to force the result to print.
Used to group statements.
Array index.
Use as a statement to print text .
Note that when you type some quantity (a number or expression), it is evaluated and printed, but assignment statements produce no display:
ibase = 8 Octal input 20 Evaluate this octal number 16 Terminal displays decimal value obase = 2 Display output in base 2 instead of base 10 20 Octal input 10000 Terminal now displays binary value ibase = A Restore base-10 input scale = 3 Truncate results to three places 8/7 Evaluate a division 1.001001000 Oops! Forgot to reset output base to 10 obase = 10 Input is decimal now, so "A" isn't needed 8/7 1.142 The Terminal displays result (truncated)
The following lines show the use of functions:
define p(r,n){ Function p uses two arguments auto v v is a local variable v = r^n r raised to the n power return(v)} Value returned scale = 5 x = p(2.5,2) x = 2.5 ^ 2 x Print value of x 6.25 length(x) Number of digits 3 scale(x) Number of places to right of decimal point 2
biff |
biff [y | n | b]
Turns mail notification on or off. With no arguments, biff indicates the current status.
When mail notification is turned on, each time you get incoming mail, the bell rings, and the first few lines of each message are displayed. biff needs the comsat daemon to be running. If the b option is specified, incoming mail rings the bell but doesn't print any lines of the message.
bless |
bless [ folder options | device options | info options ]
Enables a device containing a Mac OS 9, Darwin, or Mac OS X system folder to be bootable and selects an enabled device or system folder to be the default boot system. bless can also report the current boot settings.
Use bless 's folder options to enable and select system folders.
Enable a volume on New World Macintoshes to boot into Mac OS X by copying file pathname into the Mac OS X system folder (specified with --folder ) to use as the BootX file. pathname is typically /usr/standalone/ppc/bootx.bootinfo .
Enable a volume to boot into Mac OS 9 by setting the required boot blocks.
Enable a volume to boot into Mac OS 9 by setting the required boot blocks, which are extracted from the data fork of file pathname .
Bless a Mac OS X system for booting, identified by its CoreServices directory pathname . (See example.)
Bless a Mac OS 9 folder for booting or use by Classic, identified by its system folder pathname . (See example.)
Use name as the system volume label used by the OS Picker, which appears when the Option key is held during startup.
Use file as an existing, pre-rendered label for the OS picker.
Select to boot from volume pathname using its already blessed system folder, instead of selecting a specific folder. Specify a volume by its mount point pathname, such as /Volumes/Macintosh HD .
Open directory when the volume is attached.
Retain the blessing of the blessed Mac OS 9 system folder when the --folder or --mount option is used but the --folder9 option is not.
Retain the blessing of the blessed Mac OS X system folder when the --folder or --mount option is used but the --folder option is not.
Set the specified partition as the boot partition.
Set the computer to boot at next startup from the system specified by the --folder or --folder9 option. bless writes to Open Firmware's boot - device variable.
Enable a volume to boot into Mac OS 9 by setting the required boot blocks, which are extracted from the system file pathname .
Insert the data fork of system file pathname into the system file of the Mac OS 9 system folder specified by the --folder9 option.
When both the --folder and --folder9 options are given, use the Mac OS 9 system as the default system for that volume.
Use bless 's device options to set up new boot devices.
Enable the volume specified by --device to boot into Mac OS 9 by setting the required boot blocks, which are extracted from the data fork of file pathname .
Select an unmounted device for setup by opening its block file pathname .
Use filesystem type fstype to format the device specified by the --device option. If fstype isn't specified, bless format the device using HFS+ with an HFS wrapper.
Apply additional arguments when preparing the device specified by the --device option. arguments can be any options that exist for the newfs command.
Use name as the label for the new filesystem specified by the --device option.
Use pathname as the temporary mount point for the HFS wrapper.
Set the computer to boot at next startup from the device specified by the --device option. bless sets this by writing to Open Firmware's boot-device variable.
Use the file specifications from file pathname instead of from both the files specified by the -bootBlockFile and --wrapper options.
Mount the HFS wrapper on the mount point specified by --mount and insert the system file pathname into the wrapper, making it the default system file.
Enable a volume on Old World Macintoshes to boot into Mac OS X using file pathname as the HFS+ StartupFile. pathname is typically /usr/standalone/ppc/bootx.xcoff .
Display fields from the boot blocks of the volume specified by --info .
Display the blessed system folder(s) on volume pathname or the default startup volume as set in Open Firmware if pathname isn't specified.
Provide all information in plist format; used with --info .
Operate in quiet mode; don't produce any output.
Be verbose; print extra output.
Bless a Mac OS X-only volume, and have it boot at next restart:
$ bless --folder "/Volumes/Mac OS X/System/ Library/
CoreServices" -setOF
Set a current system volume that holds both a Mac OS X and a Mac OS 9 system to boot Mac OS 9 at next restart:
$ bless --folder9 "/Volumes/Mac OS 9/System Folder" -saveX ,
--use9 --setOF
See the bless manpage for more examples.
cal |
cal [ options ] [[ month ] year ]
With no arguments, prints a calendar for the current month. Otherwise, prints either a 12-month calendar (beginning with January) for the given year or a one-month calendar of the given month and year . month ranges from 1 to 12; year ranges from 1 to 9999.
Print all days with Julian dates, which number from 1 (for January 1) to the last day of the year.
Print the entire calendar for the current year.
$ cal -j 12 2003 $ cal 2003 > year_file
calendar |
calendar [ option ]
Reads your calendar file and displays all lines that contain the current date. The calendar file is like a memo board. You create the file and add entries such as the following:
5/4 meeting with design group at 2 pm may 6 pick up anniversary card on way home
When you run calendar on May 4, the first line is displayed. calendar can be automated by using crontab or at , or by including it in your startup files, .profile or .login .
Print the next num days in the future, including today.
Allow a privileged user to invoke calendar for all users, searching each user's login directory for a file named calendar . Entries that match are sent to a user via mail. This feature is intended for use via cron . It isn't recommended in networked environments with large user bases.
Print the previous num days in the past, including today.
Display lines for the given date.
Specify "virtual Friday," the last day before the weekend .
Display calendar items from file filename instead of the default calendar file in your home directory.
Display calendar items up to n days ahead from the current date as well.
Print the next num days in the future, including today, but not counting weekend days in the count.
Force calendar to skip over weekends. Display calendar items up to n days ahead from the current date only when the current day is a Friday. The default for n is 2.
cancel |
cancel [ options ] [ printer ]
Cancels print requests made with lp . The request can be specified by its ID, by the printer on which it is currently printing, or by the username associated with the request (only privileged users can cancel another user's print requests). Use lpstat to determine either the id or the printer to cancel.
Cancel all queued requests to the specified printer .
Specify the hostname of the print server. With no hostname , it uses the value of CUPS_SERVER or localhost .
Cancel jobs for user username .
Cancel print request id .
cat |
cat [ options ] [ files ]
Reads one or more files and prints them on standard output. Reads standard input if no files are specified or if - is specified as one of the files; end input with EOF. Use the > shell operator to combine several files into a new file; >> appends files to an existing file.
Like -n , but don't number blank lines.
Print a $ to mark the end of each line. Implies the -v option.
Number lines.
Squeeze out extra blank lines.
Print each tab as ^I . Implies the -v option.
Print output as unbuffered (default is buffered in blocks or screen lines).
Display control characters and other nonprinting characters.
Display a file:
$ cat ch1
Combine files:
$ cat ch1 ch2 ch3 > all
Append to a file:
$ cat note5 >> notes
Create file at terminal; end with EOF:
$ cat > temp1
Create file at terminal; end with STOP:
$ cat > temp2 << STOP
CCLEngine |
CCLEngine -l integer -f filename -s { 0 | 1 } -e { 0 | 1 } -c { 0 | 1 } -p { 0 | 1 } -d { 0 | 1 } -m { 0 | 1 | 2 } [-v] [-E] -S octal_integer -I string -i URL -C string -T phone_num -U username -P password
Parses a modem script and initiates a PPP dialout. When a PPP connection is attempted, pppd starts up, parses /Library/Preferences/SystemConfiguration/preferences.plist , and calls CCLEngine with the appropriate arguments.
If set to 1, enable Van Jacobson TCP/IP header compression. This is the opposite of the novj option to pppd , and is obtained from the IPCPCompressionVJ parameter in /Library/Preferences/SystemConfiguration/preferences.plist .
If the modem script asks for input, this option provides the label for the alternate button (i.e., the one that's not labeled "OK") on the dialog that pops up. Normally this is set to "Cancel."
If set to 1, start dialing the modem without waiting for a dial tone. This corresponds to the modemdialmode option to pppd and is obtained from the DialMode parameter in /Library/Preferences/SystemConfiguration/preferences.plist .
If set to 1, enable compression and error correction in the modem. This corresponds to the modemcompress and modemreliable options to pppd , and is obtained from the ErrorCorrection parameter in /Library/Preferences/SystemConfiguration/preferences.plist .
Print output to standard error.
Provide the name of a modem script, normally in /System/Library/Modem Scripts/ . This corresponds to the modemscript option to pppd and is obtained from the ConnectionScript parameter in /Library/Preferences/SystemConfiguration/preferences.plist .
If the modem script asks for input, this option provides a URL for the icon on the dialog that pops up. Normally this is set to file://localhost/System/Library/Extensions/PPPSerial.ppp/Contents/Resources/NetworkConnect.icns .
If the modem script asks for input, this option provides the title for the dialog that pops up. Normally this is set to "Internet Connect."
Specify the service ID for the network configuration to use from /Library/Preferences/SystemConfiguration/preferences.plist . This corresponds to the serviceid option to pppd .
Determine whether the modem should try to connect (0), disconnect (1), or be set up to answer calls (2).
If set to 1, the modem uses pulse dialing. This corresponds to the modempulse and modemtone options to pppd , and is obtained from the PulseDial parameter in /Library/Preferences/SystemConfiguration/preferences.plist .
Specify the password to use for PPP authentication.
If set to 1, enable sound output from the modem through the computer speakers . This corresponds to the modemsound option to pppd , and is obtained from the Speaker parameter in /Library/Preferences/SystemConfiguration/preferences.plist .
Specify the syslog priority level and facility to use for logging errors. The argument is an octal integer that serves as the first argument to a syslog system call, as described in the syslog manpage and in /usr/include/sys/syslog.h . The low-order digit specifies priority level from 0 ( emerg ) to 7 ( debug ), while the higher-order digits specify facility. The default is 150, which logs to the remoteauth facility at emerg level.
Specify the telephone number to dial. This corresponds to the remoteaddress and altremoteaddress options to pppd , and is obtained from the CommRemoteAddress and CommAlternateRemoteAddress parameters in /Library/Preferences/SystemConfiguration/preferences.plist .
Specify the username to use for PPP authentication. This corresponds to the user option to pppd and is obtained from the AuthName parameter in /Library/Preferences/SystemConfiguration/preferences.plist .
If set to 1, enable verbose logging to /tmp/ppp.log . Taken from the VerboseLogging parameter in /Library/Preferences/SystemConfiguration/preferences.plist .
certtool |
certtool { v | d | D } filename [h] [v] [d] certtool y [h] [v] [k= keychain [c [p= password ]]] certtool c [h] [v] [a] [k= keychain [c [p= password ]]] certtool { r | I } filename [h] [v] [d] [a] [k= keychain [c [p= password ]]] certtool i filename [h] [v] [d] [a] [k= keychain [c [p= password ]]] [r= filename [f={ 1 | 8 | f }]]
Manages X.509 SSL/TLS certificates. It uses the Common Data Security Architecture (CDSA) in much the same way that /System/Library/OpenSSL/misc/CA.pl uses OpenSSL to ease the process of managing certificates.
As arguments, it takes a single-letter command, often followed by a filename, and possibly some options.
When adding an item to a keychain, create a key pair including a private key with a more restrictive ACL than usual. (The default behavior creates a private key with no additional access restrictions, while specifying this option adds a confirmation requirement to access the private key that only certtool is allowed to bypass.)
As a command, walks you through a series of interactive prompts to create a certificate and a public/private key pair to sign and possibly encrypt it. The resulting certificate (in DER format) is stored in your default keychain.
|
As an option, instructs certtool to create a new keychain by the name given in the k option.
As a command, displays the certificate contained in filename .
As an option, indicates that the format of the CSR or CRL contained in filename is DER (a binary format), instead of the default PEM (an ASCII format, which is essentially a DER certificate with Base64 encoding).
Display the certificate revocation list (CRL) contained in filename .
Specify the format of the private key in the file specified with the r option. The format is specified by a single character, either 1 (for OpenSSL's PKCS1, the default), 8 (PKCS8), or f (FIPS186, or BSAFE).
Print a usage statement to standard output, negating whichever command was given.
Import the certificate contained in filename into the default keychain.
Import the CRL contained in filename into the default keychain.
Specify the name of a keychain (in ~/Library/Keychains ) to use other than the default.
Specify the keychain password on the command line. To avoid password exposure, it's better to let certtool prompt for it.
As a command, walks you through a series of interactive prompts to create a certificate-signing request (CSR) and a public/private key pair to sign and possibly encrypt it. The resulting CSR is stored in filename .
As an option, specifies the file containing a private key for the certificate being imported. This is useful if you've used OpenSSL to generate a certificate, instead of certtool .
As a command, verifies the CSR contained in filename .
As an option, should enable verbose output, but it doesn't actually seem to make a difference.
As a command, displays the certificates and CRLs in the specified keychain.
chflags |
chflags [ options ] flags files
Changes the file flags of one or more files . flags is a comma-separated list of file flags, described later. To unset a flag, use the same command but with no added to the front of the flag's name. To view a file's current flags, use the ls -lo command.
If any of the pathnames given in the command line are symbolic links, follow only those links during recursive operation. Works only with the -R option.
Follow all symbolic links during recursive operation. Works only with the -R option.
Follow no symbolic links during recursive operation. Works only with the -R option (the default).
Recursively descend through the directory, including subdirectories and symbolic links, changing the specified file flags as it proceeds.
Flag name | Flag set | Who can change it |
---|---|---|
arch | Archived | Superuser only |
opaque | Opaque | Owner or superuser only |
nodump | Nodump | Owner or superuser only |
sappnd | System append-only | Superuser only |
schg | System immutable | Superuser only |
uappnd | User append-only | Owner or superuser only |
uchg | User immutable | Owner or superuser only |
Though the system append-only ( sappend ) and system immutable ( schg ) flags can be set by the superuser in normal system mode, you can only unset them while in single-user mode.
Setting the user immutable ( uchg ) flag for a file prevents it from being deleted, changed, or moved. By locking a file in the Finder, you're actually setting its user immutable flag. Therefore, this command locks the file as well:
$ chflags uchg importantfile.doc
Unset the user immutable flag and thus unlock the file:
$ chflags nouchg importantfile.doc
chgrp |
chgrp [ options ] newgroup files
Changes the ownership of one or more files to newgroup . newgroup is either a GID number or a group name known to directory services. You must own the file or be a privileged user to succeed with this command.
Force error messages to be suppressed.
Change the permissions of the link, rather than the referent .
If any of the pathnames given in the command line are symbolic links, follow only those links during recursive operation. Works only with the -R option.
Follow all symbolic links during recursive operation. Works only with the -R option.
Follow no symbolic links during recursive operation. Works only with the -R option (the default).
Recursively descend through the directory, including subdirectories and symbolic links, setting the specified GID as it proceeds.
Verbose output, showing files as they are changed.
chkpasswd |
chkpasswd [-c] [-i infosystem ] [-l location ] [ username ]
Useful for scripts, this prompts for a password which is then compared against the appropriate directory service for the user specified. If the password is correct, chkpasswd returns 0; otherwise, it returns 1, and the string "Sorry" is printed to standard error.
Compare user input with the password hash directly, rather than running it through the crypt algorithm first.
Specify the directory service to use, which may be file , netinfo , nis , or opendirectory .
Depending on the directory service being used, it's either a file (defaults to /etc/master.passwd ), a NetInfo domain or server/tag combo, a NIS domain, or an Open Directory node (like /NetInfo/root ).
Designate whose password is checked. It defaults to that of the user running the command.
chmod |
chmod [ option ] mode files
Changes the access mode or access control lists (ACLs) of one or more files . Only the owner of a file or a privileged user may change its mode. Create mode by concatenating the characters from who , opcode , and permission . who is optional (if omitted, default is a ); choose only one opcode .
Add ACL entry entry for the file.
Add ACL entry entry for the file at position pos .
Remove ACL entry entry for the file.
Rewrites the entry at position pos with entry .
Suppress error message upon failure to change a file's mode.
Change the permissions of the link, rather than the referent.
If any of the pathnames given in the command line are symbolic links, follow only those links during recursive operation. Works only with the -R option.
Follow all symbolic links during recursive operation. Works only with the -R option.
Follow no symbolic links during recursive operation. Works only with the -R option (the default).
Recursively descend directory arguments while setting modes.
Verbose output, showing files as they are changed. If -v appears more than once, the old and new permissions are shown as well.
User.
Group.
Other.
All (default).
Add permission.
Remove permission.
Assign permission (and remove permission of the unspecified fields).
Read.
Write.
Execute (file) or search (directory).
Set the execute bit for all who values if any of the execute bits are already set in the specified file; meaningful only in conjunction with the op symbol + .
Set user (or group) ID.
Sticky bit; save text mode (file) or prevent removal of files by nonowners (directory).
User's present permission.
Group's present permission.
Other's present permission.
Alternatively, specify permissions by a three-digit sequence. The first digit designates owner permission; the second, group permission; and the third, others permission. Permissions are calculated by adding the following octal values:
Read.
Write.
Execute.
A fourth digit may precede this sequence. This digit assigns the following modes:
Set UID on execution.
Set GID on execution or set mandatory locking.
Sticky bit.
Add execute-by-user permission to file :
$ chmod u+x file
Either of the following assigns read-write-execute permission by owner (7), read-execute permission by group (5), and execute-only permission by others (1) to file :
$ chmod 751 file $ chmod u=rwx,g=rx,o=x file
Any one of the following assigns read-only permission to file for everyone:
$ chmod =r file $ chmod 444 file $ chmod a-wx,a+r file
Set the UID, assign read-write-execute permission by owner, and assign read-execute permission by group and others:
$ chmod 4755 file
chown |
chown [ options ] newowner [: newgroup ] files
Changes the ownership of one or more files to newowner . newowner is either a UID number or a login name known to directory services. The optional newgroup is either a GID number or a group name known to directory services. When newgroup is supplied, the behavior is to change the ownership of one or more files to newowner and make it belong to newgroup .
Force error messages to be suppressed.
Change the ownership of the link, rather than the referent.
If any of the pathnames given in the command line are symbolic links, follow only those links during recursive operation. Works only with the -R option.
Follow all symbolic links during recursive operation. Works only with the -R option.
Follow no symbolic links during recursive operation. Works only with the -R option (the default).
Recursively descend through the directory, including subdirectories, resetting the ownership ID.
Verbose output, showing files as they are changed. If -v appears more than once, the old and new permissions will be shown as well.
cksum |
cksum [ files ]
Calculates and prints a cyclic redundancy check (CRC) for each file. The CRC algorithm is based on the polynomial used for Ethernet packets. For each file, cksum prints a line of the form:
sum count filename
Here, sum is the CRC, count is the number of bytes in the file, and filename is the file's name. The name is omitted if standard input is used.
clear |
clear
Clears the Terminal display.
cmp |
cmp [ options ] file file2 [ skip1 [ skip2 ]]
Compares file1 with file2 . Use standard input if file1 or file2 is - . To begin the comparison from byte offsets other than at the beginning of the files, use the optional arguments skip1 and skip2 , which specify the byte offsets from the beginning of each file. By default, the value is decimal. To use hexadecimal or octal values, precede them with a leading 0x or 0, respectively. See also comm and diff . The exit codes are as follows :
Files are identical.
Files are different.
Files are inaccessible.
Print differing bytes as characters.
Ignore differences in the first N bytes of input.
Compare at most limit bytes of input.
For each difference, print the byte number in decimal and the differing bytes in octal.
Work silently; print nothing, but return exit codes.
Output version info.
Print a message if two files are the same (exit code is 0):
$ cmp -s old new && echo 'no changes'
colcrt |
colcrt [ options ] [ files ]
A postprocessing filter that handles reverse linefeeds and escape characters, allowing output from tbl or nroff to appear in reasonable form on a terminal. Puts half-line characters (e.g., subscripts or superscripts) and underlining (changed to dashes) on a new line between output lines.
Don't underline.
Double-space by printing all half lines.
colrm |
colrm [ start [ stop ]]
Removes specified columns from a file, where a column is a single character in a line. Reads from standard input, and writes to standard output. Columns are numbered starting with 1; begin deleting columns at (including) the start column, and stop at (including) the stop column. Entering a tab increments the column count to the next multiple of either the start or stop column; entering a backspace decrements it by 1.
List all the contents of a directory and remove the permissions, UID and GID, file size, and the date/time information, leaving just the filenames:
$ ls -la | colrm 1 50
column |
column [ options ] [ files ]
Formats input from one or more files into columns, filling rows first. Reads from standard input if no files are specified. Checks the COLUMNS environment variable for the current terminal width if necessary.
Format output into num columns.
Delimit table columns with char . Meaningful only with -t .
Format input into a table. Delimit with whitespace, unless an alternate delimiter has been provided with -s .
Fill columns before filling rows.
comm |
comm [ options ] file1 file2
Compares lines common to the sorted files file1 and file2 . THRee-column output is produced: lines unique to file1 , lines unique to file2 , and lines common to both files . comm is similar to diff in that both commands compare two files. In addition, comm can be used like uniq ; that is, comm selects duplicate or unique lines between two sorted files, whereas uniq selects duplicate or unique lines within the same sorted file. A filename of - means standard input, not an option.
Suppress printing of column 1.
Suppress printing of column 2.
Suppress printing of column 3.
Print only lines in column 3 (lines common to file1 and file2 ).
Print only lines in column 2 (lines unique to file2 ).
Print only lines in column 1 (lines unique to file1 ).
Compare two lists of top 10 movies and display items that appear in both lists:
$ comm -12 shalit_top10 maltin_top10
compress |
compress [ options ] [ files ]
Reduces the size of one or more files using adaptive Lempel-Ziv coding and move to file .Z . Restore with uncompress or zcat .
With a filename of - , or with no files , compress reads standard input.
Unisys claims a patent on the algorithm used by compress . Today, gzip is generally preferred for file compression.
compress doesn't preserve resource forks or HFS metadata when compressing files that contain them.
Limit the number of bits in coding to n ; n is 916; 16 is the default. A lower n produces a larger, less densely compressed file.
Write to the standard output (don't change files).
Compress unconditionally; i.e., don't prompt before overwriting files. Also, compress files even if the resulting file would actually be larger.
Print the resulting percentage of reduction for files .
configd |
configd [-b] [-B bundle_ID ] [-d] [-t pathname ] [-v] [-V bundle_ID ]
The System Configuration Server monitors changes to network- related items such as link status, DHCP assignments, PPP connections, and IP configuration, and provides an API for applications to be notified of these changes. To monitor various items, it uses a set of plug-in configuration agents , including the Preferences Monitor, the Kernel Event Monitor, the PPP Controller Agent, the IP Configuration Agent, and the IP Monitor Agent. The agent plug-ins are located in /System/Library/SystemConfiguration/ . More information on the System Configuration framework can be found at http://developer.apple.com/techpubs/macosx/Networking/SysConfigOverview926/.
It's started as a bootstrap daemon, from /etc/mach_init.d/configd.plist ( processed by register_mach_bootstrap_servers ). When running in daemon mode, configd stores its PID in /var/run/configd.pid .
Disable loading of all agents.
Disable loading of the specified agent.
Run the process in the foreground, preventing daemonization.
Load the agent specified by pathname .
Enable verbose logging.
Enable verbose logging for the specified agent.
cp |
cp [ options ] file1 file cp [ options ] files directory
Copies file1 to file2 , or copies one or more files to the same names under directory . If the destination is an existing file, the file is overwritten; if the destination is an existing directory, the file is copied into the directory (the directory is not overwritten). If one of the inputs is a directory, uses the -R option.
cp doesn't preserve resource forks or HFS metadata when copying files that contain them. For such files, use CpMac or ditto instead.
Remove the target file, if it exists, before creating the new copy. Also, don't prompt for confirmation of overwrites. Overrides previous -i or -n options.
If any of the pathnames given in the command line are symbolic links, follow only those links during recursive operation. Works only with the -R option.
Prompt for confirmation ( y for yes) before overwriting an existing file.
Follow all symbolic links during recursive operation. Works only with the -R option.
Doesn't overwrite existing target file. Overrides previous -f or -i options.
Preserve the modification time and permission modes for the copied file. (Normally cp supplies the permissions of the invoking user.)
Follow no symbolic links during recursive operation. Works only with the -R option (the default).
Recursively copy a directory, its files, and its subdirectories to a destination directory , duplicating the tree structure. (This option is used with the second command-line format when at least one of the source file arguments is a directory.)
Copy two files to their parent directory (keep the same names):
$ cp outline memo ..
cpio |
cpio control_options [ options ]
Copies file archives in from or out to disk or to another location on the local machine. Note that until native drivers for tape drives exist for Mac OS X, cpio can't write to tape. Each of the three control options, -i , -o , or -p , accepts different options. (See also ditto , pax , and tar .)
cpio doesn't preserve resource forks or metadata when copying files that contain them. For such files, use ditto instead.
Copy in (extract) files whose names match selected patterns . Each pattern can include filename metacharacters from the Bourne shell. (Patterns should be quoted or escaped so they are interpreted by cpio , not by the shell.) If no pattern is used, all files are copied in. During extraction, existing files aren't overwritten by older versions in the archive (unless -u is specified).
Copy out a list of files whose names are given on the standard input.
Copy files to another directory on the same system. Destination pathnames are interpreted relative to the named directory .
Options available to the -i , -o , and -p options are shown respectively in the first, second, and third row below. (The - is omitted for clarity.)
i: b B c C d E f F H I m r s S t u v 6 o: a A B c C F H L O v p: a d l L m u v
Reset access times of input files.
Append files to an archive (must use with -O ).
Swap bytes and half-words. Words are 4 bytes.
Block input or output using 5120 bytes per record (default is 512 bytes per record).
Read or write header information as ASCII characters; useful when source and destination machines are different types.
Like -B , but block size can be any positive integer n .
Create directories as needed.
Extract filenames listed in file from the archive.
Reverse the sense of copying; copy all files except those that match patterns .
Synonym for -I in -i mode, or -O in -o mode. Uses file as the archive to operate on.
Read or write header information according to format . Values for format are ustar (IEEE/P1003 Data Interchange Standard header) or tar ( tar header).
Read file as an input archive.
Link files instead of copying. Can be used only with -p .
Follow symbolic links.
Retain previous file-modification time.
Direct the output to file .
Rename files interactively.
Swap bytes.
Swap half-words.
Print a table of contents of the input (create no files). When used with the -v option, resembles output of ls -l .
Unconditional copy; old files can overwrite new ones.
Print a list of filenames.
Process a PWB Unix 6th Edition archive format file. Useful only with the -i option, mutually exclusive with -c and -H .
Generate a list of old files using find ; use list as input to cpio :
$ find . -name "*.old" -print | cpio -ocBvO ~/archive
Restore from a tape drive (if supported) all files whose name contains "save" (subdirectories are created if needed):
$ cpio -icdv "*save*" < /dev/rmt/0
To move a directory tree:
$ find . -depth -print | cpio -padml /mydir
CpMac |
CpMac [-mac] [-p] [-r] source_path [ source_path ...] dest_path
Copies files, keeping multiple forks and HFS attributes intact.
Arguments use legacy Mac OS pathname syntax (i.e., colons as path separators, paths as viewed from the Finder).
Preserve file attributes.
Recursively copy directory contents.
create_nidb |
create_nidb [ tag [ master_hostname [ root_dir ]]]
A Perl program that creates and populates an Open Directory database from the contents of flat files in /etc/ . This may be especially useful if you have configuration information you wish to carry over from another Unix system. Currently, create_nidb uses the following files:
create_nidb should be run with superuser privileges.
The name of the host serving the master copy of the Open Directory database. The default is localhost if the tag is local ; otherwise, it's the hostname of the system on which create_nidb is run.
The directory in which var/db/netinfo/tag.nidb is created. The default is / .
The tag of the Open Directory database. The default is local .
crontab |
crontab [-u user ] [ file ] crontab [-u user ] options
Runs crontab on your current crontab file, or specifies a crontab file to add to the crontab directory. A privileged user can run crontab for another user by supplying -u user before any of the other options.
A crontab file is a list of commands, one per line, that executes automatically at a given time. Numbers are supplied before each command to specify the execution time. The numbers appear in five fields, as follows:
Minute 0-59 Hour 0-23 Day of month 1-31 Month 1-12 Day of week 0-6, with 0 = Sunday
Use a comma between multiple values, a hyphen to indicate a range, and an asterisk to indicate all possible values. For example, assuming the following crontab entries below:
59 3 * * 5 find / -print | backup_program 0 0 1,15 * * echo "Timesheets due" | mail user
The first command backs up the system files every Friday at 3:59 a.m., and the second command mails a reminder on the 1st and 15th of each month.
Edit the user's current crontab file (or create one).
List the user's file in the crontab directory.
Delete the user's file in the crontab directory.
curl |
curl [ options ] [ URL ... ]
Transfers files to and from servers using one or more URLs. curl supports several common protocols specified in URL : HTTP, HTTPS, FTP, GOPHER, DICT, TELNET, LDAP, and FILE. The following descriptions and examples cover curl 's basic operation; for a complete description, refer to curl 's manpage.
Form multiple URLs, each using one of the alternate variables specified within the braces as part of its string. For example, this string expands into three different URLs: http://www. somesite.com/~{ jonny,andy,miho } .
Form multiple URLs, each using one of the letters or numbers in the range specified within the brackets as part of its string. For example, this string expands into five different URLs: http://www [15].somesite.com/. Note that brackets need to be escaped from the shell (i.e., preceded with a backslash or surrounded in quotes).
Use ASCII mode for FTP and LDAP transfers.
Resume transfer after skipping the first offset bytes of the source file, for cases in which the previous transfer attempt was interrupted .
Save the HTTP headers or FTP server response lines in filename .
Display a detailed usage manual.
Save downloaded data to filename instead of standard output. If you specify multiple URLs using braces or brackets and use # n within filename , it is replaced in each new filename by each of the multiple values inside the n th braces or brackets in the URL (see example).
Save downloaded data to a local file of the same name as the remote file, instead of standard output.
Upload local file filename to URL . If URL ends with a slash, curl uses the local filename for the uploaded copy. Otherwise, the name at the end of URL is used.
Display a progress bar instead of the default statistics during transfers.
Perform an anonymous FTP download into the working directory:
$ curl -O ftp://ftp.xyzsite.com/installer.sit
Download three sequentially named files from two different servers as user jon :
$ curl "ftp://jon@ftp.{abc,xyz}site.com/ installer[1-3].sit"
-o "#1_installer#2.sit
Upload a file to an iDisk's Public folder:
$ curl -T archive.tar http://idisk.mac.com/jon4738/Public/
cut |
cut options [ files ]
Selects a list of columns or fields from one or more files. Either -c or -f must be specified. list is a sequence of integers. Use a comma between separate values and a hyphen to specify a range (e.g., 1-10,15,20 or 50- ). See also paste and join .
This list specifies byte positions, not character positions . This is important when multibyte characters are used. With this option, lines should be 1023 bytes or less in size.
Cut the character positions identified in list .
Use with -f to specify field delimiter as character c (default is tab); special characters (e.g., a space) must be quoted.
Cut the fields identified in list .
Don't split characters. When used with -b , cut doesn't split multibyte characters.
Use with -f to suppress lines without delimiters.
Display only ping times while ping ing a host:
$ ping 192.168.10.58 | cut -sd= -f4
Find out who is logged on, but list only login names:
$ who | cut -d" " -f1
Cut characters in the fourth column of file , and paste them back as the first column in the same file. Send the results to standard output:
$ cut -c4 file | paste - file
date |
date [ option ] [+ format ] date [ options ] [ string ]
In the first form, prints the current date and time, specifying an optional display format . In the second form, a privileged user can set the current date by supplying a numeric string . format can consist of literal text strings (blanks must be quoted) as well as field descriptors, whose values will appear as described next (the listing shows some logical groupings).
Insert a newline.
Insert a tab.
Month of year (01-12).
Day of month (01-31).
Last two digits of year (00-99).
Date in %m/%d/%y format.
Abbreviated month name.
Day of month (1-31); pad single digits with a space.
Four-digit year (e.g., 2004).
"Century," or year/1000, as an integer.
Week-based year within century (00-99).
Week-based year, including the century (0000-9999).
Same as %b .
Full-month name.
Hour in 24-hour format (00-23).
Minute (0059).
Second (0061); 61 permits leap seconds and double-leap seconds.
Time in %H:%M format.
Time in %H:%M:%S format.
Hour (24-hour clock; 023); single digits are preceded by a space.
Hour (12-hour clock; 112); single digits are preceded by a space.
Hour in 12-hour format (0112).
String to indicate a.m. or p.m. (default is AM or PM ).
Time in %I:%M:%S %p format.
Abbreviated weekday.
Full weekday.
Day of week (Sunday = 0).
Weekday as a decimal number (7, Sunday = 1).
Week number in year (0053); start week on Sunday.
Week number in year (0053); start week on Monday.
The ISO-8601 week number (0153). In ISO-8601, weeks begin on a Monday, and week 1 of the year is the one that includes both January 4th and the first Thursday of the year. If the first Monday of January is the 2nd, 3rd, or 4th, the preceding days are part of the last week of the previous year.
Julian day of year (001366).
Time-zone name.
Country-specific date format.
Country-specific time format.
Country-specific date and time format (the default is %a %b %e %T %Z %Y ; e.g., Mon Feb 23 14:30:59 PST 2004).
The actual formatting is done by the strftime(3) library routine.
Print the date and time that is seconds from the Epoch (00:00:00 UTC, January 1, 1970).
Display or set the time using Greenwich Mean Time (UTC).
A privileged user can set the date by supplying a numeric string . string consists of time, day, and year concatenated in one of three ways: time or [ day ] time or [ day ] time [ year ]. Note: don't type the brackets.
A two-digit hour and two-digit minute ( HHMM ); HH uses 24-hour format.
A two-digit month and two-digit day of month ( mmdd ); the default is current day and month.
The year specified as either the full four digits or just the last two digits; the default is current year.
Set the date to February 23 ( 0223 ), 4 A.M. ( 0400 ), 2005 ( 04 ):
$ date 0223040005
The following command:
$ date +"Greetings master, the current date and time is:%nDate:
%D%nTime: %T"
produces a formatted date as follows:
Greetings master, the current date and time is: Date: 07/09/05 Time: 13:23:49
dc |
dc [ file ]
An interactive desk calculator program that performs arbitrary-precision integer arithmetic (input may be taken from a file ). Normally you don't run dc directly because it's invoked by bc (see bc ). dc provides a variety of one-character commands and operators that perform arithmetic; dc works like a Reverse Polish calculator; therefore, operators and commands follow the numbers they affect. Operators include + , - , / , * , % , and ^ (as in C, although ^ signifies exponentiation); some simple commands include:
Print current result.
Quit dc .
Clear all values on the stack.
Take square root.
Change input base; similar to bc 's ibase .
Change output base; similar to bc 's obase .
Set scale factor (number of digits after decimal); similar to bc 's scale .
Remainder of line is a Unix command.
3 2 ^ p Evaluate 3 squared, then print result 9 8 * p Current value (9) times 8, then print result 72 47 - p Subtract 47 from 72, then print result 25 v p Square root of 25, then print result 5 2 o p Display current result in base 2 101
Spaces aren't needed except between numbers.
dd |
dd [ option = value ]
Makes a copy of an input file ( if= ) or standard input if there's no named input file, using the specified conditions, and sends the results to the output file (or standard output if of isn't specified). Any number of options can be supplied, although if and of are the most common and are usually specified first. Because dd can handle arbitrary block sizes, it is useful when converting between raw physical devices.
dd doesn't preserve resource forks or HFS metadata when copying files that contain them.
Set input and output block size to n bytes; this option supersedes ibs and obs .
Set the size of the conversion buffer (logical record length) to n bytes. Use only if the conversion flag is ascii , asciib , ebcdic , ebcdicb , ibm , ibmb , block , or unblock .
Convert the input according to one or more (comma-separated) flags listed next. The first six flags are mutually exclusive. The next two are mutually exclusive with each other, as are the following two.
EBCDIC to ASCII.
EBCDIC to ASCII, using BSD-compatible conversions.
ASCII to EBCDIC.
ASCII to EBCDIC, using BSD-compatible conversions.
ASCII to EBCDIC with IBM conventions.
ASCII to EBCDIC with IBM conventions, using BSD-compatible conversions.
Variable-length records (i.e., those terminated by a newline) to fixed-length records.
Fixed-length records to variable length.
Uppercase to lowercase.
Lowercase to uppercase.
Continue processing when errors occur (up to five in a row).
Don't truncate the output file. This preserves blocks in the output file that this invocation of dd didn't write.
Swap all pairs of bytes.
Pad input blocks to ibs .
Copy only n input blocks.
Copy n input files (e.g., from magnetic tape), then quit.
Set input block size to n bytes (default is 512).
Read input from file (default is standard input).
Set output block size to n bytes (default is 512).
Write output to file (default is standard output).
Seek n blocks from start of input file (like skip , but more efficient for disk file input).
Seek n blocks from start of output file.
Same as oseek (retained for compatibility).
Skip n input blocks; useful with magnetic tape.
You can multiply size values ( n ) by a factor of 1024, 512, or 2 by appending the letters k , b , or w , respectively. You can use the letter x as a multiplication operator between two numbers.
Convert an input file to all lowercase:
$ dd if=caps_file of=small_file conv=lcase
Retrieve variable-length data; write it as fixed-length to out :
$ data_retrieval_cmd | dd of=out conv=sync,block
defaults |
defaults [- currentHost | -host name ] command
Modifies the defaults system. When you customize your Mac using the System Preferences, all those changes and settings are stored in the defaults system. Everything that you've done to make your Mac your own is stored as XML data in the form of a property list (or plist ). This property list is, in turn , stored in ~/Library/Preferences .
Every time you change one of those settings, that particular property list is updated. There are two other ways to alter the property lists: using the Property List Editor application ( /Developer/Applications ) or using the defaults command in the Terminal. Whether you use System Preferences, Property List Editor, or the defaults command, any changes you make affect the current user.
Perform operations on the local machine.
Perform operations on the specified host.
Print all your current settings.
Print your settings for the specified domain, such as com.apple.dock .
Print the value of the specified key. For example, to see the current Dock orientation, use: defaults read com.apple.dock orientation
Print the datatype of the specified key. For example, defaults read-type com.apple.dock orientation tells you that the type of the orientation key is string .
Write a value to the specified key.
Rename the specified key.
Delete the specified domain. So, if you issue the command defaults delete com.apple.dock , the Dock forgets everything. The next time you log in, the Dock's settings are set to the system default.
Delete the specified key. So, if you issue the command defaults delete com.apple.dock orientation , the Dock forgets its orientation. The next time you log in, the Dock's settings are set to the system default.
List all the domains in your defaults.
Search all defaults for the specified string.
Print a list of options.
By default, the domain is specified by the general form com . companyname . appname , as in defaults read com.apple.Safari . Other options available include:
Specify the name of the application instead of the domain, as in defaults read -app Safari .
Specify the full path to the plist file, without the .plist extension, as in defaults read ~/Library/Preferences/com.apple.Safari .
Specify the global domain.
