For most people, the Mac's OS X is all about the graphical user interface. But system administrators and power users know that the Mac's command-line interface can be a powerful time saver and, in many cases, the only method to accomplish certain tasks. The command shell itself, delivered by Apple's included lTerminal program, is a wonder of open source. Bash -- for "Bourne again shell" -- was developed by free-software guru Brian Fox. It's widely used on operating systems of all kinds, including iOS, Linux, Unix, and mainframes. There's already a huge brain trust of tool knowledge around using Bash as a systems administrator's command shell.
But OS X brings its unique capabilities to the command-line table, in the form of utilities that leverage OS X's user interface, file system, and security capabilities. I've scoured the Internet for the best of the best of these utilities. Some you may already know, but others are sure to make you sit up and exclaim, "Sweet!"
[ For tips and tools on managing an enterprise Mac fleet, download InfoWorld's free "Business Mac" Deep Dive PDF special report today. | See InfoWorld's slideshow tour of OS X Mountain Lion's top 25 features and test your Apple smarts with our http://www.infoworld.com/newsletters/subscribe?showlist=infoworld_tech_apple&source=ifwelg_fssr. | Keep up with key Apple technologies with the Technology: Apple newsletter. ]
What follows is an alphabetical list of the 20 best command-line gems, with enough description to put you on the path to using their productivity riches. All commands, unless otherwise noted, run on all versions of OS X since 10.4 Tiger. For most of these commands, you can get more documentation using the "manpage" system: Type man followed by the command name. For example, man lsof displays the manual page for the List Open Files command.
1. airport: Scan your local wireless environment from the command line
When you click the Wi-Fi icon in OS X's menu bar (called AirPort before OS X Lion), you get a list of available wireless networks. The airport command-line utility does the same and a lot more. It shows you the numeric signal strength for every access point, the channel used, and the encryption level, if any.
Alas, the airport command-line utility is buried deep in the System directory (aka System folder when using OS X's GUI). But you can create a symbolic link to it using the one-time command below. Then just type airport -s in the Terminal's command line to get the detailed scan report. (Hint: If you don't get any output, turn Wi-Fi on in the Network system preference.)
To create a symbolic link to the airport command:
$ sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/sbin/airport
To run a wireless scan:
$ airport -s
SSID BSSID RSSI CHANNEL HT CC SECURITY (auth/unicast/group)
air4 90:84:0d:c2:c2:c2 -74 1 Y US WPA2 (PSK/TKIP/TKIP)
MY408G1 00:26:b8:c2:c2:c2 -82 6 Y US WEP
air4 00:24:36:c2:c2:c2 -27 11 Y US WPA (PSK/TKIP/TKIP)
G00NOO7 00:18:01:c2:c2:c2 -70 11 N US WEP
air4 5G 90:84:0d:c2:c2:c2 -87 36,+1 Y US WPA2 (PSK/AES,TKIP/TKIP)
air4 5G 00:24:36:c2:c2:c2 -35 157,+1 Y US WPA2 (PSK/AES,TKIP/TKIP)
2. caffeinate: Prevent a system from sleeping
This command is new in OS X Mountan Lion. Let's say you started a long-running file transfer just before lunch and don't want your system to go to sleep. What do you do? Give it some caffeine! That's what caffeinate does. You can explicitly specify an elapsed period of wakefullness, in seconds, with the -u and -t options, or you can use caffeinate to invoke a command-line utility that you want to not be interrupted by sleep.
To prevent your Mac from sleeping for one hour (3,600 seconds):
$ caffeinate -u -t 3600
To prevent your Mac from sleeping until the secure file copy (scp) completes:
$ caffeinate -s scp bigfile me:myserver/bigfile
3. curl: Download a URL from the command line (copy URL)
A powerhouse of a command-line utility, curl lets you do many things, but the most handy capability is retrieving a file from a website. Just pass the URL to curl and tell it where to deliver the load via the --output option, as demonstrated below. You'll find curl can rename the file at the same time, or it can download entire website directories -- recursively, even. Copy the entire Internet if you want. The U.S. government does (via archive.org).
$ curl http://manuals.info.apple.com/en_US/ipad_user_guide.pdf --output ipad.pdf
4. DNS cache: How to clear it
Whenever a computer looks up a domain name, such as www.acme.com, it caches the answer so that all future requests can be satisfied without performing the entire DNS lookup process. But sometimes you want to clear this cache to force the DNS lookup to occur again, such as when the IP address for a particular domain name changes. OS X has three ways to do this, shown below, depending on which version of OS X you're running.
The opendiff command launches FileMerge to graphically compare files or directories
Note that for Lion and Mountain Lion, clearing the DNS cache requires administrative privileges and the sudo (Superuser Do) enabler.
In OS X 10.4 Tiger: $ lookupd -flushcache
In OS X 10.5 Leopard and OS X 10.6 Snow Leopard: $ dscacheutil -flushcache
In OS X 10.7 Lion and OS X 10.8 Mountain Lion: $ sudo killall -HUP mDNSResponder [and enter your password]
5. filetree: Show a textual file tree of subdirectories
The filetree command is wonderful. It prints out a nice text tree showing all the directories subsidiary to the directory your command line is currently in.
The only problem with this command: It doesn't exist. Fortunately, one of the wonders of Bash is that you can make your own commands, using Bash's alias function (thank you, Brian). Just type alias nameyourcommand="a bunch of commands piped together however you want". You can create the Filetree command on the spot. Below, you can see the complicated code that produces the filetree output. I have no idea how it works, and I don't care. Just let me type filetree instead of that crazy command line.
