About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Home » Industry Watch

CLIX: Sierra Elementary (1)

Being an introduction. More to come in the weeks ahead. Happy Xmas.

Buy It

Try It

PORT VILA (Rixstep) — CLIX Sierra, a new free download from Rixstep: available now!

DOWNLOAD CLIX SIERRA: http://rixstep.com/clixsierra

For those unfamiliar with CLIX, please see the ordinary CLIX product page.


For the especially eager student, there are myriad tutorials available at this site. Search here.


What is CLIX?

'CLIX' stands for 'Command Line Interface for OS X'. It was first released over ten years ago and has become something of a staple for admins and extreme power users.

The idea was to provide something for free - as in beer - that obviated the need for expensive tools that only gave you back what you already have.

The pledge was to try to complete the application in one long working day and donate it to the common good. That first working day was fourteen hours long, and since then, there have been long sessions devoted to increasing security and overall application performance.

But the bulk of the value for nonprofessionals lies in the sample files - and thereby in the guided tour of the system you're presently using.

The standard CLIX download contains files dating back to OS X Tiger 10.4 and earlier - over ten years ago. This current download synthesises it all and brings things up to date with Sierra 10.12.

CLIX is a way to 'harness the power of Unix', as it's said, without having to go to the command line. Some Unix commands depend on interactivity and must be run from Terminal.app; most commands do not, and can be advantageously run in CLIX instead.

It's not an allergy to command lines that appeals as much as it's the convenience. CLIX: write once, run many times. Once you get your command working, you save it - and you can summon it up and run it again with only a double click.

It's not tapping, but it's close.

Opening the CLIX Box

Here's what CLIX Sierra looks like when you open it.

-r--------   1 4814 !READ1ST.html    drwx------   6  204 Docs             drwx------   3  102 CLIX.app
-r--------   1 4843 EULA.html        drwx------  18  612 Command Files    drwx------   8  272 etc

Obviously you should first read the file called !READ1ST.html, but let's skip it for now. The same goes for EULA.html. Docs may prove interesting, but later. The Command Files are surely interesting, and etc promises to be exotic, but let's fire up CLIX.app first to see what the commotion's all about. Here's a CLIX document window.

There are four columns. Obviously this is a repository, a 'rolodex' of a sort, for storing Unix commands one needs. Title, Category, and Description are whatever you want. The fun starts with the fourth rightmost column: Command Line - it's where the 'magic' happens.

Let's open the command sheet and make a CLIX command. Out and down comes this.

Let's keep it simple. Let's ask Unix to tell us who we are. Something like this.

The actual Unix command is whoami. (It's one of several, as shall be seen.) All that's needed is 'decoration' so it's easy to find should you want it. All that remains otherwise is to run the command - which you do by clicking the 'Run' button. So go ahead.

And now that you've made that command work, create and save some more for future reference. For finger, w, who, and who am i. And just for fun: try leaving the 'i' off 'who am i' to see what happens.

Now save your file to disk.

[For the advanced: see if you can figure out the secret to 'who am i'. Try different variations such as 'who are we', 'who are they', and so forth.]

The 'Bins'

Unix has 'bin' directories for program files. Actually 'bin' is short for 'binary', as the files are not readable as text.

There are four standard locations for these 'bins' on Unix. The oldest and in many ways the most important is right under the root directory at /bin.

[Don't know what 'root' is? 'Root' is the root directory of the entire Unix file system. There are many excellent tutorials on Unix available online. Ed.]

/bin on 10.12 Sierra has 36 entries ('program files'). You can try a couple right now.

More bin commands - also from the other directories - are found in 'Command Files/bin.clix'. Here in HTML table format:

CommandCategory DescriptionCommand Line
datebinprint current date and timedate
hostnamebinprint host name (~ local computer name)hostname
psbinprint status for current process(es)ps
ps Allbinprint status for current and other process(es)ps -A
ps All Names Only binprint status for current and other process(es) names onlyps -Ac
ps All TTYbinprint status for current and other process(es) terminals onlyps -a
ps Environmentbinprint status for current process(es) with environment (wordy)ps -E
ps Fullbinprint full status for current and other process(es)ps -ef
ps Full Threadsbinprint full status for current and other process(es) and threadsps -efM
iostatsbinreport I/O statsiostat
iostat Oldsbinreport I/O stats (old style)iostat -o
pbpasteusr/binprint contents of general pasteboardpbpaste
sayusr/binsay something (text to audible speech)say "Hello there! I'm a program called say and I reside in /usr/bin. I'm looking for Siri - have you seen her today?"
usersusr/binprint login info (on a single line)users
uuidgenusr/bingenerate a UUIDuuidgen
uuidgen Headersusr/bingenerate a UUID with CF sourceuuidgen -hdr
vm_statusr/binshow virtual memory statsvm_stat
wusr/binshow who's logged in and what they're doingw
whousr/binshow who's logged in (lots of possibilities to explore here)who
who am Iusr/binprint what it sayswho am I
who Bootusr/binprint time of last system bootwho -Hb
who Headersusr/binshow who's logged in (with column headers)who -H
who Idleusr/binprint who's logged in and idle timewho -Hu
who TTY Statususr/binshow who's logged in and line status (+ writable - not ? unknown) who -HT
whoamiusr/binprint usernamewhoami
sysctl hwusr/sbinshow system settings for hardwaresysctl hw
sysctl kernusr/sbinshow system settings for the kernelsysctl kern
sysctl netusr/sbinshow system settings for the networksysctl net
sysctl vmusr/sbinshow system settings for virtual memorysysctl vm

We'll look at a few of the others in a bit.

Under the CLIX Hood

CLIX runs Unix command line programs through a Unix command shell. A Unix shell is the original way one accessed the system, back in the days of telex machines.

This is given as the reason Unix commands are so cryptic - cp for copy, rm for remove or delete, and so forth.

There's also a curious story about the origin of the name of the programming language used to write Unix ('C'). The task of rewriting Ken Thompson's 'B' language fell on Dennis Ritchie. When he was finished and ready to show it to Ken, Ken asked him for a name.

'I thought we'd call it the New B', said Dennis.
'Too long', said Ken, and Dennis went away.

Dennis came back the following day.

'I have a new name', said Dennis. 'We'll call it NB where the N stands for New.'
'Still too long', said Ken, and Dennis went away again.

Dennis came back the following day again.

'OK we call it C, as C is the next letter in the alphabet after B', said Dennis.
'That's fine', said Ken.

Ken Thompson devised the Unix kernel so shells could be replaceable. So, in fact, one shell could run atop another. And so forth. Ken's model was sparse and clean. 'Keep your hands off the drivers!' he used to say.

Ken believed that a computer program should do one thing and do it well. He had that drilled into him by the system's uncle, Doug McIlroy. If a shell is supposed to be a command interpreter, then the one thing it's supposed to do is interpret commands. That and nothing more. And it's supposed to do it well.

Contrast with what you find on Windows, and you get the picture.

And it's this clean modularity which, in part, makes CLIX possible.

Some Things Gotta Be Kept Under Lock & Key

Security is a major concern on any multiuser system, especially one connected to the Internet. Good thing then that Ken and Dennis had security in mind when they designed Unix. Giving the Bell patent department a foundation for a good word processing system for myriad patent applications is one thing, but they also had to contend with two dozen wild PhDs who wrote lots of code.

Getting full access to a system shared by others is something well protected. To escalate one's privileges, one needs to authenticate, commonly by providing one's login passphrase, and this only if one is granted membership in the right usergroup, such as wheel or admin.

But there are dangers.

One of the earliest, discovered some 40 years ago, was the 'login trojan'. A Unix terminal could be set up to look like it was actually waiting for someone to log in, such as the following.

login: _

The user would attempt a login as always, and be told first time around that the login was incorrect. The login would work correctly the second time, almost by magic...

But the program wasn't the real login program - it was a trojan out to harvest passwords.

Another attack was using rogue programs with the same filenames as common program files in ordinary user home areas. A concerned admin might, on an inspection tour, accidentally run a rogue program and thereby give away the keys to the kingdom.

Such security holes were patched long ago, but a few remain to this day, and CLIX is designed to tap them as thoroughly as possible. CLIX itself is designed to take security to another level (above Terminal.app) whilst affording ease of use Terminal.app can't ever achieve.