A value may take one of the following forms:
Specify a string value. For example: defaults write com.apple.dock orientation right .
Specify a value of the specified type. The type may be string , float , or boolean . For example, defaults write com.apple.dock autohide -boolean true .
Create or add to a list of defaults. For example, you can create a list of your favorite colors with defaults write personal.favorites colors -array red, blue . Use -add to add values to an existing array.
Create or add to a dictionary list. For example, you can create a dictionary of preferred pet foods with defaults write personal.pets food -dict cat salmon dog steak .
|
View all the user defaults on your system:
$ defaults domains
This prints a listing of all the domains in the user's defaults system. The list you see is run together with spaces in betweennot quite the prettiest way to view the information.
View the settings for your Terminal:
$ defaults read com.apple.Terminal
This command reads the settings from the com.apple.Terminal.plist file, found in ~/Library/Preferences . This listing is rather long, so you might want to pipe the output to less or more to view the contents one screen at a time:
$ defaults read com.apple.Terminal | more
Change your Dock's default location to the top of the screen:
$ defaults write com.apple.Dock orientation top
This moves the Dock to the top of the screen underneath the menu bar. After changing that setting, you'll need to log out from the system and then log back in to see the Dock under the menu bar, or just issue the following command to kill and restart the Dock:
$ killall Dock
df |
df [ options ] [ name ]
Reports the number of free disk blocks and inodes available on all mounted filesystems or on the given name . (Unmounted filesystems are checked with -F .) name can be a device name (e.g., /dev/disk0s9 ), the directory name of a mount point (e.g., /Volumes/Drive2 ), a directory name, or a remote filesystem name (e.g., an NFS filesystem). Besides the options listed, there are additional options specific to different filesystem types or df modules.
Show all mount points, even if mounted with MNT_IGNORE .
Print sizes in 512-byte blocks.
Print sizes in gigabytes.
Print sizes in human-readable form. Sizes are reported in B,K,M,G,T,P for bytes, kilobytes, megabytes, gigabytes, terabytes, and petabytes, respectively. (If you have petabytes of storage for your Macintosh, we want to hear from you.) All sizes use powers of 10, so 1M = 1,000,000 bytes.
Print sizes in human-readable form. Sizes are reported in B,K,M,G,T,P for bytes, kilobytes, megabytes, gigabytes, terabytes, and petabytes, respectively. All sizes use powers of 2, so 1M = 1,048,576 bytes.
Report free, used, and percent-used inodes.
Print sizes in kilobytes.
Show local filesystems only.
Print sizes in megabytes.
Print already known, potentially stale statistics about the filesystems, without requesting or calculating new statistics. This should be used only when requesting statistics would cause a large delay.
Show only filesystem types specified. Types may be prefixed with "no" to exclude that filesystem type. Use the lsvfs command to see filesystems available. For example, to see only local drives and CD-ROMs, use df -T hfs,cd9660 .
diff |
diff [ options ] [ diroptions ] file1 file2
Compares two text files. diff reports lines that differ between file1 and file2 . Output consists of lines of context from each file, with file1 text flagged by a < symbol, and file2 text by a > symbol. Context lines are preceded by the ed command ( a , c , or d ) that converts file1 to file2 . If one of the files is - , standard input is read. If one of the files is a directory, diff locates the filename in that directory corresponding to the other argument (e.g., diff dir junk is the same as diff dir/junk junk ). If both arguments are directories, diff reports lines that differ between all pairs of files having equivalent names (e.g., olddir/program and newdir/program ); in addition, diff lists filenames unique to one directory, as well as subdirectories common to both. See also cmp .
Options -c , -C , -D , -e , -f , -h , and -n can't be combined with one another (they are mutually exclusive).
Treat all files as text files. Useful for checking to see if binary files are identical.
Ignore repeating blanks and end-of-line blanks; treat successive blanks as one.
Ignore blank lines in files.
Context diff : print n lines surrounding each changed line. The default context is three lines.
Use format to output a line group containing differing lines from both files in if-then-else format.
Ignore segments of numerous changes and output a smaller set of changes. This may cause a significant slowdown in diff .
When handling C files, create an output file that contains the contents of both input files, including #ifdef and # ifndef directives that reflect the directives in both files.
Produce a script of commands ( a , c , d ) to recreate file2 from file1 using the ed editor.
Ignore changes that are only due to expanded tabs.
Produce a script to recreate file1 from file2 ; the script is in the opposite order, so it isn't useful to ed .
For context and unified diff , show the most recent line containing regexp before each block of changed lines.
Make output that looks vaguely like an ed script but has changes in the order they appear in the file.
Compare file to all operands. file can be a directory.
Speed output of large files by scanning for scattered small changes; long stretches with many changes may not show up.
Print brief usage message.
In an attempt to find a more compact listing, keep n lines on both sides of the changed lines when performing the comparison.
Ignore case in text comparison. Uppercase and lowercase are considered the same.
Ignore lines in files that match the regular expression regex .
Make merged if-then-else format output, conditional on the preprocessor macro name .
Ignore case when comparing filenames. Maybe be prepended with -no to make case significant in filename comparisons.
Paginate output by passing it to pr .
For context and unified diff s, print label in place of the filename being compared. The first such option applies to the first filename and the second option to the second filename.
For two-column output ( -y ), show only left column of common lines.
Use format to output all input lines in if-then-else format.
Produce output in RCS diff format.
Treat nonexistent files as empty.
Use format to output a group of lines taken from just the second file in if-then-else format.
Use format to output a line taken from just the second file in if-then-else format.
Use format to output a group of lines taken from just the first file in if-then-else format.
Use format to output a line taken from just the first file in if-then-else format.
When handling files in C or C-like languages such as Java, show the function containing each block of changed lines. Assumes -c , but can also be used with a unified diff .
If two directories are being compared, and the first lacks a file that is in the second, pretend that an empty file of that name exists in the first directory.
Output only whether files differ.
Print extra information to help sdiff . sdiff uses this option when it runs diff .
Assume large files and many scattered small changes.
Remove trailing input's carriage return.
Don't print common lines in side-by-side format.
Produce output with tabs expanded to spaces.
Insert initial tabs into output to line up tabs properly.
Compare all operands to file , which can be a directory.
Unified diff : print old and new versions of lines in a single block, with n lines surrounding each block of changed lines. The default context is three lines.
Use format to output a group of common lines taken from both files in if-then-else format.
Treat absent first files as empty.
Print version number of this version of diff .
Ignore all whitespace in files for comparisons.
For two-column output ( -y ), produce columns with a maximum width of n characters. Default is 130.
Don't compare files in a directory whose names match regex .
Don't compare files in a directory whose names match patterns described in the file filename .
Produce two-column output.
For context and unified diff , print n lines of context. Same as specifying a number with -C or -U .
The following diroptions are valid only when both file arguments are directories.
Compare subdirectories recursively.
Indicate when files don't differ.
For directory comparisons, begin with the file filename , skipping files that come earlier in the standard list order.
diff3 |
diff3 [ options ] file1 file2 file3
Compares three files and reports the differences. No more than one of the files may be given as - (indicating that it is to be read from standard input). The output is displayed with the following codes:
All three files differ.
file1 is different.
file2 is different.
file3 is different.
diff3 is also designed to merge changes in two differing files based on a common ancestor file (i.e., when two people have made their own sets of changes to the same file). diff3 can find changes between the ancestor and one of the newer files and generate output that adds those differences to the other new file. Unmerged changes are places where both newer files differ from each other and at least one of them is from the ancestor. Changes from the ancestor that are the same in both of the newer files are called merged changes . If all three files differ in the same place, it is called an overlapping change .
This scheme is used on the command line with the ancestor being file2 , the second filename. Comparison is made between file2 and file3 , with those differences then applied to file1 .
Create an ed script to incorporate into file1 unmerged, non-overlapping differences between file1 and file3 .
Treat files as text.
Create an ed script to incorporate all changes, showing conflicts in bracketed format.
Create an ed script to incorporate into file1 all unmerged differences between file2 and file3 .
Create an ed script to incorporate unmerged changes, showing conflicts in bracketed format.
Append the w (save) and q (quit) commands to ed script output.
Use label to replace filename in output.
Create file with changes merged (not an ed script).
Begin lines with a tab instead of two spaces in output to line tabs up properly.
Print version information, and then exit.
Create an ed script to incorporate into file1 all differences in which all three files differ (overlapping changes).
Same as -x , but show only overlapping changes, in bracketed format.
dig |
dig [@ server ] host [ querytype ] [ queryclass ] [ options ]
Queries Internet domain name servers. Like the nslookup command, dig displays information about host as returned by the default or a specified nameserver. With dig , you specify all aspects of the query on the command line; there's no interactive mode as with nslookup .
Specify the nameserver to query with @ server , using either a domain name or an IP in server . The default is to query the nameservers in resolv.conf . Specify the type of query in querytype ; the default is to look up address records. The supported types are:
Host's Internet address.
Any available information (default).
Request zone transfer.
Host CPU and operating system type.
Mail exchanger .
Nameserver for the named zone.
Domain start-of-authority.
Use queryclass to specify query class of either IN (Internet) or ANY . Default is IN .
The following descriptions cover dig 's basic operation; for a complete description, refer to dig 's manpage.
Reverse map address , which allows you to locate a hostname when only an IP number is available. Implies ANY as the query type.
Send queries to the specified port instead of port 53, the default.
Turn off recursion (on by default).
Iteratively trace queries from the root servers. Show the results of each subquery as it resolves from the root servers to the final destination.
Send TCP-based queries (queries are UDP by default).
DirectoryService |
DirectoryService [-h | -v] DirectoryService [-appledebug | -appleframework | -applenodaemon | -appleoptions | -appleperformance | -appleversion]
The server process for the Directory Service framework. It's started as a bootstrap daemon, from /etc/mach_init.d/DirectoryService.plist (processed by register_mach_bootstrap_servers ).
The manpage for DirectoryService on Tiger is very good, but this entry details the additional -apple options.
Run the service in debug mode, disabling daemonization and logging to /Library/Logs/DirectoryService/DirectoryService.debug.log .
Print a usage statement for the second form of command invocation to standard output.
Run the service in the foreground and log extensively.
Print software build version to standard output.
Print a usage statement for the first form of command invocation to standard output.
Print software release version to standard output.
dirname |
dirname pathname
Prints pathname , excluding the last level. Useful for stripping the actual filename from a pathname. If there are no slashes (no directory levels) in pathname , dirname prints . to indicate the current directory. See also basename .
diskarbitrationd |
diskarbitrationd [-d]
Manages communication between processes about the mounting and unmounting of disk volumes. On Tiger, this takes on part of the role formerly held by autodiskmount in Jaguar.
diskarbitrationd starts as a bootstrap daemon, from /etc/mach_init.d/diskarbitrationd.plist (processed by register_mach_bootstrap_servers ), and stores its PID in /var/run/diskarbitrationd.pid .
Run in debug mode, preventing daemonization.
diskutil |
diskutil list [ device ] diskutil mount[Disk] device diskutil { info[rmation] | unmount[Disk] | eject | reformat | verifyDisk | repairDisk | enableJournal | disableJournal | verifyPermissions | repairPermissions | eraseOptical [quick] | secureErase | zeroDisk | randomDisk [ integer ] } { mount_ point | device } diskutil repairOS9Permissions diskutil rename { mount_point | device } vol_name diskutil eraseVolume format vol_name { mount_point | device } diskutil eraseDisk format vol_name [OS9Drivers] { mount_point | device } diskutil secureErase [freespace] [ format ] { mount_point | device } diskutil partitionDisk device num_partitions [OS9Drivers | MBRFormat] part1_ format part1_name part1_size [ part2_format part2_name part2_size ...] diskutil checkRAID diskutil createRAID { mirror | stripe } set_name format device1 device2 [ device3 ...] diskutil enableRAID mirror device diskutil destroyRAID { set_UUID | device } diskutil addToRAID { member | spare } set_name device1 diskutil removeFromRAID set_name device1 diskutil updateRAID key value device1 diskutil repairMirror { set_UUID | device } partition_num from_device to_device
Controls disk volumes, including mounting, unmounting, ejecting, erasing, journaling, partitioning, fixing permissions, and setting up RAIDs. This is a command-line analog of the Disk Utility application and contains functionality beyond the somewhat less user-friendly disktool .
Volumes are specified by mount point (directory on which the volume is mounted) or device name (e.g., disk0s1 ). Filesystem types specified by format arguments may be HFS+ , JournaledHFS + , HFS , UFS , or MS-DOS .
Add a slice or spare to an existing RAID set. Requires privileged access.
Check the status of RAID sets. Requires privileged access.
Create a mirror (RAID 1) or a stripe (RAID 0) on a set of devices. Requires privileged access.
Destroy an existing mirrored or striped RAID set. Requires privileged access.
Disable journaling on an HFS+ volume. Requires privileged access.
If a disk is ejectable, unmount and eject the disk. Requires privileged access, unless the user running diskutil is logged into the graphical console.
Enable journaling on an HFS+ volume. The journal keeps a record of all filesystem operations, which allows the system to roll back to a consistent filesystem state in the event of a crash. This eliminates the need for disk verification after a crash. Requires privileged access.
Convert a single disk into an unpaired member of a mirrored RAID set. Requires privileged access.
Unmount and reformat an entire disk. Requires privileged access.
Unmount and erase a read/write optical disk. Requires privileged access.
Unmount and reformat a disk partition. Requires privileged access.
Prints data about the device to standard output, including device name, volume name and mount point, filesystem format, disk hardware access protocol, total and free disk space, and whether the device is read-only or ejectable.
List partitions on the system or just on the specified disk device, including device names, volume names, and sizes.
Mount the specified partition. Requires privileged access, unless the user running diskutil is logged into the graphical console.
Mount all partitions on the specified disk. Requires privileged access, unless the user running diskutil is logged into the graphical console.
Repartition the specified disk. The MBRFormat flag causes the partition map to be DOS-compatible, with a Master Boot Record (MBR). The number of partitions ( num_partitions ) is limited to 8. Partition sizes are given as a number concatenated with a letter, where the letter is B (for bytes), K (for kilobytes), M (for megabytes), G (for gigabytes), or T (for terabytes). The current boot disk can't be repartitioned. Requires privileged access.
Erase a disk while overwriting its contents with random data ( optionally , more than once, as specified by an additional argument). Requires privileged access.
Reformat device with the same name and format. Requires privileged access.
Give the device a new volume name. For HFS, HFS+, and UFS partitions only.
Unmount the device, attempt to repair any filesystem inconsistencies it finds, and remount the device. Requires privileged access.
Repair a mirrored RAID set. If checkRAID reports a problem with a mirrored partition, this lets you sync the data for that partition from the good copy to the bad copy. Requires privileged access.
Reset file permissions on the System and Applications folders associated with a user's Classic environment.
Scan the Archive.bom files in /Library/Receipts for installed software packages and reset file permissions according to what they should have been upon installation. Requires privileged access.
Erases a disk, or just the free space on it, using a secure algorithm. Requires privileged access to the disk.
If specified, level should be one of the following: 1 for a single pass random erase, 2 for US DoD 7-pass secure erase, or 3 for a Gutmann 35-pass secure erase.
Unmount the specified partition. Requires privileged access, unless the user running diskutil is logged into the graphical console.
Unmount all partitions on the specified disk. Requires privileged access, unless the user running diskutil is logged into the graphical console.
Unmount the device, scan it for filesystem inconsistencies, and remount the device. Requires privileged access.
Scan the Archive.bom files in /Library/Receipts for installed software packages and verify whether file permissions are set according to what they should have been upon installation. Requires privileged access.
Erase a disk while overwriting its contents with zeros. Requires privileged access.
ditto |
ditto [ options ] files directory ditto [ options ] directory1 directory2
Copies files and directories while preserving most file information, including resource fork and HFS metadata information when desired. ditto preserves the permissions, ownership, and timestamp of the source files in the copies. ditto overwrites identically named files in the target directory without prompting for confirmation.
ditto works like cp in the first synopsis form. However, the second form differs in that cp -r copies the entire directory1 into an existing directory2 , while ditto copies the contents of directory1 into directory2 , creating directory2 if it doesn't already exist.
When copying fat binary files, copy only the code for chip type arch . Fat binary files contain different code for different chip architectures. The -arch flag allows you to "thin" the binary by copying only the code for the specified chip. Possible values for arch include ppc , m68k , i386 , hppa , and sparc .
When copying a directory, include in the copy only those items listed in BOM file pathname . See also mkbom for information on making a BOM file.
Create a CPIO archive at directory2 .
Preserve POSIX extended attributes. This is on by default.
Specify that archives are in PKZip format.
Embed directory1 's parent directory in directory2 .
Do not use Mac OS X Unified Buffer Cache for copying.
Do not preserve POSIX extended attributes.
When copying files, include any resource fork and HFS metadata information.
When copying files, include any resource fork and HFS metadata information.
Put resource forks and HFS data in directory _ _MACOSX .
Be verbose; report each directory copied.
Be very verbose; report each file, symlink, and device copied.
Unpack the CPIO archives at directory1 .
Don't descend into directories on another device.
Specify compressed CPIO archives.
Duplicate an entire home directory, copying the contents of directory /Users/chris into the directory /Volumes/Drive 2/Users/chris and preserving resource forks and HFS metadata:
$ ditto -rsrc /Users/chris "/Volumes/Drive 2/Users/chris"
dmesg |
dmesg [ options ]
Displays the system control messages from the kernel ring buffer. This buffer stores all messages since the last system boot or the most recent ones, if the buffer has been filled.
Use the specified core file from which to extract messages instead of /dev/kmem .
Use the specified system instead of the default /mach_kernel .
dns-sd |
dns-sd [-E | -F | -A | -I | -M | -N | -T | -U] dns-sd -B _app_protocol . _transport_protocol domain dns-sd -L service_name _app_protocol . _transport_protocol domain dns-sd -R service_name _app_protocol . _transport_protocol domain port [ key = value ]... dns-sd -P service_name _app_protocol . _transport_protocol domain port hostname ip_addr [ key = value ]... dns-sd -Q fqdn rr_type [ rr_class ]
This command is the same as mDNS (see the entry later in this section), with the addition of the -P and -Q options.
As -R , but registers a service provided by a different host than the one on which dns-sd is run. It also creates a multicast DNS address record for that host.
Queries for arbitrary DNS resource records. The arguments are the fully qualified domain name of what you want to learn about, an RR type (such as A , PTR , TXT , SRV , etc.), and optionally an RR class (which defaults to 0, the IN class).
drutil |
drutil help [ subcommand ] drutil { version | list | poll } drutil { info | discinfo | trackinfo | status | cdtext | subchannel | eject } [-drive drive_spec ] drutil { erase | bulkerase } { full | quick } [-drive drive_spec ] drutil tray { eject | open | close } [-drive drive_spec ] drutil getconfig { current | supported } [-drive drive_spec ] drutil filename filename drutil dumpiso device block_num [ format ] drutil burn [-test] [-appendable] [-erase] [-mount] [-noverify] [-nohfsplus] [-noiso9660] [-nojoliet] [-noudf] [-nofs] [-disctitle title ] [-audio] [-pregap] path
Manages disk drives that can write to optical media, using the Disc Recording framework.
Prints the Absolute Time in Pre-Groove (ATIP).
Erase an optical disk as the erase subcommand, and then prompt for another disk to erase. This repeats until the process is killed .
Burn a file or directory to disc. For burning a disk image, use the burn verb in hdiutil .
Display CD-Text data contained on an audio CD.
Print information about the optical disk in the drive to standard output.
Dump ISO-9660 and Joliet formatting data from an optical disk. The device argument is a disk device filename, such as /dev/disk1 . The block_num argument specifies the block to dump. The format argument is one of None , Boot , Dir , HFSPlusVH , LPath , MPath , PVD , SVD , VDST , or VPD .
Unmount and eject an optical disk. Same as drutil tray eject .
Erase a rewritable optical disk and eject it. A quick erasure removes only formatting information so that the disk appears to be blank; a full erasure overwrites the entire disk but takes considerably longer.
Show how the given filename is converted when burning to an optical disk, given the support available with different formats, including ISO-9660 levels 1 and 2, ISO-9660 with Joliet extensions, and HFS+.
Print the features supported by an optical disk drive to standard output. Using current lists enabled features, while supported lists all possible features. Features include audio CD support, DVD support, power management, and real-time streaming.
Print a usage statement to standard output, either for the specified subcommand or for drutil as a whole.
Print information about drives to standard output, such as vendor, hardware interface, cache size, and write capabilities.
Print a list of all disk drives attached to the system that can burn optical disks.
Repeatedly poll an optical drive for information until terminated.
Print status information about an optical disk to standard output, such as disk type, number of sessions and tracks, and remaining disk space.
Unmount a CD and print subchannel information to standard output, including the CD's media catalog number (MCN) and each track's International Standard Recording Code (ISRC).
Print the table of contents.
Print information about tracks on an optical disk to standard output.
Manipulate drives with motorized trays. Some optical disk drives have trays that can be automatically opened and closed; some can only be opened (and must be closed) manually; some have nonmotorized trays; and slot-loading drives have no trays. The eject argument unmounts a disk and opens the tray; the open argument opens a tray only if the drive is empty; and the close argument closes the tray.
Print the operating system and version, and version identifiers for the Disc Recording framework and I/O Kit to standard output.
Some systems have multiple writable optical drives. The -drive option lets you manipulate a drive other than the one chosen automatically by system. The drive_spec argument may be one of the following: an integer used to select a particular drive (according the numbering produced by drutil list ), a string used to match a drive's vendor or product name, or a keyword used to restrict the list of drives that may be manipulated. The keyword is one of internal , external , atapi , firewire , scsi , or usb .
dscl |
dscl [ options ] [ datasource [ command ]]
Allows operations on Directory Service nodes, as a replacement to the older niutil .
Prompt for password.
Use password as the password. Use -p to be prompted for a password.
Quiet mode.
Doesn't strip the dsAttrType prefixes from DirectoryService API constants.
Run as user user .
Print record attribute values in URL-style encoding. This can help if your values have spaces or colons in them.
Reads and displays the contents of the directory at path, one key/value pair per line. If any key(s) are specified, only those keys are listed.
Displays the subdirectories in path . If key is specified, only those keys are listed.
Searches path for the matching key / val pair. For example, to find a specific user by real name, use dscl . -search /Users RealName "Andy Lester" .
Creates a directory at path , including the optional property key and optional values val(s) . Note that if the property key already exists, it will be overwritten with the new key and values.
Appends values to the property key at path . If key does not exist, it will be created.
Appends values to the property key at path . Any values in val(s) that already exist will be ignored. If key does not exist, it will be created.
Deletes directories, keys, or values. If only path is specified, that entire directory is deleted. If key is specified, that property is deleted. If any val(s) are specified, only those values are deleted.
Changes any values old_val to new_val in the property key at path .
Changes the value at index val_index in the property key at path to new_val . The index is based on 1, so 1 is the first value.
Changes a user's password, specified by the full path, not just the username. If only new_pw is specified, you will be prompted for the old password. If no passwords are specified, you will be prompted for both.
du |
du [ options ] [ directories ]
Prints disk usage (as the number of 512-byte blocks used by each named directory and its subdirectories; default is current directory).
Print usage for all files, not just subdirectories.
In addition to normal output, print grand total of all arguments.
Summarize usage for each directory at most depth directories down.
Follow symbolic links, but only if they are command-line arguments.
Human-readable output, with units spelled out: bytes, kilobytes, etc.
Ignore entries matching mask .
Print sizes in kilobytes.
Follow symbolic links.
Don't follow any symbolic links.
Print a total for each file specified.
Display usage of files in current filesystem only.
dynamic_pager |
dynamic_pager [-E] [-F filename ] [-H hire_point ] [-L layoff_ point ] [-P priority ] [-S file_size ]
Manages virtual memory swap files. This tool is started from /etc/rc during the boot process.
Starting with Panther, when dynamic_pager is invoked without -H , -L , or -S options, it creates swap files that are sized dynamically according to paging needs and available disk space.
Encrypt the swap file.
Specify the base absolute pathname for swap files. Swap filenames consist of this base and a whole number suffix, starting at 0. The default is /private/var/vm/ swapfile .
Create an additional swap file when free swap space drops below the hire_point in bytes. The default is 0, which disables the use of this swap space.
Attempt to consolidate memory and remove a swap file when free swap space rises above the layoff_point in bytes. The layoff_point must be set higher than the sum of the swap file size and the hire_point , unless it is set to 0 (the default), which disables layoffs.
Determine the priority of this swap space. The default is 0.
Determine the size of swap files created, in bytes. The default is 20000000.
echo |
echo [-n] [ string ]
Echoes arguments to standard output. Often used for producing prompts from shell scripts.
Suppress printing of newline after text.
$ echo "testing printer" | lp
egrep |
egrep [ options ] [ regexp ] [ files ]
Searches one or more files for lines that match an extended regular expression regexp . egrep doesn't support the regular expressions \ ( , \) , \ n , \< , \> , \{ , or \} , but does support the other expressions, as well as the extended set + , ? , | , and ( ) . Remember to enclose these characters in quotes. Regular expressions are described in Chapter 6. Exit status is 0 if any lines match, 1 if none match, and 2 for errors.
See grep for the list of available options. Also see fgrep . egrep typically runs faster than those commands.
Search for occurrences of Victor or Victoria in file :
$ egrep 'Victor(ia)*' file $ egrep '(Victor|Victoria)' file
Find and print strings such as old.doc1 or new.doc2 in files , and include their line numbers:
$ egrep -n '(old|new)\.doc?' files
enscript |
enscript [ options ] [ files ]
Converts text files to PostScript for output to a printer or file. This conversion is necessary when printing text files from the command line to most laser printers, for example, because most laser printers are PostScript devices. enscript is a feature-rich application that allows you to modify the printed output in many ways. The following descriptions and examples cover enscript 's basic operation; for a complete description, refer to enscript 's manpage.
Used with no arguments, enscript receives text from standard input and sends it to the default printer. Otherwise, enscript converts the text files specified in files , and directs output to a named printer, file, or standard output as specified by options (or the default printer, if no options are specified).
Print n copies of every page.
Print selected pages , as specified in the following format:
Print from page number begin to page number end .
Print until page number end .
Print from page number begin to the last page.
Print only page number page.
Print only the odd numbered pages.
Print only the even numbered pages.
Don't print page headers.
Print header at the top of each page. This header can contain formatting directives. See the manpage for details.
Cut off long lines instead of wrapping.
Send output to printer .
Don't print job header page.
Print borders around columns in N-up output.
List the current enscript option settings.
Send notification to user when job has finished.
Print the page in landscape mode, rotated 90 degrees.
Print the page in portrait mode, the default.
Print n -up; place n pages on each sheet of output.
Print with margins of left , right , top and bottom , each specified in PostScript points. To use the default value for a margin, omit that argument.
Print pages 5 through 10, 2-up, of text document notes.txt :
$ enscript -a 5-10 -U 2 notes.txt
Print page 1 of text document notes.txt , setting a top margin of 50 points and a bottom margin of 25 points:
$ enscript -a 1 --margins=::50:25 notes.txt
env |
env [-i] [variable= value ... ] [ command ]
Displays the current environment or, if environment variables are specified, sets them to a new value and displays the modified environment. If command is specified, executes it under the modified environment.
Ignore current environment entirely.
expand |
expand [ options ] [ files ]
Expands tab characters into appropriate number of spaces. expand reads the named files or standard input if no files are provided. See also unexpand .
Set tab stops at tab1 , tab2 , etc. If only tab1 is specified, sets tab stops every tab1 spaces.
Cut columns 10 through 12 of the input data, even when tabs are used:
$ expand data | cut -c 10-12 > data.col2
expr |
expr arg1 operator arg2 [ operator arg3 ... ]
Evaluates arguments as expressions and prints the result. Strings can be compared and searched. Arguments and operators must be separated by spaces. In most cases, an argument is an integer, typed literally or represented by a shell variable. There are three types of operators: arithmetic, relational, and logical. Exit status for expr is 0 (expression is nonzero and nonnull), 1 (expression is 0 or null), or 2 (expression is invalid).
expr is typically used in shell scripts to perform simple mathematics, such as addition or subtraction. It is made obsolete in the Korn shell by that program's built-in arithmetic capabilities.
Use the following operators to produce mathematical expressions whose results are printed:
Add arg2 to arg1 .
Subtract arg2 from arg1 .
Multiply the arguments.
Divide arg1 by arg2 .
Take the remainder when arg1 is divided by arg2 .
Addition and subtraction are evaluated last, unless they are grouped inside parentheses. The symbols * , ( , and ) have meaning to the shell, so they must be escaped (preceded by a backslash or enclosed in single or double quotes).
Use relational operators to compare two arguments. Arguments can also be words, in which case comparisons assume a < z and A < Z . If the comparison statement is true, the result is 1; if false, the result is 0. Symbols < and > must be escaped.
Are the arguments equal?
Are the arguments different?
Is arg1 greater than arg2 ?
Is arg1 greater than or equal to arg2 ?
Is arg1 less than arg2 ?
Is arg1 less than or equal to arg2 ?
Use logical operators to compare two arguments. Depending on the values, the result can be arg1 (or some portion of it), arg2 , or 0. Symbols | and & must be escaped.
Logical OR ; if arg1 has a nonzero (and nonnull) value, the result is arg1 ; otherwise, the result is arg2 .
Logical AND ; if both arg1 and arg2 have nonzero (and nonnull) values, the result is arg1 ; otherwise, the result is 0.
Similar to grep ; arg2 is a pattern to search for in arg1 . arg2 must be a regular expression in this case. If the arg2 pattern is enclosed in \( \) , the result is the portion of arg1 that matches; otherwise, the result is simply the number of characters that match. By default, a pattern match always applies to the beginning of the first argument (the search string implicitly begins with a ^ ). To match other parts of the string, start the search string with .* .
Division happens first; result is 10:
$ expr 5 + 10 / 2
Addition happens first; result is 7 (truncated from 7.5):
$ expr \( 5 + 10 \) / 2
Add 1 to variable i ; this is how variables are incremented in shell scripts:
$ i='expr $i + 1'
Print 1 (true) if variable a is the string "hello":
$ expr $a = hello
Print 1 (true) if variable b plus 5 equals 10 or more:
$ expr $b + 5 \>= 10
In the following examples , variable p is the string " version.100 ". This command prints the number of characters in p :
$ expr $p : '.*' Result is 11
Match all characters and print them:
$ expr $p : '\(.*\)' Result is "version.100"
Print the number of lowercase letters at the beginning of p :
$ expr $p : '[a-z]*' Result is 7
Match the lowercase letters at the beginning of p :
$ expr $p : '\([a-z]*\)' Result is "version"
Truncate $x if it contains five or more characters; if not, just print $x . (Logical OR uses the second argument when the first one is 0 or null; i.e., when the match fails.) Double- quoting is a good idea, in case $x contains whitespace characters.
$ expr "$x" : '\(.....\)' \| "$x"
In a shell script, rename files to their first five letters:
$ mv "$x" 'expr "$x" : '\(.....\)' \| "$x"'
(To avoid overwriting files with similar names, use mv -i .)
false |
false
A null command that returns an unsuccessful (nonzero) exit status. Normally used in bash scripts. See also true .
fdisk |
fdisk [-t | -d | -e | -u | -S integer | -c integer -h integer -s integer ] [ device ] fdisk -i [-a { boothfs | bootufs | hfs | ufs | dos | raid } | -f filename | -r] [-y] device
Provides control over DOS partition tables on disk devices in Darwin x86 systems. If invoked without arguments, fdisk prints a usage statement to standard error. If invoked with only a device name as an argument, it displays the device's partition table.
Partitions the disk according to the specified automatic style. The boothfs and bootufs styles each include an 8 MB boot partition, with the remainder formatted as the specified type. The hfs , ufs , dos , and raid styles each create a single partition of the specified type, which spans the entire disk. The default is boothfs .
Forces an assumption of a disk geometry with the specified number of cylinders .
Displays the disk's partition table, in a format usable with -r .
Enters an interactive edit mode. Commands available in this mode are listed in the "Commands" section.
Specifies a template file to use in creating the partition table.
Forces an assumption of a disk geometry with the specified number of heads.
Initializes the Master Boot Record (MBR) on the disk, which contains the partition table.
Reads in a new set of partition entries from standard input.
Forces an assumption of a disk geometry with the specified number of sectors per track.
Specifies the disk's size, in blocks.
Tests whether the disk has a DOS partition table on it.
Updates the MBR code, leaving the existing partition table intact.
Skips requests for confirmation.
The raw disk device filename, e.g., /dev/rdisk0 .
Exits interactive mode without making changes.
Partitions the disk according to the specified automatic style.
Displays the disk's partition table.
Edits a partition table entry.
Erases the MBR.
Exits from edit mode without making changes.
Marks the specified partition as the boot partition.
Displays a command summary.
Displays the fdisk manpage.
Displays the partition table being edited as it currently exists in memory.
Exits from edit mode, saving changes.
Reinitializes the copy of the partition table held in memory.
Selects the specified extended partition table entry.
Sets the partition identifier of the specified partition.
Updates the MBR code, leaving the existing partition table intact.
Writes the in-memory partition table to disk, thus making changes to the partition table take effect.
fetchmail |
fetchmail [ options ] [ servers ... ]
Retrieves mail from mail servers and forwards it to the local mail delivery system. fetchmail retrieves mail from servers that support the common mail protocols POP2, POP3, IMAP2bis, and IMAP4. Messages are delivered via SMTP through port 25 on the local host and through your system's mail delivery agent (such as sendmail ), where they can be read through the user's mail client. fetchmail settings are stored in the ~/.fetchmailrc file. Parameters and servers can also be set on the command line, which will override settings in the .fetchmailrc file. For a complete list of options, refer to the fetchmail manpage.
Retrieve all messages from server, even those that have already been seen but left on the server. The default is to retrieve only new messages.
Specify the type of authentication. type may be password , kerberos_v5 , or kerberos . Authentication type is usually established by fetchmail by default, so this option isn't very useful.
Set the maximum number of messages ( n ) accepted from a server per query.
Set the maximum number of messages sent to an SMTP listener per connection. When this limit is reached, the connection is broken and reestablished. The default of 0 means no limit.
Check for mail on a single server without retrieving or deleting messages. Works with IMAP, but does not work well with other protocols, if at all.
Specify the domain name placed in RCPT TO lines sent to SMTP. The default is the local host.
Change the header assumed to contain the mail's envelope address (usually "X-Envelope-to:") to header .
Tell an IMAP server to expunge (i.e., purge messages marked for deletion) after n deletes. A setting of 0 indicates expunging only at the end of the session. Normally, an expunge occurs after each delete.
For POP3 and IMAP servers, remove previously retrieved messages from the server before retrieving new ones.
Specify a nondefault name for the fetchmail configuration file.
Require that the mail server machine is up and running at a specified IP address (or range) before polling. The specification is given as interface/ipaddress/mask . The first part indicates the type of TCP connection expected ( sl0 , ppp0 , etc.), the second is the IP address, and the third is the bit mask for the IP, assumed to be 255.255.255.255.
Delete all retrieved messages from the mail server.
Keep copies of all retrieved messages on the mail server.
Set the maximum message size that will be retrieved from a server. Messages larger than size bytes are left on the server and marked unread.
In daemon mode, monitor the specified TCP/IP interface for any activity beside itself, and skip the poll if there is no other activity. Useful for PPP connections that automatically time out with no activity.
Pass mail directly to mail delivery agent, rather than send to port 25. The command is the path and options for the mailer, such as /usr/lib/sendmail -oem. A %T in the command is replaced with the local delivery address, and an %F is replaced with the message's From address.
Don't expand local mail IDs to full addresses. This option disables expected addressing and should only be used to find problems.
Specify a port to connect to on the mail server. The default port numbers for supported protocols are usually sufficient.
Specify the protocol to use when polling a mail server. proto can be:
Post Office Protocol 2.
Post Office Protocol 3.
POP3 with MD5 authentication.
POP3 with RPOP authentication.
POP3 with Kerberos v4 authentication on port 1109.
IMAP2bis, IMAP4, or IMAP4rev1. fetchmail autodetects their capabilities.
IMAP4 or IMAP4rev1 with Kerberos v4 authentication.
IMAP4 or IMAP4rev1 with GSSAPI authentication.
ESMTP.
Remove the prefix string , which is the local user's host ID, from the address in the envelope header (such as "Delivered-To:").
Retrieve the specified mail folder from the mail server.
Suppress status messages during a fetch .
Stop waiting for a connection after seconds seconds.
For POP3, track the age of kept messages via unique ID listing.
Specify the user name to use when logging into the mail server.
Print the version information for fetchmail and display the options set for each mail server. Performs no fetch .
Display all status messages during a fetch .
Specify the SMTP error nnn to signal a spam block from the client. If nnn is -1, this option is disabled.
fgrep |
fgrep [ options ] pattern [ files ]
Search one or more files for lines that match a literal text string pattern . Exit status is 0 if any lines match, 1 if not, and 2 for errors.
See grep for the list of available options. Also see egrep .
Print lines in file that don't contain any spaces:
$ fgrep -v '' file
Print lines in file that contain the words in spell_list :
$ fgrep -f spell_list file
file |
file [ options ] files
Classify the named files according to the type of data they contain. file checks the magic file ( /etc/magic ) to identify some file types.
Brief mode: don't print filenames.
Check the format of the magic file ( files argument is invalid with -c ). Usually used with -m .
Print separator between file and type, instead of a colon.
Read the names of files to be checked from file .
Print the MIME type of the file instead of a human-readable description.
Don't stop after the first match.
Follow symbolic links. By default, symbolic links are not followed.
Search for file types in file instead of /etc/magic .
Don't pad filenames for alignment.
Print the version.
Attempt checking of compressed files.
Many file types are understood . Output lists each filename, followed by a brief classification such as:
Apple QuickTime movie file (moov) ASCII text data directory gzip compressed data empty PDF document, version 1.4 Mach-O executable ppc sticky symbolic link to private/tmp
List all PDF Version 1.1 files:
$ file * | grep "PDF document, version 1.1"
find |
find [ options ] [ pathnames ] [ conditions ]
An extremely useful command for finding particular groups of files (numerous examples follow this description). find descends the directory tree beginning at each pathname and locates files that meet the specified conditions . The default pathname is the current directory. The most useful conditions include -print (which is the default if no other expression is given), -name and -type (for general use), - exec and -size (for advanced users), and -mtime and -user (for administrators).
Conditions may be grouped by enclosing them in \( \) (escaped parentheses), negated with ! (use \! in the C shell), given as alternatives by separating them with -o , or repeated (adding restrictions to the match; usually only for -name , -type , -perm ). Modification refers to editing of a file's contents. Change refers to modification, permission or ownership changes, and so on; therefore, for example, - ctime is more inclusive than -atime or -mtime .
Descend the directory tree, skipping directories and working on actual files first (and then the parent directories). Useful when files reside in unwritable directories (e.g., when using find with cpio ).
When used with the -regex or -iregex conditions, interpret the regular expression as extended instead of basic. For more information on regular expressions, see Chapter 6.
If any of the pathnames given in the command line are symbolic links, consider the file information of the referenced files and not the links themselves. However, if the referenced file no longer exists, consider the link itself.
If any of the files encountered during the search are symbolic links, consider the file information of the referenced files and not the links themselves. However, if the referenced file no longer exists, consider the link itself.
If any of the files encountered during the search are symbolic links, consider the file information of the links themselves (the default behavior).
Move through directory contents in alphabetical order.
Don't scan filesystems (mounted volumes) other than the one that the command begins with.
When used with the -xargs action, identify and skip any files whose names contain characters used by -xargs as delimiters ( ' , " , \ , space, tab, and newline characters).
