|Home » Industry Watch
CLIX: Sierra Elementary (1)
Being an introduction. More to come in the weeks ahead. Happy Xmas.
PORT VILA (Rixstep) — CLIX Sierra, a new free download from Rixstep: available now!
DOWNLOAD CLIX SIERRA: http://rixstep.com/clixsierra
For those unfamiliar with CLIX, please see the ordinary CLIX product page.
For the especially eager student, there are myriad tutorials available at this site. Search here.
What is CLIX?
'CLIX' stands for 'Command Line Interface for OS X'. It was first released over ten years ago and has become something of a staple for admins and extreme power users.
The idea was to provide something for free - as in beer - that obviated the need for expensive tools that only gave you back what you already have.
The pledge was to try to complete the application in one long working day and donate it to the common good. That first working day was fourteen hours long, and since then, there have been long sessions devoted to increasing security and overall application performance.
But the bulk of the value for nonprofessionals lies in the sample files - and thereby in the guided tour of the system you're presently using.
The standard CLIX download contains files dating back to OS X Tiger 10.4 and earlier - over ten years ago. This current download synthesises it all and brings things up to date with Sierra 10.12.
CLIX is a way to 'harness the power of Unix', as it's said, without having to go to the command line. Some Unix commands depend on interactivity and must be run from Terminal.app; most commands do not, and can be advantageously run in CLIX instead.
It's not an allergy to command lines that appeals as much as it's the convenience. CLIX: write once, run many times. Once you get your command working, you save it - and you can summon it up and run it again with only a double click.
It's not tapping, but it's close.
Opening the CLIX Box
Here's what CLIX Sierra looks like when you open it.
-r-------- 1 4814 !READ1ST.html drwx------ 6 204 Docs drwx------ 3 102 CLIX.app
-r-------- 1 4843 EULA.html drwx------ 18 612 Command Files drwx------ 8 272 etc
Obviously you should first read the file called !READ1ST.html, but let's skip it for now. The same goes for EULA.html. Docs may prove interesting, but later. The Command Files are surely interesting, and etc promises to be exotic, but let's fire up CLIX.app first to see what the commotion's all about. Here's a CLIX document window.
There are four columns. Obviously this is a repository, a 'rolodex' of a sort, for storing Unix commands one needs. Title, Category, and Description are whatever you want. The fun starts with the fourth rightmost column: Command Line - it's where the 'magic' happens.
Let's open the command sheet and make a CLIX command. Out and down comes this.
Let's keep it simple. Let's ask Unix to tell us who we are. Something like this.
The actual Unix command is whoami. (It's one of several, as shall be seen.) All that's needed is 'decoration' so it's easy to find should you want it. All that remains otherwise is to run the command - which you do by clicking the 'Run' button. So go ahead.
And now that you've made that command work, create and save some more for future reference. For finger, w, who, and who am i. And just for fun: try leaving the 'i' off 'who am i' to see what happens.
Now save your file to disk.
[For the advanced: see if you can figure out the secret to 'who am i'. Try different variations such as 'who are we', 'who are they', and so forth.]
Unix has 'bin' directories for program files. Actually 'bin' is short for 'binary', as the files are not readable as text.
There are four standard locations for these 'bins' on Unix. The oldest and in many ways the most important is right under the root directory at /bin.
[Don't know what 'root' is? 'Root' is the root directory of the entire Unix file system. There are many excellent tutorials on Unix available online. Ed.]
/bin on 10.12 Sierra has 36 entries ('program files'). You can try a couple right now.
