is there a mac os x lion command line administration documentation? You can also check out the documentation of the server.
Table of contents
- Your Answer
- Mac OS X Server Introduction to Command-Line Administration Version Snow Leopard - PDF
- Mac OS X Server Introduction to Command-Line Administration Version 10.6 Snow Leopard
Most of these users aren t traditional user accounts with home directories, but you should be able to find the short name of known users on the computer. File and folder names can include letters, numbers, a period, or the underscore character. Avoid most other characters, including space characters. Although some Mac OS X file systems permit the use of these other characters, including spaces, you might need to add single or double quotation marks around pathnames that contain them.
For individual characters, you can also escape the character that is, put a backslash character immediately before the character in your string. For example, entering: NOT super-user This is because the shutdown command can be run only by the root user or by an administrative user with special privileges. To run commands in this "super user mode, use the sudo command.
The following command does work, so don t run it unless you really want to restart your computer: Only users that you have designated as admin users are able to execute commands with sudo. If you re logged in as a user who isn t an admin user, you can change substitute users by typing su adminusername, where adminusername is the name of a user in the Admin group.
After you enter that user s password, a new shell is launched from the existing shell, as that user. If a command requires it, you can use su to log in as the root user. Under normal circumstances you don t need to use the root user account. If you do su to the root user, be especially careful, as you have sufficient privileges to make changes that can cause your server to stop working.
For more information about the sudo and su commands, see their man pages. Getting Help for Command-Line Tools Command-line tools provide multiple mechanism for getting help while using them. This section describes three ways that you can get help from the command-line. Command-line tools do not always follow the same conventions so if one parameter doesn t work try another. To access command help: Enter the command followed by the -help,-h,--help, or help parameter: Enter the command without options or parameters: Using Man Pages Most command-line documentation comes in man pages.
Man pages provide reference information for shell commands, tools, and high-level concepts. To access a man page entry: The man page contains detailed information about the command, its options and parameters, and proper use. For help using the man command itself, enter: Press the Q key to exit the man page. If multiple instances are found, the P and N keys let you access the previous and next instances of the term.
If you don t know the name of the particular man page, you can search the topics by entering: For example: If you have the Xcode tools installed, you can view man pages from within Xcode by selecting Open man page from the Help menu. There are also several third-party graphical Mac OS X applications available for viewing man pages. Some tools use info pages instead, and some have no documentation at all. For more information about info pages, see Using Info Pages on page You can also access command information using the help command, and sometimes information is displayed if you enter the command without options or parameters.
Using Info Pages Some commands use info pages to display their documentation. Primarily these are software packages that come from the GNU project. To use an info page, enter the info command followed by the name of the tool: The following commands provide basic navigation between info nodes: Key Command n p u l q Results Navigates to the next page Returns to the previous page Navigates up one level of nodes Returns to the last node visited Quits the info program 18 Chapter 1 Introduction to the Command-Line Environment. You can use the command-line environment in Mac OS X and Mac OS X Server interactively by typing a command and waiting for a result, or you can use the shell to compose scripts that run without direct interaction.
This chapter discusses using the command-line environment interactively. For more information about using a particular shell interactively, see the man page for that shell. Standard Pipes Many commands can receive text input from the user and print text to the console. They do so using standard pipes, which are automatically created by the shell and passed to the command. Standard pipes include: By default, the user enters input from the command-line interface. You can redirect the output from files or other commands to stdin.
By default, command output is sent to the command line.
Mac OS X Server Introduction to Command-Line Administration Version Snow Leopard - PDF
You can redirect the output from the command line to other commands and tools. By default, errors are displayed on the command line along with standard output. Redirect output from the command if you want to capture the results of running the command and store it in a file for later use. Similarly, redirect input from a file to the command if you want to provide the command with preset input data, instead of needing to enter that data. Use the following characters to redirect input and output: In addition to using file redirection, you can also redirect the output of one command to the input of another using the vertical bar character, or pipe.
You can combine commands in this manner to implement more sophisticated versions of the same commands. For example, the command man bash grep commands passes the formatted contents of the bash man page to the grep tool, which searches those contents for lines containing the word commands. The result is a list of lines with the specified text, instead of the entire man page. For more information about redirection, see the bash man page. Correcting Typing Errors You can use the Left and Right Arrow keys to correct typing errors before you press Return to execute a command.
To correct a typing error: To ignore what you entered and start again, press Control-U. Environment variables are inherited by all commands executed in the shell s context, and some commands depend on environment variables. You can create environment variables and use them to control the behavior of a command without modifying the command itself.
For example, you can use an environment variable to have a command print debug information to the console. To set the value of an environment variable, use the appropriate shell command to associate a variable name with a value. To view all environment variables, enter: This form of inheritance can be a useful way to configure the application dynamically. For example, your application can check for the presence or value of an environment variable and change its behavior accordingly.
Different shells support different semantics for exporting environment variables. For information, see the man page for your preferred shell. Although child processes of a shell inherit the environment of that shell, shells are separate execution contexts that don t share environment information with each other.
Variables you set in one Terminal window aren t set in other Terminal windows. After you close a Terminal window, variables you set in that window are gone. If you want the value of a variable to persist across sessions and in all Terminal windows, you must set it in a shell startup script. Another way to set environment variables in Mac OS X is with a property list file in your home folder.