Find files last accessed more than n ( + n ), less than n ( - n ), or exactly n minutes ago. Note that find changes the access time of directories supplied as pathnames .
Find files that were accessed after file was last modified.
Find files that were last accessed more than n ( + n ), less than n ( - n ), or exactly n days ago.
Find files last changed more than n ( + n ), less than n ( - n ), or exactly n minutes ago. A change is anything that changes the directory entry for the file, such as a chmod .
Find files that were changed after they were last modified.
Find files that were changed more than n ( + n ), less than n ( - n ), or exactly n days ago.
Delete found files and directories, operating as if the -d flag were being used as well (files first).
Continue if file is empty. Applies to regular files and directories.
Run the Unix command from the starting directory on each file matched by find (provided command executes successfully on that file; i.e., returns a 0 exit status). When command runs, the argument { } substitutes the current file. Follow the entire sequence with an escaped semicolon ( \; ).
Same as -exec , but run the Unix command from the directory holding the file matched by find .
Find files by their file flag settings (see chflags ). To specify flags that are set, list them in flags . To specify flags that are not set, list those flags (with their "no" prefixes) in notflags . To match files with at least all of the settings specified by both flags and notflags , use the - before flags . To match files with any of the flags specified in flags or notflags , use the + before flags . Without the - or the + , find finds only files with flag settings matching exactly with those in flags and notflags .
Match files only on type filesystems. (Run sysctl vfs to view currently mounted filesystem types). You can also specify two pseudotypes, local and rdonly , which allows you to match files only on physically mounted volumes and read-only volumes, respectively.
Find files belonging to group gname . gname can be a group name or a GID number.
A case-insensitive version of -name .
Find files whose inode number is n .
A case-insensitive version of -path .
A case-insensitive version of -regex .
Find files having n links.
Write the list of found files to standard output as if provided by the ls -dgils command. Return TRue .
Don't descend more than num levels of directories.
Begin applying tests and actions only at levels deeper than num levels.
Find files last modified more than n ( + n ), less than n ( - n ), or exactly n .
Find files that were last modified more than n ( + n ), less than n ( - n ), or exactly n days ago.
Find files whose names match pattern . Filename metacharacters may be used but should be escaped or quoted.
Find files that have been modified more recently than file ; similar to -mtime .
The file's GID doesn't correspond to any group.
The file's UID doesn't correspond to any user.
Same as -exec , but prompt user to respond with y before command is executed.
Same as -ok , but run the Unix command , from the directory holding the file matched by find .
Find files whose names match pattern . Expect full pathnames relative to the starting pathname (i.e., don't treat / or . specially).
Find files whose permission flags (e.g., rwx ) match octal number nnn exactly (e.g., 664 matches -rw-rw-r-- ). Use a minus sign before nnn to make a wildcard match of any unspecified octal digit (for example, -perm -600 matches -rw-****** , where * can be any mode).
Print the matching files and directories, using their full pathnames. Return true .
Print the matching files and directories, using their full pathnames and separating each with the ASCII NUL character. This allows find to properly work with the xargs utility and pathnames containing spaces, for example. Return true .
Prevent find from descending into the directory found by the previous condition in the command line. Useful when used with an alternative condition ( -o ) that specifies which directories must be traversed. Return TRue .
Like -path but use grep -style regular expressions instead of the shell-like globbing used in -name and -path .
Find files containing n blocks, or if c is specified, n characters long.
Find files whose type is c . c can be b (block special file), c (character special file), d (directory), p (FIFO or named pipe), l (symbolic link), s (socket), or f (plain file).
Find files belonging to user (name or ID).
Search for files that reside only on the same filesystem as pathname.
List all files (and subdirectories) in your home directory:
$ find ~ -print
List all files named chapter1 in the ~/Documents directory:
$ find /Documents -name chapter1 -print
List all files beginning with memo owned by ann :
$ find /Documents -name 'memo*' -user ann -print
Search the filesystem (begin at root) for manpage directories:
$ find / -type d -name 'man*' -print
Search the current directory, look for filenames that don't begin with a capital letter, and send them to the printer:
$ find . \! -name '[A-Z]*' -exec lpr { }\;
Find and compress files whose names don't end with .gz :
$ gzip 'find . \! -name '*.gz' -print'
Remove all empty files on the system (prompting first):
$ find / -size 0 -ok rm { } \;
Search the system for files that were modified within the last two days (good candidates for backing up):
$ find / -mtime -2 -print
Recursively grep for a pattern down a directory tree:
$ find ~/Documents -print0 | xargs -0 grep '[Nn]utshell'
Search the system excluding all but the system volume:
$ find / -path '/Volumes/*' -prune -o -name "*. doc" -print
FixupResourceForks |
FixupResourceForks [-nodelete] [-nosetinfo] [-q[uiet]] pathname ...
Recombines the resource fork and HFS metadata split out into a separate file (named ._filename ) with the file's data fork (in a file named filename ), resulting in a single multiforked file (named filename ) with HFS attributes. As such, this works only on HFS and HFS+ volumes. It reverses the effect of running SplitForks .
FixupResourceForks does a recursive descent into the directory specified by pathname , working on every file within it.
Prevent deletion of ._filename after recombination with filename .
Disable setting of HFS attributes on the recombined files.
Suppress printing the name of each recombined file to standard output.
fmt |
fmt [ goal [ maximum ]] [files]
Converts text to specified width by filling lines and removing newlines. Width is specified as being close to goal characters, but not over maximum characters wide (65 and 75 characters by default). Concatenate files on the command line, or read text from standard input if no file is specified. By default, preserve blank lines, spacing, and indentation. fmt attempts to break lines at the end of sentences and to avoid breaking lines after a sentence 's first word or before its last.
Center each line.
Define chars as the characters that end a sentence. By default, these are period, exclamation point, and question mark.
Replaces each width spaces at the beginning of a line with a tab character. Default is 8. Specify width of 0 to turn off this tab unexpansion.
Try to format mail headers correctly.
Format each line, even if it starts with a dot.
Handle indented paragraphs. Without this flag, changes in the amount of whitespace at the beginning of a line indicates a new paragraph.
Compress multiple whitespace characters into a single space.
Assume width spaces per tab in the input files.
fold |
fold [ option ] [ files ]
Breaks the lines of the named files so they are no wider than the specified width (default is 80). fold breaks lines exactly at the specified width, even in the middle of a word. Reads from standard input when given - as a file.
Count bytes, not columns (i.e., consider tabs, backspaces, and carriage returns to be one column).
Break at spaces only, if possible.
Set the maximum line width to width . Default is 80.
fs_usage |
fs_usage [ options ] [ processes ]
Shows a continuous display of filesystem-related system calls and page faults. You must run fs_usage as root. By default, it ignores anything originating from fs_usage , Terminal , telnetd , sshd , rlogind , tcsh , csh , or sh , but shows all other system processes. To have fs_usage track only specific processes, specify those process names or IDs in processes .
Exclude from tracking those processes specified in processes . If no processes are given, exclude only the current fs_usage process.
Filter output according to the mode , which must be network , filesys , or cachehit .
Display in a more detailed, wider format. Lines longer than the window width will be wrapped.
fsaclctl |
fsaclctl [-v] fsaclctl { -a | -p pathname } [-e | -d]
Enables or disables the use of file access control lists (ACLs) on specified filesystems. (They're disabled by default.) When invoked with no arguments, it prints a usage statement to standard output.
Enables or disables ACLs on all local HFS+ filesystems. If neither -e nor -d are specified, prints the status of ACLs on these filesystems.
Disables ACLs on the specified filesystems.
Enables ACLs on the specified filesystems.
Enables or disables ACLs on the filesystem containing the specified pathname . If neither -e nor -d are specified, prints the status of ACLs on the filesystem.
Prints software version to standard output.
fsck |
fsck [-l num_procs ] [-b block_num ] [-m mode ] [-c { 0 | 1 | 2 | 3 }] [-p | -n | -y] device ...
Performs consistency checks of UFS volumes, and attempts to fix any inconsistencies found.
Specify an alternate super block for the filesystem.
Convert the filesystem to the specified version level. See the fsck manpage for details.
Force a check, even if the filesystem is clean.
Limit the number of parallel fsck processes. Defaults to the number of disks.
Specify the permissions of the lost+found directory, where files that have become detached from their place in the directory hierarchy due to filesystem corruption can be located. The argument is an octal mode, as described in the chmod manpage. The default is 1777.
Automatically answer "no" whenever fsck asks to resolve an inconsistency.
Run in preening mode, in which only purely innocuous inconsistencies are resolved.
Quick check to see if filesystem was unmounted properly.
Automatically answer "yes" whenever fsck asks to resolve an inconsistency.
The volume's device filename, e.g., /dev/disk1s2.
fsck_hfs |
fsck_hfs -u fsck_hfs [-d] [-f] [-r] { -q | -p | [-n | -y] } device ...
Performs consistency checks of HFS and HFS+ volumes, and attempts to fix any inconsistencies found.
Enable debugging output.
Force check even if the volume is marked as clean.
Lock and check the volume without writing. This allows checks on mounted volumes.
Specify the permissions of the lost+found directory, where files that have become detached from their place in the directory hierarchy due to filesystem corruption can be located. The argument is an octal mode, as described in the chmod manpage. The default is 1777.
Automatically answer "no" whenever fsck_hfs asks to resolve an inconsistency.
Run in preening mode, in which only purely innocuous inconsistencies are resolved.
Check the filesystem but don't resolve any inconsistencies. Return filesystem status of clean, dirty, or failure to standard error.
Cause a rebuild of the volume's catalog btree to occur.
Print a usage statement to standard output.
Automatically answer "yes" whenever fsck_hfs asks to resolve an inconsistency.
The volume's device filename, e.g., /dev/disk1s2 .
fsck_msdos |
fsck_msdos { -q | -p | [-n | -y] } device ...
Performs consistency checks of FAT volumes and attempts to fix any inconsistencies found.
Automatically answer "no" whenever fsck_msdos asks to resolve an inconsistency.
Run in preening mode, in which only purely innocuous inconsistencies are resolved.
Check the filesystem but don't resolve any inconsistencies. Print filesystem status to standard output.
Automatically answer "yes" whenever fsck_msdos asks to resolve an inconsistency.
The volume's device filename, e.g., /dev/disk1s2 .
ftp |
ftp [ options ] [ hostname ]
Transfers files to and from remote network site hostname . ftp prompts the user for a command. Type help to see a list of known commands, and use the help command to view help on a specific command.
The ftp client included with Mac OS X supports auto-fetch, which allows you to perform a download with a single command line. To auto-fetch a file, supply its location as an argument to ftp in one of several formats:
ftp [ user @ ] host :[ path ][ / ]
ftp [ ftp:// [ user [: password ] @ ] host [: port ]/ path [ / ]]
ftp [ http:// [ user [: password ] @ ] host [: port ] / path ]
Only use IPv4 addresses.
Only use IPv6 addresses.
Force active mode for use with older servers.
Perform anonymous login automatically.
Enable debugging.
Disable command-line editing.
Perform a forced reload of the cache. Useful when transferring through proxies.
Disable filename globbing.
Turn off interactive prompting.
No autologin upon initial connection.
Use filename instead of ~/. netrc .
Save file as pathname when auto-fetching.
Enable passive mode (the default).
Specify alternate port number.
Attempt to connect again after wait seconds if initial attempt fails.
When auto-fetching, resume incomplete transfers (if not transferring through a proxy).
Enable packet tracing.
Throttle transfer rates by specifying direction of transfer, maximum transfer speed in bytes/second, and an increment value that allows changing maximum on the fly. Direction can be get for incoming transfers, put for outgoing transfers, and all for both.
Upload file to url from the command line.
Verbose. Show all responses from remote server.
Disable verbose.
gcc_select |
gcc_select [-v | --version] [-h | --help] [-l | --list] gcc_select [-v | --version] [-n] [-force] [-root] { 2 | 3 | 3. x | 4. x }
A shell script that sets the default version of GCCeither 2.95.2 (specified as 2), 3.1 (3), 4.0 (4), or some other version (specified as 3.x)--by creating various symlinks for compiler tools, libraries, and headers. With no arguments (or with just -v ), the current default version is printed to standard output.
Recreate symlinks for the specified version, even if it is already the current default version.
Print a usage statement to standard output.
List available GCC versions.
Print the list of commands that would be executed to standard output, but don't actually execute them.
Disable the initial check for root access before executing commands.
Print the version of gcc_select to standard output.
GetFileInfo |
GetFileInfo [ options ] pathname
Displays HFS+ file attributes (metadata) of file pathname . If you specify no options, GetFileInfo shows all the file's attributes. GetFileInfo is installed with the Xcode Tools ( /Developer/Tools ). Because this directory isn't in the shell's search path by default, you might to need to specify GetFileInfo 's pathname to invoke it. See also SetFile .
Display the settings for those attributes that toggle on or off (sometimes called "Finder flags "). If attribute is empty, the settings of all attributes are displayed as a series of letters. If the letter is shown in uppercase, that attribute is on (its bit is set). If the letter is shown in lowercase, that attribute is off. To view the setting for a single attribute (either 1 for on or 0 for off), specify that attribute by its letter in attribute . Refer to the following table for the specific attributes.
Attribute | Set | unset | Meaning |
---|---|---|
Alias | A | a | File is/isn't an alias. |
Bundle | B | b | File has/hasn't bundle resource. |
Custom Icon | C | c | File has/hasn't a custom icon. |
Desktop Item | D | d | File is/isn't on the desktop. |
Extension | E | e | Filename extension is/isn't hidden. |
Inited | I | i | File is/isn't inited. |
Locked | L | l | File is/isn't locked. |
Shared | M | m | Multiple users can/can't run a file at once (applies to application files). |
INIT | N | n | File has/hasn't INIT resource. |
System | S | s | File is/isn't a system file (locks name). |
Stationary | T | t | File is/isn't a stationary file. |
Invisible | V | v | File is/isn't invisible to Finder. |
Display the file's four-character creator code.
Display the file's creation date.
Display the file's modification date.
Display the file's four-character type code.
Display all toggled attributes:
$ /Developer/Tools/GetFileInfo -a Quinn.jpg
Display only the locked setting:
$ /Developer/Tools/GetFileInfo -aL Quinn.jpg
gnutar |
gnutar [ options ] [ tarfile ] [ other - files ]
Copies files to or restores files from an archive medium. An enhanced version of tar , gnutar is usually the preferred utility because gnutar can handle much longer pathnames than tar , and gnutar 's default omission of the leading slash in pathnames allows archives to be more easily opened on other systems. Note that until native drivers for tape drives exist for Mac OS X, gnutar can't write to tape. Note also that gnutar doesn't preserve resource forks or HFS metadata when copying files that contain them.
gnutar is installed on Mac OS X as part of Apple's Xcode Tools.
You must use exactly one of these, and it must come before any other options:
Concatenate a second tar file onto the end of the first.
Create a new archive.
Compare the files stored in tarfile with other-files . Report any differences, such as missing files, different sizes, different file attributes (such as permissions or modification time).
Delete other-files from the archive.
Append other-files to the end of an existing archive.
Print the names of other-files if they are stored on the archive (if other-files aren't specified, print names of all files).
Add files if not in the archive or if modified.
Extract other-files from an archive (if other-files aren't specified, extract all files).
Display help information.
Preserve original access time on extracted files.
Set block size to n 512 bytes.
Form full blocks from short reads.
If tarfile already exists, make a backup copy before overwriting.
cd to directory before beginning tar operation.
List directory names encountered.
Remove file from any list of files.
Store files in or extract files from archive arch . Note that filename may take the form hostname : filename . Also, because Mac OS X has no native tape drive support, gnutar produces an error unless the -f option is used.
Run the script found in filename when tar reaches the end of a volume. This can be used to automatically swap volumes with a media changer. This option implies -M .
Interpret filenames in the form hostname : filename as local files.
Create new-style incremental backup.
Create old-style incremental backup.
Dereference symbolic links.
Ignore zero-sized blocks (i.e., EOFs).
Ignore unreadable files to be archived. Default behavior is to exit when encountering these.
When extracting files, don't overwrite files with similar names. Instead, print an error message.
Start at file in the archive.
Don't archive files from other filesystems.
Write a maximum of length 1024 bytes to each tape.
Don't restore file modification times; update them to the time of extraction.
Expect archive to multivolume. With -c , create such an archive.
Set symbolic file mode (permissions) of added files to filemode .
Ignore files older than date .
Ignore files whose modification times are older than date .
Don't descend into directories.
Set the owner of the extracted files to be the current user, not the owner as defined in the archive.
Set the permissions of the extracted files to the default permissions for the current user, not as defined in the archive.
Allow filenames to be null-terminated with -T . Override -C .
Use the ID numbers instead of names for file owners and groups.
Don't create archives with directory information that V7 tar can't decode.
Print extracted files on standard out.
Overwrite existing files when extracting.
Overwrite existing directory data when extracting.
Set owner of added files to name .
Keep ownership of extracted files same as that of original permissions.
Don't remove initial slashes ( / ) from input filenames.
Equivalent to invoking both the -p and -s options.
Create archives that conform to POSIX standards. Such files aren't readable by older versions of gnutar .
Display record number with each file in the archive.
Set size of records to size bytes, with size a multiple of 512.
Remove directories and files prior to extracting over them.
Remove originals after inclusion in archive.
Don't connect to remote host with rsh ; instead, use command .
When extracting, sort filenames to correspond to the order in the archive.
Treat short files specially and more efficiently.
Try to set ownership of extracted files as defined in the archive.
Show directories that were omitted during processing.
If tarfile already exists, make a backup copy before overwriting. Name the backup file by appending the character c to tarfile instead of the default "~".
Consult filename for files to extract or create.
Print byte totals.
Remove files prior to extracting them.
Empty hierarchies before extracting directories.
Compress archived files with program or uncompress extracted files with program .
Verbose. Print filenames as they are added or extracted, or show permissions when files are listed.
Name this volume name .
Show version of gnutar .
Force decimal number n to be used in gnutar 's prompt to change tapes.
Wait for user confirmation ( y ) before taking any actions.
Check archive for corruption after creation.
Compress files with gzip before archiving them or uncompress them with gunzip before extracting them.
Consult file for list of files to exclude.
Exclusion patterns match filename start (default: on).
Exclusion patterns ignore case (default: off, case-sensitive).
Exclusion patterns use wildcards (default: on).
Exclusion pattern wildcards match "/" (default: on).
Compress files with gzip before archiving them or uncompress them with gunzip before extracting them.
Compress files with compress before archiving them or uncompress them with uncompress before extracting them.
Set drive (07) and storage density ( l , m , or h , corresponding to low, medium, or high).
Create an archive of ~/Documents and ~/Music ( c ), show the command working ( v ), and write to an external volume, /Volumes/ Backups /archive.tar , saving the previous backup file as archive.tar~ (-backup) :
$ gnutar cvf /Volumes/Backups/archive.tar -backup
~/Documents ~/Music
Extract only ~/Music directory from archive.tar to the current directory:
$ gnutar xvf ~/archive.tar Music
Compare extracted files with those in the archive ( d ):
$ gnutar dvf ~/archive.tar Music
grep |
grep [ options ] pattern [ files ]
Searches one or more files for lines that match a regular expression pattern . Regular expressions are described in Chapter 6. Exit status is 0 if any lines match, 1 if none match, and 2 for errors. See also egrep and fgrep .
Don't suppress output lines with binary data; treat as text.
Print num lines of text that occur after the matching line.
Print the byte offset within the input file before each line of output.
Print num lines of text that occur before the matching line.
Treat binary files as specified. By default, grep treats binary files as such ( type is binary ). If a matching string is found within a binary file, grep reports only that the file matches; nothing is printed for nonmatching binary files. If type is without-match , grep assumes binary files don't match and skips them altogether. Same as -I . Using a type of text causes grep to treat binary files as text and print all matched lines. Same as -a .
Print only a count of matched lines. With the -v or --invert-match option, count nonmatching lines.
Print num lines of leading and trailing context. Default context is 2 lines.
Marks matched text in red, or the contents of GREP_COLOR environment variable. Optional when can be auto , always , or never .
Define an action for processing directories. Possible actions are:
Read directories like ordinary files (default).
Skip directories.
Recursively read all files under each directory. Same as -r .
Search for pattern . Same as specifying a pattern as an argument, but useful in protecting patterns beginning with - .
Treat pattern as an extended regular expression. Same as using the egrep command.
Take a list of patterns from file , one per line.
Treat pattern as a list of fixed strings. Same as using the egrep command.
Treat pattern as a basic regular expression, the default behavior.
Print matched lines but not filenames (inverse of -l ).
Print matched lines with filenames, the default behavior.
Display a help message.
Ignore uppercase and lowercase distinctions.
Skip binary files. Same as --binary-files=without-match .
List the names of files with matches but not individual matched lines; scanning per file stops on the first match.
List files that contain no matching lines.
Lines that come from standard input are shown as coming from file name .
For possibly better performance, read input using the mmap system call, instead of read , the default. Can cause unexpected system behavior.
Stops printing after num matching lines. If -v (non-matching lines) is in effect, then num nonmatching lines are printed
Print lines and their line numbers.
Suppress normal output in favor of quiet mode; the scanning stops on the first match.
Recursively read all files under each directory. Same as -d recurse .
Only read files matching pattern .
Skip files matching pattern .
Suppress error messages about nonexistent or unreadable files.
Print all lines that don't match pattern.
Print the version number and then exit.
Match on whole words only. Words are divided by characters that aren't letters, digits, or underscores.
Print lines only if pattern matches the entire line.
Print the matching files using their full pathnames and separating each with the ASCII NULL character instead of the newline character. This allows grep to properly work with the xargs utility and pathnames that contain spaces, for example.
List the number of email messages from a specific domain:
$ grep -c '^From .*@mac\.com' mbox
List files that have at least one URL:
$ grep -Eil '*p:\/\/*' *
List files that don't contain pattern :
$ grep -c pattern files | grep :0
gunzip |
gunzip [gzip options ] [ files ]
Identical to gzip -d . Provided as a hard link to gzip . The -1 ... -9 and corresponding long-form options are not available with gunzip ; all other gzip options are accepted. See gzip for more information.
gzcat |
gzcat [gzip options ] [ files ]
A link to gzip instead of using the name zcat , which preserves zcat 's original link to compress . Its action is identical to gunzip -c . Also installed as zcat . See gzip for more information.
gzip |
gzip [ options ] [ files ] gunzip [ options ] [ files ] zcat [ options ] [ files ]
Compresses specified files (or read from standard input) with Lempel-Ziv coding (LZ77). Renames compressed file to filename .gz ; keeps ownership modes and access/modification times. Ignores symbolic links. Uncompresses with gunzip , which takes all of gzip 's options, except those specified. zcat is identical to gunzip -c and takes the options -fhLV , described here. Files compressed with the compress command can be decompressed using these commands.
gzip doesn't preserve resource forks or HFS metadata when compressing files that contain them.
Regulate the speed of compression using the specified digit n , where -1 or --fast indicates the fastest compression method (less compression) and -9 or --best indicates the slowest compression method (most compression). The default compression level is -6 .
Print output to standard output, and don't change input files.
Same as gunzip .
Force compression. gzip normally prompts for permission to continue when the file has multiple links, its .gz version already exists, or it is reading compressed data to or from a terminal.
Display a help screen and then exit.
Expects to be given compressed files as arguments. Files may be compressed by any of the following methods : gzip , deflate , compress , lzh , and pack . For each file, list uncompressed and compressed sizes (the latter being always -1 for files compressed by programs other than gzip ), compression ratio, and uncompressed name. With -v , also print compression method, the 32-bit CRC of the uncompressed data, and the timestamp. With -N , look inside the file for the uncompressed name and timestamp.
Display the gzip license and quit.
When compressing, don't save the original filename and timestamp by default. When decompressing, don't restore the original filename if present, and don't restore the original timestamp if present. This option is the default when decompressing.
Default. Save original name and timestamp. When decompressing, restore original name and timestamp.
Print no warnings.
When given a directory as an argument, recursively compress or decompress files within it.
Append . suffix . Default is .gz . A null suffix while decompressing causes gunzip to attempt to decompress all specified files, regardless of suffix.
Test compressed file integrity.
Print name and percent size reduction for each file.
Display the version number and compilation options.
halt |
halt [ options ]
Prepares the system and then terminates all processes, usually ending with a hardware power-off. During preparation, all filesystem caches are flushed, and running processes are sent SIGTERM followed by SIGTERM .
Don't log the halt via syslog (i.e., mach_kernel: syncing disks ...).
Don't flush filesystem caches. Should not be used indiscriminately.
The filesystem caches are flushed, but the system is otherwise halted ungracefully. Should not be used indiscriminately.
hdid |
hdid -help hdid image_file [ options ]
Loads disk images, attaches them to device nodes (files in /dev ), and signals Disk Arbitration to mount them into the directory hierarchy.
hdid is a synonym for hdiutil -attach and takes the same set of options and arguments. See the hdid manpage for more details.
hdiutil |
hdiutil command [ cmd - specific_args_and_opts ] [-quiet | -verbose | -debug] [-plist]
Manages disk images, performing some of the same functions as the Disk Utility application. The "Options" section highlights some common uses, but the full set of commands (and associated arguments and options) is extensive and isn't detailed here. See the hdiutil manpage or run hdiutil help for more assistance.
Attach a disk image to a device node and mount it. As arguments, it takes the filename of a disk image and a possible list of options , some of which are:
Automatically open read/write volumes in the Finder after they're mounted.
Print a usage summary to standard output.
If there's only one volume in the disk image, mount it at mount point specified as an argument, instead of under /Volumes/ .
Mount volumes under a directory specified as an argument instead of under /Volumes/ .
Disable automatic opening of read-only volumes in the Finder after they're mounted.
Create device nodes in /dev and attach the image or its partitions to them, but don't mount them.
Disable verification of disk images containing checksums.
Disable write access to the mounted image.
Pass modifications to the disk image through to a shadow image. Subsequent access to the modified data will be from the shadow, which allows effective read/write access to data on a disk image that shouldn't or can't be modified. This option takes the filename of a shadow disk image as an argument but defaults to the name of the attached image with a .shadow extension. The shadow image is created if it doesn't already exist.
Burns a disk image to an optical disk (a writable CD or DVD). As arguments, it takes the filename of a disk image and a possible list of options, some of which are:
Erase an optical disk if the drive and media support erasure.
Close the optical disk after burning the image, preventing any future burns to the disk.
Perform a sector-by-sector erasure of an optical disk if the drive and media support it.
Disable ejection of the disk after burning.
Optimize the size of the image for burning, reducing the size of HFS and HFS+ volumes to the size of the data on them.
Create a blank disk image. It takes the filename for the disk image as an argument. One of these options is required to specify the size of the image:
Specify the size of the image in megabytes. Takes an integer argument.
Specify the size of the image in 512-byte sectors. Takes an integer argument.
Specify the size of the image with a choice of unit. Takes an argument consisting of an integer concatenated with a letter, where the letter is b (for bytes), k (for kilobytes), m (for megabytes), g (for gigabytes), t (for terabytes), p (for petabytes), or e (for exabytes).
Create an image large enough to hold the contents of a directory specified as an argument.
Finally, create can take a list of discretionary options, some of which are:
Format the disk image with a filesystem, the format being given as an argument to this option. Possible formats are HFS+, HFS, UFS, and MS-DOS. After the image is created, it's attached, formatted, and detached.
If creating an HFS+ filesystem, initialize it so that it can later be stretched with hdiutil resize . Takes an argument with the same format as the -size option, which determines the maximum size to which the filesystem can be stretched.
Specify the volume name for the image. Takes a string argument; the default volume name is untitled .
Unmount an image or its partitions and detach them from their device nodes. Takes a device name (e.g., disk1 ) as an argument.
Same as detach .
Print the disk image header to standard output. Takes the filename of a disk image as an argument.
Print an extensive usage summary to standard output.
Print information about a disk image or device to standard output, including properties (such as whether the image is compressed, encrypted, or partitioned), format, size, and checksum. As arguments, it takes a device name (e.g., /dev/disk1 ) or the filename of a disk image, and a possible list of options, some of which are:
Display only the checksum.
Display only the image format.
Print the version of the DiskImages framework to standard output, as well as information about mounted images (such as image filename, format, associated device node, mount point, and mounting user's identity).
After being applied to a disk image and when the image is mounted, its contents are automatically copied to the directory containing the image file, and then the image is unmounted and moved to the user's Trash. The effect is to replace the disk image by its contents, in place. It takes an argument of either -yes , -no , or -query , as well as a disk image filename.
Create a hybrid HFS+/ISO-9660 disk image suitable for use on other operating systems. As an argument, it takes -o followed by an image source, which can be either another disk image or a directory. It also takes a list of discretionary options, some of which are:
Include HFS+ filesystem information in the image. This happens by default, unless the -iso or -joliet options are specified without -hfs .
Specify the directory on an HFS+ volume containing a valid BootX file, which may created by the bless command.
Specify the directory on an HFS+ volume that should be automatically opened in the Finder after mounting.
Include ISO-9660 filesystem information in the image. This happens by default, unless the -hfs option is specified without -iso .
Include ISO-9660 filesystem information with Joliet extensions in the image. This happens by default, unless the -hfs or -iso options are specified without -joliet .
Same as attach .
Mount a device into the filesystem hierarchy using Disk Arbitration (similar to diskutil mount ). Takes a device name (e.g., disk1 ) as an argument. This can be used to complete the process of mounting a disk image after using hdiutil attach -nomount .
Print information about plug-ins for the DiskImages framework to standard output.
Print the partition map of a disk image or device to standard output. As arguments, it takes a device name (e.g., /dev/disk1 ) or the filename of a disk image, and a possible list of options.
Test whether a file is a valid disk image and return YES or NO to standard error.
Unmount an image or its partitions without detaching them from their device nodes. Takes a device name (e.g., disk1 ) or a mount point as an argument.
Enable debugging output to standard error.
Display output in XML property list format, if the command can do it.
Minimize output.
Enable verbose output.
head |
head [ options ] [ files ]
Prints the first few lines of one or more files (default is 10).
Print the first n lines of the file.
Print the first n lines of the file.
Display the first 20 lines of phone_list :
$ head -20 phone_list
host |
host [ options ] host [ server ] host [ options ] domain [ server ]
Prints information about specified hosts or zones in DNS. Hosts may be IP addresses or hostnames; host converts IP addresses to hostnames by default and appends the local domain to hosts without a trailing dot. Default servers are determined in /etc/resolv.conf . For more information about hosts and zones, refer to Chapters 1 and 2 of DNS and BIND (O'Reilly).
All, same as -t ANY .
Search for specified resource record class ( in [ternet], cs [net], ch [aos], hs / hesiod , or any ). Default is in . The chaos and csnet classes, although defined in RFC1035, are rejected as invalid classes by the host command.
Print the SOA (start of authority) records for the host.
Verbose. Same as -v .
List all machines in domain .
No recursion. Don't ask contacted server to query other servers, but require only the information that it has cached.
Chase signatures back to parent key ( DNSSEC ).
Look for type entries in the resource record. Acceptable values for type are: a , ns , md , mf , cnames , soa , mb , mg , mr , null , wks , ptr , hinfo , minfo , mx , any , and * (careful, the shell loves those asterisks; be sure to escape them).
Verbose. Include all fields from the resource record, even time-to-live and class, as well as "additional information" and " authoritative nameservers" (provided by the remote nameserver).
Wait forever for a response from a queried server.
hostinfo |
hostinfo
Prints basic information about the system to standard output, including Darwin version number, number and types of processors, amount of physical memory, current number of Mach tasks and threads running in the kernel, and CPU load.
$ hostinfo Mach kernel version: Darwin Kernel Version 8.2.0: Fri Jun 24 17:46:54 PDT 2005; root:xnu-792.2.4.obj~3/RELEASE_PPC Kernel configured for a single processor only. 1 processor is physically available. Processor type: ppc7450 (PowerPC 7450) Processor active: 0 Primary memory available: 768.00 megabytes Default processor set: 57 tasks, 197 threads, 1 processors Load average: 0.57, Mach factor: 0.69
hostname |
hostname [ option ] [ nameofhost ]
Sets or prints name of current host system. A privileged user can temporarily set the hostname with the nameofhost argument. Edit /etc/hostconfig to make a permanent change.
Trim domain information from the printed name.
hwprefs |
hwprefs [-h] hwprefs [-v] parameter [= value ] [ parameter [= value ]]...
Prints some information about the system to standard output. This is installed as part of the Computer Hardware Understanding Development (CHUD) set of developer tools.
Print a usage statement to standard error.
Print information verbosely.
One of the following: cpus reports the number of CPUs (either 1 or 2), cpunap reports whether the CPU may slow down to conserve energy (either 0 or 1), hwprefetch reports the number of prefetch engines used by a G5 CPU (either 4 or 8), and ostype reports the code name for the system's OS (either Cheetah , Mac OS X 10.0; Puma , 10.1; Jaguar , 10.2; Smeagol , 10.2.7; Panther , 10.3; or Tiger , 10.4).
id |
id [ options ] [ username ]
Displays information about yourself or another user: UID, GID, effective UID and GID if relevant, and additional GIDs.
Print GID.
Print supplementary GIDs.
With -u , -g , or -G , print user or group name, not number.
Print the output in a more easily read format. Not used with other options.
Print in the format used by the system password file, /etc/passwd .
With -u , -g , or -G , print real, not effective, UID or GID.
Print UID only.
ifconfig |
ifconfig [ options ] [ interface address_family address parameters ]
Assigns an address to a network interface and/or configures network interface parameters. ifconfig is typically used at boot time to define the network address of each interface on a machine. It may be used at a later time to redefine an interface's address or other parameters. Without arguments, ifconfig displays the current configuration for a network interface. Used with a single interface argument, ifconfig displays that particular interface's current configuration.
Display information about all configured interfaces. This is the default when no options and arguments are specified.
Display information about interfaces that are down.
Display address lifetime for IPv6 addresses.
Display all configured interfaces, names only.
Display all supported media for specified interface.
Display information about interfaces that are up.
String of the form name unit --for example, en0 .
Hostname or address in " dotted -octet" notation; for example, 172.24.30.12.
Because an interface may receive transmissions in differing protocols, each of which may require separate naming schemes, you can specify the address_family to change the interpretation of the remaining parameters. You may specify inet (the default; for TCP/IP) or inet6 .
Specify the address of the correspondent on the other end of a point-to-point link.
The following parameters may be set with ifconfig :
Create/delete an additional/existing network address for this interface.
Specify address as an anycast address ( inet6 only).
Enable/disable use of the Address Resolution Protocol in mapping between network-level addresses and link-level addresses.
Specify address to use to represent broadcasts to the network ( inet only). The default is the address with a host part of all 1s (i.e., x.y.z.255 for a class C network).
These commands perform operations related to interface cloning. However, Mac OS X itself doesn't support interface cloning. Therefore, the manpage descriptions of these parameters are of historical significance only.
Enable/disable driver-dependent debugging code.
Mark an interface "down" ( unresponsive ).
Same as lladdr .
Enable/disable special link-level processing modes. Refer to driver's manpage for more information.
Set the link-level addr ess on an interface as a set of colon-separated hex digits; for example, 00:03:93:67:7a:4a .
Set the interface media type to type ; for example, 10base5/AUI.
Comma-separated list of media options for a supported media selection system.
Set routing metric of the interface to n . Default is 0.
Set the interface's Maximum Transfer Unit (MTU) to mtu .
Specify how much of the address to reserve for subdividing networks into subnetworks ( inet only). mask can be specified as a single hexadecimal number with a leading 0x, with a dot notation Internet address, or with a pseudonetwork name listed in the network table /etc/networks .
Mark an interface "up" (ready to send and receive).
info |
info [ options ] [ topics ]
Info files are arranged in a hierarchy and can contain menus for subtopics. When entered without options, the command displays the top-level information file (usually /usr/local/info/dir ). When topics are specified, find a subtopic by choosing the first topic from the menu in the top-level information file, the next topic from the new menu specified by the first topic , and so on. The initial display can also be controlled by the -f and -n options.
Looks up string in all manual indexes.
Search directories , a colon-separated list, for information files. If this option isn't specified, use the INFOPATH environment variable or the default directory (usually /usr/local/info ).
Store each keystroke in file , which can be used in a future session with the --restore option to return to this place in info .
Display specified info file .
Display brief help.
Go to node pointed to by index entry string .
Display specified node in the information file.
Don't remove ANSI escapes from manpages.
Copy output to file instead of displaying it at the screen.
Don't remove ANSI escapes from manpages.
When starting, execute keystrokes in file .
Display subtopics recursively.
Display version.
Use vi -like key bindings.
install |
install [ options ] file1 file2 install [ options ] files directory install -d [ options ] [ file ] directory
Used primarily in Makefiles to update files. install copies files into user-specified directories. Similar to cp , with additional functionality regarding inode-based information like UID, GID, mode, flags, etc.
Create backup copies of existing target files by renaming existing file as file .old . See -B for specifying extension name (i.e., default is .old ).
Use suffix as a filename extension when -b is in effect.
Copy the specified file(s). This is the default behavior of the install command.
Copy the file. Don't change the modification timestamp if the target exists and is the same as the source.
Create any missing directories.
Set the file flags of the target file(s). Flags are a comma-separated list of keywords. See the chflags(1) manpage for further details.
Set GID of target file to group (privileged users only or user is member of specified group).
Set the mode of the target files to mode . The default is 0755, or rwxr-xr-x .
Don't use mmap(2) .
Set ownership to uid or username or, if unspecified, to root (privileged users only).
Preserve modification times.
Strip binaries to enhance portability.
Safe copy. The source file is copied to a temporary file and then renamed . The default behavior is to first unlink the existing target before the source is copied.
Verbose. install prints symbolic representations for each copy action.
installer |
installer options -pkg pkgpath -target volpath
Installs standard Mac OS X package files from the command line. install is an alternative to the Installer.app GUI application.
Install over an existing version of the software, even when the version being installed is older. The package must have special support for this option.
Send the list of command-line arguments, formatted in plist XML, to standard output without performing the installation. If you direct the output to a file, you can use that file with the -file option to perform multiple identical installations.
Log installer's messages to standard output.
Read arguments from file pathname . The file needs to be a product of the -config option or a file of the same format.
Display a help screen, and then exit.
Identify language (specified in ISO format) as the default language of the target system. Used only with OS installations.
Display the languages installer recognizes, in ISO format.
List the packages to be installed without performing the installation. Metapackages contain multiple subpackages; this option lists those subpackages as well.
When used with -pkginfo and -volinfo , format the output into plist XML.
Print more package and volume information. Used with -pkginfo and -volinfo .
Print more package and volume information, formatted for parsing. Used with -pkginfo and -volinfo .
Display the version of installer , and then exit.
List the volumes mounted at the time the command is run without performing the installation.
List only available packages and target volumes:
$ installer -volinfo -pkginfo -pkg newpkg.pkg
Install newpkg.pkg on the current system volume:
$ installer -pkg newpkg.pkg -target /
Install newpkg.pkg , using arguments from installfile :
$ installer -pkg newpkg.pkg -file installfile
ipconfig |
ipconfig getifaddr interface ipconfig getoption { interface | "" } { option_name | option_code } ipconfig getpacket interface ipconfig ifcount ipconfig set interface { BOOTP | DHCP } ipconfig set interface { INFORM | MANUAL } IP_addr netmask ipconfig waitall
Interacts with the IP Configuration Agent of configd to manage network configuration changes.
Print the specified network interface's IP address to standard output.
Print the value of the specified DHCP option to standard output. If interface is specified, the option is interface specific. If empty quotes are used instead, the option is global. Option names and numeric codes are DHCP-standard (such as host_name , domain_name , netinfo_server_address , etc.).