More bin commands - also from the other directories - are found in 'Command Files/bin.clix'. Here in HTML table format:
|Command||Category ||Description||Command Line|
|date||bin||print current date and time||date|
|hostname||bin||print host name (~ local computer name)||hostname|
|ps||bin||print status for current process(es)||ps|
|ps All||bin||print status for current and other process(es)||ps -A|
|ps All Names Only ||bin||print status for current and other process(es) names only||ps -Ac|
|ps All TTY||bin||print status for current and other process(es) terminals only||ps -a|
|ps Environment||bin||print status for current process(es) with environment (wordy)||ps -E|
|ps Full||bin||print full status for current and other process(es)||ps -ef|
|ps Full Threads||bin||print full status for current and other process(es) and threads||ps -efM|
|iostat||sbin||report I/O stats||iostat|
|iostat Old||sbin||report I/O stats (old style)||iostat -o|
|pbpaste||usr/bin||print contents of general pasteboard||pbpaste|
|say||usr/bin||say something (text to audible speech)||say "Hello there! I'm a program called say and I reside in /usr/bin. I'm looking for Siri - have you seen her today?"|
|users||usr/bin||print login info (on a single line)||users|
|uuidgen||usr/bin||generate a UUID||uuidgen|
|uuidgen Headers||usr/bin||generate a UUID with CF source||uuidgen -hdr|
|vm_stat||usr/bin||show virtual memory stats||vm_stat|
|w||usr/bin||show who's logged in and what they're doing||w|
|who||usr/bin||show who's logged in (lots of possibilities to explore here)||who|
|who am I||usr/bin||print what it says||who am I|
|who Boot||usr/bin||print time of last system boot||who -Hb|
|who Headers||usr/bin||show who's logged in (with column headers)||who -H|
|who Idle||usr/bin||print who's logged in and idle time||who -Hu|
|who TTY Status||usr/bin||show who's logged in and line status (+ writable - not ? unknown) ||who -HT|
|sysctl hw||usr/sbin||show system settings for hardware||sysctl hw|
|sysctl kern||usr/sbin||show system settings for the kernel||sysctl kern|
|sysctl net||usr/sbin||show system settings for the network||sysctl net|
|sysctl vm||usr/sbin||show system settings for virtual memory||sysctl vm|
We'll look at a few of the others in a bit.
Under the CLIX Hood
CLIX runs Unix command line programs through a Unix command shell. A Unix shell is the original way one accessed the system, back in the days of telex machines.
This is given as the reason Unix commands are so cryptic - cp for copy, rm for remove or delete, and so forth.
There's also a curious story about the origin of the name of the programming language used to write Unix ('C'). The task of rewriting Ken Thompson's 'B' language fell on Dennis Ritchie. When he was finished and ready to show it to Ken, Ken asked him for a name.
'I thought we'd call it the New B', said Dennis.
'Too long', said Ken, and Dennis went away.
Dennis came back the following day.
'I have a new name', said Dennis. 'We'll call it NB where the N stands for New.'
'Still too long', said Ken, and Dennis went away again.
Dennis came back the following day again.
'OK we call it C, as C is the next letter in the alphabet after B', said Dennis.
'That's fine', said Ken.
Ken Thompson devised the Unix kernel so shells could be replaceable. So, in fact, one shell could run atop another. And so forth. Ken's model was sparse and clean. 'Keep your hands off the drivers!' he used to say.
Ken believed that a computer program should do one thing and do it well. He had that drilled into him by the system's uncle, Doug McIlroy. If a shell is supposed to be a command interpreter, then the one thing it's supposed to do is interpret commands. That and nothing more. And it's supposed to do it well.
Contrast with what you find on Windows, and you get the picture.
And it's this clean modularity which, in part, makes CLIX possible.
Some Things Gotta Be Kept Under Lock & Key
Security is a major concern on any multiuser system, especially one connected to the Internet. Good thing then that Ken and Dennis had security in mind when they designed Unix. Giving the Bell patent department a foundation for a good word processing system for myriad patent applications is one thing, but they also had to contend with two dozen wild PhDs who wrote lots of code.
Getting full access to a system shared by others is something well protected. To escalate one's privileges, one needs to authenticate, commonly by providing one's login passphrase, and this only if one is granted membership in the right usergroup, such as wheel or admin.
But there are dangers.