CLIX doesn't use codesigning - it uses its owns proprietary system with over a half dozen integrity checks. These checks are performed recurringly and at key milestones at runtime.

Codesigning can be defeated on any system lacking a 'kill switch'. The CLIX cannot be defeated - it cannot be removed.

This CLIX package is, for the most part, deliberately 'non-invasive' anyway - that's to say that almost none of the commands actually change anything in your system, even if you use privilege escalation.

Process Status

Back to /bin. Let's look a bit at the process status command ps. As almost all Unix commands, it's a file on disk: /bin/ps.

ps is the functional equivalent of Activity Monitor, which probably borrows a lot of the code.

ps in its simplest form merely shows your own processes - such as the one you're running to invoke ps.

The above can be a bit misleading: it's not describing a CLIX process but a separate one in a Terminal.app window.

The following can give you a better look at what's going on.

Add ' | wc' to the command line to see how many processes you have running (the first of the three figures).

There are a lot of useful variants on ps. Find out about them all by 'option-double-clicking' 'ps' in the Command Line field.

PS(1)                     BSD General Commands Manual                    PS(1)

     ps -- process status

     ps [-AaCcEefhjlMmrSTvwXx] [-O fmt | -o fmt] [-G gid[,gid...]]
        [-g grp[,grp...]] [-u uid[,uid...]] [-p pid[,pid...]]
        [-t tty[,tty...]] [-U user[,user...]]
     ps [-L]

     The ps utility displays a header line, followed by lines containing
     information about all of your processes that have controlling terminals.

     A different set of processes can be selected for display by using any
     combination of the -a, -G, -g, -p, -T, -t, -U, and -u options.  If more
     than one of these options are given, then ps will select all processes
     which are matched by at least one of the given options.

/* * */

For Dweebs

There are several further interesting commands in the same CLIX command file. iostat shows you, unsurprisingly, a lot of gobbledegook about I/O. uuidgen generates a standard universally unique identifier. vm_stat shows you statisticss on VM or virtual memory management, from a module originally written by the legendary Avie Tevanian. And the world of those sysctl commands can be extensively fascinating.

The Other Command Files

This is only the first part of what promises to be an extensive course in CLIX, the underbody of Sierra, and Unix in general. Here's the outline of the command files included in this first CLIX Sierra package.

10.12.clixCommands either native or specific to use of Sierra
acl.clixAccess control lists
bin.clixCovered in this article
disk.clixDisk commands
diskutil.clixCommands based on the program diskutil
du.clixCommands based on the program du ('disk usage')
echo.clixFun and informative stuff about the echo command
elementary.clixThe basis of a coming tutorial to be published at this site
expert.clixPretty advanced stuff, so stay clear for now: commands in this file will change things in your system, so wait until you know what you're doing, no shooting yourself in the foot
log.clixRelated to traditional Unix logs
logging.clixRelated to Apple's new logging facility - steer clear of this one too for now
misccal.clixCool stuff from the two Unix directories /usr/share/calender and /usr/share/misc
mths.clixBased on the work of Mathias Bynens
pmset.clixPower management commands, most of which are non-invasive
Safari.clixA closer look at everyone's favourite browser and hate object
systemsetup.clix  The foundation for 'System Preferences' (strictly non-invasive)


MD2: a8b2d0d2bdfd7f8f8d8e1d8b9e33a2b0
MD4: f28ade18d9bb4d32a1d21c625b89cdf5
MD5: 41b0a24ac1c07306479866a1cb167323
SHA: 59cf638ed8e43d1285fad29edd685bc9b26a053e
SHA224: 76d67e9bc4259aba112bfa26ec90dec8d02eacae15f1608e420726ce
SHA256: b9cc31fa0db7010c7f5addd7620e09e9c96672998c9ac11b778a4edffdf38a94
SHA384: 5ff462cc9e95e658302af68f0c688f8aa5fdddda5c828dd0d1546a895be08d964081a26d54d861351fda656bf0f9a936
SHA512: 78276007bb11e44375dd2410cbb97e0523f5c1998dd7236e56a323209dc99a252cb21c1b282c4a7a98c382d2a8ac7ce9ced3102455f0f9c2d1dfa72f429a9c91
About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.