Print DHCP transaction packets to standard output.
Print the number of network interfaces to standard output.
Set the method by which the specified network interface is assigned an IP address. Using BOOTP or DHCP causes the system to attempt to contact a server of the appropriate type to obtain IP configuration information. Using INFORM sets the IP address locally, but initiates a DHCP request to obtain additional IP configuration information (DNS servers, default gateway, etc.). Using MANUAL indicates that all IP configuration information is set locally.
Turns on logging if level is 1, or turns off logging if level is 0.
Set the configurations of all network interfaces according to the specifications in /etc/iftab .
join |
join [ options ] file1 file2
Joins the common lines of sorted file1 and sorted file2 . Reads standard input if file1 is - . The output contains the common field and the remainder of each line from file1 and file2 . In the following options, n can be 1 or 2, referring to file1 or file2 .
List unpairable lines in file n (or both if n is omitted).
Replace any empty output field with the string s .
Join on the m th field of file n (or both files if n is omitted).
Each output line contains fields specified by file number n and field number m . The common field is suppressed unless requested .
Use character c as a field separator for input and output.
Print only the unpairable lines in file n . With both -v 1 and -v 2 , all unpairable lines are printed.
Join on field m of file1 . Fields start with 1.
Join on field m of file2 . Fields start with 1.
Assuming the following input files:
$ cat score olga 81 91 rene 82 92 zack 83 93 $ cat grade olga B A rene B A
List scores followed by grades, including unmatched lines:
$ join -a1 score grade olga 81 91 B A rene 82 92 B A zack 83 93
Pair each score with its grade:
$ join -o 1.1 1.2 2.2 1.3 2.3 score grade olga 81 B 91 A rene 82 B 92 A
jot |
jot [ option ] [ repetitions [begin [end [seed]]]]
Generates a list of random or sequential data repetitions lines long. Sequential lists start from the number given in the begin value and finish with the end value. Random data is generated using the seed value seed .
Print word only.
Print ASCII character equivalents instead of numbers.
Don't print a trailing newline character at the end of the list.
Print the data using the number of digits or characters specified by the number precision .
Generate random data. jot generates sequential data by default.
Print the list separated by string instead of by newlines, the default.
Print word along with the other generated data.
Return a list of sequentially numbered names:
$ jot -w box- 20 1 20
Return the ASCII values of numbers 43 to 52:
$ jot -c 10 43 52
kdump |
kdump [ option ]
Decode and display a kernel trace file produced by ktrace . By default, kdump processes any ktrace.out file found in the current working directory.
Show all numbers in decimal format.
Process the file tracefile instead of ktrace.out .
Continue to read and display the trace file as new trace data is added.
When decoding I/O data, show no more than maxdata bytes.
Don't decode completely; display some values, such as those from ioctl and errno , in their raw format.
With each entry, show time since previous entry (relative timestamp).
Show only the traces specified in tracepoints (see kdump 's -t option).
With each entry, show seconds since the epoch (absolute timestamp).
kdumpd |
kdumpd [-l] [-s directory [-u username ] [-c | -C]] [-n] [ directory ]
Provides a service meant to accept transfers of kernel core dumps from remote Mac OS X clients . Based on tftpd , it offers a simplistic file drop service. Setting it up involves:
Adding a kdump entry to /etc/services , recommended on UDP port 1069.
Creating a kdump service file in /etc/xinetd.d/ , modeled after that for tftp .
Executing sudo service kdump start .
Once that's done, you can invoke tftp on a client system, enter connect server_name 1069 , and then put filename to transfer a file. The file is saved on the server in the directory specified in the arguments to kdumpd . There are restrictions: the filename can't include / or .. , so the file is deposited into the target directory only; and the target file must not already exist.
This service is apparently not used by any current facility but may exist for future use by Apple.
Same as -C . Using this option should reject the connection if the path including the client IP address doesn't exist, but a bug prevents it from doing so.
Add the client's IP address to the end of the chroot directory path. If this path doesn't already exist, it falls back to that specified for -s .
Enable logging via syslog using the ftp facility. However, logging is enabled by default, so this option doesn't actually do anything.
Suppress a negative acknowledgment if the client requests a relative pathname that doesn't exist.
Perform a chroot to the specified directory.
Change UID to the specified username. Defaults to nobody .
kill |
kill [ option ] PID
This is the /bin/kill command; there is also a shell command of the same name that works similarly. Send a signal to terminate one or more process IDs ( PID ). You must own the process or be a privileged user. If no signal is specified, TERM is sent. If the PID is -1, the signal is sent to all processes you own. If you are superuser, a PID of -1 sends the signal to all processes.
List the signal names. (Used by itself.)
Send signal signal to the given process or process group. signal can be the signal number (from /usr/include/sys/signal.h ) or name (from kill -l ). With a signal number of 9, the kill is absolute.
Send signal signal to the given process or process group.
killall |
killall [ options ] procname ...
Kills processes specified by command or pattern match. The default signal sent by killall is TERM but may be specified on the command line. killall assembles and executes a set of kill commands to accomplish its task.
Use with the -t or -u options to limit processes that sent a signal to those matching procname .
Print diagnostic information only about targeted processes; doesn't send signal.
Print usage and exit.
List known signal names.
Interpret the procname as a case-insensitive regular expression for selecting real process names to send a signal to.
Show the kill command lines that send the signal but don't actually execute them.
Send specified signal to process. signal may be a name (see -l option) or number.
Used to further select only those processes attached to the specified tty (procname tty), or to select all processes attached to the specified tty (i.e., no procname specified).
Used to further select only those processes owned by the specified user (procname user), or to select all processes owned by the specified user (i.e., no procname specified).
Verbose output. Print the kill command lines that send the signal.
ktrace |
ktrace [ options ] command
Trace kernel operations for process command and log data to file ktrace.out in the current working directory. The tracing continues until you either exit command or clear the trace points (with the -c or -C options). Use kdump to view the trace log.
Append new data to the trace file instead of overwriting it.
Stop tracing all processes run by a user invoking ktrace . If this option is used with superuser privileges, the tracing of all processes is stopped .
Stop tracing process command.
Also trace any current child processes of the specified process.
Log to file instead of ktrace.out , the default.
Toggle tracing of all processes that are part of the process group pgid .
Also trace any future child processes of the specified process.
Toggle tracing of process pid .
Trace only kernel operations specified in tracepoints . Use the appropriate letters from this list to indicate which type of operation(s) to trace:
System calls
I/O
Name translations
Signal processing
Userland operations
Context switches
Trace only system calls and I/O on process 489:
$ ktrace -t ci -p 489
Run the atlookup command and trace all its kernel operations:
$ ktrace atlookup
Turn off tracing for all user processes:
$ ktrace -C
languagesetup |
languagesetup -h languagesetup -langspec language languagesetup [-English | -Localized]
Changes the default language used by the system. If invoked with no arguments, or with the -English or -Localized flags, it enters an interactive session in which the new language may be chosen from a menu.
Present interactive prompts in English.
Print a usage statement to standard output.
Specify the new system language on the command line, instead of interactively.
Present interactive prompts in the system's default language.
last |
last [ options ] [ users ]
Lists information about current and previous login sessions, including username and duration of each session. Sessions are listed one per line, newest first. To view only sessions from select users, specify those usernames in users .
Read from log file instead of /var/log/wtemp , the default.
Report only on those sessions initiated from machine host .
Display only the first n lines of output.
Report only on those sessions initiated from device tty . To list Aqua logins, for example, specify console for tty .
launchctl |
launchctl launchctl { help | list | export | reloadttys | shutdown } launchctl { start | stop } job ... launchctl { load | unload } [-w] pathname ... launchctl { stdout | stderr } pathname launchctl { getenv | unsetenv } variable launchctl setenv variable value launchctl getrusage { self | children } launchctl limit [{ core | cpu | data | filesize | maxfiles | maxproc | memlock | rss | stack } [ integer [ integer ]]] launchctl umask [ umask ] launchctl log [level level | { only | mask } level ...]
Control utility for launchd . If called with no arguments, enters an interactive mode using the same set of subcommands as may be specified on the command line. You can use Control-D or Control-C to exit interactive mode.
Displays the shell commands necessary to export launchd 's environment variables.
Displays the value of the specified launchd environment variable.
Displays resource utilization data for launchd or its child processes.
Prints a usage statement to standard output.
With no further arguments, displays launchd 's resource limits. With one argument, displays the limit for the specified resource. If the resource name is followed by a number, both the hard and soft limits for the resource are set to the specified number. If the resource name is followed by two numbers, the soft limit is set to the first number, and the hard limit is set to the second number.
Displays the jobs loaded by launchd and run by the invoking user. For information about system-wide jobs, this command must be invoked with superuser access.
Loads the jobs into launchd associated with the specified configuration files, or directories containing configuration files. The -w flag makes the load persistent across reboots.
With no further arguments, displays which syslog levels are logged by launchd . If level is specified, directs launchd to log that level and higher. If only is specified, directs launchd to log only the specified levels. If mask is specified, directs launchd to log all levels but those specified.
Causes launchd to reread /etc/ttys .
Sets the value of the specified launchd environment variable.
Unloads all jobs in preparation for system shutdown.
Starts the specified job.
Redirects launchd 's standard error to the specified file.
Redirects launchd 's standard output to the specified file.
Stops the specified job.
Displays or sets the umask for launchd .
Unloads the jobs from launchd associated with the specified configuration files, or directories containing configuration files. The -w flag makes the unload persistent across reboots.
Unsets the value of the specified launchd environment variable.
launchd |
launchd [-h | -d | -s | -v | -x | command ]
Introduced with Mac OS X Tiger (10.4), launchd is an automated process launcher, starting and stopping processes as needed. It's intended as a catch-all replacement for init , /etc/rc and related scripts, SystemStarter , register_mach_bootstrap_servers , cron , loginwindow hooks run out of /etc/ttys , and watchdog (although it hasn't yet displaced all of them). It is the first process started during the boot sequence, with a PID of 1.
Each job controlled by launchd is configured by an XML property list file located in either /System/Library/LaunchDaemons/ or /Library/LaunchDaemons/ (for system-wide daemon processes), or /System/Library/LaunchAgents/ , /Library/LaunchAgents/ , or ~/Library/LaunchAgents/ (for per-user processes).
launchd can be managed with the launchctl utility. Upon startup, it checks /etc/launchd.conf or ~/.launchd.conf for launchctl commands to execute, although the commands to load the daemon configuration files are currently located in /etc/rc .
Causes launchd to run itself as a background process.
Prints a limited usage statement to standard output.
Boots the system in single-user mode. This flag is used when -S is held down on startup.
Boots the system in verbose mode. This flag is used when -V is held down on startup.
Boots the system in safe mode. This flag is used when Shift is held down on startup.
Starts an instance of launchd controlling a job given by the specified command line.
leave |
leave [[+] time ]
Sets a time to be reminded that it's "time to leave." leave will remind you with a message at the command prompt five minutes, and then one minute, before the specified time. You'll be reminded again at the specified time and then every minute after until you either log out of that shell session or kill leave with kill -9 pid . Specify the time in the hhmm format. Use + before time to specify a relative time, hours, and minutes from the current time. Without any arguments, leave prompts you to enter a time in the same format.
less |
less [ options ] [ filename ]
less is a program for paging through files or other output. It was written in reaction to the perceived primitiveness of more (hence its name). A number may precede some commands.
Set number of lines to scroll to num . Default is one screenful. A negative num sets the number to num lines less than the current number.
Run command on startup. If command is a number, jump to that line. The option ++ applies this command to each file in the command-line list.
Print help screen. Ignore all other options; don't page through file.
When searching, begin after last line displayed. (Default is to search from second line displayed.)
Use n buffers for each file (default is 10). Buffers are 1 KB in size.
Don't automatically allocate buffers for data read from a pipe. If -b specifies a number of buffers, allocate that many. If necessary, allow information from previous screens to be lost.
Redraw screen from top, instead of scrolling from the bottom.
Same as -c , but clear the screen before redrawing.
Suppress dumb-terminal error messages.
Automatically exit after reaching EOF twice.
Automatically exit after reaching EOF once.
Force opening of directories and devices; don't print warning when opening binaries.
Automatically exit if the file fits on one screen.
Highlight only string found by past search command, not all matching strings.
Never highlight matching search strings.
Never scroll backward more than num lines at once.
Make searches case-insensitive, unless the search string contains uppercase letters.
Make searches case-insensitive, even when the search string contains uppercase letters.
Position target line on line num of screen. Target line can be the result of a search or a jump. Count lines beginning from 1 (top line). A negative num is counted back from bottom of screen.
Read file to define special key bindings.
Display a more -like prompt, including percent of file read.
Prompt more verbosely than with -m , including percentage, line number, and total lines.
Don't calculate line numbers. Affects -m and -M options and = and v commands (disables passing of line number to editor).
Print line number before each line.
When input is from a pipe, copy output to file as well as to the screen. (Prompt for overwrite authority if file exists.)
Similar to -o , but don't prompt when overwriting file.
At startup, search for first occurrence of pattern .
Sets the three preset prompt styles:
Set short, default prompt.
Set medium prompt (specified by -m ).
Set long prompt (specified by -M ).
Set message printed while waiting for data.
Set message printed by = command.
Disable ringing of bell on attempts to scroll past EOF or before beginning of file. Attempt to use visual bell instead.
Never ring terminal bell.
Display "raw" control characters, instead of using ^x notation. Sometimes leads to display problems.
Print successive blank lines as one line.
Chop lines longer than the screen width, instead of wrapping.
Edit file containing tag . Consult ./tags ( constructed by ctags ).
With the -t option or :t command, read file instead of ./tags .
Treat backspaces and carriage returns as printable input.
Treat backspaces and carriage returns as control characters.
Display the lesser version number and a disclaimer.
Print lines after EOF as blanks instead of tildes ( ~ ).
Set tab stops to every n characters. Default is 8.
Don't send initialization and deinitialization strings from termcap to terminal.
Never scroll forward more than n lines at once.
Many commands can be preceded by a numeric argument, referred to as number in the command descriptions.
Scroll forward the default number of lines (usually one window).
Similar to SPACE , but allows the number of lines to be specified, in which case it resets the default to that number.
Scroll forward. Default is one line. Display all lines, even if the default is more lines than the screen size.
Scroll forward. Default is one-half the screen size. The number of lines may be specified, in which case the default is reset.
Scroll backward. Default is one windowful.
Like b , but allows the number of lines to be specified, in which case it resets the default to that number.
Scroll backward. Default is one line. Display all lines, even if the default is more lines than the screen size.
Scroll backward. Default is one-half the screen size. The number of lines may be specified, in which case the default is reset.
Redraw screen.
Like r , but discard buffered input.
Scroll forward. When an EOF is reached, continue trying to find more output, behaving similarly to tail -f .
Skip to a line. Default is 1.
Skip to a line. Default is the last one.
Skip to a position number percent of the way into the file.
If the top line on the screen includes a { , find its matching } . If the top line contains multiple { s, use number to determine which one to use to find a match.
If the bottom line on the screen includes a } , find its matching { . If the bottom line contains multiple } s, use number to determine which one to use to find a match.
If the top line on the screen includes a ( , find its matching ) . If the top line contains multiple ( s, use number to determine which one to use to find a match.
If the bottom line on the screen includes a ) , find its matching ( . If the bottom line contains multiple ) s, use number to determine which one to use to find a match.
If the top line on the screen includes a [ , find its matching ] . If the top line contains multiple [ s, use number to determine which one to use to find a match.
If the bottom line on the screen includes a ] , find its matching [ . If the bottom line contains multiple ] s, use number to determine which one to use to find a match.
Behave like { , but prompt for two characters, which it substitutes for { and } in its search.
Behave like } , but prompt for two characters, which it substitutes for { and } in its search.
Prompt for a lowercase letter and then use that letter to mark the current position.
Prompt for a lowercase letter and then go to the position marked by that letter. There are some special characters:
Return to position before last "large movement."
Beginning of file.
End of file.
Same as ' .
Find next occurrence of pattern , starting at the second line displayed. Some special characters can be entered before pattern :
Find lines that don't contain pattern .
If current file doesn't contain pattern , continue through the rest of the files in the command-line list.
Search from the first line in the first file specified on the command line, no matter what the screen currently displays.
Search backward, beginning at the line before the top line. Treats ! , * , and @ as special characters when they begin pattern , as / does.
Same as /* .
Same as ?* .
Repeat last pattern search.
Repeat last pattern search, in the reverse direction.
Repeat previous search command but as though it were prefaced by * .
Repeat previous search command but as though it were prefaced by * and in the opposite direction.
Toggle search highlighting.
Read in filename and insert it into the command-line list of filenames. Without filename , reread the current file. filename may contain special characters:
Name of current file.
Name of previous file.
Same as :e .
Read in next file in command-line list.
Read in previous file in command-line list.
Read in first file in command-line list.
Remove current from the list of files, effectively closing it.
Go to the next tag. See the -t option for details about tags.
Go to the previous tag.
Print filename, position in command-line list, line number on top of window, total lines, byte number, and total bytes.
Expects to be followed by a command-line option letter. Toggles the value of that option or, if appropriate, prompts for its new value.
Expects to be followed by a command-line option letter. Resets that option to its default.
Expects to be followed by a command-line option letter. Resets that option to the opposite of its default, where the opposite can be determined.
Expects to be followed by a command-line option letter. Display that option's current setting.
Execute command each time a new file is read in.
Exit.
Not valid for all versions. Invoke editor specified by $VISUAL or $EDITOR , or vi if neither is set.
Not valid for all versions. Invoke $SHELL or sh . If command is given, run it and then exit. Special characters:
Name of current file.
Name of previous file.
Last shell command.
Not valid for all versions. Pipe fragment of file (from first line on screen to mark-letter ) to command . mark-letter may also be:
Beginning of file.
End of file.
Current screen is piped.
The prompt interprets certain sequences specially. Those beginning with % are always evaluated. Those beginning with ? are evaluated if certain conditions are true . Some prompts determine the position of particular lines on the screen. These sequences require that a method of determining that line be specified. See the -P option and the manpage for more information.
ln |
ln [options] file1 file2 ln [ options ] files directory
Creates pseudonyms (links) for files, allowing them to be accessed by different names. In the Finder, links appear and work as aliases. In the first form, link file1 to file2 , where file2 is usually a new filename. If file2 is an existing file, it is removed first; if file2 is an existing directory, a link named file1 is created in that directory. In the second form, create links in directory , each link having the same name as the file specified.
Force the link to occur (don't prompt for overwrite permission).
Interactive mode. Asks for permission to overwrite if the target file exists. This is the default.
Don't overwrite existing files.
Create a symbolic link. This lets you link across filesystems and also see the name of the link when you run ls -l . (Otherwise, you have to use find -inum to find any other names a file is linked to.)
Verbose mode. Show each file as it gets processed.
locate |
locate pattern
Searches a database of filenames and prints matches. * , ? , [ , and ] are treated specially; / and . are not. Matches include all files that contain pattern , unless pattern includes metacharacters, in which case locate requires an exact match.
The locate database file is /var/db/locate.database , which by default is updated as part of the weekly system maintenance cron job.
lock |
lock [ options ]
Place a lock on the current shell session, preventing anyone from typing to the prompt without first entering a password or waiting until the end of the timeout period.
Use the user's system password instead of prompting to create a new one-time password.
Unlock the prompt in timeout minutes instead of the default 15 minutes.
lockfile |
lockfile [ options ] filenames
Creates semaphore file(s), used to limit access to a file. When lockfile fails to create some of the specified files, it pauses for eight seconds and retries the last one on which it failed. The command processes flags as they are encountered (i.e., a flag that is specified after a file won't affect that file).
Time lockfile waits before retrying after a failed creation attempt. Default is eight seconds.
Invert return value. Useful in shell scripts.
Time (in seconds) after a lockfile was last modified at which it will be removed by force. See also -s .
If the permissions on the system mail spool directory allow it or if lockfile is suitably setgid, it can lock and unlock your system mailbox with the options -ml and -mu , respectively.
Stop trying to create files after retries retries. The default is -1 (never stop trying). When giving up, remove all created files.
After a lockfile has been removed by force (see -l ), a suspension of 16 seconds takes place by default. (This is intended to prevent the inadvertent immediate removal of any lockfile newly created by another program.) Use -s to change the default 16 seconds.
logger |
logger [ options ] [ messages ]
Logs messages to the system log ( /var/log/system.log ). Command-line messages are logged if provided. Otherwise, messages are read and logged, line-by-line , from the file provided via -f . If no such file is given, logger reads messages from standard input.
Read and log messages from file .
Log the PID of the logger process with each message.
Log each message with the given priority . Priorities have the form facility . level . The default is user.notice . See syslog(3) for more information.
Also log messages to standard error.
Add tag to each message line.
Warn about upcoming trouble:
$ logger -p user.emerg 'Intruder Alert! Intruder Alert!'
look |
look [ options ] string [ file ]
Looks through a sorted file and prints all lines that begin with string . Words may be up to 256 characters long. This program is potentially faster than fgrep because it relies on the file being sorted already, and can thus do a binary search through the file, instead of reading it sequentially from beginning to end.
With no file , look searches /usr/share/dict/words (the spelling dictionary) with options -df . This can be a handy way to look up a word in the dictionary if you only know the start of the word. If you can't remember how to spell "carburetor," try look carbur to see the 12 words in the dictionary that start "carbur."
Use dictionary order. Only letters, digits, spaces, and tabs are used in comparisons.
Fold case; ignore case distinctions in comparisons.
Use char as the termination character, i.e., ignore all characters to the right of char .
lp |
lp [ options ] [ files ]
Sends files to the printer. With no arguments, prints standard input. Part of the Common Unix Printing System (CUPS).
Copy files to print spooler; if changes are made to file while it is still queued for printing , the printout is unaffected. This option has no effect when used with a CUPS server, which performs in a similar manner already.
Send output to destination printer named dest .
Force an encrypted connection if supported by the print server.
Send print job to the print server host , localhost by default.
Print according to the named action : hold (notify before printing), resume (resume a held request), immediate (print next; privileged users only).
Override lp options used for request IDs currently in the queue; specify new lp options after -i . For example, change the number of copies sent.
Send mail after files are printed (not supported in CUPS as of Version 1.1.15).
Specify the number of copies to print.
Set one or more printer options. CUPS documentation describing these options is included with Mac OS X and viewable via a web browser at http://127.0.0.1:631/sum.html#STANDARD_OPTIONS.
Print only the page numbers specified in list .
Print request with priority level n , increasing from 1 to 100. The default is 50.
Suppress messages.
Use title for the print job name.
Cancel jobs belonging to username .
Print five copies of a formatted manpage:
$ man -t niutil | lp -n 5
lpc |
lpc [ command ]
Controls line printer; CUPS version. If executed without a command, lpc generates a prompt ( lpc> ) and accepts commands from standard input.
Get a list of commands or help on specific commands.
Exit lpc .
Return the status of the specified print queue.
lpq |
lpq [ options ]
Shows the printer queue. Part of the Common Unix Printing System (CUPS).
Repeat the lpq command every interval seconds until the queue is empty.
Show the jobs in the queues for all printers.
Force an encrypted connection if supported by the print server.
Be verbose.
Show queue for the specified printer .
lpr |
lpr [ options ] files
Sends files to the printer spool queue. Part of the Common Unix Printing System (CUPS).
Use title for the print job name.
Force an encrypted connection if supported by the print server.
Assume print job is preformatted for printing and apply no further filtering. Same as -o raw .
Set one or more printer options. CUPS documentation describing these options is included with Mac OS X and viewable via a web browser at http://127.0.0.1:631/sum. html#STANDARD_OPTIONS .
Print text files with pretty printing, adding a shaded header with date, time, job name, and page number. Same as -o prettyprint .
Output to printer instead of system default.
Remove the file upon completion of spooling.
Print num copies of each listed file (100 maximum).
lprm |
lprm [ options ] [ jobnum ]
Removes a print job from the print spool queue. You must specify a job number or numbers, which can be obtained from lpq . Used with no arguments, lprm removes the current job. Part of the Common Unix Printing System (CUPS).
Force an encrypted connection if supported by the print server.
Specify printer name. Normally, the default printer or printer specified in the PRINTER environment variable is used.
Remove all jobs in the spool.
lpstat |
lpstat [ options ]
Prints the lp print queue status. With options that take a list argument, omitting the list produces all information for that option. list can be separated by commas or, if enclosed in double quotes, by spaces.
Show whether the list of printer or class names is accepting requests.
Show information about printer classes named in list .
Show the default printer destination.
Force an encrypted connection if supported by the print server.
Communicate with print server host , localhost by default.
Show a long listing of classes, jobs, or printers when used before -c , -o , or -p , respectively.
Show job queues for printers in list or all printers if list isn't given.
Show the status of printers named in list or all printers if list isn't given.
Show whether the print scheduler is on or off.
Show the job's position in the print queue when used before -o .
Summarize the print status (shows almost everything). Same as -d -c -v .
Show all status information (reports everything). Same as -r -d -c -v -a -p .
Show request status for user or all users if user isn't given.
Show device associated with each printer named in list or all printers if list isn't given.
Only show completed or not completed print jobs, as appropriate. Option must appear before the -o option.
ls |
ls [ options ] [ names ]
List contents of directories. If no names are given, list the files in the current directory. With one or more names , list files contained in a directory name or that match a file name . names can include filename metacharacters. The options let you display a variety of information in different formats. The most useful options include -F , -R , -l , and -s . Some options don't make sense together (e.g., -u and -c ).
Print one entry per line of output.
List all files, including the normally hidden files whose names begin with a period.
List all files, including the normally hidden files whose names begin with a period. Don't include the . and .. directories.
Print nonprintable characters with their C-style escape codes, such as \n for line feed and \t for tab. Characters without an escape code print with their octal values, such as \xxx .
Print nonprintable characters with their octal codes, such as \xxx .
List files by status change time (not creation/modification time).
List files in columns (the default format).
Report only on the directory, not its contents.
Print the ACL for the file, if present.
Print directory contents in exactly the order in which they are stored, without attempting to sort them.
Flag filenames by appending / to directories, * to executable files, @ to symbolic links, | to FIFOs, = to sockets, and % to whiteouts.
Enable colorized output.
List sizes from the -l option with units: bytes, kilobytes, etc.
Follow symbolic links.
List the inode for each file.
If file sizes are being listed, print them in kilobytes.
Long format listing (includes permissions, owner, size, modification time, etc.).
Used with -l . List the file or directory referenced by a symbolic link rather than the link itself.
Print names across the screen, separated by commas.
Used with -l . Displays GID and UID numbers instead of owner and group names.
Used with -l . Shows file flags (see chflags ).
Mark directories by appending / to them.
Show nonprinting characters as ? (the default when printing to the Terminal).
List files in reverse order (by name or by time).
Recursively list subdirectories as well as the specified (or current) directory.
Print size of the files in blocks.
Sort by file size, largest to smallest.
Sort files according to modification time (newest first).
Used with -l . Show complete time and date information.
Sort files according to the file access time.
List files in rows going across the screen.
Don't edit nonprinting characters for output (the default when not printing to the Terminal).
Show whiteouts when listing directories on mounted filesystems.
List all files in the current directory and their sizes; use multiple columns and mark special files:
$ ls -asCF
List the status of directories /bin and /etc :
$ ls -ld /bin /etc
List C-source files in the current directory, the oldest first:
$ ls -rt *.c
Count the nonhidden files in the current directory:
$ ls | wc -l
lsbom |
lsbom [ options ] bomfile
Prints the contents of a binary BOM ("bill of materials") file ( bomfile ) in human-readable format. By default, lsbom prints a line of information for each file listed in the BOM , as in this example:
./Documents/Install Log.txt 100664 0/80 1182 4086739704
This line shows, in order, the plain file's pathname, permissions (modes) in octal format, owner and GIDs, size, and checksum. When listing symbolic links, lsbom reports the size and checksum of the link itself, and also lists the pathname of the linked file. Device file listings include the device number, but not the file size or checksum.
List only block devices.
List only character devices.
List only directories.
List only files.
List only symbolic links.
When listing plain files, also display their modification dates.
Print only the file pathnames.
Don't show the permissions of directories and symbolic links.
When listing fat binary files, show only the size and checksums of the code for chip type arch . Possible values for arch include ppc , m68k , i386 , hppa , and sparc .
Limit the content of each line as specified by parameters , which you can compose using any of the options in this list (but none more than once):
Show the checksum.
Show the filename.
Show the filename within quotes.
Show the GID.
Show the group name.
Show the octal file mode.
Show the symbolic file mode.
Show the file size.
Show the file size, formatted with commas.
Show the modification date in POSIX format (seconds since the epoch).
Show the modification date in human-readable format.
Show the UID.
Show the username.
Show the UID and GID, separated with a slash.
Show the username and group name, separated with a slash.
List the contents of BOM file Installer.bom :
$ lsbom Installer.bom
List only the paths of the directories in the BOM file :
$ lsbom -s -d Installer.bom
Format lines similar to those shown by the ls -l command:
$ lsbom -p MUGsTf Installer.bom
lsof |
lsof [ options ] [ pathname ]
Lists open files, including regular files, directories, special files, libraries, network files, and others. The following descriptions and examples cover lsof 's basic operation; for a complete description, refer to lsof 's manpage.
Used without arguments, lsof lists all files opened by all active processes. Used with pathname , lsof lists the open files in the given filesystem mount point. If pathname is a file, lsof lists any processes having the given file open.
Recognize all list options as joined with "and" instead of the default "or."
Avoid stat , lstat , and readlink functions, since they may block.
List files opened by processes whose command names begin with characters chars . chars can contain a regular expression if put between slashes ( / ). You can further define the expression by following the closing slash with b to denote a basic expression, i to denote a case-insensitive expression, or x to denote an extended expression (the default).
Print up to width characters of the command associated with a process. If width is 0, all characters are printed.
List all open instances of the files and directories in pathname , including the directory pathname itself. This option doesn't search below the level of pathname , however.
List all open instances of the files and directories in pathname , including directory pathname itself, searching recursively to the full depth of directory pathname .
List all Internet files, or if specified, those with an Internet address matching address . Specify address as [ protocol ][@ host ][: port ].
Specify IP version; 4 for IPv4, the default. IPv6 is not supported in this version of lsof .
Specify TCP or UDP .
Specify a host by name or numerically .
Specify a port number or service name.
Print UID numbers, instead of login names.
Prints IP addresses instead of doing reverse name lookups. May speed up output.
List files opened by processes whose IDs are specified in the comma-separated list pid .
Operate in repeat mode. lsof lists open files as specified by the other options and then repeats the listing every 15 seconds (or n seconds, if specified). If r is prefixed with + , lsof repeats until the selection options produce no files to list. If r is prefixed with - , lsof repeats until the process is terminated with an interrupt or quit signal.
List files opened by users whose login names or UIDs are in the comma-separated list user . You can also specify a user whose files aren't to be listed by prefixing user with ^ .
List processes that have your home directory opened:
$ lsof ~
List all open files in your home directory:
$ lsof +D
List the files opened by processes whose names begin with "i" and whose owner is "bob":
$ lsof -a -c i -u bob
List files using TCP port 80, repeating every two seconds until lsof is terminated:
$ lsof -i TCP:80 -r 2
machine |
machine
Returns the system's processor type. A returned value of ppc750 indicates a PowerPC G3 chip, and ppc7400 indicates a PowerPC G4, for example.
mailq |
mailq [ option ]
Lists all messages in the sendmail mail queue. Equivalent to sendmail -bp .
Verbose mode.
mailstat |
mailstat [ options ] [ logfile ]
Displays mail-arrival statistics. Parses a procmail -generated logfile and displays a summary about the messages delivered to all folders (total size, average size, etc.). The logfile is renamed as logfile .old , and a new logfile of size 0 is created.
Keep logfile intact.
Long display format.
Merge any errors into one line.
Use the old logfile.
Silent in case of no mail.
Terse display format.
makekey |
makekey
Produces crypt password hashes. This can be used to automatically populate a password database from known passwords, or to make hashes of prospective passwords that can be subjected to cracking attempts before being put into use.
makekey takes no command-line arguments. It accepts a character string on standard input, consisting of an eight-character password combined with a two-character salt , which is used to permute the DES password encryption algorithm. (Use man crypt for more information.) It prints a 13-character string to standard output, with the first two characters being the salt, and the other eleven characters being the password hash. The entire string is suitable for use as the password field in a standard Unix /etc/passwd -format file or as the value of the passwd property in an Open Directory entry for a user employing Basic authentication.
$ echo password12 | /usr/libexec/makekey 12CsGd8FRcMSM
man |
man [ options ] [ section ] [ title ]
Displays information from the online reference manuals. man locates and prints the named title from the designated reference section .
Show all pages matching title.
Uses filename as the config file, instead of /usr/share/misc/man.conf .
Display debugging information. Suppress actual printing of manpages.
Same as whatis command.
Print help and exit.
Same as apropos command.
Search systems ' manpages. systems should be a comma-separated list.
Search for manpages in path . Ignore -m option.
Preprocess manpages with preprocessors before turning them over to nroff , troff , or groff . Always runs soelim first.
Select paging program pager to display the entry.
Define colon-separated list of sections to search.
Format the manpage with troff .
Print pathnames of entries on standard output.
Manpages are divided into sections, depending on their intended audience:
Executable programs or shell commands.
System calls (functions provided by the kernel).
Library calls (functions within system libraries).
Special files (usually found in /dev ).
File formats and conventions.
Games.
Macro packages and conventions.
System administration commands (usually only for a privileged user).
Kernel routines (nonstandard).
md5 |
md5 [ options ] [-s string ] [ files ]
Calculates an md5 checksum value of the text provided in string , files , or from standard input. By default, when string or files is given, md5 prints those values first, followed by the checksum.
Calculate a checksum of the text in string .
Print the standard input followed by the checksum.
Operate in quiet mode. Print only the checksum.
Reverse the order of the output when string or files is given (checksum first).
Run the built-in speed test, which calculates a checksum from 100 MB of data.
Run the built-in test suite, which calculates checksums from seven short strings.
mDNS |
mDNS [-E | -F | -A | -U | -N | -T | -M] mDNS -B type domain mDNS -L service_name _app_protocol . _transport_protocol domain mDNS -R service_name _app_protocol . _transport_protocol domain port [ string ]...
A basic client for Bonjour multicast DNS (mDNS), primarily used for testing local mDNS service. When invoked with no arguments, it prints a usage statement to standard error. In most instances, the command doesn't return on its own, so you'll need to use Ctrl-C to break out.
When registering or looking up a name like website._http._tcp.local. , website is the service_name , http is the app_protocol , tcp is the transport_protocol , and local is the domain . For example, to register such a service:
% mDNS -R website _http._tcp local 80 "my web site"
Test mDNS by repeatedly adding, updating, and then deleting an HINFO resource record for Test._testupdate._tcp.local. .
Browse for services (although this doesn't seem to work).
Discover and list domains recommended for registration of services.
Discover and list domains recommended for browsing of services.
Look up a service, displaying its host address, port number, and TXT records if found.
Test mDNS by registering a service ( Test._testdualtxt._tcp.local. ) with multiple TXT resource records.
Test mDNS by registering a service ( Test._testupdate._tcp.local. ) with a large NULL resource record.
Register a service.
Test mDNS by registering a service ( Test._testlargetxt._tcp.local. ) with a large TXT resource record.
Test mDNS by repeatedly updating a TXT resource record for Test._testupdate._tcp.local. .
mDNSResponder |
mDNSResponder [-d]
The server for Bonjour multicast DNS (mDNS). It's started by the mDNSResponder startup item, creates a PID file in /var/run/ , and responds to TERM and INT signals by quitting cleanly.
Run in debug mode, preventing daemonization, although it doesn't appear to be particularly useful in this state.
mdcheckschema |
mdcheckschema filename(s)
Validates the mdimport schema file specified to see if it can be parsed.
mdfind |
mdfind [ -live ] [ -onlyin directory ] query
Searches the Spotlight metadata for items matching query, and returns a list of files for further manipulation.
Displays each entry followed by a null character instead of a linefeed . This is usually used for feeding into xargs -0 .
After displaying the list of files, displays a count of files matching the query. The count is updated each time the count is updated. Use Control-C to cancel.
Limit the directories searched to dir .
The following are attributes commonly set by the metadata indexer. These attributes are also used by the mdls command. You can use mdimport -A to list all attributes supported by indexers in your system.
The date and time that a metadata attribute was last changed.
The intended audience of the file.
The authors of the document.
The document's city of origin.
Comments regarding the document.
A list of contacts associated with the document.
The document's creation date.
Last modification date of the document.
The qualified content type of the document, such as com.adobe.pdf for PDF files and com.apple.protected-mpeg-4-audio for an Apple Advanced Audio Coding (AAC) files.
Contributors to this document.
The copyright owner.
The document's country of origin.
The scope of the document, such as a geographical location or a period of time.
The application that created the document.
A description of the document.
Due date for the item represented by the document.
Duration (in seconds) of the document.
Email addresses associated with this document.
The name of the application, such as "Acrobat Distiller", that was responsible for converting the document in its current form.
This contains any Finder comments for the document.
Fonts used in the document.
A headline-style synopsis of the document.
IM addresses/screen names associated with the document.
Special instructions or warnings associated with this document.
Keywords associated with the document.
Describes the kind of document, such as "iCal Event."
Language of the document.
The date and time the document was last opened.
Page count of this document.
The organization that created the document.
Height of the document's page layout in points.
Width of the document's page layout in points.
Phone numbers associated with the document.
Names of projects (other documents such as an iMovie project) that this document is associated with.
The publisher of the document.
The recipient of the document.
A link to the statement of rights (such as a Creative Commons or old-school copyright license) that govern the use of the document.
Encryption method used on the document.
Rating of the document (as in the iTunes "star" rating).
The document's state or province of origin.
The title.
The version number.
Where the document came from, such as a URI or email address.
mdimport |
mdimport [ options ] file | directory
Imports metadata from files or filesystem hierarchies.
Prints a list of all attributes currently supported and exits.
Specifies debug level and categories. Valid level s are 14, and category can be import-terse , import-input , import-output , import-warnings , import-verbose , or plugin-loading . This option can be repeated.
Force the files to be scanned, ignoring the rules for path filtering.
Ignore Finder comments.
Prints a list of all importers and exits.
Don't actually set attributes on the file.
Print performance information for the run. Seems to be identical to -V .
Reimport the files previously imported by importer .
Print timing information for the run. Seems to be identical to -p .
Wait for msecs milliseconds between scanning files.
Print the schema file, then exit.
mdls |
mdls [-name attribute ] filenames
Displays the metadata tags for each of the filenames .
Only display the given attribute. This option is repeatable. See the mdfind entry for a list of common attributes.
After displaying the list of files, displays a count of files matching the query. The count is updated each time the count is updated. Use Control-C to cancel.
Limit the directories searched to dir .
mdutil |
mdutil [ options ] volume
Publishes the local copies of the metadata to their real drives.
Erases the metadata for the volume. Mac OS X can then rebuild the data, if indexing is still on.
Sets the indexing status for the volume.
Show the indexing status of the volume.
merge |
merge [ options ] file1 file2 file3
Performs a three-way file merge. merge incorporates all changes that lead from file2 to file3 and puts the results into file1 . merge is useful for combining separate changes to an original. Suppose file2 is the original, and both file1 and file3 are modifications of file2 . Then merge combines both changes. A conflict occurs if both file1 and file3 have changes in a common segment of lines. If a conflict is found, merge normally outputs a warning and puts brackets around the conflict, with lines preceded by <<<<<<< and >>>>>>> . A typical conflict looks like this:
<<<<<<< file1 relevant lines from file1 = = = = = = = relevant lines from file3 >>>>>>> file3
If there are conflicts, the user should edit the result and delete one of the alternatives.