One of the earliest, discovered some 40 years ago, was the 'login trojan'. A Unix terminal could be set up to look like it was actually waiting for someone to log in, such as the following.
The user would attempt a login as always, and be told first time around that the login was incorrect. The login would work correctly the second time, almost by magic...
But the program wasn't the real login program - it was a trojan out to harvest passwords.
Another attack was using rogue programs with the same filenames as common program files in ordinary user home areas. A concerned admin might, on an inspection tour, accidentally run a rogue program and thereby give away the keys to the kingdom.
Such security holes were patched long ago, but a few remain to this day, and CLIX is designed to tap them as thoroughly as possible. CLIX itself is designed to take security to another level (above Terminal.app) whilst affording ease of use Terminal.app can't ever achieve.
CLIX doesn't use codesigning - it uses its owns proprietary system with over a half dozen integrity checks. These checks are performed recurringly and at key milestones at runtime.
Codesigning can be defeated on any system lacking a 'kill switch'. The CLIX cannot be defeated - it cannot be removed.
This CLIX package is, for the most part, deliberately 'non-invasive' anyway - that's to say that almost none of the commands actually change anything in your system, even if you use privilege escalation.
Back to /bin. Let's look a bit at the process status command ps. As almost all Unix commands, it's a file on disk: /bin/ps.
ps is the functional equivalent of Activity Monitor, which probably borrows a lot of the code.
ps in its simplest form merely shows your own processes - such as the one you're running to invoke ps.
The above can be a bit misleading: it's not describing a CLIX process but a separate one in a Terminal.app window.
The following can give you a better look at what's going on.
Add ' | wc' to the command line to see how many processes you have running (the first of the three figures).
There are a lot of useful variants on ps. Find out about them all by 'option-double-clicking' 'ps' in the Command Line field.
PS(1) BSD General Commands Manual PS(1)
ps -- process status
ps [-AaCcEefhjlMmrSTvwXx] [-O fmt | -o fmt] [-G gid[,gid...]]
[-g grp[,grp...]] [-u uid[,uid...]] [-p pid[,pid...]]
[-t tty[,tty...]] [-U user[,user...]]
The ps utility displays a header line, followed by lines containing
information about all of your processes that have controlling terminals.
A different set of processes can be selected for display by using any
combination of the -a, -G, -g, -p, -T, -t, -U, and -u options. If more
than one of these options are given, then ps will select all processes
which are matched by at least one of the given options.
/* * */
There are several further interesting commands in the same CLIX command file. iostat shows you, unsurprisingly, a lot of gobbledegook about I/O. uuidgen generates a standard universally unique identifier. vm_stat shows you statisticss on VM or virtual memory management, from a module originally written by the legendary Avie Tevanian. And the world of those sysctl commands can be extensively fascinating.
The Other Command Files
This is only the first part of what promises to be an extensive course in CLIX, the underbody of Sierra, and Unix in general. Here's the outline of the command files included in this first CLIX Sierra package.
|10.12.clix||Commands either native or specific to use of Sierra|
|acl.clix||Access control lists|
|bin.clix||Covered in this article|
|diskutil.clix||Commands based on the program diskutil|
|du.clix||Commands based on the program du ('disk usage')|
|echo.clix||Fun and informative stuff about the echo command|
|elementary.clix||The basis of a coming tutorial to be published at this site|
|expert.clix||Pretty advanced stuff, so stay clear for now: commands in this file will change things in your system, so wait until you know what you're doing, no shooting yourself in the foot|
|log.clix||Related to traditional Unix logs|
|logging.clix||Related to Apple's new logging facility - steer clear of this one too for now|
|misccal.clix||Cool stuff from the two Unix directories /usr/share/calender and /usr/share/misc|
|mths.clix||Based on the work of Mathias Bynens|
|pmset.clix||Power management commands, most of which are non-invasive|
|Safari.clix||A closer look at everyone's favourite browser and hate object|
|systemsetup.clix ||The foundation for 'System Preferences' (strictly non-invasive)|