If the file is present, the computer registers the environment variables in the property list file. Including Paths Using Drag and Drop To include a fully qualified filename or folder path in a command, you can drag the file or folder from a Finder window to the Terminal window. This chapter discusses some basics of shell scripting on Mac OS X, including automation and scheduling, as well as a brief overview of what a shell script is.
It does not provide information on writing shell scripts in general. For information about how to write shell scripts, see the Shell Scripting Primer on the Apple Developer Connection website. What is a Shell Script? A shell script is a text file that contains one or more UNIX commands. You run a shell script to perform commands you might otherwise run interactively at the command line. Shell scripts are useful because you can combine many common tasks into one script, saving you time and possible errors when running similar tasks over and over. They can also be easily automated using tools such as launchd or Apple Remote Desktop.
A shell script begins with a character combination that identifies it as a shell script, the characters and! For example, here s the first line of a shell script that would be run with sh: To make a comment, start the line with the number sign. Every line of a comment needs to begin with the number sign: This program returns the contents of my Home folder You can put blank lines in a shell script to help visually distinguish different sections of the script.
To make a shell script executable: For more information about running your shell scripts, see Executing Commands and Running Tools on page Monitoring and Restarting Critical Services with launchd Mac OS X includes a system for monitoring and running critical service, which you may want to use to run various shell scripts. This system is uses a daemon named launchd. During system startup, launchd is the first process the kernel runs to set up the computer.
Other mechanisms for starting daemons and services are subject to removal at Apple s discretion. You can get an idea of the various processes run by launchd by looking at the following configuration files: These are no longer supported and should be replaced with calls using launchd.
- Mac OSX Terminal (command-line tips and tricks) – Index.
- How to: Add a User from the OS X Command Line on Mac;
- Useful Commands for OSX Administration | Jon Brown Designs!
For more information about launchd, see the launchd and launchctl man pages. Also see Technical Note TN Daemons and Agents on the Apple Developer Connection. Scheduling a Shell Script to Run at Specific Times To schedule a shell script to run at predefined times, use either launchd or the cron tool. When commands execute, output is mailed to the owner of the crontab file or to the user named in the optional MAILTO environment variable in the crontab file.
If you modify a crontab file, you must restart cron. You use crontab to install, deinstall, or list the tables used to drive the cron daemon. Users can have their own crontab file. To configure your crontab file, use the crontab -e command.
Mac OS X Server Introduction to Command-Line Administration Version 10.6 Snow Leopard
This displays an empty crontab file. Here s an example of a configured crontab file: With launchd, if a task is skipped because the computer is shut off or asleep, the task is added to the queue when the computer comes back online. For more information about launchd, see the launchd man page. If you need to run command-line tools on remote computers, there are tools to help you. This chapter discusses some of the most commonly used tools and provides some tips for getting started. It also describes three methods for connecting to the command-line environment of a remote computer: You use the ssh tool in Terminal to open a command-line connection to a remote computer, and while the connection is open, you enter commands to be performed on the remote computer.
Here s a description of an SSH session: The local and remote computers exchange public keys. If the local computer has never encountered a given public key, SSH and your web browser prompt you to accept the unknown key. The two computers use the public keys to negotiate a session key used to encrypt subsequent session data. If this isn t possible, the local computer is prompted for a local username and password. After successful authentication, the session begins. A remote shell, a secure file transfer, a remote command, or other action can take place through the encrypted tunnel.
The following are SSH tools: The standard method of SSH authentication is to supply a user name and password as login credentials. Identity key-based authentication lets you log in to the server without supplying a password. Key-based authentication is more secure than password authentication, because it requires that you have the private key file and know the password that lets you access that key file. A key must be generated for each user account that needs to use ssh. How SSH key-based authentication works: This folder is created when using SSH the first time. This is especially useful when automating remote scripts.
Alternatively, you can store the keys for the user in a location that isn t protected by FileVault, but this isn t secure. For no password, don t enter anything when prompted. Just press Return. Enter same passphrase again: Your identification has been saved in frog. Your public key has been saved in frog.
The key fingerprint is: Your identification or private key is saved in one file frog in our example and your public key is saved in the other frog. The key fingerprint, which is derived cryptographically from the public key value, also appears. This secures the public key, making it computationally infeasible for duplication. The next time you log in to the remote computer from the local computer, you won t need to enter a password. If you need to establish two-way communication between servers, repeat this process on the second computer.
This process must be repeated for each user who needs to be able to open a keybased SSH session. If you re using an Open Directory user account and have logged in using the account, you don t need to supply a password for SSH login. Kerberos must be running on the Open Directory server. For more information, see Open Directory Administration.
Chapter 4 Connecting to Remote Computers The following Perl script is a trivial scripting example, and it shouldn t be implemented. It demonstrates connecting over an SSH tunnel to each server defined in the variable serverlist, running softwareupdate, installing available updates, and restarting each server if necessary. Over the years I have stored a file that has many of the day to day commands that I use to administer the computers at my workplace.
After 4 years of saving these commands I am giving back and creating the ultimate post to aid all new sys admins out there. The Adaptive Firewall The most basic task you can do with the firewall is to disable all of the existing rules. To do so, simply run afctl all afctl options require sudo with a -d option:. To remove a specific IP address that has been blacklisted, use the -r option followed by the IP address rules are enforced by IP.
Recover a corrupt open directory Reset a corrupt open directory Note, this should only be done in the event that there is no possible way to recover or restore the OD. This will completely destroy your servers open directory. Cleanup files from users computers We do not allow. I later adapted these commands to a script that runs on login.