Output conflicts using the -A style of diff3 . This merges all changes leading from file2 to file3 into file1 , and generates the most verbose output.
Don't warn about conflicts.
Output conflict information in a less verbose style than -A ; this is the default.
Specify up to three labels to be used in place of the corresponding filenames in conflict reports. That is:
merge -L x -L y -L z file_a file_b file_c
generates output that looks as if it came from x , y , and z instead of from file_a , file_b , and file_c .
Send results to standard output instead of overwriting file1 .
Quiet; don't warn about conflicts.
Print version number.
mkbom |
mkbom [ option ] sourcedir bomfile
Creates a bill-of-materials, or BOM file. The new BOM , named in bomfile , lists the full contents of directory sourcedir . Included with each listing in the BOM is information about the listed file or directory, such as its permissions, size, and checksum. The Mac OS X Installer uses BOM s to determine what files to install, delete, or upgrade. See also ditto and lsbom for more information about working with BOM files.
Create a simplified BOM , which includes only the pathnames of the listed files and directories.
mkdir |
mkdir [ options ] directories
Creates one or more directories . You must have write permission in the parent directory to create a directory. See also rmdir . The default mode of the new directory is 0777, modified by the system or user's umask .
Set the access mode for new directories. See chmod for an explanation of acceptable formats for mode .
Create intervening parent directories if they don't exist.
Verbose mode. Print directories as they're created.
Create a read-only directory named personal :
$ mkdir -m 444 personal
The following sequence:
$ mkdir work; cd work $ mkdir junk; cd junk $ mkdir questions; cd ../..
can be accomplished by typing this:
$ mkdir -p work/junk/questions
more |
more [ options ] [ files ]
Displays the named files on a terminal, one screen at a time. See less for an alternative to more . Some commands can be preceded by a number.
Begin displaying at line number num .
Set screen size to num lines.
Begin displaying two lines before pattern .
Repaint screen from top instead of scrolling.
Display the prompt "Press space to continue, 'q' to quit" in response to illegal commands.
Count logical rather than screen lines. Useful when long lines wrap past the width of the screen.
Ignore form-feed (Control-L) characters.
Page through the file by clearing each window instead of scrolling. This is sometimes faster.
Force display of control characters, in the form ^x .
Squeeze; display multiple blank lines as one.
Suppress underline characters.
All commands in more are based on vi commands. An argument can precede many commands.
Display next screen of text, or num more lines.
Display next lines of text, and redefine a screen to num lines. Default is one screen.
Display num lines of text, and redefine a screen to num lines. Default is one line.
Scroll num lines of text, and redefine scroll size to num lines. Default scroll is 11 lines.
Quit.
Skip forward num lines of text.
Skip forward num screens of text.
Skip backward num screens of text.
Return to point where previous search began .
Print number of current line.
Search for pattern , skipping to num th occurrence if an argument is specified.
Repeat last search, skipping to num th occurrence if an argument is specified.
Invoke shell, and execute cmd in it.
Invoke vi editor on the file, at the current line.
Display the help information.
Skip to next file, skipping to num th file if an argument is specified.
Skip to previous file, skipping to num th file if an argument is specified.
Print current filename and line number.
Re-execute previous command.
Page through file in "clear" mode and display prompts:
$ more -cd file
Format doc to the screen, removing underlines:
$ nroff doc | more -u
View the manpage for the grep command; begin near the word "BUGS" and compress extra whitespace:
$ man grep | more /BUGS -s
mount |
mount [-t type ] mount [-d] [-f] [-r] [-u] [-v] [-w] { [-t types ] -a | special | mount_point | [-o mount_options ] special mount_point ]
Integrates volumes on local storage devices and network file servers into the system's directory hierarchy.
The first form of the command merely lists currently mounted volumes.
The second form of the command mounts volumes, with one of four possible sets of arguments. The -a flag causes all filesystems (possibly limited to those of a certain type ) listed in /etc/fstab or in the /mounts directory of an Open Directory domain to be mounted, with the options given in the configuration. If only special or mount_point is provided, the associated fstab or Open Directory entry is used to determine what's mounted. The final alternative specifies both special and mount_point , and a possible list of options.
Attempt to mount all filesystems listed in fstab or Open Directory, other than those marked with the noauto option.
Disable the actual mount, but do everything else. May be useful when used with the -v flag in a troubleshooting situation.
When using the -u flag and changing the status of a read-write filesystem to read-only, force the revocation of write access. Normally the change is denied if any files are open for writing at the time of the request.
Take a comma-separated list of options, which may include async , noauto , nodev , noexec , nosuid , union , and others. See the mount manpage for details.
Mount the filesystem for read-only access.
Restrict the use of the command to filesystems of the specified types presented in a comma-separated list, which may include hfs , ufs , afp , nfs , or others.
When used with -o , -r , or -w , change the status of a currently mounted filesystem to match the newly provided options.
Enable verbose output.
Mount the filesystem for read-write access.
The form of this argument is particular to the type of filesystem being mounted, and could be a disk device name, a fixed string, or something involving a server name and directory. See the individual mount_type entries for details.
The directory on which the filesystem is mounted.
mount_afp |
mount_afp [-i] [-o mount_options ] afp:/[at]/[ username [;AUTH= auth_method ][: password ]@] afp_server [: port_or_zone ]/ share_name mount_point
Mounts Apple Filing Protocol (AFP) shares as filesystem volumes. It takes an AFP URL and a mount point as arguments.
Prompt for password if not specified in the AFP URL.
Takes -o options as listed in the mount manpage.
The name to use for authentication to the AFP server. username may be null if the NO%20USER%20AUTHENT authentication method is used.
The name of the authentication method used. Examples include NO%20USER%20AUTHENT (no authentication required for guest-accessible shares), CLEARTXT%20PASSWRD (clear-text password), 2-WAY%20RANDNUM (two-way random number exchange), and CLIENT%20KRB%20V2 (Kerberos).
The password to use for authentication. Note that specifying this on the command line exposes the password in a process listing.
The hostname or IP address of an AFP server.
A TCP port number if accessing the share over TCP/IP, or a zone name if accessing it over AppleTalk.
The name of the AFP share you wish to access.
The directory on which the filesystem is mounted.
mount_autofs |
mount_autofs [-f server : pathname ] mount_point
Mounts an automounted filesystem on the specified mount point.
Specifies the share to be mounted.
The hostname or IP address of a file server.
The pathname of the share you wish to access.
The directory on which the filesystem will be mounted.
mount_cd9660 |
mount_cd9660 [-e] [-g] [-j] [-r] [-s sector_num ] device mount_point
Mounts ISO-9660 CD-ROM filesystems into the directory hierarchy.
Enable extended attributes.
Disable stripping version numbers from files, making all versions visible.
Disable Joliet extensions.
Disable Rockridge extensions.
Start the filesystem at the specified sector (given in 2048-byte blocks). Normally this is determined automatically.
The CD device filename, e.g., /dev/disk1s2 .
The directory on which the filesystem is mounted.
mount_cddafs |
mount_cddafs [-o mount_options ] device mount_point
Mounts CDDAFS audio CD filesystems into the directory hierarchy.
Take -o options as listed in the mount manpage.
The CD device filename, e.g., /dev/disk1s2 .
The directory on which the filesystem is mounted.
mount_devfs |
mount_devfs [-o mount_options ] devfs mount_point
Mounts the devfs filesystem in /dev , where block and character device special files exist.
Take -o options as listed in the mount manpage. Not normally used for mount_devfs .
The directory on which the filesystem is mounted, normally /dev .
mount_fdesc |
mount_fdesc [-o mount_options ] fdesc mount_point
Mounts the fdesc filesystem in /dev . It contains the fd subdirectory, which contains one entry for each file descriptor held open by the process reading the contents of the directory. It also contains stdin , stdout , and stderr , which are symlinks to fd/0 , fd/1 , and fd/2 , respectively; and tty , a reference to the controlling terminal for the process.
Takes -o options as listed in the mount manpage. Normally includes the union option, which prevents mounting over and obscuring the devfs filesystem in /dev .
The directory on which the filesystem is mounted, normally /dev .
mount_ftp |
mount_ftp [-o mount_options ] [ftp://][ username : password @] ftp_server : port_num [/ pathname ] mount_point
Mounts FTP archives as filesystem volumes.
Take -o options as listed in the mount manpage.
The login name to use with an FTP server that requires authentication.
The password to use with an FTP server that requires authentication. Note that specifying this on the command line exposes the password in a process listing.
The hostname or IP address of an FTP server.
The port number on which the server offers FTP service.
The path to the directory you wish to access on the FTP server, relative to the site's default FTP root directory (e.g., /Library/FTPServer/FTPRoot on Mac OS X Server). Defaults to / .
The directory on which the filesystem is mounted. It must be an absolute pathname.
mount_hfs |
mount_hfs [-w] [-o mount_options ] device mount_point mount_hfs [-e] [-x] [-u user_ID ] [-g group_ID ] [-m mode ] [-o mount_options ] device mount_point
Mounts HFS and HFS+ filesystems into the directory hierarchy. The first form is applicable to HFS+ volumes, the second to HFS.
Set the character set encoding. Defaults to Roman .
Set group ownership on files. Defaults to the mount point's group owner.
Set the maximum permissions for files. The argument is an octal mode, as described in the chmod manpage.
Take -o options as listed in the mount manpage.
Set ownership on files. Defaults to the mount point's owner.
Mount an HFS+ volume with its HFS wrapper, if one exists. An HFS wrapper is required for the volume to boot Mac OS 9.
Disable execute permissions.
The disk device filename, e.g., /dev/disk0s5 .
The directory on which the filesystem is mounted.
mount_msdos |
mount_msdos [-l | -s | -9] [-W filename ] [-L locale ] [-u user_ID ] [-g group_ID ] [-m mode ] [-o mount_options ] device 1q
Mounts DOS FAT filesystems into the directory hierarchy.
Ignore files with Win95 long filenames and special attributes. This option may result in filesystem inconsistencies, so it's better to use -s .
Set group ownership on files in the volume. Defaults to the mount point's group owner.
List and generate long filenames and separate creation, modification, and access dates on files. This is the default if any long filenames exist in the volume's root directory, and neither -s nor -9 have been specified.
Set the locale for character set conversions. Defaults to ISO 8859-1 .
Set the maximum permissions for files in the volume. The argument is an octal mode, as described in the chmod manpage.
Take -o options as listed in the mount manpage.
Ignore and disable generation of long filenames and separate creation, modification, and access dates on files. This is the default if no long filenames exist in the volume's root directory and -l has not been specified.
Set ownership on files in the volume. Defaults to the mount point's owner.
Specify a file containing character set conversion tables.
The disk device filename, e.g., /dev/disk0s5 .
The directory on which the filesystem is mounted.
mount_nfs |
mount_nfs [ nfs_mount_options ] [-o mount_options ] nfs_server : pathname mount_point
Mounts Network File System (NFS) exports as filesystem volumes. mount_nfs can take a large number of options, most of which offer knobs to tune the performance of NFS mounts. Only a few are described in the "Options" section; see the manpage for full details.
After an initial mount attempt fails, fork off a background process to continue trying the mount.
Make the mount interruptible, so that processes failing to access the mount can be terminated, instead of getting stuck in an uninterruptible state waiting on I/O.
Enable Kerberos authentication.
Specify a Kerberos realm to use with the -K option. Takes a realm name as an argument.
Takes -o options as listed in the mount manpage.
Make the mount soft, so that processes failing to access the mount eventually receive an error, instead of getting interminably stuck waiting on I/O.
Enable the use of TCP as the underlying network transport protocol, instead of the default UDP.
The hostname or IP address of an NFS server.
The pathname of the NFS export you wish to access.
The directory on which the filesystem is mounted.
mount_ntfs |
mount_ntfs [-a] [-i] [-W filename ] [-u user_ID ] [-g group_ID ] [-m mode ] [-o mount_options ] device mount_point
Mounts NTFS filesystems into the directory hierarchy.
Filenames are mapped to DOS 8.3 format.
Set group ownership on files in the volume. Defaults to the mount point's group owner.
Cause filename lookups to be case insensitive.
Set the maximum permissions for files in the volume. The argument is an octal mode, as described in the chmod manpage.
Takes -o options as listed in the mount manpage.
Turn on case sensitivity on name lookups.
Set ownership on files in the volume. Defaults to the mount point's owner.
Specify a file containing character set conversion tables.
The disk device filename, e.g., /dev/disk0s5 .
The directory on which the filesystem is mounted.
mount_smbfs |
mount_smbfs { -h | -v } mount_smbfs [-u username_or_ID ] [-g groupname_or_ID ] [-f mode ] [-d mode ] [-I hostname_or_IP ] [-n long] [-N] [-U username ] [-W workgroup_name ] [-O c_user [: c_group ]/ s_user [: s_group ]] [-M c_mode [/ s_mode ]] [-R num_retries ] [-T timeout ] [-o mount_options ] [-x max_mounts ] // [ workgroup ;][ username [: password ]@] smb_server [/ share_name ] mount_point
Mounts Server Message Block (SMB) shares as filesystem volumes. It takes a share UNC and a mount point as arguments.
mount_smbfs can use the same configuration files used by smbutil : either .nsmbrc in the user's home directory or the global /usr/local/etc/nsmb.conf , which overrides per-user files. The following example .nsmbrc demonstrates some of the available parameters:
[default] username=leonvs # NetBIOS name server nbns=192.168.1.3 [VAMANA] # server IP address addr=192.168.1.6 workgroup=TEST [VAMANA:LEONVS] password= $$178465324253e0c07
The file consists of sections, each with a heading in brackets. Besides the [default] section, headings have a server name to which the parameters in the section apply, and can also include a username and a share name.
|
All sections and parameter definitions in .nsmbrc are optional; everything can be specified right on the mount_smbfs command line. It may come in handy for providing passwords for automated connections, when prompting for a password (which is the most secure method of providing it) is impractical . The value of the password parameter can be a clear-text password, but in this example, it is derived from the output of smbutil crypt password . While that's better than clear text, don't trust the encryption too much, as it's fairly weak. Make sure you restrict permissions on .nsmbrc to prevent others from reading your passwords.
Specify directory permissions on the mounted volume, which default to the same as file permissions, plus an execute bit whenever a read bit is set. The argument is an octal mode, as described in the chmod manpage.
Specify file permissions on the mounted volume, which default to the same as those set on the mount point. The argument is an octal mode, as described in the chmod manpage.
Specify group ownership for files and directories on the mounted volume, which defaults to the same as that set on the mount point.
Print a brief usage statement to standard error.
Avoid NetBIOS name resolution, connecting directly to the hostname or IP address specified as an argument.
Assign access rights to the SMB connection.
With an argument of long , disable support for long filenames, restricting them to the "8.3" naming standard.
Suppress the prompt for a password. Unless a password is specified in a configuration file, authentication will fail for nonguest users.
Take -o options as listed in the mount manpage.
Assign owner attributes to the SMB connection.
Specify the number of times to retry a mount attempt. The default is 4.
Specify the connection request timeout (in seconds). The default is 15.
Specify ownership for files and directories on the mounted volume, which defaults to the same as that set on the mount point.
Specify a username for authentication. This may also be part of the UNC.
Print software version to standard error.
Specify an SMB workgroup or NT domain for authentication. This may also be part of the UNC.
Automatically mount all shares from the SMB server. The argument specifies a maximum number of shares that mount_smbfs is willing to mount from a server, to forestall resource starvation when the server has a very large number of shares. If the server has more shares than max_mounts , the mount attempt is cancelled.
The name of the SMB workgroup or NT domain to use for authentication to the SMB server.
The name to use for authentication to the SMB server.
The password to use for authentication. Note that specifying this on the command line exposes the password in a process listing.
The NetBIOS name of an SMB server.
The name of the SMB share you wish to access.
The directory on which the filesystem is mounted.
mount_synthfs |
mount_synthfs [-o mount_options ] synthfs mount_point
Mounts a synthfs filesystem, which is a simple mapping of memory into the filesystem hierarchy (i.e., the contents of a synthfs filesystem are contained in memory). While creation of files in the filesystem is prevented (in fact, you may cause the system to hang after attempting to create files), directory hierarchies are allowed. This could be used to set up transient mount points for other volumes on, for example, read-only media with a shortage of spare directories to serve as mount points (like an installation CD).
Take -o options as listed in the mount manpage.
The directory on which the filesystem is mounted.
mount_udf |
mount_udf [-e] [-o mount_options ] device mount_point
Mounts Universal Disk Format (UDF) DVD-ROM filesystems into the directory hierarchy.
Enable extended attributes.
Take -o options as listed in the mount manpage.
The DVD device filename, e.g., /dev/disk1 .
The directory on which the filesystem is mounted.
mount_volfs |
mount_volfs [-o mount_options ] mount_point
Mounts the volfs filesystem in /.vol . The volfs filesystem enables the Carbon File Manager API to map a file ID to a file, without knowing the BSD path to it. Thus, HFS aliases, which use file IDs, remain consistent, even if the targets of the aliases move around within the volume.
The /.vol directory contains subdirectories named with numeric IDs, each associated with a volume on the system. While the directories appear empty if listed, with a file or directory ID, you can access any object on those volumes. A file ID is a unique number associated with each file on a volume (analogous to an inode number on a UFS-formatted filesystem) and can be viewed with the -i option of ls .
If you know a file's ID, you can access it as /.vol/ vol_ID / file_ID . If you know the ID of the directory the file is in, you can also access it as /.vol/ vol_ID / dir_ID / filename . The root directory of a volume always has a directory ID of 2, so you can map volume IDs to volumes with:
% cd /.vol/ vol_ID /2; pwd
Take -o options as listed in the mount manpage. Not normally used for mount_volfs .
The directory on which the filesystem is mounted, normally /.vol .
mount_webdav |
mount_webdav [- afile_descriptor ] [-o mount_options ] webdav_server [: port ] [/ pathname ] mount_point
Mounts directories from WebDAV-enabled servers as filesystem volumes.
Specify a file descriptor associated with a file containing authentication information. See the mount_webdav manpage for details.
Take -o options as listed in the mount manpage.
The hostname or IP address of a WebDAV server.
The TCP port on which to access the server. Defaults to 80.
The path to the directory you wish to access on the server, relative to the site's WebDAV root directory (e.g., /Library/WebServer/Documents on Mac OS X Server). Defaults to / .
The directory on which the filesystem is mounted.
mv |
mv [ option ] sources target
Moves or renames files and directories. In Table 2-4, the source (first column) and target (second column) determine the result (third column).
Source | Target | Result |
---|---|---|
File | name (nonexistent) | Rename file to name . |
File | Existing file | Overwrite existing file with source file. |
Directory | name (nonexistent) | Rename directory to name . |
Directory | Existing directory | Move directory to be a subdirectory of existing directory. |
One or more files | Existing directory | Move files to directory. |
mv doesn't preserve resource forks or HFS metadata when moving files that contain them. For such files, use MvMac instead.
Force the move, even if target file exists; suppress messages about restricted access modes. Overrides previous -i and -n options.
Query user before removing files. Overrides previous -f and -n options.
Don't overwrite existing target files. Overrides previous -f and -i options.
Verbose; show files as they're being moved.
MvMac |
MvMac sources target
Moves or renames files while preserving resource forks and HFS metadata. MvMac works like mv , but doesn't have any of mv 's options. It is not intended as a direct replacement for mv . MvMac is installed with the Xcode Tools into /Developer/Tools . Since this directory isn't in the shell's search path by default, you might to need to specify MvMac 's pathname to invoke it.
netstat |
netstat [ options ]
Shows network status. For all active sockets, prints the protocol, the number of bytes waiting to be received, the number of bytes to be sent, the port number, the remote address and port, and the state of the socket.
Show the address of any protocol control blocks associated with sockets.
Show the state of all sockets, including server sockets (not displayed by default).
Modify the -i option display by providing bytes in and bytes out.
Modify the -i and -w options' display by providing dropped packets.
Limit displayed information to the specified address_family where legitimate families are [ inet , inet6 , unix ].
Display group address (multicast routing) information.
Display information for the specified interface .
Display state and packet transfer statistics for all autoconfigured interfaces.
Display current listen queue sizes.
Modify display of -r option to include mtu information. As a standalone option, prints full IPv6 address.
Extract information from specified core file instead of /dev/kmem .
Display memory management statistics.
Extract the name list from specified system instead of /kernel .
Display network addresses using dotted octet notation (i.e., 172.24.30.1).
Display statistics about protocol (see /etc/protocols for names and aliases).
Display routing tables.
Display per protocol statistics. Use of double s filters zero count statistics.
Don't truncate addresses.
Display network statistics every wait seconds.
nice |
nice [ option ] [ command [ arguments ]]
Executes a command (with its arguments ) with lower priority (i.e., be "nice" to other users). With no arguments, nice prints the default scheduling priority (niceness). If nice is a child process, it prints the parent process's scheduling priority. Niceness has a range of -20 (highest priority) to 20 ( lowest priority).
Run command with niceness incremented by adjustment (1 to 20); default is 10. A privileged user can raise priority by specifying a negative adjustment (e.g., -5).
nicl |
nicl [ options ] datasource [ command ]
Modifies entries in the NetInfo database. You can manipulate directories and properties with nicl . The datasource may be the path to a NetInfo directory (such as /_ ) or the filesystem path of a NetInfo database (you must use the -raw option for this). Use -raw to work directly with the NetInfo database, such as /var/db/netinfo/local.nidb . This is useful in cases when the NetInfo daemon is down (such as when you boot into single-user mode).
Create a new data source.
Prompt for a password. You can use this instead of prefixing the command with sudo .
Use the specified password.
Be quiet.
Indicates that the datasource is a filesystem path to a NetInfo database.
Open datasource as read-only.
Treat the domain as a tagged domain, which includes a machine name and a tagged NetInfo database.
Use the specified user's identity when running the command. You'll be prompted for a password.
Be verbose.
Use X.500 names (see the nicl manpage for more details).
Append a value to an existing property. The property is created if it doesn't already exist.
Copy the specified path to a new parent path.
Create a NetInfo directory specified by path .
Destroy the specified path and all its contents. If you specify a key and/or value, only the specified key is deleted.
Print the NetInfo domain name of datasource .
Print a string to standard output. Only useful in scripts.
Flush the directory cache.
With no options, prints the current version number of the database. With < , = , or > followed by a version number, prints a list of the directories that have been changed before, at, or after the given version number. Note that > and < are shell characters for redirection, so must be quoted, as in nicl . -history ">" 300 . Without the quotes, this command would print the current version number into a file called 300 .
Operate like -append , but instead of placing the value at the end, it inserts it at the specified index.
List all the NetInfo directories in the specified path. For example, to list all users, use nicl / -list /users .
Operate like -append , but if the value already exists, it is not duplicated .
Move the specified path to a new parent path.
Display all the properties of the specified path. For example, to see root's properties, use nicl / -read /users/ root .
Rename a property.
Resynchronize NetInfo.
Print the NetInfo parent of datasource .
Perform a search within the NetInfo database. For complete details, see the nicl manpage.
Display NetInfo server statistics.
nidomain |
nidomain options
Creates or destroys NetInfo databases. nidomain can also list which databases on a particular computer are serving which domains.
List which domains are served by machine host , or the local host if host is not specified.
Create a new local database to serve the NetInfo domain tag .
Destroy the local database serving domain tag .
Create the local database tag , cloned from the remote machine master 's database remotetag .
nidump |
nidump [-T timeout ] (-r directory | format ) [-t] domain
Dumps NetInfo information in a flat-file format (such as the /etc/hosts format) or in a raw format that uses a C-like syntax:
{ "name" = ( "localhost" ); "ip_address" = ( "127.0.0.1" ); "serves" = ( "./local" ); }
Specify a timeout in seconds.
Treat the domain as a tagged domain, which includes a machine name and a tagged NetInfo database. For example, abbot/local refers to the local NetInfo domain of the machine named abbot.
Dump the directory in raw format. Directory should be a path to a NetInfo directory, such as /users/root or /machines .
Specify a format corresponding to a Unix flat file of the same name. Can be: aliases , bootptab , bootparams , ethers , exports , fstab , group , hosts , networks , passwd , printcap , protocols , resolv.conf , rpc , services , or mountmaps .
Specify a NetInfo domain. For standalone machines, use a dot ( . ), which refers to the local domain.
nifind |
nifind [ options ] nidir [ domain ]
Searches the root domain for the NetInfo directory nidir and returns the location and ID of the found directories. If domain is specified, searches the hierarchy only up to that domain.
Search the entire NetInfo directory.
Don't search local directories.
Display the contents of the directories.
Set the connection timeout to n seconds (default is 2).
Be verbose.
nigrep |
nigrep regx [ option ] domain [nidir]
Searches the specified NetInfo domain using the regular expression regx and return the location and ID of the found directories. If nidir is specified, starts the search from that directory.
Identify domain by a specified IP number or hostname and tag.
Set the connection timeout to n seconds
niload |
niload [-v] [-T timeout ] [(-d|-m)] [(-p|-P password )] [-u user ] {-r directory | format } [-t] domain
Reads the Unix flat file format from standard input and loads it into the NetInfo database.
Select verbose mode.
Specify a timeout in seconds.
Specify that if a duplicate entry already exists, NetInfo deletes that entry before adding the new one. This can cause you to lose data if NetInfo is tracking information that isn't represented in the flat file. For example, if you dump the /users directory to a flat passwd file format and load it back in with niload -d , you will lose the picture , hint , and sharedDir properties for every user on your system because the passwd file doesn't have a field for those properties. Most of the time, the -m option is what you want.
Specify that if a duplicate entry already exists, niload will merge the changes. So, if you dump the /users directory to a flat passwd file format, change a user's shell, and load that file back in with niload , NetInfo will keep the old shell. If you use the -m option, NetInfo will accept the new shell without the destructive side effects of the -d option.
Prompt for a password. You can use this instead of prefixing the command with sudo .
Use the specified password.
|
Use the specified user's identity when running the command. You'll be prompted for a password.
Treat the domain as a tagged domain, which includes a machine name and a tagged NetInfo database.
Specify a NetInfo domain.
Denotes a path to a NetInfo directory.
Specify a format corresponding to a Unix flat file of the same name. Can be: aliases , bootptab , bootparams , exports , fstab , group , hosts , networks , passwd , printcap , protocols , rpc , or services .
nireport |
nireport [-T timeout ] [-t] domain directory [ property ... ]
Lists all NetInfo groups.
Specify a timeout in seconds.
Treat the domain as a tagged domain, which includes a machine name and a tagged NetInfo database.
Specify a NetInfo domain.
Denotes a path to a NetInfo directory.
Specify one or more NetInfo properties; e.g., each user listed in the /users directory has name , passwd , uid , and gid properties (as well as a few other properties). Every directory has a name property that corresponds to the directory name. For example, the /machines directory's name property is machines .
You can use nireport to list any portion of the NetInfo directory. For example, to list the top-level directory, specify the local domain, the / directory, and the name property, as in nireport . / name .
niutil |
niutil command [-T timeout ] [(-p|-P password )] [-u user ] [-R] [-t] arguments
Uses niutil to modify entries in the NetInfo database. You can manipulate directories and properties with niutil .
Specify a timeout in seconds.
Prompt for a password. You can use this instead of prefixing the command with sudo .
Use the specified password.
Use the specified user's identity when running the command. You'll be prompted for a password.
Retry the operation if the NetInfo server is busy.
Treat the domain as a tagged domain, which includes a machine name and a tagged NetInfo database.
Create a NetInfo directory specified by path . For example, the first step in creating a user is to create the person's directory with niutil -create . /users/username .
Destroy the specified path and all its contents.
Create a property (specified by propkey ) under the NetInfo directory specified by path . You can create a list by specifying multiple values.
Append a value to an existing property. The property is created if it doesn't already exist.
This is like -appendprop , but if the value already exists, it is not added.
This is like -appendprop , but instead of placing the value at the end, it inserts it at the specified index.
Delete the specified property. For an example, see the later section "Modifying a User."
Delete one or more values from a property.
Rename a property.
Display all the properties of the specified path. For example, to see root's properties, use niutil -read . /users/ root .
List all the NetInfo directories in the specified path. For example, to list all users, use niutil -list . /users
Display the values of the specified property.
Display the value of the specified property at the given index. For example, to list the first member of the writers group, use niutil -readval . /groups/writers users 0 .
Print the NetInfo parent of the specified domain.
Resynchronize NetInfo.
Display NetInfo server statistics.
Print the NetInfo domain name of the specified domain.
notifyd |
notifyd [-no_restart] [-no_startup] [-shm_pages integer ]
The notification server for the API described in the notify(3) manpage. (Use man 3 notify to display this page.) Using the API, processes may post notifications associated with arbitrary names, and other processes can register to be informed of such notification events. (A name should follow the convention used for Java classes: the reversed DNS domain name associated with the responsible organization, followed by one or more segments; e.g., com.apple.system.timezone .) notifyd sets up the shared memory used for the notify_register_check call, and directly answers notify_check requests for other notification methods (signal, Mach port, and file descriptor).
It also reads a configuration file, /etc/notify.conf . Each line begins with one of two keywords: reserve or monitor . The reserve keyword lays out access restrictions for portions of the namespace. The arguments are a name, a user and a group that "owns" the name, and a set of read and write permissions for the user, the group, and others, similar to those applied to files. For example, the following line:
reserve com.apple.system. 0 0 rwr-r-
states that any names starting with com.apple.system. are owned by UID 0 ( root ) and GID 0 ( wheel ), and that anyone can receive notifications for these names, but only root (the owner) can post notifications.
The monitor keyword takes a name and a filename as arguments. When the specified file is changed, a notification is posted for the name. For example, the following line from the stock /etc/notify.conf can be used by processes wishing to keep track of time zone changes:
monitor com.apple.system.timezone /etc/localtime
Another use would be to monitor changes to a daemon's configuration file. When the file is changed, the daemon or another process could receive notification and cause the daemon to automatically reread the configuration.
notifyd is started as a bootstrap daemon, from /etc/mach_init.d/notifyd.plist (processed by register_mach_bootstrap_servers ). It responds to HUP or TERM signals by restarting (unless the -no_restart flag was used), thus rereading /etc/notify.conf . Before notifyd exits, it sends notifications for all registered names; after it restarts, processes registered for notifications must register again, as their tokens become invalid.
Disable automatic restart. Normally, if notifyd is killed, it's restarted within a few seconds.
Apparently prevents notifyd from issuing notifications, while using all available CPU time. The purpose of this option is unknown.
Specify the number of pages (i.e., units of 4096 bytes) to reserve for shared memory (although it appears to use about twice that). Defaults to 1.
nslookup |
nslookup [- option ...] [ host_to_find | - [ server ]]
Queries Internet domain nameservers. This command is deprecated, and users should turn to dig for their name lookup needs.
nslookup has two modes: interactive and noninteractive. Interactive mode allows the user to query nameservers for information about various hosts and domains or to print a list of hosts in a domain. Interactive mode is entered when either no arguments are provided (the default nameserver will be used), or the first argument is a hyphen and the second argument is the hostname or Internet address of a nameserver. Noninteractive mode is used to print just the name and requested information for a host or domain. It is used when the name of the host to be looked up is given as the first argument. Any of the keyword = value pairs listed under the interactive set command can be used as an option on the command line by prefacing the keyword with a - . The optional second argument specifies a nameserver.
All options under the set interactive command can be entered on the command line, with the syntax - keyword [ = value ].
Exit nslookup .
Connect to finger server on current host, optionally creating or appending to filename .
Print a brief summary of commands.
Look up information for host using the current default server or using server if specified.
List information available for domain , optionally creating or appending to filename . The -a option lists aliases of hosts in the domain. -d lists all contents of a zone transfer. -h lists CPU and operating system information for the domain. -s lists well-known services for the domain. -t lists all records of the specified type (see type table).
Change the default server to domain . Use the initial server to look up information about domain .
Change default server to the server for the root of the domain namespace.
Change the default server to domain . Use the current default server to look up information about domain .
Change state information affecting the lookups. Valid keywords are:
Print the current values of the frequently used options to set .
Set query class to IN (Internet; default), CHAOS , HESIOD / HS , or ANY .
Change default domain name to name .
Turn debugging mode on or off.
Turn exhaustive debugging mode on or off.
Append default domain name to a single-component lookup name.
Ignore truncate error.
Tell name server to query or not query other servers if it doesn't have the information.
With defname , search for each name in parent domains of current domain.
Always use a virtual circuit when sending requests to the server.
Connect to nameserver using port .
See type= value .
Set number of retries to number .
Change name of root server to host .
Where domain-list is a maximum of six slash ( / ) separated domain names.
Change timeout interval for waiting for a reply to number seconds.
Change type of information returned from a query to one of:
Host's Internet address
Any available information
Canonical name for an alias
Host CPU and operating system type
Mail destination
Mail group member
Mailbox or mail list information
Mail rename domain name
Mail exchanger
Nameserver for the named zone
Hostname or pointer to other information
Domain start-of-authority
Text information
User information
Supported well-known services
ntp-wait |
ntp-wait [-v] [-f] [-n num_tries ] [-s time ]
This is a Perl script that reports whether the local ntpd has synchronized yet. Returns 0 if synchronized, 1 if not.
Cause ntp-wait to return 1 if an indeterminate result is received from ntpd ; otherwise, ntp-wait returns 0.
Specify the number of times to try for a successful result before quitting. Defaults to 1000.
Specify the number of seconds between tries. Defaults to 6.
Enable verbose output to standard output.
ntptimeset |
ntptimeset [-l] [-d]... [-v] [-s] [-c filename ] [-u] [-S integer ] [-V integer ] [-t timeout ] [-H] [-a key_id ] [-e delay ]
Synchronizes the system clock in a manner similar to ntpdate , but in a way that attempts to compensate for current, possibly degraded, network conditions.
Enable secure authentication with the key specified by the given identifier.
Specify the location of the configuration file. Defaults to /etc/ntp.conf .
Enable debugging output.
Specify the delay, in seconds, caused by authentication. Normally this is negligible.
Simulate poor network conditions by dropping a proportion of network packets.
Enable logging to syslog .
Set the system clock. Otherwise, ntptimeset merely reports the clock's offset.
Specify a minimum number of servers that must respond. Defaults to 3.
Specify the time, in seconds, spent waiting for a server response. Defaults to 1.
Use an unprivileged client port.
Enable verbose output.
Specify a minimum number of servers that must respond with a valid time. Defaults to 1.
nvram |
nvram [ -p] [-f filename ] [ name ] [= value ] ...
Modifies Open Firmware variables, which control the boot-time behavior of your Macintosh. To list all Open Firmware variables, use nvram -p . The Apple Open Firmware page is http://bananajr6000.apple.com.
To change a variable, you must run nvram as root or as the superuser. To set a variable, use variable = value . For example, to configure Mac OS X to boot verbosely, use nvram boot-args=-v . (Booting into Mac OS 9 or earlier resets this.) The table in this section lists Open Firmware variables. Some variables use the Open Firmware Device Tree notation (see the TechNotes available at the Apple Open Firmware page).
|
Read the variables to be set from filename , a text file of name = value statements.
Deletes Open Firmware variable variable .
Display all Open Firmware variables.
Variable | Description |
---|---|
auto-boot? | The automatic boot settings. If TRue (the default), Open Firmware automatically boots an operating system. If false , the process stops at the Open Firmware prompt. Be careful using this with Old World (unsupported) machines and third-party graphics adapters because the display and keyboard may not be initialized until the operating system starts (in which case you won't have access to Open Firmware). |
boot-args | The arguments that are passed to the boot loader. |
boot-command | The command that starts the boot process. The default is mac-boot , an Open Firmware command that examines the boot-device for a Mac OS startup. |
boot-device | The device to boot from. The syntax is device :[ partition ], path : filename , and a common default is hd:,\\: tbxi . In the path, \\ is an abbreviation for /System/Library/CoreServices , and tbxi is the file type of the BootX boot loader. (Run /Developer/Tools/GetFileInfo on BootX to see its type.) |
boot-file | The name of the boot loader. (This is often blank because boot-command and boot-device are usually all that are needed.) |
boot-screen | The image to display on the boot screen. |
boot-script | A variable that can contain an Open Firmware boot script. |
console-screen | A variable that specifies the console output device, using an Open Firmware Device Tree name. |
default-client-ip | An IP address for diskless booting. |
default-gateway-ip | A gateway address for diskless booting. |
default-mac-address? | See errata page at http://www.oreilly.com/catalog/macpantherian. |
default-router-ip | A router address for diskless booting. |
default-server-ip | An IP address for diskless booting. |
default-subnet-mask | A default subnet mask for diskless booting. |
diag-device | A private variable; not usable for security reasons. |
diag-file | A private variable; not usable for security reasons. |
diag-switch? | A private variable; not usable for security reasons. |
fcode-debug? | A variable that determines whether the Open Firmware Forth interpreter displays extra debugging information. |
input-device | The input device to use for the Open Firmware console. |
input-device-1 | A secondary input device (so you can have a screen and serial console at the same time). Use scca for the first serial port. |
little-endian? | The CPU endian-ness. If true , initializes the PowerPC chip as little-endian. The default is false . |
load-base | A private variable; not usable for security reasons. |
mouse-device | The mouse device using an Open Firmware Device Tree name. |
nvramrc | A sequence of commands to execute at boot time (if use-nvramc? is set to TRue ). |
oem-banner | A custom banner to display at boot time. |
oem-banner? | The oem banner settings. Set to true to enable the oem banner. The default is false . |
oem-logo | A 64-by-64 bit array containing a custom black-and-white logo to display at boot time. This should be specified in hex. |
oem-logo? | The oem logo settings. Set to TRue to enable the oem logo. The default is false . |
output-device | The device to use as the system console. The default is screen . |
output-device-1 | A secondary output device (so you can have everything go to both the screen and a serial console). Use scca for the first serial port. |
pci-probe-mask | A private variable; not usable for security reasons. |
ram-size | The amount of RAM currently installed. For example, 256 MB is shown as 0x10000000 . |
real-base | The starting physical address that is available to Open Firmware. |
real-mode? | The address translation settings. If TRue , Open Firmware will use real-mode address translation. Otherwise, it uses virtual-mode address translation. |
real-size | The size of the physical address space available to Open Firmware. |
screen-#columns | The number of columns for the system console. |
screen-#rows | The number of rows for the system console. |
scroll-lock | Set by page checking output words to prevent Open Firmware text from scrolling off the top of the screen. |
selftest-#megs | The number of MB of RAM to test at boot time. The default is 0. |
use-generic? | The device node naming settings. Specify whether to use generic device node names such as "screen," as opposed to Apple hardware code names. |
use-nvramrc? | The command settings. If this is true , Open Firmware uses the commands in nvramrc at boot time. |
virt-base | The starting virtual address that is available to Open Firmware. |
virt-size | The size of the virtual address space Open Firmware. |
od |
od [-c] [-a] [-b] [-B] [-o] [-O] [-d] [-D] [-i] [-I] [-l] [-L] [-f] [-e] [-F] [-h] [-x] [-H] [-X] [-v] [ filename ]
Prints the contents of a file to standard output in a variety of formats. (If no filename is specified, it acts on the contents of standard input.) The name is an acronym for octal dump , from its default behavior of displaying files as series of octal numbers.
od has been deprecated in favor of hexdump ; in fact, the two binaries are hard-linked to the same data. However, traditional od syntax applies when invoked by that name. See the hexdump manpage for more.
Display content in 1-byte chunks of ASCII characters, hexadecimal numbers, and short strings representing control characters.
Display content in 1-byte chunks of octal numbers.
Display content in 2-byte chunks of octal numbers. This is the default.
