Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Terminal commands

I'm curious if there's a way to view Terminal CLI commands that are executed by other apps as they are entered. I'm curious about what commands utilities such as El Capitan Cache Cleaner are issuing. Is there an app or a command in Terminal that will display input not done by the operator/user?


thanks,


-Tod

Mac mini, OS X El Capitan (10.11), 10GB SDRAM 740 GB fusion drive

Posted on Nov 13, 2015 7:56 PM

Reply
7 replies

Nov 13, 2015 9:07 PM in response to Linc Davis

@ Linc Davis,


Thanks for the comments. I agree that such apps aren't very useful as a knowledgable user can accomplish the same thing manually.


I was curious, though, simply as a learning opportunity: If I saw what these apps were executing, I could figure out a little bit more of how to perform some things with Terminal. For instance, though I don't have the need for it, I do wonder how to repair permissions, which is now MIA in El Cap.


I just thought there might be a means of intercepting whatever these apps execute. I'm not familiar with any particular debuggers for OS X. What should I look for?


I'm retired and just kind of idly curious as I dig into my Mac.

-Tod

Nov 13, 2015 9:17 PM in response to TodFromIndiana

You would need the skills of a programmer to get any useful information from a debugger. I can't think of a worse way to start learning how to use the shell. A good way is to work through a book with exercises. I don't have a specific recommendation.


Nothing that a "cache cleaner" does is worth doing or worth learning about. Repairing permissions, which was always a waste of time, is both impossible and unnecessary in El Capitan.

How to maintain a Mac

Make two or more backups of all your files

One backup is not enough to be safe. A copy of a backup doesn't count as another backup; all backups must be made directly from the original data.

Keep at least one backup off site at all times in case of disaster. Backing up to a cloud-data service is one way to accomplish this, but don't rely exclusively on such backups.

In fact, don’t rely exclusively on any single backup method, such as Time Machine.

If you get an indication that a backup has failed, don't ignore it.

Keep your software up to date

In the App Store or Software Update preference pane (depending on the OS version), you can configure automatic notifications of updates to OS X and other Mac App Store products. Some third-party applications from other sources have a similar feature, if you don’t mind letting them phone home. Otherwise you have to check yourself on a regular basis.

Keeping up to date is especially important for complex software that modifies the operating system, such as device drivers. Don't install such modifications unless they're absolutely necessary. Remove them when they are no longer needed. Before installing any Apple update, you must check that all system modifications that you use are compatible. Incompatibility with third-party software is by far the most common cause of difficulties with system updates.

Don't install crapware

...such as “themes,” "haxies," “add-ons,” “toolbars,” “enhancers," “optimizers,” “accelerators,” "boosters," “extenders,” “cleaners,” "doctors," "tune-ups," “defragmenters,” “firewalls,” "barriers," “guardians,” “defenders,” “protectors,” most “plugins,” "virus scanners,” "disk tools," or "utilities." With very few exceptions, such stuff is useless or worse than useless. Above all, avoid any software that purports to change the look and feel of the user interface.

It's not much of an exaggeration to say that the whole "utility" software industry for the Mac is a fraud on consumers. The most extreme examples are the "CleanMyMac," "TuneUpMyMac," and “MacKeeper” scams, but there are many others.

As a rule, you should avoid software that changes the way other software works. Plugins for Photoshop and similar programs are an obvious exception to this rule. The Mac App Store has extensions for the Photos app, and perhaps others, that should be safe. Safari extensions, and perhaps the equivalent for other web browsers, are a partial exception. Most are safe, and they're easy to get rid of if they don't work. Some may cause the browser to crash or otherwise malfunction. Some are malicious. Use with caution, and install only well-known extensions from relatively trustworthy sources, such as the Safari Extensions Gallery.

Only install software that is useful to you, not (as you imagine) to the computer. For example, a word processor is useful for writing. A video editor is useful for making movies. A game is useful for fun. But a "cache cleaner" isn't useful for anything. You didn't buy a computer so you could clean caches.

Never install any third-party software unless you know how to uninstall it. Otherwise you may create problems that are very hard to solve. Do not rely on "utilities" such as "AppCleaner" and the like that purport to remove software.