Note that just creating an alias doesn't make it permanent. When you close the Terminal window, all your command aliases go away. To "remember" them from session to session, you have to add them to the hidden .profile file in your home directory. You can edit that using the open command described in command-line utility No. 9 later in this article (that is, open -e ~/.profile):
$ alias filetree="ls -R | grep ":$" | sed -e 's/:$//' -e 's/[^-][^\/]*\//--/g' -e 's/^/ /' -e 's/-/|/'"
|---Full of Stars.app
6. locate: Quickly search file and folder names
The locate utility searches a special internal database of all publicly accessible pathnames that OS X maintains separately from the Spotlight search index. It's very fast to search, but the database is refreshed only periodically -- typically daily.
The first time you run the command, you may receive a warning that the database doesn't exist. The warning message will tell you the name of the command to activate locate's database and begin building it, a process that may take several hours. Once built, however, the database is quick and easy to search when you're trying to track down a folder, file, or application. Simply type the string you're searching for after the command name. Type man locate for full details on search syntax.
$ locate junko
7. lsof: Reveal open TCP and UDP ports and the applications using them
When tracking down problems, particularly security-related issues, it's often helpful to know which applications are currently communicating on the network. The lsof (list open files) command does that. With the -i option, it lists all the open connections in progress and the names of the applications using them. The list can be long, and often you're only interested in applications that have established sessions, not partially open ones (for example, someone trying to sign on). To reduce the command's output, you can pipe it to the grep command and filter on the word ESTABLISHED to list only functional connections:
$ lsof -i | grep ESTABLISHED
It might display:
ScreenShare 865 adm ... TCP 10.0.0.48:64603->www.sbwh.net:ssh (ESTABLISHED)
ScreenShare 866 adm ... TCP 10.0.0.48:26164->www.sbwh.net:ssh (ESTABLISHED)
JobServ 922 adm ... TCP 10.0.0.48:64701->renite.jobserv.com:ftp (ESTABLISHED)
aosnotify 1101 adm ... TCP 10.0.0.48:50129->aosnotify.me.com:5223 (ESTABLISHED)
Mail 7601 adm ... TCP 10.0.0.48:53529->supersonic.jet.net:https (ESTABLISHED)
8. networksetup: Retrieve or set network configuration values
Network troubleshooting often requires examining a computer's network settings and possibly making changes to them to test various theories about what may be wrong. The networksetup tool lets you view all manner of network parameters, including IP addresses, available network interfaces, and more than 50 other variables. One setting you probably have to verify frequently is the list of DNS servers, especially in light of the recent malware that changed this list to point to malicious DNS servers. You can also turn Wi-Fi off or on.
The other 49 variables are assigned as homework; here's the variable to display the list of name servers in use for an interface (in this case, Ethernet):
$ networksetup -getdnsservers ethernet
It might display:
And to turn Wi-Fi on or off:
$ networksetup -setairportpower airport on
$ networksetup -setairportpower airport off
9. open: Launch applications and open Finder windows from the command line
One of OS X's most versatile commands, open facilitates smooth interaction between a command-line shell and the Mac's graphical user interface. From the command line, you can open a directory into a Finder window, open a document into an application, open a text file into a text editor for quick changes, and more.
To open a directory in a Finder window:
$ open /Users/mel/Documents
Open an application (case doesn't matter):
$ open itunes
To open a document in its default application for file type:
$ open Documents/myword.doc
To open a document in an application other than the one for file type:
$ open -a bbedit junko.txt
To open a file in TextEditor:
$ open -e mytext.rtf
To open a URL in the default browser:
$ open http://google.com
10. opendiff: Compare and merge files and directores
opendiff takes two file or directory names as arguments and passes them to the little-known (because it's hidden) FileMerge utility in OS X's Utilities folder. FileMerge can find the differences between two text files, as well as compare two directories with the ability to merge them into a single directory that eliminates duplicate files. The syntax is simple and produces the display shown below:
$ opendiff Contract1.rtf Contract2.rtf
The top command sorted by CPU percentage
11. pgrep and pkill: Find or signal a program or processby name
The old way of finding a running program or process (a program can spawn multiple processes having the same name) was to run the ps command and pipe its output to grep. The pgrep command-line utility does all that in one step: Just specify the name of the process you seek as an argument.
You can also send a signal to a program the same way using pkill. Old Unix hands know that kill doesn't really mean to kill the processs; normally it's just a way to send a friendly nudge to a process to, for example, ask it to restart. But if necessary, pkill can actually kill a program if you use its -9 option.
To see if Safari is running:
$ pgrep Safari
It might display:
mel 75341 0.0 0.7 ... /Applications/Safari.app/Contents/MacOS/Safari
To kill Safari (now!):
$ pkill -9 Safari
12. qlmanage: Quick-look a file from the command line
Say you're about to delete a file from the command line. Is it anything you might regret deleting? Check first, using qlmanage with the -p option to see a preview of the file's contents, using OS X's Quick Look facility that's so handy when in the GUI. Or don't. It's your career, not mine.
If you just want a tiny look, use -t instead of -p. OK, -t isn't for "tiny" -- it's for "thumbnail." But thumbnails are tiny.
$ qlmanage -p OnlyCopyOfCriticalBusinessPlan.rtf
13. scp: Securely copy a file between two computers
Another popular command with Linux and Unix afficianados, scp (Secure Copy) is often overlooked by OS X administrators. Traditionally, you'd copy a file or a directory between systems using the Finder, which entails first configuring file sharing, then mounting the remote system's share point, then navigating two Finder windows to the desired source and destination folder, and finally dragging the desired files or folders from one window to the other.
You can accomplish all that in a single command with scp, which takes two arguments: a source file descriptor and a destination file descriptor.