Display content in 1-byte chunks of ASCII characters, octal numbers, and escape sequences representing control characters. This is probably the most commonly used option.
Display content in 2-byte chunks of unsigned decimal integers.
Display content in 4-byte chunks of unsigned decimal integers.
Display content in 8-byte chunks of decimal floating-point numbers.
Display content in 4-byte chunks of decimal floating-point numbers.
Same as -e .
Display content in 2-byte chunks of hexadecimal numbers.
Display content in 4-byte chunks of hexadecimal numbers.
Display content in 2-byte chunks of signed decimal integers.
Display content in 4-byte chunks of signed decimal integers.
Same as -i .
Same as -I .
Same as -B .
Display content in 4-byte chunks of octal numbers.
Disable the suppression of duplicate lines, which are normally represented by a single asterisk.
Same as -h .
Same as -H .
open |
open file open [-a application ] file open [-e] file
The open command can be used to open files and directories, and to launch applications from the Terminal application.
Use application to open the file.
Specifes the application to open the file with, as identified with identifier . For example, to open a CSV-format file names.csv with Excel, use open -b com.microsoft.Excel names.csv .
Force the use of Mac OS X's TextEdit application to open the specified file .
Read input from standard input and open the text in TextEdit.
Open file with the default text editor, which may not be TextEdit.
To open a directory in the Finder, use open , followed by the name of the directory. For example, to open the current directory, type:
$ open .
To open your Public folder in the Finder:
$ open ~/Public
To open the /Applications folder in the Finder:
$ open /Applications
To open an application, you need only its name. For example, you can open Xcode ( /Developer/Applications ) with this command:
$ open -a Xcode
You aren't required to enter the path for the applicationonly its nameeven if it is a Classic application. The only time you are required to enter the path is if you have two different versions of an application with similar names on your system.
You can also supply a filename argument with the -a option, which launches the application and opens the specified file with that application. You can use this option to open a file with something other than the application with which it's associated. For example, to open an XML file in Xcode instead of the default text editor, TextEdit, you can use the following command:
$ open -a Xcode data.xml
To open multiple files, you can use wildcards:
$ open *.c
To force a file to be opened with TextEdit, use -e :
$ open -e *.c
The -e option opens only files in the TextEdit application; it can't open a file in another text editor, such as BBEdit. If you want to use TextEdit on a file that's owned by an administrator (or root), open -e won't work. You need to specify the full executable path, as in:
$ sudo /Applications/TextEdit.app/Contents/ MacOS /TextEdit filename
opendiff |
opendiff file1 file2 [-ancestor ancestor_file ] [-merge merge_file ]
Opens the two designated files in the FileMerge application.
Compare the two files against a common ancestor file.
Merge the two files into a new file.
open-x11 |
open-x11 app_name ...
Starts specified X Window System applications using the X11 application.
The name of an executable X11 application. Those delivered with Mac OS X are in /usr/X11R6/bin/ . If located in a standard directory, the application pathname is not required.
osacompile |
osacompile [-l language ] [-e command ] [-o name ] [-d] [-r typeid ] [-t type ] [-c creator ] [ file ... ]
Compiles into a new script file one or more text or compiled OSA script files or standard input.
Assign the four-character file-creator code creator to the new script (the default is osas ).
Use command as a line of script to be compiled. You can use more than one -e option; each will specify a new line of script.
Use the dictionary from the application pathname when compiling.
Use the dictionary from the application pathname when compiling.
Use OSA language OSAlang instead of the default AppleScript. Use the osalang command (described later in this chapter) to get information on all the system's OSA languages.
Use name as a filename for the new script instead of the default a.scpt .
Place the resulting script in the resource fork of the output file, in the resource specified by type:id .
Make the new applet or droplet be a stay-open applet.
Assign the four-character file-type code type to the new script (the default is osas ).
Make the new applet or droplet use a startup screen.
Save file as execute only. This doesn't produce an applet, but a compiled script file that can't be viewed in Script Editor.
Use the filename newscript for a new script file, compiled from the source in scripttext.txt :
$ osacompile -o newscript scripttext.txt
Compile the file scripttext.txt into a compiled script called newscript (assuming that a JavaScript OSA scripting component exists on the system):
$ osacompile -l JavaScript rawscript.txt
osalang |
osalang [ options ]
Lists the computer's installed OSA-compliant languages (i.e., languages that use Apple Events to communicate among applications). In the newness of Mac OS X, this command may only return "AppleScript" and "Generic Scripting System."
Print only the default language.
List the name and description for each installed language.
List the name and a longer description for each installed language.
osascript |
osascript [ options ] [ files ]
Executes an OSA script from files , or from standard input if files isn't specified.
Use command as a line of script to be compiled. You can use more than one -e option; each specifies a new line of script.
Use OSA language OSAlang instead of the default AppleScript. Use the osalang command (described previously) to get information on all the system's OSA languages.
Provide output as specified in options with one or more of these flags:
Human readable (default)
Recompilable source
Send errors to standard error (default)
Send errors to standard output
To run a script that displays a dialog window from the Finder, first run osascript with no arguments, which allows you to enter the script into standard input:
$ osascript tell app "Finder" activate display dialog "Mac OS X Rules!" end tell
Press Ctrl-D to send an EOF, at which point osascript executes the script and prints the value returned:
button returned:OK
Run with the -s s option, the output is better formatted for subsequent parsing:
$ osascript -s s tell app "Finder" activate display dialog "Mac OS X Rules!" end tell {button returned:"OK"} or argument/switch mismatch
passwd |
passwd [-i infosystem ] [-l location ] [ username ]
Sets a user password in the designated directory service.
Specify the directory service to use, which may be file , netinfo (the default), nis , or opendirectory .
Depending on the directory service being used, it's either a filename (defaults to /etc/master.passwd ), a NetInfo domain name or server/tag combo, a NIS domain name, or an Open Directory node name.
Designate whose password will be set. It defaults to that of the user running the command.
paste |
paste [ options ] files
Merges corresponding lines of one or more files into vertical columns, separated by a tab. See also cut , join , and pr .
Replace a filename with the standard input.
Separate columns with char instead of a tab. char can be any regular character or the following escape sequences:
You can separate columns with different characters by supplying more than one char :
Newline
Tab
Backslash
Empty string
Merge subsequent lines from one file.
Create a three-column file from files x , y , and z :
$ paste x y z > file
List users in two columns:
$ who | paste - -
Merge each pair of lines into one line:
$ paste -s -d"\t\n" list
pax |
pax [ options ] [ patterns ]
Portable Archive Exchange program. When members of the POSIX 1003.2 working group couldn't standardize on either tar or cpio , they invented this program. (See also cpio and tar .) Note that until native drivers for tape drives exist for Mac OS X, pax can't write to tape. Note also that pax doesn't preserve resource forks or HFS metadata when copying files that contain them.
pax operates in four modes, depending on the combinations of -r and -w :
No -r and no -w . List the contents of a pax archive. Optionally, restrict the output to filenames and/or directories that match a given pattern.
-r only. Extract files from a pax archive. Intermediate directories are created as needed.
-w only. Archive files to a new or existing pax archive. The archive is written to standard output; it may be redirected to an appropriate tape device if needed for backups.
-r and -w . Copy a directory tree from one location to another, analogous to cpio -p .
Here are the options available in the four modes:
None: c d f n s v U G T -r: c d f i k n o p s u v D Y Z E U G T -w: a b d f i o s t u v x H L P X U G B T -rw: d i k l n p s t u v D H L P X Y Z U G T
Append files to the archive. This may not work on some tape devices.
Use size as the blocksize, in bytes, of blocks to be written to the archive.
Complement. Match all file or archive members that don't match the patterns.
For files or archive members that are directories, extract or archive only the directory itself, not the tree it contains.
Use archive instead of standard input or standard output.
Interactively rename files. For each file, pax writes a prompt to /dev/tty and reads a one-line response from /dev/tty . The responses are as follows:
Skip the file.
Take the file as is.
Anything else is taken as the new name to use for the file.
Exit immediately with a nonzero exit status.
Don't overwrite existing files.
Make hard links. When copying a directory tree ( -rw ), make hard links between the source and destination hierarchies wherever possible.
Choose the first archive member that matches each pattern. No more than one archive member will match for each pattern.
Reserved for format-specific options specified by the -x option.
Specify one or more privileges for the extracted file. privs specify permissions or other characteristics to be preserved or ignored.
Don't preserve file-access times.
Retain the user and GIDs, permissions (mode), and access and modification time.
Don't preserve the file modification time.
Retain the user and group ID.
Keep the permissions (mode).
Read an archive and extract files.
Use replacement to modify file or archive member names. This is a string of the form - s/ old / new / [ gp ]. This is similar to the substitution commands in ed , ex , and sed . old is a regular expression, and new may contain & to mean the matched text and \ n for subpatterns. The trailing g indicates the substitution should be applied globally. A trailing p causes pax to print the resulting new filename. Multiple -s options may be supplied. The first one that works is applied. Any delimiter may be used, not just / , but in all cases, it is wise to quote the argument to prevent the shell from expanding wildcard characters.
Reset the access time of archived files to what they were before being archived by pax .
Ignore files older than preexisting files or archive members. The behavior varies based on the current mode:
Extract the archive file if it is newer than an existing file with the same name.
If an existing file with the same name as an archive member is newer than the archive member, supersede the archive member.
Replace the file in the destination hierarchy with the file in the source hierarchy (or a link to it) if the source hierarchy's file is newer.
In list mode, print a verbose table of contents. Otherwise, print archive member names on standard error.
Write files to standard output in the given archive format.
Use the given format for the archive. The value of format is either cpio or ustar . The details of both formats are provided in the IEEE 1003.1 (1990) POSIX standard. The two formats are mutually incompatible; attempting to append using one format to an archive while using the other is an error.
Set the number of bytes that can be written to one archive volume. This option can be used only by a device that supports an end-of-file read condition such as a file or tape drive. This option shouldn't be used with a floppy or hard disk.
The file inode change time is checked to see if it is a newer version of the file.
Set the number of read errors that can occur before pax will stop. limit can be from 0 to none . 0 causes pax to stop after the first read error; none keeps pax from stopping on any amount of errors. Caution should be used with none , as it can put pax into an infinite loop if the archive is severely flawed
The group is used to select the file. To select by group number instead of group name, use a # in front of the number; to escape the # , use \ .
If any of the pathnames given in the command line are symbolic links, follow only those links.
Follow all symbolic links.
Don't follow symbolic links. This is the default.
Use either file modification date[ m ] or inode change time[ c ] to select files in a specified date range. The options c and m can be used together. The default option is m .
The user is used to select the file. To select by UID instead of username, place a # in front of the number; to escape the # , use \ .
When traversing directory trees, don't cross into a directory on a different device (the st_dev field in the stat structure, see stat(2) ; similar to the -mount option of find ).
Similar to the -D option, with the exception that pax checks the inode change time after it has completed the filename modifications and a pathname has been generated.
Similar to the -u option, with the exception that pax checks the modification time after it has completed the filename modifications and a pathname has been generated.
Copy a home directory to a different directory (presumably on a bigger disk):
$ cd /Users $ pax -r -w chuck/newhome
pbcopy |
pbcopy [-help] [-pboard ( general | find | font | ruler )]
Copies standard input to the pasteboard buffer. The Clipboard is used to implement GUI copy, cut, and paste operations; drag-and-drop operations; and the Cocoa Services menu.
Print a usage statement to standard output.
Specify the name of the pasteboard to use: either the name used for general copying and pasting or a special-purpose pasteboard used for holding find , font , or ruler settings. Defaults to general .
pbpaste |
pbpaste[-help] [-pboard ( general | find | font | ruler }] [-Prefer { ascii | rtf | ps }]
Prints the contents of the Clipboard to standard output. The combination of pbcopy and pbpaste may be an interesting tool to use in scripting. However, the Clipboard can be modified by other processes at any time, which limits the tool's actual usefulness .
Print a usage statement to standard output.
Specify the output format to use if the desired format ( ascii , rtf , or ps for ASCII, Rich Text Format, or PostScript, respectively) is available in the Clipboard.
Specify the name of the pasteboard to use: either the name used for general copying and pasting or a special-purpose pasteboard used for holding find , font , or ruler settings. Defaults to general .
pdisk |
pdisk pdisk device { -diskSize | -isDiskPartitioned | -dump | -blockSize |-initialize } pdisk device { -partitionEntry | -partitionName | -partitionType | -partitionBase | -partitionSize | -deletePartition } part_num pdisk device { -setWritable | -setAutoMount } part_num { 0 | 1 } pdisk device- makeBootable part_num boot_addr boot_bytes load_addr goto_addr pdisk device -createPartition part_name part_type part_base part_size pdisk device -splitPartition part_num part1_size part2_name part2_type pdisk device -getPartitionOfType part_type instance_num pdisk device -getPartitionWithName part_name instance_num
Provides control over Apple partition maps on disk devices in Macintosh systems.
Turn on abbreviation mode. For example, Apple_HFS displays as HFS .
Print the block size of the specified device, in bytes, to standard output.
Toggle the "compute size" flag, where partition sizes are computed, not taken from the partition map.
Add a partition to the partition map with the specified name, type (such as Apple_HFS or Apple_UFS ), base (i.e., starting block number), and size (in blocks).
Toggle the debug flag. When in interactive mode, some extra commands are enabled, including commands to display block contents and partition map data structures.
Delete the specified partition from the partition map.
Print the partition map on the specified device to standard output.
Toggle the "show filesystem name" flag. This should cause pdisk to display HFS volume names rather than names taken from the partition map, but it doesn't appear to make a difference.
Print the number of a partition with the specified type to standard output. An instance_num of 0 refers the lowest-numbered partition of the specified type, 1 refers to the second partition of that type, etc.
Print the number of a partition with the specified name to standard output. An instance_num of 0 refers the lowest-numbered partition with the specified name, 1 refers to the second partition of that name, etc.
Prints a usage statement to standard error.
Enters interactive mode, where menus of single-character commands are available. If a device name is provided as an argument, the set of available commands differs, offering more control over partitions on the device. Interactive commands that take arguments will prompt for any that are missing.
Create a partition map on the device.
Return 0 if the device has an Apple partition map on it, 1 if not.
Print a line to standard output containing the name, type, base, and size of the specified partition.
Print the name of the specified partition to standard output.
Print the size of the specified partition, in blocks, to standard output.
Print the type of the specified partition to standard output.
Toggles the read-only flag. When in read-only mode, changes to the partition map are disallowed .
Set (1) or clear (0) the automount bit on a partition. This is unused by Mac OS X.
Set (1) or clear (0) the writable bit on a partition.
Split an existing partition in two. The arguments include the size (in blocks) of the first partition formed from the split, and the name and type of the second partition.
The disk device filename, e.g., /dev/disk0 .
periodic |
periodic name
Serves as a method of organizing recurring administrative tasks. periodic is used in conjunction with the cron facility, called by the following three entries from /etc/crontab :
1 3 * * * root periodic daily 15 4 * * 6 root periodic weekly 30 5 1 * * root periodic monthly
The facility is controlled by the /etc/defaults/periodic.conf file, which specifies its default behavior. periodic runs all the scripts that it finds in the directory specified in name . If name is an absolute pathname, there is no doubt as to which directory is intended. If simply a namesuch as dailyis given, the directory is assumed to be a subdirectory of /etc/periodic or of one of the alternate directories specified in the configuration file's local_periodic entry.
periodic can also be executed from the command line to run the administrative scripts manually. For example, to run the daily script, run periodic as root using daily as its argument:
$ sudo periodic daily
The configuration file contains several entries for valid command arguments that control the location and content of the reports that periodic generates. Here are the entries related to daily:
# Daily options ... daily_output="/var/log/daily.out" Append report to a file daily_show_success="YES" Include success messages daily_show_info="YES" Include informational messages daily_show_badconfig="NO" Exclude configuration error messages.
ping |
ping [ options ] host
Confirms that a remote host is online and responding. ping is intended for use in network testing , measurement, and management. Because of the load it can impose on the network, it is unwise to use ping during normal operations or from automated scripts.
For a full list of options, see the ping manpage.
Beeps whenever a packet is received.
Stop after sending (and receiving) count ECHO_RESPONSE packets.
Set the SO_DEBUG option on the socket being used.
Flood ping -output packets as fast as they come back or 100 times per second, whichever is more. This can be very hard on a network and should be used with caution; only a privileged user may use this option.
Send a packet every wait seconds. Default is to wait 1 second between each packet. wait must be a positive integer value. Cannot be used with the -f option.
Send preload number of packets as fast as possible before changing to default packet dispatch frequency. High packet losses are to be expected during preload delivery.
Only show host IP addresses, not hostnames.
Stop after one reply packet.
Specify up to 16-pad bytes to fill out packet sent. This is useful for diagnosing data-dependent problems in a network. The 32 most significant hexidecimal digits are used for the pattern. For example, -p ff causes the sent packet to be filled with all 1s, as does:
-p ffffffffffffffffffffffffffffffff0001
Quiet output; nothing is displayed except the summary lines at startup time and when finished.
Bypass the normal routing tables and send directly to a host on an attached network.
Set the IP record route option, which stores the route of the packet inside the IP header. The contents of the record route will be printed if the -v option is given and will be set on return packets if the target host preserves the record route option across echoes or the -l option is given.
Specify number of data bytes to be sent. Default is 56, which translates into 64 ICMP data bytes when combined with the 8 bytes of ICMP header data. Maximum packetsize is 8192(2^13) - 8 = 8184.
Time out after seconds seconds, no matter how many packets have been received.
Verbose; list ICMP packets received other than ECHO_RESPONSE .
pl |
pl [-input input_binary_file | -output output_binary_file ]
Translates XML property list files into the more compact and readable key/value NeXT format. Also translates between this and a serialized binary format, in either direction. XML is read from standard input, NeXT-format data is read from standard input and written to standard output, and serialized binary data is read from and written to files specified with arguments.
This command has been deprecated. You should use plutil instead.
Specify a serialized binary file as input.
Specify a serialized binary file as output.
plutil |
plutil [-lint] [-convert [xml1 | binary1]] filenames
Checks property list files for validity, or converts property list files between XML and binary formats. Files are converted in place, unless the -o option is used.
Check the file for errors. This is the default action.
Converts the file to format , where format is XML1 or binary1 .
Sends converted data to file target . Can only be used with a single input file.
Uses ext as the extension for the converted file.
pmset |
pmset [-a | -b | -c] action ( s )
Modifies the system's power management settings. pmset is a command-line alternative to the Energy Saver System Preferences. The settings apply system wide and across reboots. Therefore, pmset requires root privileges to run.
Use the settings that follow for all modes (the default).
Use the settings that follow this flag when only the battery is in use.
Use the settings that follow this flag only when the power adapter is plugged in.
Display current settings of subsystem, where subsystem is one of:
Capabilities of the machine
Settings on disk
Scheduled events
UPS thresholds
Battery and UPS status
Continuous log of power sources
Use the settings that follow this flag only when running off a UPS.
Wake when the power source is changed.
Restart automatically after power loss.
Spin down the hard drive after n minutes of idle time.
Dim the display after n minutes of idle time.
Change processor speed based on load.
Dim the screen to halfway between full brightness and off.
Dim the screen slightly when using this power source.
Wake when the laptop lid is opened.
Sleep when the power button is pressed.
Reduce processor speed (1), or set to highest (0).
Wake on modem ring
Put the computer to sleep after n minutes of idle time.
Park the heads when sudden changes in motion are detected .
Set the wake on magic packet ("wake for network administrator access") to on (1) or off (0).
Set the system to dim the display after three minutes and go to sleep after 10 minutes when using the battery:
$ pmset -b dim 3 sleep 10
Set both the battery-only and power adapter settings at once:
$ pmset -b dim 3 sleep 10 slower 1 -c dim 20 sleep 60 slower 0
pr |
pr [ files ]
Converts a text file or files to a paginated , columned version, with headers. If - is provided as the filename, read from standard input.
Begin printing on page beg_pag .
Print in num_cols number of columns, balancing the number of lines in the columns on each page.
Print columns horizontally, not vertically.
Double space.
Convert tabs (or tab-chars ) to spaces. If width is specified, convert tabs to width characters (default is 8).
Separate pages with formfeeds, not newlines.
Same as -F , but pause before printing the first page to the screen.
Use header for the header instead of the filename.
Replace spaces with tabs on output. Can specify alternative tab character (default is tab) and width (default is 8).
Set page length to lines (default 66). If lines is less than 10, omit headers and footers.
Print all files, one file per column.
Number columns, or, with the -m option, number lines. Append delimiter to each number (default is a tab) and limit the size of numbers to digits (default is 5).
Set left margin to offset .
Pause before each page, if output is to a terminal.
Continue silently when unable to open an input file.
Separate columns with delimiter (default is a tab) instead of spaces.
Suppress headers, footers, and fills at end of pages.
Convert unprintable characters to octal backslash format.
Set the page width to page_width characters for multicolumn output. Default is 72.
printenv |
printenv [ variables ]
Prints values of all environment variables or, optionally, only the specified variables .
ps |
ps [ options ]
Reports on active processes. Note that you don't need to include a - before options. In options, list arguments should either be separated by commas or be put in double quotes.
List all processes, not just yours.
List the command name without the path.
Include environment.
Include a header with each page of information.
List information for keywords: user , pid , ppid , pgid , sess , jobc , state , tt , time , and command .
List all keywords.
List information for keywords: uid , pid , ppid , cpu , pri , nice , vsz , rss , wchan , state , tt , time , and command .
List each tasks threads.
Sort by memory usage.
Append the keywords that are in a list after the PID. The title of the keyword can be changed by using an = sign after the keyword . ( keyword = newtitle )
Same as O except it uses only the supplied keywords for the output of ps .
List information for the supplied PID.
List by CPU rather than by PID.
Include child processes' CPU time and page faults.
List information for standard input process.
Display only processes running on tty .
List processes belonging to username.
List information for keywords : user , pid , %cpu , %mem , vsz , rss , tt , state , start , time , and command . The listing will be as if the -r option was supplied to ps .
List information for keywords: pid , state , time , sl , re , pagein , vsz , rss , lim , tsiz , %cpu , %mem , and command . The listing will be as if the -m option was supplied to ps .
Wide format. Don't truncate long lines.
Include processes without an associated terminal.
If there is an alias for the keyword, it's listed next to it.
Keyword | Description |
---|---|
%cpu, pcpu | Percentage of CPU used |
%mem, pmem | Percentage of memory used |
acflag, acflg | Accounting flag |
command | Command and arguments |
cpu | Short-term factor of CPU use |
flags, f | Hexadecimal representation of process flags |
inblk, inblock | Total amount of blocks read |
jobc T | Count for job control |
kTRace | Tracing flags |
ktracep | Tracing vnode |
lim | Limit of memory usage |
logname | Username of user that started the command |
lstart | Start time |
majflt, pagein | Page fault totals |
minflt | Page reclaim totals |
msgrcv | Messages received total |
msgsnd | Messages sent total |
nice, ni | Value of nice |
nivcsw | Involuntary context switches total |
nsigs, nsignals | Signals taken total |
nswap | Swap in/out totals |
nvcsw | Voluntary context switch totals |
nwchan | Wait channel |
oublk, oublock | Blocks written total |
p_ru | Amount of resources used out of resources used |
padd | Address of swap |
pgid | Group number for the process |
pid | ID number of the process |
poip | Progress of current pageouts |
ppid | ID number of the parent process |
pri | Scheduling priority |
re | Core residency time |
rgid | The real GID |
rlink | Reverse link on run queue |
rss | Resident set size |
rsz | Resident set size + (text size/text use count) (alias rssize ) |
rtprio | Priority in real time |
ruid | ID of the real user |
ruser | Name of the user |
sess | Pointer for the session |
sig, pending | Signals that are pending |
sigcatch, caught | Signals that have been caught |
sigignore, ignored | Signals that have been ignored |
sigmask, blocked | Signals that have been blocked |
sl | Sleep time |
start | Start time |
state, stat | State of symbolic process |
svgid | An executable setgid's saved GID |
svuid | An executable setuid's saved UID |
TDev | Device number of the control terminal |
time, cputime | Total of user and system CPU time |
tpgid | GID of the control terminal process |
tsess | Pointer session of the control terminal |
tsiz | Size of the text |
tt | Name of control terminal |
tty | The control terminal's full name |
uprocp | Pointer of the process |
ucomm | Accounting name |
uid | ID of the user |
upr, usrpri | The scheduling priority after a system call as been made |
user | Name of the user from UID |
vsz, vsize | Listed in kilobytes the virtual size |
wchan | Wait channel |
xstat | Status of a zombie or stopped process; exit or stop |
pwd |
pwd [ options ]
Prints the full pathname of the current working directory.
Write the full pathname of the current working directory without resolving symbolic links.
Write the full pathname of the current working directory with resolving symbolic links ( -P is the default behavior).
quota |
quota [ options ]
Displays the disk limits for the current user, or the current user's group, or other users and groups if the user is the superuser.
Display quotas for the specified group , if the user is a member of that group. If group is not specified, list all groups for which the user is a member. If the user is super-user, any group 's quotas may be listed.
Quiet mode. Only displays a message if the user is over quota. This is useful for login scripts.
Display quotas for user. May only be used by the superuser.
Display quotas even on filesystems where no storage is allocated. This option takes precedence over -q .
rcp |
rcp [ options ] file1 file2 rcp [ options ] file ... directory
Copies files between two machines. Each file or directory is either a remote filename of the form rname@rhost:path or a local filename.
rcp doesn't preserve resource forks or metadata when copying files that contain them.
Suppress all Kerberos authentication.
Attempt to get tickets for remote host; query krb_realmofhost to determine realm.
Preserve modification times and modes of the source files.
If any of the source files are directories, rcp copies each subtree rooted at that name. The destination must be a directory.
Turn on DES encryption for all data passed by rcp .
reboot |
reboot [ options ]
Prepares the system, terminates all processes, and then reboots the operating system. During preparation, all filesystem caches are flushed and running processes are sent a SIGTERM followed by SIGKILL .
Don't log the halt via syslog (i.e., mach_kernel , syncing disks, etc.).
Don't flush filesystem caches. Should not be used indiscriminately.
The filesystem caches are flushed but the system is otherwise halted ungracefully. Should not be used indiscriminately.
register_mach_bootstrap_servers |
register_mach_bootstrap_servers config_source
Registers a Mach port with the bootstrap task of mach_init on behalf of a specified daemon. (A Mach task is analogous to a process that runs within the kernel of Mac OS X; a port is used to communicate between tasks.) When another task sends a request to the bootstrap task for access to a port, mach_init starts up the associated daemon if necessary.
This serves as a replacement for certain startup items. Instead of launching services from /System/Library/StartupItems/ (processed by SystemStarter ), files in /etc/mach_init.d/ are processed by register_mach_bootstrap_servers , which is called from /etc/rc . (Per-user services are started by the login window application, which uses register_mach_bootstrap_servers to process /etc/mach_init_per_user.d/ .) One advantage of this over startup items is that a daemon can be run only when needed, if another process needs to communicate with it, thus reducing resource consumption.
Either an XML property list ( .plist ) file, or a directory containing such files. Each file is usually named after the associated daemon, and contains some of the following keys:
The path to the server executable. This is a required key.
Specify whether the daemon is kuncd , the Kernel-User Notification Center server, used by the kernel to communicate with users. Defaults to false .
Specify whether the daemon should only be started when it first receives a request for its bootstrap port. If set to false , the daemon is started immediately. Defaults to true .
An identifier for the service. The name should follow the convention used for Java classes: the reversed DNS domain name associated with the responsible organization, followed by one or more segments specifically identifying the service (e.g., com.apple.DirectoryService ). This is a required key.
The user under which the daemon is started.
renice |
renice [ priority ] [ options ] [ target ]
Controls the scheduling priority of various processes as they run. May be applied to a process, process group, or user ( target ). A privileged user may alter the priority of other users' processes. priority must, for ordinary users, lie between 0 and the environment variable PRIO_MAX (normally 20), with a higher number indicating increased niceness. A privileged user may set a negative priority, as low as PRIO_MIN , to speed up processes.
Specify number by which to increase current priority of process, rather than an absolute priority number.
Specify number by which to decrease current priority of process, rather than an absolute priority number.
Interpret target parameters as process GIDs.
Interpret target parameters as PIDs (default).
Interpret target parameters as usernames.
rev |
rev [ files ]
Prints each line of each specified file. The order of the characters in each line is reversed. If no file is specified, rev reads from standard input.
rlogin |
rlogin rhost [ options ]
Remote login. rlogin connects the terminal on the current local host system to the remote host system rhost . The remote terminal type is the same as your local terminal type. The terminal or window size is also copied to the remote system if the server supports it.
Allow an 8-bit input data path at all times.
Debugging mode.
Specify escape character char (default is ~ ).
Don't interpret any character as an escape character.
Attempt to get tickets from remote host, requesting them in the realm as determined by krb_realm-ofhost .
Suppress all Kerberos authentication.
Specify a different username for the remote login. Default is the same as your local username.
Allow rlogin session to be run without any output postprocessing (i.e., run in litout mode).
rm |
rm [ options ] files
Deletes one or more files . To remove a file, you must have write permission in the directory that contains the file, but you need not have permission on the file itself. If you don't have write permission on the file, you will be prompted ( y or n ) to override.
Note that on symbolic links, rm removes the link, not the target file.
If any of the files you're removing begin with a dash, put a -- in front of them. For instance, if you create a file called -f (dash eff), use rm -- -f to remove it.
All options following are filenames, not options.
Remove directories, even if they are not empty.
Remove write-protected files without prompting.
Prompt for y (remove the file) or n (don't remove the file).
Cause rm to overwrite files three different times before deleting them.
If file is a directory, remove the entire directory and all its contents, including subdirectories. This option can be dangerous.
Turn on verbose mode. rm prints the name of each file before removing it.
Undelete files on a union filesystem that whiteouts have been applied over.
If any of the files you're removing begin with a dash, put a -- in front of them. Say you create a file called -x :
$ ls > -x $ rm -x rm: invalid option -- x Try 'rm --help' for more information.
The -x is taken as an option to rm . Instead, put the -- in front:
$ rm -- -x
rmdir |
rmdir [ options ] directories
Deletes the named directories (not the contents). directories are deleted from the parent directory and must be empty (if not, rm -r can be used instead). See also mkdir .
Remove directories and any intervening parent directories that become empty as a result; useful for removing subdirectory trees.
rsync |
rsync [ options ] source destination
Transfers files from source to destination . rsync is a synchronization system that uses checksums to determine differences (instead of relying on modification dates) and does partial file transfers (transferring only the differences instead of the entire files).
rsync can use a remote shell ( rsh by default) as a transport, in which case the remote host must have rsync installed as well. You can use a remote shell like ssh instead of the default by specifying that in options .
You can also use rsync without a remote shell, in which case rsync requires that the remote host run an rsync server daemon. For details on the advanced features of rsync , including running an rsync server, refer to rsync 's manpage. The following descriptions and examples cover rsync 's basic operation.
rsync doesn't preserve resource forks or HFS metadata when copying files that contain them.
The rsync source and destination arguments can be specified in several ways, as shown in Table 2-7.
Source | Destination | Description |
---|---|---|
srcpath [...] | [ user @] host : destpath | Transfer local directory srcpath to remote directory destpath . a |
[ user @] host : srcpath | destpath | Transfer remote directory srcpath to local directory destpath . a |
[ user @] host : srcpath |
| List contents of srcpath without transferring anything. a |
srcpath [...] | [ user @] host :: destpath | Transfer local directory srcpath to remote directory destpath . b |
[ user @] host :: srcpath | [ destpath ] | Transfer remote directory srcpath to local directory destpath , or list srcpath if destpath is not specified. b |
rsync:// [ user @] host [: port ]:/ srcpath | [ destpath ] | Transfer remote directory srcpath to local directory destpath , or list srcpath if destpath is not specified. b |
srcpath [...] | destpath | Transfer local directory srcpath to local directory destpath . |
a Uses a remote shell as the transport and requires rsync on the remote host. | ||
b Doesn't use a remote shell but requires an rsync server running on the remote host. Note the double colons ( :: ), except for the URL format. |
Copy source recursively and save most file metadata in the copies, including owner, group, permissions, and modification times. Also copies symlinks (but not hard links). Equivalent to using -rlptgoD .
If a file in source already exists in destination , make a backup copy before overwriting. Name the backup file by appending ~ to the original filename.
Copy any character and block device files in source to destination .
Delete any files in destination that aren't in source.
Use the remote shell command as the transport instead of the default rsh . The usual alternative is ssh .
Don't add any new files to destination ; update only what's there with any newer versions in source .
Exclude from transfer those files in source that match pattern . See rsync 's manpage for details on constructing exclude patterns.
Preserve the groups of the source files in the copies.
Transfer source files that have the same name, length, and date stamp as files in destination. The default behavior is to skip transfer of such files.
Copy any symbolic links in source to destination.
Preserve the owners of the source files in the copies.
Preserve the permissions of the source files in the copies.
Don't remove partially transferred files from destination . If a transfer is interrupted, this option allows a retried transfer to resume from where the failed attempt ended, instead of starting again from the beginning.
Copy recursively. If any of the source files are directories, rsync copies each subtree rooted at that name.
Preserve the modification times of the source files in the copies. Use this option whenever you want identical files excluded from subsequent transfers to the same directory.
Don't transfer a file if it has a newer copy already existing in destination.
Be verbose. Add v s for increased verbosity .
Compress data before transfer, which helps decrease transfer time over slower connections.
Transfer the entire local ~/Documents directory into the folder named Backups on the machine at 192.168.2.56, using rsh as the transport:
$ rsync ~/Documents fred@192.168.2.56:Backups
Perform the same transfer using the archive and compress options as well as ssh as the transport:
$ rsync -aze ssh ~/Documents fred@192.168.2.56:Backups
A trailing slash on the source pathname causes rsync to transfer only the contents of that directory into the destination directory. This example transfers the contents of the remote /Backups/Documents directory in the local ~/Temp directory:
$ rsync -aze ssh fred@192.168.2.56:Backups/Documents/ ~/Temp
say |
say [-v voice ] [-o out .aiff] [-f file | string ... ]
Uses Mac OS X's Speech Synthesis manager to speak the file or string using the default voice set in the Speech preference panel (System Preferences Speech Text to Speech System Voice).
Text to be spoken using the default system voice; for example:
$ say "I love Mac OS X"
Notice how the system pronounces the "X" of "Mac OS X" as "ten."
Specify a file to be read as input and spoken using the default system voice; for example:
$ say -f filename .txt
Use the specified voice instead of the default system voice; for example
$ say -v Fred "I love Mac OS X"
This uses the Fred voice to speak the string , "I love Mac OS X." The list of voices can be found in the Speech Default Voices preference panel.
Output the spoken text as an AIFF sound file; for example,
$ say -o ~/Desktop/iheartmosx.aiff -v Fred "I love Mac OS X"
This command uses the voice Fred to speak the string "I love Mac OS X," and save it as a sound file named iheartmosx.aiff on the Desktop. When outputting a sound file, the -o option must immediately follow the say command.
scp |
scp [ options ] file1 file2 scp [ options ] file ... directory
Securely copies files between two machines, using ssh as the transport. Each file or directory is either a remote filename of the form rname@rhost:path or a local filename.
scp doesn't preserve resource forks or metadata when copying files that contain them.
Run in batch mode; don't prompt for passwords.
Use the specified type of encryption, either blowfish , des , or 3des . ( 3des is the default.)
Turn on compression.
Preserves extended attributes, resource forks, and ACLs. Both ends of the connection must be running Mac OS X 10.4 or higher.
Use specified ssh configuration file.
Specify an identity file to use for authentication. The default is $HOME/.ssh/identity .
Set configuration keyword, in the same format as the SSH config file.
Preserve modification times and modes of the source files.
Select port number to connect to. Note that this is a capital -P , not a lowercase -p as in ssh .
Run in quiet mode, with no progress bar.
If any of the source files are directories, scp copies each subtree rooted at that name. The destination must be a directory.
Use the local ssh executable located at pathname .
Be verbose.
Force use of SSH1.
Force use of SSH2.
Use only IPv4 addresses.
Use only IPv6 addresses.
screencapture |
screencapture [-i [-s | -w | -W] | -m] [-x] { -c | pathname ...}
Saves the contents of the screen to a PDF file or to the Clipboard. Unless using the -i option to start an interactive screen capture, the contents of the entire display are captured.
Save screenshot to the Clipboard for later pasting.
Capture the cursor, too.
Initiate interactive screen capture. The mouse is used to select a region of the screen to capture. Pressing the spacebar toggles between this mouse selection mode and a window selection mode, in which clicking on a window captures the portion of the screen taken up by that window. Pressing the Control key saves the screenshot to the Clipboard. Pressing the Escape key cancels the interactive screen capture.
Capture only the main display, if multiple displays are in use.
Disable window selection mode in an interactive screen capture; only mouse selection is allowed.
Capture the screen, not the window, even in window capture mode.
Disable mouse selection mode in an interactive screen capture; only window selection is allowed.
Start an interactive screen capture in window selection mode instead of mouse selection mode.
Disable sound effects.
The name of a file in which to save the screenshot. You should terminate the filename with a .pdf extension.
script |
script [ option ] [ file ]
Forks the current shell and makes a typescript of a terminal session. The typescript is written to file . If no file is given, the typescript is saved in the file typescript . The script ends when the forked shell exits, usually with Control-D or exit .
Append to file or typescript instead of overwriting the previous contents.
scselect |
scselect [[-n] location ]
Changes active network location. With no arguments, a usage statement and a list of defined locations (or "sets") is printed to standard output, along with an indication of which location is currently active. Locations can be referred to by name or by integer ID.
Change the active network location, but don't apply the change.
scutil |
scutil [-v] [-p] scutil [-v] [-d] -r { hostname | IP_addr [ IP_addr ] } scutil [-v] -w key [-t timeout ] scutil [-v] --get { ComputerName | LocalHostName } scutil [-v] --set { ComputerName | LocalHostName } [ hostname ]
Provides control of the System Configuration framework's dynamic store. It's used to open an interactive session with configd , in which various commands are available to view and modify System Configuration keys.
As a quick example of interactive use, try this:
Invoke scutil . You will be placed at the scutil prompt.
Enter open to open the session with configd .
Enter list . You will see a set of keys, some of which are provided by the System Configuration framework (such as the keys in the File : domain), some of which are obtained from /Library/Preferences/SystemConfiguration/preferences.plist (the Setup : keys), and some of which are published by the configuration agents (the State : keys).
Enter show State:/Network/Global/DNS to display the DNS dictionary. You should see a list of DNS servers and search domains configured on your system.
Enter close , then quit .
Enable debugging output to standard error.
Display DNS configuration.
Print the system's computer name (use pref of LocalHostName ) or Bonjour hostname ( ComputerName ) to standard output.
Enable a private API with additional commands, including lock , unlock , touch , snapshot , n.file , n.signal , n.wait , and n.callback .
Display proxy configuration.
Determine how the specified node (given as a hostname or an IP address) would be reached, printing the result to standard output. Possibilities include Reachable , Directly Reachable Address (the address is on the local network), and Local Address (the address resolves to the host on which the command is run). For systems with more than one network interface, two arguments may be given, where the first is the system's local address, and the second is the remote address. Note that this doesn't determine whether a machine at the specified address is currently active, only whether that address is reachable.
Set the system's computer name or Bonjour hostname. If the new hostname isn't specified on the command line, it's taken from standard input.
Specify the timeout to wait for the presence of a data store key, in seconds. Defaults to 15.
Enable verbose output to standard error.
Exit when the specified key exists in the data store or until the timeout has expired .
scutil enters interactive mode when invoked with no arguments.