Don't install bad, conflicting, or unnecessary fonts

Whenever you install new fonts, use the validation feature of the built-in Font Book application to make sure the fonts aren't defective and don't conflict with each other or with others that you already have. See the built-in help and this support article for instructions.

Deactivate or remove fonts that you don't really need to speed up application launching.

Avoid malware

"Malware" is malicious software that circulates on the Internet. This kind of attack on OS X was once so rare that it was hardly a concern, but it's now increasingly common and dangerous.

There is some built-in protection against malware, but you can’t rely on it—the attackers are always at least one day ahead of the defense. You can’t rely on third-party "anti-virus" or "anti-malware" products for protection either. What you can rely on is common-sense awareness—not paranoia, which only makes you more vulnerable.

Never install software from an untrustworthy or unknown source. If in doubt, do some research. Any website that prompts you to install a “codec” or “plugin” that comes from the same site, or an unknown site, is untrustworthy. Software that doesn't come from the Mac App Store, such as Adobe Flash Player, must come directly from the developer's website. No intermediary is acceptable, and don’t trust links unless you know how to parse them. Any file that is automatically downloaded from the web, without your having requested it, should go straight into the Trash. A web page that tells you that your computer has a “virus,” or that anything else is wrong with it, is a scam.

In OS X 10.7.5 or later, downloaded applications and Installer packages that have not been digitally signed by a developer registered with Apple are blocked from loading by default. The block can be overridden, but think carefully before you do so.

Because of recurring security issues in Java, it’s best to disable it in your web browsers, if it’s installed. Few websites have Java content nowadays, so you won’t be missing much. This action is mandatory if you’re running any version of OS X older than 10.6.8 with the latest Java update. Note: Java has nothing to do with JavaScript, despite the similar names. Don't install Java unless you're sure you need it. Most people don't.

Don't fill up your disk or SSD

A common mistake is adding more and more large files to your home folder until you start to get warnings that you're out of space, which may be followed in short order by a startup failure. This is more prone to happen on the newer Macs that come with an internal SSD instead of the traditional hard drive. The drive can be very nearly full before you become aware of the problem.

While it's not true that you should or must keep any particular percentage of space free, you should monitor your storage use and make sure you're not in immediate danger of using it up. According to Apple documentation, you need at least 9 GB of free space on the startup volume for normal operation.

If storage space is running low, use a tool such as OmniDiskSweeperto explore the volume and find out what's taking up the most space. Move seldom-used large files to secondary storage.

Relax, don’t do it

Besides the above, no routine maintenance is necessary or beneficial for the vast majority of users; specifically not “cleaning caches,” “zapping the PRAM,” "resetting the SMC," “rebuilding the directory,” "defragmenting the drive," “running periodic scripts,” “dumping logs,” "deleting temp files," “scanning for viruses,” "purging memory," "checking for bad blocks," "testing the hardware," or “repairing permissions.” Such measures are either completely pointless or are useful only for solving problems, not for prevention.

To use a Mac effectively, you have to free yourself from the Windows mindset that every computer needs regular downtime for maintenance such as "defragging" and "registry cleaning." Those concepts do not apply to the Mac platform.

A well-designed computing device is not something you should have to think about much. It should be an almost transparent medium through which you communicate, work, and play. If you want a machine that needs a lot of attention just to keep going, use a PC, or collect antique cars.

The very height of futility is running an expensive third-party application called “Disk Warrior” when nothing is wrong, or even when something is wrong and you have backups, which you must have. Disk Warrior is a data-salvage tool, not a maintenance tool, and you will never need it if your backups are adequate. Don’t waste money on it or anything like it.

Nov 14, 2015 11:51 AM in response to Linc Davis

@ Linc Davis:


Wow! I set out to learn something by checking whatever these cleaners were executing and I got an amazing lesson that is worth every penny. thank you for taking the time to write this extraordinary tutorial about the benefits of your experiences and knowledge. You may call me "Grasshopper." 😊


Seriously, I'm adding this to my "Mac Tips" notebook. I really appreciate the time you took to go into detail about the various traps and scamware schemes that we users can fall into. Even though I've been using Macs since 1985, there's still so much I can learn.


Thank you!