Add a key to the data store with the value of the current dictionary. The temporary keyword causes it to be flushed when the session to configd is closed.
Close a session with configd .
Add an entry to the current dictionary. The optional type specifier can designate the values as arrays ( * ), Booleans ( ? ), or numbers ( # ).
Create an empty dictionary.
Remove the specified key from the current dictionary.
Display the contents of the current dictionary.
Exit the scutil session.
Read prepared commands from a file.
Cause the value of the specified key to become the current dictionary.
Print a list of available commands.
List keys in the System Configuration data store. A regular expression may be specified to restrict which keys are listed.
Prevent changes to the data store by other processes.
Request notification of changes to the specified key or to keys matching a regular expression (when the pattern argument is used).
Send notifications via a callback function defined in the scutil code. This isn't particularly useful without modifying the source code.
Cancel n.watch settings.
List changed keys that have been marked with notification requests and reset the state of notification.
Send notifications to a file descriptor. After issuing this command, the prompt returns only after a notification is received.
List keys upon which notification requests have been set. With the pattern argument, lists notification requests for keys matching regular expressions.
Remove notification requests for the specified key or regular expression (when the pattern argument is used).
Send notifications by signaling a process. If a PID isn't specified, the signal is sent to the scutil process. The signal is specified either as a name or a number (as described in the kill manpage).
Send notifications via Mach messaging.
Cause changes to keys marked with notification requests to issue immediate notices, obviating the need to use n.changes to notice that the change has occurred.
Send a notification for the specified key.
Open a session with configd .
Exit the scutil session.
Exit the scutil session.
Remove the specified key from the data store.
Set the specified key to the value of the current dictionary.
Same as get key , followed by d.show .
Save current store and session data to XML property lists in /var/tmp/ .
"Touch" the specified key, spurring notifications as if it had changed, but leaving it unaltered.
After issuing a lock command, allow other processes to make changes to the data store.
sdiff |
sdiff [ options ] file1 file2
Compares two files to find differences and interactively merges them. Without the -o option, sdiff behaves like diff-side-by-side .
Treat all files as text files. Useful for checking to see if binary files are identical.
Ignore repeating blanks and end-of-line blanks; treat successive blanks as one.
Ignore blank lines in files.
Ignore segments of numerous changes and output a smaller set of changes.
Ignore changes based on expanding tabs.
Speed output of large files by scanning for scattered small changes; long stretches with many changes may not show up.
Print brief usage message.
Ignore case in text comparison. Upper- and lowercase are considered the same.
Ignore lines in files that match the regular expression regexp .
For two-column output ( -y ), show only left column of common lines.
Send identical lines of file1 and file2 to outfile ; print line differences and edit outfile by entering, when prompted, the following commands:
Edit an empty file.
Edit both left and right columns.
Edit left column.
Edit right column.
Append left column to outfile .
Exit the editor.
Append right column to outfile .
Silent mode; don't print identical lines.
Turn off "silent mode."
For two-column output ( -y ), don't show common lines.
Strip trailing carriage return from input.
Produce output with tabs expanded to spaces to line up tabs properly in output.
Print version number of this version of sdiff .
Ignore all whitespace in files for comparisons.
For two-column output ( -y ), produce columns with a maximum width of n characters. Default is 130.
Show differences using 80 columns and ignore identical lines:
$ sdiff -s -w80 list.1 list.2
sed |
sed [ options ] [ files ]
Streams editor. Edits one or more files without user interaction. For more information on sed , see sed and awk (O'Reilly). The -e and -f options may be provided multiple times, and they may be used with each other.
Treat all files as text and compare them.
Apply the editing instruction to the files.
Use extended regular expressions.
Apply the set of instructions from the editing script .
Edit files in place, saving the original files with extension appended. If extension is not specified, no backups are made.
Suppress default output.
service |
service --list service { --test-if-available | --test-if-configured-on } service service service { start | stop }
A shell script used to list, start, and stop network services. Primarily, this is an interface to services managed by xinetd , but it also includes support for Postfix (with a service name of smtp ) and for receipt of faxes ( fax-receive ).
Print a list of services available for management to standard output.
Return 0 if the specified service is available on the system; 1 if not.
Return 0 if the specified service is currently configured to run; 1 if not.
SetFile |
SetFile [ options ] files
Sets the HFS+ file attributes (metadata) of files . SetFile is installed with the Xcode Tools ( /Developer/Tools ). Since this directory isn't in the shell's search path by default, you might to need to specify SetFile 's pathname to invoke it. See also GetFileInfo .
Set those file attributes that toggle on or off (sometimes called "Finder flags"). To set an attribute, provide that attribute's letter as uppercase in attribute . To unset an attribute, provide the letter in lowercase. You can specify multiple attributes at once; any not specified will retain their current setting in files . Refer to Table 2-8 for the specific attributes.
Attribute | Set | unset | Meaning |
---|---|---|
Alias | A | a | File is/isn't an alias. |
Bundle | B | b | File has/hasn't a bundle resource. |
Custom Icon | C | c | File has/hasn't a custom icon. |
Desktop Item | D | d | File is/isn't on the Desktop. |
Extension | E | e | Filename extension is/isn't hidden. |
Inited | I | i | File is/isn't init'ed. |
Locked | L | l | File is/isn't locked. |
Shared | M | m | Multiple users can/can't run file at once (applies to application files). |
INIT | N | n | File has/hasn't INIT resource. |
System | S | s | File is/isn't a system file (locks name). |
Stationary | T | t | File is/isn't a stationary file. |
Invisible | V | v | File is/isn't invisible to Finder. |
Set the file's four-character creator code to creator .
Set the file's creation date to date . Specify date in this format: " mm / dd [ yy ] yy [ hh : mm :[: ss ] [AM | PM]] ". Enclose date in quotes if it contains spaces.
Set the file's modification date to date , specified as for -d .
Set the file's four-character type code to type .
Set the attributes of all files in the working directory whose names end with "jpg" to those of an unlocked GraphicConverter JPEG file, and give them all the same creation date:
$ /Developer/Tools/SetFile -a l -c GKON -t JPEG - d
"07/01/05 00:00" *jpg
sftp |
sftp [ options ] [ hostname ] sftp [ user @] hostname :[ pathname ]
Secure FTP. Transfers files to and from remote network site hostname using ssh as the transport. Once an sftp connection is made, sftp becomes interactive, prompting the user for a command. Type help to see a list of known commands.
If pathname is a directory, it becomes the initial remote working directory once the connection is made. If pathname is a file, sftp transfers that file into the local working directory, closes the connection, and exits without entering interactive mode.
Run in batch mode, reading commands from filename instead of standard input.
Use a buffer size of buffersize bytes when transferring files instead of the default 32768 bytes.
Turn on compression.
Use specified ssh configuration file.
Set configuration keyword.
Connect to the local sftp-server program at sftp-server_path , instead of using ssh (for debugging purposes). The default location for the program on Mac OS X is /usr/libexec/sftp-server .
Allow up to n outstanding requests, instead of the default, 16.
Invoke remote subsystem.
Use local ssh executable located at pathname .
Be verbose.
Attempt a Version 1 connection.
showmount |
showmount [-a | -d | -e] [-3] [ nfs_server ]
Queries the NFS mount daemon, mountd , to show which clients have mounted which directories from the NFS server. Called without flags, showmount prints a list of NFS client IP addresses to standard output; nfs_server defaults to localhost .
Use NFS Version 3.
List clients with the exports they're mounting, in the form IP_addr : pathname .
List exports that are mounted on clients, instead of client IP addresses.
Print the server's list of NFS exports to standard output.
shutdown |
shutdown [ options ] when [ message ]
Terminates all processing. when may be a specific time (in hh : mm format), a number of minutes to wait (in + m format), or now . A broadcast message notifies all users to log off the system. Processes are signaled with SIGTERM , to allow them to exit gracefully. Only privileged users can execute the shutdown command. Broadcast messages, default or defined, are displayed at regular intervals during the grace period; the closer the shutdown time, the more frequent the message.
Halt the system when shutdown is complete.
Print the warning message, but suppress actual shutdown.
Execute halt or reboot instead of calling init . Passing -n also prevents a file cache flush.
Reboot the system when shutdown is complete.
sips |
sips [-h | --help | -H | --helpProperties] sips [--debug] { -g | --getProperty } property image_or_profile_filename ... sips [--debug] { -x | --extractProfile } profile_filename image_filename ... sips [--debug] { -X | --extractTag } tag tag_filename profile_filename ... sips [--debug] { -v | --verify } profile_filename ... sips [--debug] { -s | --setProperty } property value [--out filename ] image_or_ profile_filename... sips [--debug] { -d | --deleteProperty } property [--out filename ] image_or_ profile_filename... sips [--debug] { -r | --rotate } degrees [--out filename ] image_filename ... sips [--debug] { -f | --flip } { horizontal | vertical } [--out filename ] image_filename... sips [--debug] { -c | --cropToHeightWidth | -p | --padToHeightWidth | -z | resampleHeightWidth } height_pixels width_pixels [--out filename ] image_filename ... sips [--debug] { -Z | --resampleHeightWidthMax | --resampleHeight | --resampleWidth } pixels [--out filename ] image_filename ... sips [--debug] { -i | --addIcon } [--out filename ] image_filename ... sips [--debug] { -e | --embedProfile | -E | --embedProfileIfNone | -m | --matchTo } profile_filename [--out filename ] image_filename ... sips [--debug] { -M | --matchToWithIntent } profile_filename { absolute | relative | perceptual | satuation } [--out filename ] image_filename ... sips [--debug] --deleteTag tag [--out filename ] profile_filename ... sips [--debug] --copyTag src_tag dst_tag [--out filename ] profile_filename ... sips [--debug] --loadTag tag tag_filename [--out filename ] profile_filename ... sips [--debug] --repair [--out filename ] profile_filename ...
The Scriptable Image Processing System (SIPS) tool can manipulate images and ColorSync profiles from the command line.
|
Crop an image to the specified size (in pixels). The image is cropped equally from both top and bottom, and from both sides.
Copy the value of a tag in a ColorSync profile to another tag in the same profile.
Delete the specified property. A list of possible properties may be obtained with sips -H .
Enable debugging output.
Delete the specified tag from a ColorSync profile.
Embed the specified ColorSync profile into the image.
Embed the specified ColorSync profile into the image only if another profile is not already embedded.
Flip an image in the specified direction.
Print the value of the specified property to standard output. A list of possible properties may be obtained with sips -H .
Print a usage message to standard output.
Print a list of image and profile properties to standard output.
Add an icon for an image file to its resource fork, which is used in Finder previews.
Copy the value of a tag from a file to a ColorSync profile. (This is the opposite of --extractTag .)
Match an image to the specified ColorSync profile.
Match an image to the specified ColorSync profile with the given rendering intent. (Note the misspelled satuation ; this is a typo in the sips code.)
Specify the filename of the modified image file. By default, sips modifies the file in place; this option lets you save the modified file under a different name, leaving the original unchanged.
Pad an image with blank space to the specified size (in pixels). The image is padded equally on both top and bottom, and on both sides.
Rotate an image the specified number of degrees clockwise.
Attempt to repair a malformed desc tag in a ColorSync profile. This is the same as the Repair operation under Profile First Aid in the ColorSync Utility application.
Stretch or compress an image to the specified height (in pixels).
Stretch or compress an image to the specified width (in pixels).
Set a property to the specified value. A list of possible properties may be obtained with sips -H .
Verify the syntax of a ColorSync profile. This is the same as the Verify operation under Profile First Aid in the ColorSync Utility application.
Copy an embedded ColorSync profile from an image to a file with the specified name.
Copy the value of a tag (such as desc ) from a ColorSync profile to a file with the specified name.
Stretch or compress an image to the specified size (in pixels).
Stretch or compress an image while maintaining the aspect ratio. The largest dimension (height or width) is set to the specified size (in pixels).
Show the properties of a ColorSync profile (similar to what's displayed under the Profiles tab of the ColorSync Utility application):
$ sips -g all /Library/ColorSync/Profiles/WebSafeColors.icc /Library/ColorSync/Profiles/WebSafeColors.icc size: 10644 cmm: appl version: 2.2.0 class: nmcl space: RGB pcs: Lab creation: 2003:07:01 00:00:00 platform: APPL quality: normal deviceManufacturer: 0 deviceModel: 0 deviceAttributes0: 0 deviceAttributes1: 0 renderingIntent: perceptual creator: appl md5: 14487F1ED8F8947B15F6682BFCF21E00 description: Web Safe Colors copyright: Copyright 2001 - 2003 Copyright Apple Computer Inc., all rights reserved.
Convert a TIFF to a JPEG from the command line (also works for PNG, GIF, PICT, BMP, and other image formats):
$ sips -s format jpeg --out sample.jpeg sample.tiff
slogin |
See ssh . (The slogin command file is a symbolic link to the ssh executable.)
slp_reg |
slp_reg -l slp_reg { -r | -d } URL [-a attribute_list ]
Communicates with slpd to register services with the Service Location Protocol. Services are designated by SLP URLs.
Specify an SLP attribute list.
Deregister the given service.
List registered services. This option is currently unimplemented.
Register the given service.
softwareupdate |
softwareupdate [-h | --help | -l | --list] softwareupdate { -i | --install | -d | --download } { -a | --all | -r | --req | package? } softwareupdate --ignored { none | add package ? | remove { -a | --all | package ? } } softwareupdate --schedule { on | off }
A command-line version of the Software Update application, this checks for and installs Apple software updates. When invoked without arguments, it prints a usage statement to standard output.
Download the specified update packages to the directory specified in Internet Preferences (now part of Safari's General preferences), but don't install them. The arguments are the same as the -i or --install option. This is useful when downloading updates for clients of a Network Install server.
Print a usage statement to standard output.
Install the specified update packages: either an explicit list of packages (with names as given by the -l or --list flag), all uninstalled packages ( -a or --all ), or only those packages listed as required ( -r or --req ).
Print a list of uninstalled updates to standard output, including package name, version number, size, and whether a reboot is required after the install.
Add or remove packages to or from the list of those ignored for the system.
Clear the list of ignored packages.
Turn automatic checks for updates on or off.
sort |
sort [ options ] [ files ]
Sorts the lines of the named files . Compare specified fields for each pair of lines, or, if no fields are specified, compare them by byte, in machine collating sequence. See also uniq , comm , and join .
Ignore leading spaces and tabs.
Check whether files are already sorted, and if so, produce no output.
Sort in "phone directory" order, ignoring all characters except letters, digits, and blanks.
Fold; ignore uppercase/lowercase differences.
Ignore nonprinting characters (those outside ASCII 32 (space) to 126 (tilde)).
Merge (i.e., sort as a group) input files.
Attempt to treat the first three characters as a month designation (JAN, FEB, etc.). In comparisons, treat JAN < FEB and any valid month as less than an invalid name for a month.
Sort in arithmetic order.
Put output in file .
Reverse the order of the sort.
Separate fields with c (default is a tab).
Identical lines in input file appear only one (unique) time in output.
Provide recsz bytes for any one line in the file. This option prevents abnormal termination of sort in certain cases.
Skip n fields before sorting, and sort up to field position m . If m is missing, sort to end of line. Positions take the form a . b , which means character b of field a . If . b is missing, sort at the first character of the field.
Similar to + . Skip n- 1 fields and stop at m- 1 fields (i.e., start sorting at the n th field, where the fields are numbered beginning with 1).
Directory pathname to be used for temporary files.
List files by decreasing number of lines:
$ wc -l * | sort -r
Alphabetize a list of words, remove duplicates, and print the frequency of each word:
$ sort -fd wordlist | uniq -c
split |
split [ option ] [ infile ] [ outfile ]
Splits infile into equal-sized segments. infile remains unchanged, and the results are written to outfile aa , outfile ab , and so on. (Default is xaa , xab , etc.). If infile is (or missing and default outfile is used), standard input is read.
Split infile into n -line segments (default is 1000).
Split infile into n -byte segments. Alternate blocksizes may be specified:
1 kilobyte
1 megabyte
Take input from the standard input.
Break bigfile into 1000-line segments:
$ split bigfile
Join four files, then split them into 10-line files named new.aa , new.ab , and so on. Note that without the - , new. is as a nonexistent input file:
$ cat list[1-4] | split -10 - new.
SplitForks |
SplitForks { -u | -s | [-v] pathname }
Copies the resource fork and HFS attributes from a file named filename into a separate file named ._ filename , equivalent to an AppleDouble Header file. The original file retains the resource fork and HFS metadata as well.
If pathname refers to a file, that file's resource fork and metadata are split out. If pathname is a directory, SplitForks does a recursive descent into the directory, working on every file within it.
FixupResourceForks undoes the actions of SplitForks .
Strip resource fork from source after splitting. By default, the resource fork is left in the file.
Print a usage statement to standard output.
Enable verbose output.
spray |
spray [ options ]
Similar to ping , spray sends RPC packets to a host and determines how many were received and their transit time. spray can cause a lot of network traffic, so use it cautiously.
Specify count packets to send.
Allow for delay microseconds between each packet.
Set the RPC call message packet length to length bytes. Because all values are not possible, spray rounds to the nearest possible value.
srm |
srm [ option ] file
Securely removes files or directories by overwriting, renaming, and truncating before unlinking . This prevents other users from undeleting or recovering any information about the file from the command line. srm is the brute force behind the Finder's Secure Empty Trash option.
srm can't remove write-protected files owned by another user, regardless of the permissions on the directory containing the file.
Ignore nonexistent files, and never prompt.
Prompt before files are deleted.
Recursively remove the files of directories.
Delete the file, but only overwrite the file with a single pass.
Overwrite the file with seven U.S. Department of Defense-compliant passes ( 0xF6 , 0x00 , 0xFF , random, 0x00 , 0xFF , random).
After overwriting, zero blocks used by file.
Overwrite the file, but don't rename or unlink it.
Display what is being done.
Display help file information for the srm command.
Display the version information for srm .
ssh |
ssh [-l user ] host [ commands ] ssh [ options ] [ user @] host
The Secure Shell, ssh is a secure replacement for the rsh , rlogin , and rcp programs. ssh uses strong public-key encryption technologies to provide end-to-end encryption of data. There may be licensing/patent issues restricting the use of the software in some countries .
Turn off authentication agent connection forwarding.
Turn on authentication agent connection forwarding.
Use the specified network interface (on a multiple interface machine).
Use the specified type of encryption, either blowfish , des , or 3des . 3des is the default.
Turn on compression.
Behave like a SOCKS4 server, listening on port port .
Specify escape character c . Use the word "none" to disable any escape character.
Send ssh to the background.
Use specified configuration file.
Accept connections to local forward ports from remote hosts.
Specify an identity file to use for authentication. The default is $HOME/.ssh/identity .
Used smartcard device .
Turn off Kerberos ticket forwarding.
Log in as user .
Set up port forwarding from local host to a target host. For example, to listen on port 8143 locally, and have it forwarded to imap.example.com on port 143, use -L 8143:imap.example.com:143 .
Use specified MAC algorithm(s).
Don't allow reading from STDIN. For use when ssh is running in the background.
Turn off remote command execution.
Set configuration keyword.
Connect to remote host on port port .
Use a nonprivileged port for outgoing connections.
Run in quiet mode.
Set up port forwarding from a remote host to a local host. See -L , but in reverse.
Invoke remote subsystem.
Turn on pseudo- tty distribution.
Turn off pseudo- tty distribution.
Be verbose.
Turn off X11 forwarding.
Turn on X11 forwarding.
Turn on trusted X11 forwarding.
Attempt a Version 1 connection.
Attempt a Version 2 connection.
Use only IPv4 addresses.
Use only IPv6 addresses.
strings |
strings [ options ] files
Searches object or binary files for sequences of four or more printable characters that end with a newline or null.
Search entire file, not just the initialized data portion of object files. Can also specify this option as - .
Display the string's offset position before the string.
Prepend each line of output with its byte offset. The offset is displayed in octal if format is o , decimal for d , and hex for x . You must specify format ; there is no default.
Minimum string length is num (default is 4). Can also specify this option as - n .
stty |
stty [ options ] [ modes ]
Sets terminal I/O options for the current device. Without options, stty reports the terminal settings, where a ^ indicates the Control key, and ^' indicates a null value. Most modes can be switched using an optional preceding dash ( - , shown in brackets). The corresponding description is also shown in brackets. As a privileged user, you can set or read settings from another device using the syntax:
stty [ options ] [ modes ] < device
stty is one of the most complicated Unix commands. The complexity stems from the need to deal with a large range of conflicting, incompatible, and nonstandardized terminal deviceseverything from printing teletypes to CRTs to pseudoterminals for windowing systems. Only a few of the options are really needed for day-to-day use. stty sane is a particularly valuable one to remember.
Report all option settings.
Report current settings in BSD format.
Use file instead of standard input.
Report current settings in stty format.
Hang upconnection (set the baud rate to zero).
Set terminal baud rate to n (e.g., 19200).
[Enable] disable modem control.
[Disable] enable the receiver.
[Disable] enable output hardware flow control using RTS/CTS.
Select character size in bits (5 n 8).
[One] two stop bits per character.
[Don't] hang up connection on last close.
Same as [-]hup .
Set terminal input baud rate to n .
[Don't] block layer output. For use with shl ; obsolete.
Set terminal output baud rate to n .
[Disable] enable parity generation and detection.
[Disable] enable extended parity generation and detection for mark and space parity.
Use [even] odd parity.
Set ispeed and opseed to the same num .
[Don't] signal INTR on break.
[Don't] map carriage return ( ^M ) to newline ( ^J ) on input.
[Don't] ignore break on input.
[Don't] ignore carriage return on input.
[Don't] ignore parity errors.
[Don't] echo BEL when input line is too long.
[Don't] map newline to carriage return on input.
[Disable] enable input parity checking.
[Don't] strip input characters to seven bits.
[Don't] map uppercase to lowercase on input.
Allow [only XON] any character to restart output.
[Don't] send START/STOP characters when the queue is nearly empty/full.
[Disable] enable START/STOP output control.
[Don't] mark parity errors.
[Don't] map carriage return to newline on output.
[Don't] map lowercase to uppercase on output.
[Don't] map newline to carriage return-newline on output.
[Don't] perform carriage return after newline.
[Don't] output carriage returns at column zero.
[Don't] postprocess output; ignore all other output modes.
[Don't] on output expand tabs to spaces.
[Don't] echo every character typed.
[Don't] echo control characters as ^char, DEL as ^? .
[Don't] echo ERASE character as BS-space-BS string.
[Don't] echo newline after KILL character.
[Don't] erase entire line on line kill.
[Don't] echo newline ( ^J ).
[Don't] echo erase character as \retcaeahc/ . Used for printing terminals.
Output is [not] being flushed.
[Disable] enable canonical input (ERASE and KILL processing).
[Disable] enable extended functions for input data.
[Disable] enable checking of characters against INTR, QUIT, and SWITCH.
Same as [-]echok . Obsolete.
[Enable] disable flush after INTR, QUIT, or SWITCH.
[Don't] retype pending input at next read or input character.
[Line] application mode on a synchronous line.
[Disable] enable flush on synchronous line.
[Enable] disable truncation on synchronous line.
[Don't] send SIGTTOU when background processes write to the terminal.
[Don't] use a different erase algorithm when processing WERASE characters.
Carrier Detect condition determines flow control output if on. If off, low Carrier Detect writes, return an error.
[Don't] change case on local output.
Set control character to c . ctrl-char is one of the following: dsusp , eof , eol , eol2 , erase , intr , kill , lnext , quit , reprint , start , status , stop , susp , switch , or werase .
With -icanon , n is the minimum number of characters that will satisfy the read system call until the timeout set with time expires.
With -icanon , n is the number of tenths of seconds to wait before a read system call times out. If the minimum number of characters set with min is read, the read can return before the timeout expires.
Same as [-]parenb and cs7[8] .
Reset ERASE and KILL characters to # and @ .
[Un] set icrnl and onlcr . -nl also unsets inlcr , igncr , ocrnl , and onlret .
Same as [-]parenb , [-]parodd , and cs7[8] .
Same as [-]parenb and cs7[8] .
[Disable] enable raw input and output (no ERASE, KILL, INTR, QUIT, EOT, SWITCH, or output postprocessing).
Reset all modes to reasonable values.
Line discipline is set to TTYDISC.
[Don't] set all CRT display modes.
[Don't] allow a STATUS character to display system information.
Terminal size is set to num columns.
Terminal size is set to num rows.
Digital Equipment Corporation mode set.
Terminal hardware is [is not] doing some of the terminal processing.
Terminal size is output as row number and column number.
su |
su [ option ] [ user ] [ shell_args ]
Creates a shell with the effective user ID user . If no user is specified, creates a shell for a privileged user (that is, becomes a superuser). Enter EOF to terminate. You can run the shell with particular options by passing them as shell_args (e.g., if the shell runs sh , you can specify -c command to execute command via sh or -r to create a restricted shell).
Execute command in the new shell and then exit immediately. If command is more than one word, it should be enclosed in quotesfor example:
$ su -c 'find / -name \*.c -print' nobody
If the shell is csh or tcsh , this suppresses the reading of the . cshrc file.
Go through the entire login sequence (i.e., change to user's environment).
Don't reset environment variables.
sudo |
sudo [ options ] command
Executes a command as the superuser or as another user on the system. Before sudo executes command , it prompts for the current account password (not root's). This lets a system administrator allow privileged processes without knowing the root password.
sudo determines authorized users by consulting the file /etc/ sudoers . If the current user account is listed in /etc/sudoers and is authorized there to run command , that user can then run subsequent sudo commands without being prompted for a password. However, if five minutes (the default value) passes between sudo commands, the user is prompted again for a password at the next sudo attempt and given another five minute window.
By default, Mac OS X includes the admin group in the sudoers file and gives that group authorization to run any command with sudo . Mac OS X accounts given administrator privileges become members of the admin group and thereby receive complete sudo privileges.
Note that the file /etc/sudoers must not be edited directly. Instead, use the visudo command.
All attempts to use the sudo command are logged to the system log.
Run command in the background, but don't allow use of shell job control to manipulate the process.
Print a usage statement.
Set the HOME environment variable to the target user's home directory path. By default, sudo doesn't modify HOME .
Kill the timestamp by setting it past the default timeout value. A password is not needed to use this option.
Kill the timestamp by removing it. A password doesn't need to be supplied.
List the commands that the current user is authorized to run with sudo .
List all option settings that can be used in the "Defaults" section of the sudoers file.
Use prompt instead of the default password prompt. Within prompt , you can use the following special sequences:
Local hostname
Local hostname, fully qualified
Username of the invoking user
Username of the user the command is being run as
A single percent sign
Preserve the user's group vector instead of changing it to that of the target user.
Begin a shell session as root or user, if -u is specified.
Read password from standard input instead of prompting for it.
Run the command as user , specified by either name or UID.
Reset the timestamp, giving the user a new five-minute window to use sudo without being prompted for a password.
Print the version number. When run by root , also list the options used at sudo 's compilation.
Stop processing command-line arguments. This option makes the most sense when run with -s .
These examples assume that an appropriate sudoers file is in place. Refer to the sudoers manpage for more information on modifying the file.
List an otherwise protected directory:
$ sudo ls /Users/quinn
Edit the hostconfig file:
$ sudo vi /etc/hostconfig
Edit another user's .login file:
$ sudo -u max vi ~quinn/.login
sw_vers |
sw_vers [ option ]
Displays the product name, version, and build version for the OS.
Display the name of the operating system, resulting in Mac OS X.
Display the version number of the operating system.
Display the build number of the operating system.
Display the version information for your system:
$ sw_vers ProductName: Mac OS X ProductVersion: 10.4.2 BuildVersion: 8C46
systemkeychain |
systemkeychain [-v] [-f] -C [ password ] systemkeychain [-v] -t systemkeychain [-v] [-c] [-k dest_keychain ] -s keychain
Creates and manages the system Keychain, /Library/Keychains/System.keychain . (It also creates /var/db/SystemKey , which presumably contains a randomly generated Keychain password in encrypted form.) This Keychain is used by system processes that run as root , such as daemons and boot processes, and is created automatically by the SecurityServer startup item.
Create the destination Keychain if it doesn't already exist.
Create a new system Keychain, unless one already exists. The Keychain password can be specified with an optional argument.
Force an overwrite of an existing system Keychain when creating a new one.
Instead of adding a key to the system Keychain, add it to the specified destination Keychain.
Add a key to the system Keychain that can be used to unlock the specified Keychain.
Unlock the system Keychain.
Enable verbose output.
system_profiler |
system_profiler [-usage] | [-listDataTypes] system_profiler [-xml] [ dataType1 ... dataTypeN ] system_profiler [-xml] [-detailLevel -n ]
Reports on the hardware and software of the system. Performs the same function as the System Profiler utility ( /Applications/Utilities ), except from the command line. This command replaces the AppleSystemProfiler command from Mac OS X 10.2 (Jaguar), located in /usr/sbin .
The following options are available:
Specify the level of detail for the report with level being one of:
Short report
Basic hardware and network information
All available information
List the available datatypes for the system.
Display usage information and examples.
Generate a report in XML format. The file will have a .spx file extension, which can be opened with the System Profiler.
Generate the standard System Profiler report and display it in the Terminal:
$ system_profiler
Show a listing of the available datatypes:
$ system_profiler -listDataTypes
Generate a report containing information about a specific datatype:
$ system_profiler dataTypeName
Generate an XML file containing a report that can be opened by the System Profiler utility and save it to the Desktop:
$ system_profiler -xml > ~/Desktop/SysReport.spx
SystemStarter |
SystemStarter [ options ] [ action [ service ]]
Utility to control the starting, stopping, and restarting of system services. The services that can be affected are described in the /Library/StartupItems and /System/Library/StartupItems/ paths.
The action and service arguments are optional. If no service argument is specified, all startup items will be affected. When a specific startup item is given, that item and all the items on which it depends, or that are dependent on it, will be affected.
Currently, rc calls SystemStarter at boot time. Because SystemStarter may eventually take over the role of rc , it's advisable to create custom startup items rather than continue to modify rc .
Graphical startup.
Verbose startup.
Safe mode startup (a basic startup that only runs Apple items).
Keep running after last startup item completes (in graphical startup only).
Print debugging output.
Print debugging output and shows dependencies.
Quiet mode that silences debugging output.
A pretend run mode that doesn't actually perform actions on any items.
tab2space |
tab2space { -h | -help } tab2space [-crlf | -cr | -lf | -dos | -mac | -unix] [-t integer | -tabs] [ input_file [ output_file ]]
Converts tabs to spaces in text files, and also converts line endings.
Converts line endings to carriage return (CR) characters, which is the standard for Mac OS.
Converts line endings to CR/LF combinations, which is the standard for DOS and Windows. This is the default for tab2space .
Same as -crlf .
Prints a usage statement to standard output.
Converts line endings to linefeed (LF) characters, which is the standard for Unix.
Same as -cr .
Converts tabs to the specified number of spaces. Defaults to 4.
Disables conversion of tabs to spaces.
Same as -lf .
The file on which tab2space operates. If no input_file is specified, the command operates on standard input, and sends converted text to standard output.
The file to which tab2space sends converted output. Defaults to standard output.
tail |
tail [ options ] [ file ]
Prints the last 10 lines of the named file. Uses either -f or -r , but not both.
Don't quit at the end of file; "follow" file as it grows. End with an INTR (usually ^C ).
Behaves the same as the -f option with the exception that it checks every five seconds to see if the filename has changed. If it has, it closes the file and opens the new file.
Copy lines in reverse order.
Begin printing at n th byte from the end of file.
Begin printing at n th block from the end of file.
Start at n th line from the end of file. -n is the default and doesn't need to be specified.
To start from the beginning of the file, use + before num . The default is to start from the end of the file; this can also be done by using a - before num .
Show the last 20 lines containing instances of .Ah :
$ grep '\.Ah' file | tail -20
Continually track the system log:
$ tail -f /var/log/system.log
Show the last 10 characters of variable name :
$ echo "$name" | tail -c -10
Reverse all lines in list :
$ tail -r list
talk |
talk user [@ hostname ] [ tty ]
Exchanges typed communication with another user who is on the local machine or on the machine hostname . talk might be useful when you're logged in via modem and need something quickly, making it inconvenient to telephone or send email. talk splits your screen into two windows. When a connection is established, you type in the top half while user 's typing appears in the bottom half. Type ^L to redraw the screen and ^C (or interrupt) to exit. If user is logged in more than once, use tty to specify the terminal line. The user needs to have used mesg y .
Please note the following:
There are different versions of talk that use different protocols; interoperability across different Unix systems is very limited.
talk is also not very useful if the remote user you are "calling" is using a windowing environment, because there is no way to know which tty to use to get the user's attention. The connection request can easily show up in an iconified window! Even if you know the remote tty , the called party must have done a mesg y to accept the request.
tar |
tar [ options ] [ tarfile ] [ files ]
Copies files to or restores files from an archive medium. If any files are directories, tar acts on the entire subtree. Options need not be preceded by a dash ( - ), although they may be. Note that until native drivers for tape drives exist for Mac OS X, tar can't write to tape. Note also that tar doesn't preserve resource forks or metadata when copying files that contain them.
For a complete list of tar 's options, please see the manpage.
You must use exactly one of these, and it must come before any other options:
Create a new archive.
Append files to the end of an existing archive.
Print the names of files if they are stored on the archive (if files aren't specified, print names of all files).
Extract files from an archive (if files aren't specified, extract all files).
Set block size to 512 bytes.
If there is an error, stop.
Store files in or extract files from archive arch . The default is /dev/rst0 . Because Mac OS X has no native tape drive support, tar produces an error unless the -f option is used.
Dereference symbolic links.
Don't restore file modification times; update them to the time of extraction.
Create non-POSIX archives .
Don't create archives with directory information that v7 tar can't decode.
Keep ownership of extracted files the same as that of original permissions.
Using ed -style regular expressions, change filenames in the archive.
Verbose; print filenames as they are added or extracted.
Rename files with user interaction.
Compress files with gzip before archiving them, or uncompress them with gunzip before extracting them.
cd to directory before beginning tar operation.
If any of the pathnames given in the command line are symbolic links, follow only those links.
Follow all symbolic links.
Don't remove initial slashes ( / ) from input filenames.
Mount points will not be crossed.
Compress files with compress before archiving them, or uncompress them with uncompress before extracting them.
Create an archive of /bin and /usr/bin ( c ), show the command working ( v ), and write to the file in your home directory, ~/archive.tar :
$ tar cvf ~/archive.tar /bin /usr/bin
List the file's contents in a format like ls -l :
$ tar tvf ~/archive.tar
Extract only the /bin directory from archive.tar to the current directory:
$ tar xvf ~/archive.tar bin
tee |
tee [ options ] files
Accepts output from another command and sends it both to the standard output and to files (like a T-shaped pipe for water, or a fork in a road).
Append to files ; don't overwrite.
Ignore interrupt signals.
View listing and save for later:
$ ls -l | tee savefile
telnet |
telnet [ options ] [ host [ port ]]
Accesses remote systems. telnet is the user interface that communicates with another host using the Telnet protocol. If telnet is invoked without host , it enters command mode, indicated by its prompt, telnet> , and accepts and executes the commands listed after the following options. If invoked with arguments, telnet performs an open command (shown in the following list) with those arguments. host indicates the host's official name. port indicates a port number (default is the Telnet port).
Use of telnet has mostly been replaced by ssh for use as a terminal program, since telnet sends its traffic across the network in plain text. However, it can still be useful for debugging transactions on arbitrary ports with servers and services.
Automatic login into the remote system.
Used to connect to an alias setup by ifconfig or another interface as the local address to bind to.
Tell telnet not to use a user's .telnetrc file.
Turn on socket-level debugging.
Set initial telnet escape character to escape_char . If escape_char is omitted, there will be no predefined escape character.
Attempt to get tickets for remote host; query krb_realmofhost to determine realm.
When connecting to remote system, and if remote system understands ENVIRON , send user to the remote system as the value for variable USER .
Open tracefile for recording the trace information.
Emulate rlogin . The default escape character is a tilde ( ~ ); an escape character followed by a dot causes telnet to disconnect from the remote host; a ^Z instead of a dot suspends telnet ; and a ] (the default telnet escape character) generates a normal telnet prompt. These codes are accepted only at the beginning of a line.
Use encryption if possible.
Request 8-bit operation.
Disable the escape character functionality.
Forward Kerberos authentication criteria if Kerberos is being used.
Disable automatic login to remote systems
Specify an 8-bit data path on output.
Set the IP type-of-service (TOS) option for the Telnet connection to the value tos .
Turn off the type of authentication.
Suspend telnet .
Execute a single command in a subshell on the local system. If command is omitted, an interactive subshell will be invoked.
Get help. With no arguments, print a help summary. If a command is specified, print the help information for just that command.
Control information sent through the TELNET AUTHENTICATION option.
Authentication type is turned off.
Authentication type is turned on.
Status of authentication type is displayed.
Close a Telnet session and return to command mode.
Display all, or some, of the set and toggle values.
Control information sent through the TELNET ENCRYPT option.
Encryption type is turned off.
Encryption type is turned on.
Encryption is turned on if it can be. If neither input nor output is given, both will be started.
Encryption status is displayed.
Encryption is turned off. If neither input nor output is given, both are stopped.
Encryption type is set.
Manipulate variables that may be sent through the TELNET ENVIRON option. Valid arguments for environ are:
Get help for the environ command.
Define variable to have a value of value .
Remove variable from the list of environment variables.
Mark variable to have its value exported to the remote side.
Mark variable to not be exported unless explicitly requested by the remote side.
Display current variable values.
If the remote host supports the logout command, close the telnet session.
Depending on state of Telnet session, type is one of several options:
Print out help information for the mode command.
Disable TELNET LINEMODE option, or, if remote side doesn't understand the option, enter "character-at-a- time" mode.
Attempt to [disable] enable the EDIT mode of the TELNET LINEMODE option.
Attempt to [disable] enable the trAPSIG mode of the LINEMODE option.
Enable LINEMODE option, or, if remote side doesn't understand the option, attempt to enter "old line-by-line" mode.
Attempt to [disable] enable the SOFT_TAB mode of the LINEMODE option.
[Disable] enable LIT_ECHO mode.
Open a connection to the named host . If no port number is specified, attempt to contact a Telnet server at the default port.
Close any open Telnet session and then exit telnet .
Show current status of telnet . This includes the peer you are connected to, as well as the current mode.
Send one or more special character sequences to the remote host. Following are the arguments that may be specified:
Print out help information for send command.
Send Telnet ABORT sequence.
Send Telnet AO sequence, which should cause the remote system to flush all output from the remote system to the user's terminal.
Send Telnet AYT (Are You There) sequence.
Send Telnet BRK (Break) sequence.
Send Telnet DO cmd sequence, where cmd is a number between 0 and 255 or a symbolic name for a specific telnet command. If cmd is ? or help , this command prints out help (including a list of symbolic names).
Send Telnet EC (Erase Character) sequence, which causes the remote system to erase the last character entered.
Send Telnet EL (Erase Line) sequence, which causes the remote system to erase the last line entered.
Send Telnet EOF (End Of File) sequence.
Send Telnet EOR (End Of Record) sequence.
Send current Telnet escape character (initially ^ ).
Send Telnet GA (Go Ahead) sequence.
If the remote side supports the Telnet STATUS command, getstatus sends the subnegotiation request that the server sends to its current option status.
Send Telnet IP (Interrupt process) sequence, which causes the remote system to abort the currently running process.
Send Telnet NOP (No operation) sequence.
Send Telnet SUSP (Suspend process) sequence.
Send Telnet SYNCH sequence, which causes the remote system to discard all previously typed (but not read) input.
Set any one of a number of telnet variables to a specific value or to true . The special value off disables the function associated with the variable. unset disables any of the specified functions. The values of variables may be interrogated with the aid of the display command. The variables that may be specified are:
Display legal set and unset commands.
If telnet is in LOCALCHARS mode, this character is taken to be the alternate AYT character.
This is the value (initially ^E ) that, when in "line-by-line" mode, toggles between doing local echoing of entered characters and suppressing echoing of entered characters.
If telnet is operating in LINEMODE or in the old "line-by-line" mode, entering this character as the first character on a line causes the character to be sent to the remote system.
If telnet is in LOCALCHARS mode or operating in the "character-at-a-time" mode, then when this character is entered, a Telnet EC sequence is sent to the remote system.
This is the Telnet escape character (initially ^[ ), which causes entry into the Telnet command mode when connected to a remote system.
If telnet is in LOCALCHARS mode, and the flushoutput character is entered, a Telnet AO sequence is sent to the remote host.
If Telnet is in LOCALCHARS mode, this character is taken to be an alternate end-of- line character.
If Telnet is in LOCALCHARS mode, this character is taken to be an alternate end-of- line character.
If Telnet AO is in LOCALCHARS mode, and the interrupt character is entered, a Telnet IP sequence is sent to the remote host.
If Telnet IP is in LOCALCHARS mode and operating in the "character-at-a-time" mode, then when this character is entered, a Telnet EL sequence is sent to the remote system.
If Telnet EL is in LINEMODE or in the old "line-by-line" mode, then this character is taken to be the terminal's lnext character.
If Telnet EL is in LOCALCHARS mode, and the quit character is entered, a Telnet BRK sequence is sent to the remote host.
If Telnet BRK is in LINEMODE or in the old "line-by- line" mode, this character is taken to be the terminal's reprint character.
Enable rlogin mode. Same as using -r command-line option.
If the Telnet TOGGLE-FLOW-CONTROL option is enabled, this character is taken to be the terminal's start character.
If the Telnet TOGGLE-FLOW-CONTROL option is enabled, this character is taken to be the terminal's stop character.
If Telnet is in LOCALCHARS mode, or if the LINEMODE is enabled and the suspend character is entered, a Telnet SUSP sequence is sent to the remote host.
The file to which output generated by netdata is written.
If Telnet BRK is in LINEMODE or in the old "line-by- line" mode, this character is taken to be the terminal's worderase character. Defaults for these are the terminal's defaults.
Set the state of special characters when Telnet LINEMODE option has been enabled.
List help on the slc command.
Verify current settings for current special characters. If discrepancies are discovered, convert local settings to match remote ones.
Switch to local defaults for the special characters.
Switch to remote defaults for the special characters.
Toggle various flags that control how Telnet responds to events. The flags may be set explicitly to true or false using the set and unset commands listed previously. The valid arguments are:
Display legal toggle commands.
If autoflush and LOCALCHARS are both TRue , then when the ao or quit characters are recognized, Telnet refuses to display any data on the user's terminal until the remote system acknowledges that it has processed those Telnet sequences.
If autosynch and LOCALCHARS are both true , then when the intr or quit characters are entered, the resulting Telnet sequence sent is followed by the Telnet SYNCH sequence. The initial value for this toggle is false .
Enable or disable the Telnet BINARY option on both the input and the output.
Enable or disable the Telnet BINARY option on the input.
Enable or disable the Telnet BINARY option on the output.
If this toggle value is true , carriage returns are sent as CR-LF . If it is false , carriage returns are sent as CR-NUL . The initial value is false .
Toggle carriage return mode. The initial value is false .
Toggle socket level debugging mode. The initial value is false .
If the value is true , then flush , interrupt , quit , erase , and kill characters are recognized locally, and then transformed into appropriate Telnet control sequences. Initial value is true .
Toggle display of all network data. The initial value is false .
Toggle display of some internal telnet protocol processing that pertains to Telnet options. The initial value is false .
When netdata is enabled, and if prettydump is enabled, the output from the netdata command is reorganized into a more user-friendly format, spaces are put between each character in the output, and an asterisk precedes any Telnet escape sequence.
Toggle whether to process ~/.telnetrc file. The initial value is false , meaning the file is processed.
Toggle printing of hexadecimal terminal data. Initial value is false .
When encryption is turned on or off, Telnet displays a message.
Suspend telnet ; works only with csh .
test |
test expression [ expression ]
Also exists as a built-in in most shells .
Evaluates an expression and, if its value is true , returns a zero exit status; otherwise, returns a nonzero exit status. In shell scripts, you can use the alternate form [ expression ] . This command is generally used with conditional constructs in shell programs.
The syntax for all of these options is test option file . If the specified file doesn't exist, the testers return false . Otherwise, they test the file as specified in the option description.
Is the file block special?
Is the file character special?
Is the file a directory?
Does the file exist?
Is the file a regular file?
Does the file have the set-group-ID bit set?
Is the file owned by the process's effective GID?
Does the file have the sticky bit set?
Is the file a symbolic link?
Is the string of nonzero length?
Is the file owned by the process's effective UID?
Is the file a named pipe?
Is the file readable by the current user?
Is the file nonempty ?
Is the file a socket?
Is the file associated with file-descriptor (or 1, which is standard output, by default) connected to a terminal?
Does the file have the set-user-ID bit set?
Is the file writable by the current user?
Is the file executable?
The syntax for file comparisons is test file1 option file2 . A string by itself, without options, returns true if it's at least one character long.
Is file1 newer than file2 ? Check modification, not creation, date.
Is file1 older than file2 ? Check modification, not creation, date.
Do the files have identical device and inode numbers?
The syntax forstring tests is test option string .
Is the string 0 characters long?
Is the string at least 1 character long?
Are the two strings equal?
Are the strings unequal ?
Does string1 come before string2 , based on their ASCII values?
Does string1 come after string2 , based on their ASCII values?
Note that an expression can consist of any of the previous tests.
Is the expression false?
Are the expressions both true?
Is either expression true?
The syntax for integer tests is test integer1 option integer2 . You may substitute -l string for an integer; this evaluates to string 's length.
Are the two integers equal?
Are the two integers unequal?
Is integer1 less than integer2 ?
Is integer1 less than or equal to integer2 ?
Is integer1 greater than integer2 ?
Is integer1 greater than or equal to integer2 ?
tftp |
tftp [host [ port ]]
User interface to the TFTP (Trivial File Transfer Protocol) , which allows users to transfer files to and from a remote machine. The remote host may be specified, in which case tftp uses host as the default host for future transfers.
Once tftp is running, it issues the prompt:
tftp>
and recognizes the following commands:
Print help information.
Shorthand for mode ASCII .
Shorthand for mode binary .
Set the hostname , and optionally the port , for transfers.
Get a file or set of files from the specified remote sources.
Set the mode for transfers. transfer-mode may be ASCII or binary . The default is ASCII .
Transfer a file or set of files to the specified remote file or directory.
Exit tftp .
Set the per-packet retransmission timeout, in seconds.
Print status information: whether tftp is connected to a remote host (i.e., whether a host has been specified for the next connection), the current mode, whether verbose and tracing modes are on, and the values for retransmission timeout and total transmission timeout.
Set the total transmission timeout, in seconds.
Toggle packet tracing.
Toggle verbose mode.
tiff2icns |
tiff2icns [-noLarge] input_filename [ output_filename ]
Converts TIFF image files to Apple icon (ICNS) files. If output_filename is not specified, the output file receives the same name as the input file, with the filename extension changed to .icns .
Prevent the creation of the highest resolution icons (128 x 128 pixels).
tiffutil |
tiffutil { -dump | -info | -verboseinfo } input_file ... tiffutil { -extract number | -jpeg [-f N ] | -lzw | -none |-packbits } input_file [-out output_file ] tiffutil -cat input_file ... [-out output_file ]
Manipulates TIFF image files.
Concatenate multiple input files.
Print a list of all tags in the input file to standard output.
Extract an individual image from the input file, with 0 designating the first image in the file.
Specify the compression factor to use with JPEG compression. The value can range from 1 to 255. The default is 10.
Print information about images in the input file to standard output.
Specify the use of JPEG compression when producing the output file.
Specify the use of Lempel-Ziv-Welch compression when producing the output file.
Specify the use of no compression when producing the output file.
Specify the name of the output file; defaults to out.tiff .
Specify the use of PackBits compression when producing the output file.
Print lots of information about images in the input file to standard output.
time |
time [ option ] command [ arguments ]
Executes a command with optional arguments and prints the total elapsed time, execution time, process execution time, and system time of the process (all in seconds). Times are printed on standard error.
Prints the detailed contents of the internal usage structure, such as memory sizes, page faults, and swap counts.
Print the real, user, and system times with a single space separating the title and the value, instead of a tab.
top |
top [ options ] [ number ]
Full screen, dynamic display of global and per-process resource usage by descending PID order.
top limits the total processes displayed to number .
Display counts in the specified mode , which is one of the following:
Cumulative event counting mode. Counts are cumulative from top start time. -w and -k are superseded and ignored while -ca is in effect.
Delta event counting mode. Counts are deltas relative to a previous sample. -w and -k are superseded and ignored while -cd is in effect.
Absolute event counting mode. Counts are absolute values from process start times. -w and -k are superseded and ignored while -ce is in effect.
Non-event mode. CPU usage is calculated from previous sample.
Don't calculate on shared libraries. This greatly decreases top 's system load.
Logging mode. Change display mode from periodic full screen updating to a sequential line mode output suitable for output redirection. The number of sequential snapshots is specified as samples .
Limit to showing top num processes.
Display processes sorted by order. If preceded by a plus or minus sign, sort in ascending or descending order, respectively.
Command name.
CPU usage.
Process ID.
Number of Mach ports.
Number of memory regions .
Resident private address space size.
Resident shared address space size.
Resident memory size.
Number of threads.
Execution time.
User ID.
User name.
Private address space size.
Total memory size.
Specify second sort order. See -o for order 's values.
Do not traverse memory object map for each process. This decreases top 's system load.
Sampling interval. Default one second sample interval is replaced by interval .
Display information about swap usage.
Translate UIDs to usernames.
Sort processes by decreasing CPU usage instead of by descending PID order.
Change the memory map and memory size parameters for all processes from counts to deltas, and add a VPRVT column.
touch |
touch [ options ] files
For one or more files , updates the access time and modification time (and dates) to the current time and date. touch is useful in forcing other commands to handle files a certain way; e.g., the operation of make , and sometimes find , relies on a file's access and modification time. If a file doesn't exist, touch creates it with a file size of 0.
Update only the access time.
Don't create any file that doesn't already exist.
Try to update even if you don't have permissions.
Update only the modification time.
Change times to be the same as those of the specified file , instead of the current time.
Use the time specified in time instead of the current time. This argument must be of the format [[cc]yy]mmddhhmm[.ss] , indicating optional century and year, month, date, hours, minutes, and optional seconds.
tr |
tr [ options ] [ string1 [ string2 ]
Translates characters; copies standard input to standard output, substituting characters from string1 to string2 , or deleting characters in string1 .
Complement characters in string1 with respect to ASCII 001-377.
Delete characters in string1 from output.
Squeeze out repeated output characters in string2 .
Guarantee that any output is unbuffered.
Include brackets ( [ ] ) where shown.
^G (bell).
^H (backspace).
^L (form feed).
^J (newline).
^M (carriage return).
^I (tab).
^K (vertical tab).
Character with octal value nnn .
Literal backslash.
All characters in the range char1 through char2 . If char1 doesn't sort before char2 , produce an error.
Same as char1 - char2 if both strings use this.
In string2 , expand char to the length of string1 .
Expand char to number occurrences. [x*4] expands to xxxx , for instance.
Expand to all characters in class , where class can be:
Letters and digits
Letters
Whitespace
Control characters
Digits
Printable characters except space
Lowercase letters
Printable characters
Punctuation
Whitespace (horizontal or vertical)
Uppercase letters
Hexadecimal digits
The class of characters in which char belongs.
Change uppercase to lowercase in a file:
$ cat file | tr '[A-Z]' '[a-z]'
Turn spaces into newlines (ASCII code 012):
$ tr ' ' '\012' < file
Strip blank lines from file and save in new.file (or use 011 to change successive tabs into one tab):
$ cat file | tr -s "" "\012" > new.file
Delete colons from file ; save result in new.file :
$ tr -d : < file > new.file
traceroute |
traceroute [ options ] host [ packetsize ]
Traces the route taken by packets to reach network host. traceroute attempts tracing by launching UDP probe packets with a small TTL (time to live), then listening for an ICMP "time exceeded" reply from a gateway. host is the destination hostname or the IP number of host to reach. packetsize is the packet size in bytes of the probe datagram. Default is 38 bytes.
Turn on socket-level debugging.
Set the TTL for the first probe packet.
Set the "don't fragment" bit.
Set a loose gateway.
Specify the interface for outgoing packets.
Set maximum time-to-live used in outgoing probe packets to max-ttl hops. Default is 30 hops.
Show numerical addresses; don't look up hostnames. (Useful if DNS is not functioning properly.)
Set base UDP port number used for probe packets to port . Default is (decimal) 33434.
Specify the protocol to use: UDP , TCP , GRE or ICMP .
Set number of probe packets for each time-to-live setting to the value n . Default is 3.
Bypass normal routing tables and send directly to a host on an attached network.
Use src_addr as the IP address that will serve as the source address in outgoing probe packets.
Set the type-of-service in probe packets to tos (default 0). The value must be a decimal integer in the range 0 to 255.
Verbose; received ICMP packets (other than TIME_EXCEEDED and PORT_UNREACHABLE ) will be listed.
Set time to wait for a response to an outgoing probe packet to wait seconds (default is three seconds).
Specify the number of milliseconds to wait between probes.
true |
true
A null command that returns a successful (0) exit status. See also false .
tset |
tset [ options ] [ type ]
Sets terminal modes. Without arguments, the terminal is reinitialized according to the TERM environment variable. tset is used in startup scripts ( .profile or .login) . type is the terminal type; if preceded by a ? , tset prompts the user to enter a different type, if needed. Press the Return key to use the default value, type .
Print terminal name on standard output; useful for passing this value to TERM .
Set erase character to c ; default is ^H (backspace).
Set interrupt character to c ; default is ^C .
Don't output terminal initialization setting.
Set line-kill character to c ; default is ^U .
Declare terminal specifications. port is the port type (usually dialup or plugboard ). tty is the terminal type; it can be preceded by ? as above. baudrate checks the port speed and can be preceded by any of these characters:
Port must be greater than baudrate .
Port must be less than baudrate .
Port must transmit at baudrate .
Negate a subsequent > , < , or @ character.
Prompt for the terminal type. With no response, use the given type.
Don't print "Erase set to" and "Kill set to" messages.
Report the terminal type.
Return the values of TERM assignments to the shell environment. This is commonly done via eval \'tset -s\' (in the C shell, surround this with the commands set noglob and unset noglob ).
Print the version of ncurses being used.
Set TERM to wy50 :
$ eval 'tset -s wy50'
Prompt user for terminal type (default is vt100 ):
$ eval 'tset -Qs -m '?vt100''
Similar to above, but the baudrate must exceed 1200:
$ eval 'tset -Qs -m '>1200:? xterm ''
Set terminal via modem. If not on a dial-in line, ?$TERM causes tset to prompt with the value of $TERM as the default terminal type:
$ eval 'tset -s -m dialup:'?vt100' "?$TERM"'
tty |
tty [ option ]
Prints the device name for your terminal. This is useful for shell scripts and commands that need device information. tty exits 0 if the standard input is a terminal, 1 if the standard input is not a terminal, and >1 if an error occurs.
Suppress the terminal name.
umount |
umount [-f] [-v] [-t types ] { -a | -A | -h hostname } umount [-f] [-v] { special | mount_point }
Removes mounted volumes from the directory hierarchy.
Unmount all filesystems listed in fstab or Open Directory.
Unmount all currently mounted filesystems, other than root's.
Attempt to force the unmount.
Unmount all filesystems currently mounted from the specified server.
Restrict the use of the command to filesystems of the specified types presented in a comma-separated list, which may include hfs , ufs , afp , nfs , or others.
Enable verbose output.
The form of this argument is particular to the type of filesystem being mounted and can be a disk device name, a fixed string, or something involving a server name and directory. See the individual mount_type entries for details.
The directory on which the filesystem is mounted.
uname |
uname [ options ]
Prints information about the machine and operating system. Without options, prints the name of the operating system.
Combine all the system information from the other options.
Print the hardware the system is running on.
Print the machine's hostname.
Print the type of processor.
Print the release number of the kernel.
Print the name of the operating system.
Print build information about the kernel.
uncompress |
uncompress [ option ] [ files ]
Restores the original file compressed by compress . The .Z extension is implied , so it can be omitted when specifying files .
The -b , -c , -f , and -v options from compress are also allowed. See compress for more information.
unexpand |
unexpand [ options ] [ files ]
Converts strings of initial whitespace, consisting of at least two spaces and/or tabs to tabs. Reads from standard input if given no file or a given file named - . See also expand .
Convert all, not just initial, strings of spaces and tabs.
Set tab stops at tab1 , tab2 , etc. If only tab1 is specified, sets tab stops every tab1 spaces.
uniq |
uniq [ options ] [ file1 [ file2 ]]
Removes duplicate adjacent lines from sorted file1 , sending one copy of each line to file2 (or to standard output). Often used as a filter. Specify only one of -c , -d , or -u . See also comm and sort .
Print each line once, counting instances of each.
Print duplicate lines once, but no unique lines.
Ignore the first n fields of a line. Fields are separated by spaces or by tabs.
Ignore the first n characters of a field.
Print only unique lines (no copy of duplicate entries is kept).
Ignore the first n fields of a line. Fields are separated by spaces or by tabs.
Ignore the first n characters of a field. Both [ - / + ] n have been deprecated but are still in this version.
Send one copy of each line from list to output file list.new ( list must be sorted):
$ uniq list list.new
Show which names appear more than once:
$ sort names | uniq -d
Show which lines appear exactly three times:
$ sort names | uniq -c | awk '$1 = = 3'
units |
units [ options ]
Interactively supply a formula to convert a number from one unit of measure to another. A complete list of the units can be found in /usr/share/misc/units.lib .
Use the units data in filename .
The prompts for "you have" and "you want" won't appear.
The version of units is listed.
A unit conversion can be entered from the command line instead of using the interactive interface.
unzip |
unzip [-v] unzip -Z [-v] [-M] [-s | -m | -l | -1] [-T] archive_filename [ pathname ...] [-x pathname ...] unzip -Z [-v] [-M] [-2] [-h] [-t] [-z] archive_filename [ pathname ...] [-x pathname ...] unzip [-q[q] | -v] [-M] [-l | -t | -z | -p | -c [-a[a]]] [-b] [-C] archive_ filename [ pathname ...] [-x pathname ...] unzip [-q[q] | -v] [-M] [-f | -u] [-a[a] | -b] [-C] [-L] [-j] [-V] [-X] [-n | -o] [-d directory ] archive_filename [ pathname ...] [-x pathname ...]
Lists or extracts files from a ZIP archive (such as one created by the zip command). If the name of the archive file ends in .zip , that extension need not be specified in archive_filename . If pathname arguments are given, only archive items matching those arguments are processed; otherwise, unzip lists or extracts all items in the archive. When called with no arguments, it prints a usage statement to standard output.
Convert text files in the archive to native format. For instance, it translates DOS linefeeds to Unix linefeeds on Mac OS X. When doubled ( -aa ), it attempts to convert all files, whether text or binary.
Treat all files as binary, so that no text conversions are attempted.
Extract file data to standard output.
Use case-insensitive matching of pathname arguments to archive items.
Extract files into the given directory. Otherwise, files are extracted into the current working directory.
Extract files only if they already exist, and if the modification timestamps in the archive are more recent than those on disk.
Discard the paths of archived files, so that all files are extracted into the same directory.
List archive contents, along with sizes, modification timestamps, and comments. More information is printed if -v is also used.
Convert filenames to lowercase if they were archived from a single-case filesystem (such as FAT). When doubled ( -LL ), all filenames are converted to lowercase.
Display output a page at a time.
Never overwrite existing files when extracting. By default, unzip prompts the user if an existing file would be overwritten.
Overwrite existing files when extracting, without prompting.
As -c , except that text conversions aren't allowed.
Minimize output. When doubled ( -qq ), produces even less output.
Perform a CRC check on archive items to determine if they have changed since being archived.
As -f , but also extract files that don't already exist on the disk.
Enable verbose output. If it's the only argument, print version information, compile settings, and environment variable settings to standard output.
For items archived on a VMS system, this retains file version numbers in filenames.
Exclude the files specified by the additional pathname arguments, which usually include wildcards to match filenames of a certain pattern.
Restore owner and group information for extracted files. Successful use of this flag will most likely require superuser privileges.
Print comments stored in the archive file to standard output.
Provide more control over information displayed to standard output about archive contents. Any options following -Z are passed to zipinfo . You may also simply call zipinfo directly rather than through unzip .
List the contents of a ZIP archive:
$ unzip -lv whizprog.zip
Extract C source files in the main directory, but not in subdirectories:
$ unzip whizprog.zip '*.[ch]' -x '*/*'
uptime |
uptime
Prints the current time, amount of time the system has been up, number of users logged in, and the system-load averages over the last 1, 5, and 15 minutes. This output is also produced by the first line of the w command.
users |
users [ file ]
Prints a space-separated list of each login session on the host. Note that this may include the same user multiple times. Consult file or, by default, /var/run/utmp .
uudecode |
uudecode [ options ] [ file ]
Reads a uuencoded file and recreates the original file with the permissions and name set in the file (see uuencode ).
Decode multiple files from the input, if possible.
Do not overwrite files.
Send output to filename instead of standard output.
Decode file to standard output
Do not strip pathname. By default, uudecode strips the path of any decoded files.
uuencode |
uuencode [-m] [-o output ] [ file ] filleame
Encodes a binary file. The encoding uses only printable ASCII characters and includes the permissions and name of the file. When file is reconverted via uudecode , the output is saved as name . If the file argument is omitted, uuencode can take standard input, so a single argument is taken as the name to be given to the file when it is decoded.
uuencode doesn't preserve resource forks or metadata when copying files that contain them.
Use Base64 encoding instead of uuencoding.
Send output to filename instead of standard output.
It's common to encode a file and save it with an identifying extension, such as .uue . This example encodes the binary file flower12.jpg , names it rose.jpg , and saves it to a .uue file:
$ uuencode flower12.jpg rose.jpg > rose.uue
Encode flower12.jpg and mail it:
$ uuencode flower12.jpg flower12.jpg | mail me@oreilly.com
uuidgen |
uuidgen
Sends to standard output a generated Universally Unique Identifier (UUID). A UUID is a 128-bit value guaranteed to be unique. This is achieved by combining a value unique to the computer, such as the MAC Ethernet address, and a value representing the number of 100-nanosecond intervals since a specific time in the past.
vi |
vi [ options ] [ files ]
A screen-oriented text editor based on ex . See Chapter 7 for more information on vi and ex . Options -c , -C , -L , -r , -R , and -t are the same as in ex .
Enter vi and execute the given vi command .
Edit in ex mode.
Don't make a temporary backup of the entire file.
Run in LISP mode for editing LISP programs.
Recover and edit file after an editor or system crash.
Read-only mode. Files can't be changed.
No other programs can be run; vi is put in secure edit mode.
This option works only when ex mode is being used. It enters into batch mode.
Edit the file containing tag and position the editor at its definition.
Set default window size to n ; useful when editing via a slow dial-up line.
Start vi on last line of file.
Start vi on line n of file.
Start vi on line containing pattern pat . This option fails if nowrapscan is set in your .exrc file.
view |
view [ options ] [ files ]
Same as vi -R .
visudo |
visudo [ options ]
Edits sudo 's control file sudoers in the vi editor. Using visudo instead of editing directly prevents two users from performing edits at once. Also, visudo will not save edits to sudoers if they are not syntactically correct.
Syntax check on the file's contents, without editing. Exits with 0 if it's valid, or 1 if not.
Specifies an alternate location for the sudoers file.
Quiet mode. When used with -c , do not print errors.
Strict checking. An alias used before it is defined is an error.
Print the version number.
vm_stat |
vm_stat [ interval ]
Displays Mach virtual memory statistics. The default view, without a specified interval, shows accumulated statistics. If interval is specified, vm_stat lists the changes in each statistic every interval seconds, showing the accumulated statistics for each item in the first line.
vmmap |
vmmap [ options ] PID
Displays the virtual memory regions associated with PID . vmmap displays the starting address, region size, read/write permissions for the page, sharing mode for the page, and the page purpose. This can be useful information for programmers especially, who often need to understand the memory allocation of a given process.
Print information about all shared system split libraries, even if they have not been loaded.
Display the difference between two snapshots taken seconds seconds apart.
Print regions in address order, instead of grouping writable and non-writable regions.
Print sizes in pages, not kilobytes.
Show resident memory as well as virtual.
Print information about submaps.
Display wide output.
vndevice |
vndevice { attach | shadow } device pathname vndevice detach device
Attaches or detaches a virtual device node to or from a disk image file. (Note that the functionality of vndevice is incorporated within hdiutil .) Modifications to data on the attached disk image will instead be written to the virtual node, or shadow image , and subsequent access to that data will be from the shadow. This allows effective read/write access to data on a disk image that shouldn't or can't be modified.
Attach a device node to a disk image designated by pathname .
Detach a device node from a disk image.
Associate an attached device node to a shadow disk image designated by pathname .
The device node filename, e.g., /dev/vn0 .
Create a disk image, attach a virtual device node to it, and mount it:
$ hdiutil create test.dmg -volname test -size 5m -fs HFS+ -layout NONE $ sudo vndevice attach /dev/vn0 test.dmg $ mkdir mount_point $ sudo mount -t hfs /dev/vn0 mount_point
Wait a minute, and then:
$ touch mount_point/test_file $ ls -l test.dmg
Note that the modification time on the disk image is current, reflecting the change you made by creating a test file.
Now set up shadowing. Unmount the volume first, then create the shadow disk image, attach the virtual node to it, and mount it again:
$ sudo umount /dev/vn0 $ hdiutil create shadow.dmg -volname shadow -size 5m -fs HFS+ -layout NONE $ sudo vndevice shadow /dev/vn0 shadow.dmg $ sudo mount -t hfs /dev/vn0 mount_point
Wait a minute, and then:
$ rm mount_point/test_file $ ls -l test.dmg; ls -l shadow.dmg
The modification time on the test image wasn't updated, but the shadow image reflects the change you just made, indicating that writes are being passed through to the shadow.
Finish up by unmounting the volume and detaching the virtual node:
$ sudo umount /dev/vn0 $ sudo vndevice detach /dev/vn0
vsdbutil |
vsdbutil { -a | -c | -d } pathname vsdbutil -i
Enables or disables the use of permissions on a disk volume. This is equivalent to using the "Ignore Privileges" checkbox in the Finder's Info window for a mounted volume. The status of permissions usage on mounted volumes is stored in the permissions database, /var/db/volinfo.database .
Activate permissions on the volume designated by pathname .
Print the status of permissions usage on the volume designated by pathname to standard output.
Deactivate permissions on the volume designated by pathname .
Initialize the permissions database to include all mounted HFS and HFS+ volumes.
w |
w [ options ] [ user ]
Prints summaries of system usage, currently logged-in users, and what they are doing. w is essentially a combination of uptime , who , and ps -a . Display output for one user by specifying user .
Dumps all processes, rather than just top-level ones.
Suppress headings and uptime information.
List by idle time.
Use data from the supplied file .
Use data from the supplied sysname .
List IP address as numbers.
wall |
wall [ file ]
Writes to all users. wall reads a message from the standard input until an end-of-file. It then sends this message to all users currently logged in, preceded by "Broadcast Message from...." If file is specified, read input from that, rather than from standard input.
Sends the output only to users in group group . This option may be repeated.
wc |
wc [ options ] [ files ]
Prints byte, character, word, and line counts for each file. Prints a total line for multiple files . If no files are given, reads standard input. See other examples under ls and sort .
Print byte count only.
Print line count only.
Print character count only.
Print word count only.
Count the number of users logged in:
$ who | wc -l
Count the words in three essay files:
$ wc -w essay.[123]
Count lines in the file named by variable $file (don't display the filename):
$ wc -l < $file
whatis |
whatis keywords
Searches the short manpage descriptions in the whatis database for each keyword and prints a one-line description to standard output for each match. Like apropos , except that it searches only for complete words. Equivalent to man -f .
whereis |
whereis files
Checks the standard binary directories for the specified programs, printing out the paths of any it finds.
The historic flags and arguments for the whereis utility are no longer available in this version.
which |
which [ commands ]
Lists which files are executed if the named commands are run as a command. which reads the user's .cshrc file (using the source built-in command), checking aliases and searching the path variable. Users of the Bourne or Korn shells can use the built-in type command as an alternative.
$ which file ls /usr/bin/file ls: aliased to ls -sFC
who |
who [ options ] [ file ]
Displays information about the current status of the system. With no options, lists the names of users currently logged into the system. An optional system file (default is /var/run/utmp ) can be supplied to give additional information. who is usually invoked without options, but useful options include am i and -u . For more examples, see cut , line , paste , tee , and wc .
Print headings.
Report only about the current terminal.
List names and number of users in columns.
Report whether terminals are writable ( + ), not writable ( - ), or unknown ( ? ).
Report terminal usage (idle time). A dot (.) means less than one minute idle; old means more than 24 hours idle.
Print the username of the invoking user. (Similar to results from id .)
This sample output was produced at 1:55 p.m. on January 15:
$ who -uH USER LINE WHEN IDLE FROM chuck console Jan 14 19:55 18:01 chuck ttyp1 Jan 15 13:11 . chuck ttyp2 Jan 15 13:55 .
The output shows that the user chuck has been idle for 18 hours and 1 minute (18:01, under the IDLE column).
whoami |
whoami
Prints current UID. Equivalent to id -un .
whois |
whois [ option ] name
Queries the Network Information Center (NIC) database to display registration records matching name . Multiple names need to be separated by whitespace. The special name "help" returns more information on the command's use.
Use the American Registry for Internet Numbers (ARIN) database.
Use the Asia/Pacific Network Information Center (APNIC) database.
Use the Network Abuse Clearinghouse database.
Check country-specific whois server at countrycode .whois-servers.net .
Use the U.S. Department of Defense database for .mil .
Use the U.S. non-military federal government database for .gov .
Specify a different whois server, host , to query. The default is whois.internet.net.
Use the Network Solutions Registry for Internet Numbers database.
Use the Internet Assigned Numbers Authority (IANA) database.
Use the Latin American and Caribbean IP address Regional Registry (LACNIC) database.
Use the Route Arbiter Database (RADB) database.
Connect to the whois server on port .
Use the R'eseaux IP Europ'eens (RIPE) database.
Use the IPv6 Resource Center (6bone) database.
write |
write user [ tty ] message
Initiates or responds to an interactive conversation with user . A write session is terminated with EOF. If the user is logged into more than one terminal, specifies a tty number. See also talk ; use mesg to keep other users from writing to your terminal.
xargs |
xargs [ options ] command
Executes command (with any initial arguments) but reads remaining arguments from standard input instead of specifying them directly. xargs passes these arguments in several bundles to command , allowing command to process more arguments than it could normally handle at once. The arguments are typically a long list of filenames (generated by ls or find , for example) that get passed to xargs via a pipe.
Expect filenames to be terminated by NULL instead of whitespace. Don't treat quotes or backslashes specially.
Use str as EOF.
Specifies replstr as the string to be replaced in command with each input line.
Like -I , but input lines are joined together, separated by spaces, to replace replstr .
Call command once for each lines lines.
Allow no more than args arguments on the command line. May be overridden by -s .
Specify the maximum number of arguments that will be replaced by -I .
Allow no more than max characters per command line.
Verbose mode. Print command line on standard error before executing.
If the maximum size (as specified by -s ) is exceeded, exit.
Search for pattern in all files on the system, including those with spaces in their names:
$ find / -print0 | xargs -0 grep pattern > out &
Run diff on file pairs (e.g., f1.a and f1.b , f2.a and f2.b ...):
$ echo $* | xargs -n2 diff
The previous line would be invoked as a shell script, specifying filenames as arguments. Display file , one word per line (same as deroff -w ):
$ cat file | xargs -n1
yes |
yes [ strings ]
Prints the command-line arguments, separated by spaces and followed by a newline, until killed. If no arguments are given, print y followed by a newline until killed. Useful in scripts and in the background; its output can be piped to a program that issues prompts.
zcat |
zcat [ options ] [ files ]
Reads one or more files that have been compressed with gzip or compress and writes them to standard output. Reads standard input if no files are specified or if - is specified as one of the files; ends input with EOF. zcat is identical to gunzip -c and takes the options -fhLV described for gzip / gunzip .
zcmp |
zcmp [ options ] files
Reads compressed files and passes them, uncompressed, to the cmp command, along with any command-line options. If a second file is not specified for comparison, looks for a file called file.gz .
zdiff |
zdiff [ options ] files
Reads compressed files and passes them, uncompressed, to the diff command, along with any command-line options. If a second file is not specified for comparison, looks for a file called file.gz .
zgrep |
zgrep [ options ] [ files ]
Uncompresses files and passes to grep , along with any command-line arguments. If no files are provided, reads from (and attempts to uncompress) standard input. May be invoked as zegrep or zfgrep ; in those cases, invokes egrep or fgrep .
zip |
zip [-h | -v] zip [-q | -v] [-T] [-0 | -1 | -9] [-F[F]] [-o] [-f | -u] [-g] [-b directory ] [-J] archive_filename zip [-q | -v] [-T] [-0 | -1 | -9] [-r [-D]] [-m] [-t MMDDYY ] [-o] [-c] [-z] [-X] [-j] [-k] [-l[l]] [-y] [-n suffix [: suffix ]...] [ -f | -u] [-d] [-g] [-b directory ] [-A] archive_filename { pathname ... | -@ } [{ -i | -x } pathname ...]
The files given by the pathname arguments are collected into a single archive file with some metadata (as with tar ), where they are compressed using the PKZIP algorithm. The archive file is named with a .zip extension unless another extension is specified. If pathname is given as - , data to be archived and compressed is read from standard input; if archive_filename is -, the ZIP archive data is written to standard output instead of to a file. If archive_filename already exists, then the specified files are added to or updated in the existing archive. When called with no arguments, it prints a usage statement to standard output.
Unlike the creation of ZIP archives from the Finder, zip doesn't preserve resource or attribute forks.
When updating an existing archive, specify path as the directory in which the new archive is temporarily stored before being copied over the old. Normally the temporary file is created in the current directory.
Prompt for one-line comments associated with each file in the archive.
Remove files from an existing archive, instead of adding or updating them.
Disable the creation of directory entries in the archive.
Update files in an existing archive if the modification timestamps of the source files are more recent than those in the archive. Doesn't add new files to an existing archive.
Attempt to repair an archive file that has been corrupted or truncated. When doubled ( -FF ), it performs a more thorough analysis of the archive.
When updating an existing archive, attempt to append to the existing file, rather than creating a new file to replace the old.
Print a usage statement to standard output.
Include only the files specified by the additional pathname arguments, which usually include wildcards to match filenames of a certain pattern.
Discard the paths of archived files, retaining only the filenames.
Strip data prepended to an archive, such as code to make the archive a self-extracting executable.
Attempt to archive files using DOS-compatible names and attributes.
Translate Unix-style newlines in files to DOS newlines. When doubled ( -ll ), convert DOS newlines to Unix newlines.
Display the zip license.
Delete the source files after they've been archived.
Disable compression for files with names ending in the strings given in suffixes . Multiple suffixes are separated by colons or semicolons.
Set the modification timestamp of the ZIP archive to that of the most recently modified item in the archive.
Minimize output.
Perform a recursive traversal of directories specified in the pathname arguments, and archive their contents.
Archive only files with modification timestamps more recent than date . date must be in mmddyyyy or yyyy - mm - dd format.
Ignore files with modification timestamps at or more recent than date . date must be in mmddyyyy or yyyy - mm - dd format.
Test the integrity of the ZIP archive created by the command. If the test fails, a preexisting archive file isn't overwritten, and source files aren't deleted (if using -m ).
Update files in an existing archive if the modification timestamps of the source files are more recent than those in the archive. Unlike -f , new files are also added.
Enable verbose output. If it's the only argument, print version information, compile settings, and environment variable settings to standard output.
Exclude the files specified by the additional pathname arguments, which usually include wildcards to match filenames of a certain pattern.
Disable storage of file metadata in the archive, such as owner, group, and modification date.
Archive symbolic links as symlinks, rather than archiving the targets of symlinks.
Prompt for comments to be stored in the archive file.
Disable compression.
Compress more quickly, at the cost of space efficiency.
Compress better, at the cost of time.
Take the list of source files from standard input.
Archive the current directory into source.zip , including only C source files:
$ zip source -i '*.[ch]'
Archive the current directory into source.zip , excluding the object files:
$ zip source -x '*.o'
Archive files in the current directory into source.zip but don't compress .tiff and .snd files:
$ zip source -z '.tiff:.snd' *
Recursively archive the entire directory tree into one archive:
$ zip -r /tmp/dist.zip .
zipinfo |
zipinfo [ options ] file
Displays about the specified zip file.
Print archive name, size, and number of archived items.
As -s , but compressed size is also displayed.
As -s , but compression ratio is also displayed.
Display output a page at a time.
Print information about each item in the archive, in a format similar to the ls command's output: permissions, version of zip used to create the archive, uncompressed size, file type, compression method, modification timestamp, and name. This is the default behavior if no other options are specified.
Print number of archived items, cumulative compressed and uncompressed sizes, and compression ratio.
Print timestamps in a sortable format, rather than the default human-readable format.
Enable verbose output.
Exclude the files specified by the additional pathname arguments, which usually include wildcards to match filenames of a certain pattern.
Print comments stored in the archive file.
Print only filenames of archived items.
As -1 , but -h , -t , and -z flags may be used to print additional information.
zmore |
zmore [ files ]
Similar to more . Uncompresses files and prints them, one screen at a time. Works on files compressed with compress , gzip , or pack , and with uncompressed files.
Print next screenful.
Print next screenful, or number lines. Set i to number lines.
Print next i , or 11 lines.
Print next i lines or a screenful.
Skip i lines. Print next screenful.
Skip i screens. Print next screenful.
Go to next file, or, if current file is the last, exit zmore .
Exit zmore when the prompt " --More--(Next file: file) " is displayed.
Skip next file and continue.
Print line number.
Search forward for i th occurrence (in all files) of expr , which should be a regular expression. Display occurrence, including the two previous lines of context.
Search forward for the i th occurrence of the last regular expression searched for.
Execute command in shell. If command isn't specified, execute last shell command. To invoke a shell without passing it a command, enter \! .
Repeat the previous command.
znew |
znew [ options ] [ files ]
Uncompresses .Z files and recompresses them in .gz format.
Optimal (and slowest) compression method.
Recompress even if filename.gz already exists.
If the original .Z file is smaller than the .gz file, keep it.
Pipe data to conversion program. This saves disk space.
Test new .gz files before removing .Z files.
Verbose mode.
zprint |
zprint [ options ] name
Displays information in columnar output about all memory zones. Using command-line switches, you can alter the formatting and amount of information displayed.
Display the space allocated, but not in use, for each memory zone. The output for each zone is displayed in the right-most column.
Produce a sorted output of the memory zones in descending order beginning with the zone that wastes the most memory.
Override the default columnar format with a row-based display that also reduces the information fields shown.
Hide the default columnar headings. This may be useful when sorting output by column.
name is a substring of one or more memory zone names. Only memory zones matching this substring are included in the output.