-Tod

Nov 14, 2015 12:10 PM in response to Linc Davis

Back to my original idea of learning a little more about what Terminal can do, thanks for the advice of getting a book of lessons. A quick DDG search turned up a fair number of these, which I'll check out in time.


I had to laugh at your comment about backing up and not backing up from a backup! Reminded me of the days ages ago when a joke on a piece of paper was passed around the office and copies made on the Xerox. Then copies of the copies. You could see how the detail degraded and artifacts from various copiers were introduced and further copied. I've got a Time Capsule, an external drive that is a second backup done daily, and a third which is done weekly.


I've got a fusion drive and have never understood why people still recommend those "optimizers" for SSDs or fusion drives, let alone good ol' hard drives. Further, I have been aware about the dangers of overloading a drive. I have moved a lot of my applications that are occasionally used to an external drive to save space. I have my iTunes library on an external drive as well. (These are both backed up as well.)


Thanks again, my friend.

Nov 14, 2015 1:24 PM in response to TodFromIndiana

TodFromIndiana wrote:


I'm curious if there's a way to view Terminal CLI commands that are executed by other apps as they are entered. I'm curious about what commands utilities such as El Capitan Cache Cleaner are issuing. Is there an app or a command in Terminal that will display input not done by the operator/user?

Hello Tod,

Yes, of course. As Linc suggests, it is an advanced topic, but it can be done. There are a number of ways you can go about it.


1) You select the app in question, right/command click and choose "show package contents". Then you can explore the internals of the application. It may include scripts as resources that you can just open an inspect with a good text editor. I suggest Text Wrangler. Not only is it a good text editor, it also opens binary plist (property list) files.

2) In some cases, the commands will be embedded inside an executable. There are de-compilers that can convert object code back into source, but they are difficult to use and the output will be very hard to understand. Instead, you can just use the "strings" command on the executable located inside the package at "Contents/MacOS".


I think the closest thing to what you are asking for is the dtrace program. Again, it is an advanced tool but there are lots of example and demo scripts posted online. In fact, I can use Linc as a good example. I have a diagnostic program called EtreCheck that is popular here on the forums. It is open source, so if you want to see what it does, you can just read the source code (https://github.com/etresoft/EtreCheck). Linc has his own diagnostic script that he sometimes asks users to run. It is a bash script but compressed into a single line so it can be easily copied onto the clipboard and pasted into the Terminal. Recently I saw a situation where someone ran both EtreCheck and Linc's script in the same thread and they had slightly different results. Now Linc doesn't tell anyone what his script does. And weighting in at about 24 kb for that single line, it is virtually impossible to read. But I did some googling and found a dtrace script that would do what I want (See http://dtrace.org/blogs/brendan/2011/10/10/top-10-dtrace-scripts-for-mac-os-x/ and http://www.brendangregg.com/dtracetoolkit.html). I had to make some edits to it, but I got it working.


So I fired up a virtual machine (always use a virtual machine for this stuff!), downloaded Linc's diagnostic script (http://pastebin.com/SycVPm7F), and ran it through dtrace. I got output like this:

bash-3.2# dtrace -C -s osxsnoop.d

sed 1d;s/7/8/;s/-v //

grep -qw 80

sudo -v

clear

sed 1d;s/1/2/

id -G

date +%s

sed -En {sub(/^ +/,"")};/er:/;/y:/&&$2<8

awk {sub(/^ +/,"")};/er:/;/y:/&&$2<8

sed -En s/^ +//;/de: S|[nst]:/p;

sed -En s/^ +//;/de: S|[nst]:/p;

sed -E s/[0-9A-Za-z._]+@[0-9A-Za-z.]+\.[0-9A-Za-z]{2,4}/EMAIL/g;/faceb/s/(at\.)[^.]+/\ 1NAME/g;/Users\/Shared/!s/(\/Users\/)[^ /]+/\1USER/g;s/[-0-9A-Fa-f]{22,}/UUID/g;

system_profiler SPMemoryDataType

Of course, it is still pretty hard to decipher, but it was good enough for me to identify the source of the discrepancy. Let me know if you want to try it and I can post the dtrace script. That is only 35 lines long.

Terminal commands

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.