Add to Google Reader or Homepage |
~ pjvenda / blog
$home . blog . photography

11 December 2011

Quick tips for Mac OS X

Thought I should share a few tips I learnt today. All these work in multiple versions of OS X although I didn't research exactly which apart from Lion. A quick table of contents for this post is shown below:

I can't think of many situations where these would be required in day-to-day use of Mac OS X. If you don't know why you would need to use these or what for, then don't bother; you don't need them.

Hide or unhide files from finder: the invisible attribute

Finder does not display files that have the 'invisible' attribute enabled on them. Makes sense. Just like windows, there are files that the OS does not want users messing about with.

But users know better, so I have created two files 'public' and 'secret_to_finder' with text in them. The file 'secret_to_finder' was hidden. GetFileInfo and SetFile allow for these attributes to be listed and manipulated.

$
$ # list files
$
$ ls -l public secret_to_finder
-rw-r--r--@ 1 pjvenda  staff  7 10 Dec 16:28 secret_to_finder
-rw-r--r--  1 pjvenda  staff  8 10 Dec 16:28 public
$
$ # get attributes of file 'secret_to_finder'
$
$ GetFileInfo secret_to_finder
file: "/Users/pjvenda/secret_to_finder"
type: "\0\0\0\0"
creator: "\0\0\0\0"
attributes: aVbstclinmedz
created: 12/10/2011 16:28:40
modified: 12/10/2011 16:28:48
$
$ # get attributes of file 'public'
$
$ GetFileInfo public
file: "/Users/pjvenda/public"
type: "\0\0\0\0"
creator: "\0\0\0\0"
attributes: avbstclinmedz
created: 12/10/2011 16:28:42
modified: 12/10/2011 16:28:52

The three details to note in the listing above are that ls happily shows invisible files, a '@' symbol is shown on files with non-standard attributes and the capital 'V' in the attribute list of the file 'secret_to_finder' (same as ls marked with '@').

To make 'secret_to_finder' visible again (to Finder) the following code does it.

$
$ # change file attribute
$
$ SetFile -a v ./secret_to_finder
$
$ # list files again
$
$ ls -l public secret_to_finder
-rw-r--r--  1 pjvenda  staff  7 10 Dec 16:28 secret_to_finder
-rw-r--r--  1 pjvenda  staff  8 10 Dec 16:28 public
$
$ # check that hidden file is no longer hidden
$
$ GetFileInfo ./secret_to_finder
file: "/Users/pjvenda/secret_to_finder"
type: "\0\0\0\0"
creator: "\0\0\0\0"
attributes: avbstclinmedz
created: 12/10/2011 16:28:40
modified: 12/10/2011 16:28:48

Visible again.
man {ls,SetFile,GetFileInfo} is your friend.

View disk volumes on the command line: disk utility does not reveal everything

Mac OS X has a way of hiding partitions by using a particular partition type code: Apple_Boot. Having this type on a partition makes it invisible to Disk Utility. But it is there and I want to mount it.
It is actually very simple. diskutil handles this partition as if it was a common visible one (likely Apple_HFS).

$ # list disks and partitions (or slices :)
$
$ diskutil list
/dev/disk0
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *320.2 GB   disk0
   1:                        EFI                         209.7 MB   disk0s1
   2:          Apple_CoreStorage                         319.3 GB   disk0s2
   3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3
/dev/disk1
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:                  Apple_HFS Macintosh HD           *319.0 GB   disk1
/dev/disk2
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:     FDisk_partition_scheme                        *8.0 GB     disk2
   1:                 Apple_Boot Recovery HD             650.0 MB   disk2s1
$
$ # disk2s1 is hidden from Disk Utility but diskutil is able to mount it
$ # (actually disk0s3 is of the same type - hidden too)
$
$ diskutil mount disk2s1
Volume Recovery HD on disk2s1 mounted
$
$ # quick check
$
$ mount
(...)
/dev/disk2s1 on /Volumes/Recovery HD (hfs, local, nodev, nosuid, journaled, noowners)

Mounted hidden partitions are handled by Finder just as any other mounted volume. man diskutil is your friend.

Mount and unmount volumes and images on the command line: good for hidden volumes or image files

Handling disk images in Mac OS X is ridiculously simple. This is a powerful feature that OS X makes use of for all the right reasons, and then some more.
Using DMGs could hardly be made easier. Mounting and unmounting is done in Finder by double clicking icons and clicking 'eject' symbols or dragging icons to bins... What if the DMG file is invisible to Finder? One can make it visible (as shown earlier in this post) or it can be mounted via the command line with hdiutil like so:

$ # find out if BaseSystem.dmg is hidden
$
$ GetFileInfo ./BaseSystem.dmg 
file: "/Volumes/Recovery HD/com.apple.recovery.boot/BaseSystem.dmg"
type: "devi"
creator: "ddsk"
attributes: aVbstclinmedz
created: 10/06/2011 14:04:11
modified: 10/06/2011 14:04:11
$
$ # .dmg is hidden to Finder
$ # but it can still be mounted
$
$ hdiutil mount ./BaseSystem.dmg 
Checksumming Driver Descriptor Map (DDM : 0)…
     Driver Descriptor Map (DDM : 0): verified   CRC32 $81E6D0AF
Checksumming  (Apple_Free : 1)…
                    (Apple_Free : 1): verified   CRC32 $00000000
Checksumming Apple (Apple_partition_map : 2)…
     Apple (Apple_partition_map : 2): verified   CRC32 $1025E215
Checksumming Macintosh (Apple_Driver_ATAPI : 3)…
  Macintosh (Apple_Driver_ATAPI : 3): verified   CRC32 $F1E8BA9E
Checksumming  (Apple_Free : 4)…
                    (Apple_Free : 4): verified   CRC32 $00000000
Checksumming disk image (Apple_HFS : 5)…
..............................................................................
          disk image (Apple_HFS : 5): verified   CRC32 $97F66EDE
Checksumming  (Apple_Free : 6)…
                    (Apple_Free : 6): verified   CRC32 $00000000
verified   CRC32 $2F452569
/dev/disk5           Apple_partition_scheme          
/dev/disk5s1         Apple_partition_map             
/dev/disk5s2         Apple_Driver_ATAPI              
/dev/disk5s3         Apple_HFS                       /Volumes/Mac OS X Base System
$
$ # verify mount
$
$ mount
(...)
/dev/disk5s3 on /Volumes/Mac OS X Base System (hfs, local, nodev, nosuid, read-only, noowners, mounted by pjvenda)

The mounted image is fully useable in Finder as any normal image. man hdiutil is your friend.

Permanently disable spotlight indexing on a specific volume on any host

There is a way to ensure that a certain volume is never indexed by Spotlight regardless of which computer it is connected to. All that is required is to create a file called .metadata_never_index on the root of the said volume and Spotlight will refuse to touch it. This can be done in any OS capable of writing onto the volume's file system, not necessarily a Mac.

$ # start from a clean, indexable volume
$
$ mdutil -i on /Volumes/My\ Book
/Volumes/My Book:
 Indexing enabled. 
$
$ # create .metadata_never_index file
$
$ touch /Volumes/My\ Book/.metadata_never_index 
$
$ # disable spotlight indexing
$
$ mdutil -d /Volumes/My\ Book
/Volumes/My Book:
 Indexing and searching disabled.
$
$ # attempt to enable spotlight again
$
$ mdutil -i on /Volumes/My\ Book
/Volumes/My Book:
 Indexing and searching disabled.

If spotlight is running, creating .metadata_never_index does not stop it automatically, although disconnecting and re-connecting the volume will. This ensures that the disk will not be indexed by any Mac OS X system.

Disable ongoing spotlight indexing on a specific volume

I've stopped counting the times I've inserted someone else's external disk or USB stick to have OS X immediatelly hogging CPU and I/O bandwidth for hours indexing everyting it can read. In most cases, these volumes will very rarely be connected to my system, so there's absolutely no point in indexing it. Moreover, when it is someone else's drive, I don't want my OS snooping through every directory.
Mac OS X allows standard user accounts to manage Spotlight indexing on non-system volumes, which is a very nice touch. Administrative privileges are required for system volumes.
So to disable Spotlight indexing immediately, the tool to use is mdutil.

$ mdutil -d /Volumes/My\ Book
/Volumes/My Book:
 Indexing and searching disabled.

There is no mention of the '-d' switch on mdutil's man page but mdutil's online help has it. To enable indexing again: mdutil -i on /Volumes/My\ Book. Also, removing the drive and connecting it again does not resume spotlight, so this is disables spotlight permanently on the host where it was done for that specific disk but Spotlight instances running on other Macs may still index it. To disable spotlight permanently for the target disk on any Mac have a look at the previous suggestion on this post.

Usage: mdutil -pEsa -i (on|off) -d volume ...
 Utility to manage Spotlight indexes.
 -p             Publish metadata.
 -i (on|off)    Turn indexing on or off.
 -d             Disable Spotlight activity for volume (re-enable using -i on).
 -E             Erase and rebuild index.
 -s             Print indexing status.
 -a             Apply command to all volumes.
 -V vol         Apply command to all stores on the specified volume.
 -v             Display verbose information.
NOTE: Run as owner for network homes, otherwise run as root.

I also found a GUI tool that does this with buttons: Spotless

View extended file attributes and access control lists

While copying data off my old home directory onto a new installation of Mac OS X, I found a few directories that I was not able to delete.

$ ls -ld Documents
drwx------+ 2 pjvenda  staff  68 10 Dec 15:55 Documents/
$ rm -rf Documents
rm: Documents: Permission denied

What? I'm the owner, and I own the top directory, so why the permission issue? Sure enough, root is able to delete it, but that is no answer to the problem. The clue here is the '+' symbol in the privilege section of ls's output.
This is a fairly common feature among modern file systems but seldom used feature introduced into HFS+ in 10.4/Tiger: file system ACLs. Server editions of this operating system do provide a GUI to manage ACLs, but not the desktop version. ACLs may be controlled by using fsaclctl.
ls not only detects that the files or directories have ACLs applied to them, but it also shows details about the said ACLs.

$ ls -lde Documents
$ ls -lde Documents
drwx------+ 2 pjvenda  staff  68 10 Dec 15:55 Documents/
 0: group:everyone deny delete

Ah! So nobody is allowed to delete the file as per ACL #0. For the purpose, all I had to do was to get rid of the ACL - this can be done with chmod (err, surprise!).

$ # delete ACL with index 0
$
$ chmod -a# 0 Documents
$ ls -lde Documents
drwx------  2 pjvenda  staff  68 10 Dec 15:55 Documents/
$
$ # ACLs are gone. I can delete the directory now
$
$ rmdir Documents

Done. Alternatively chmod could be used explicitly with the same result like so: chmod -a 'everyone deny delete' Documents.
man {ls,chmod} is your friend

I looked into most these small tasks while examining Lion's new recovery/installation model. The Recovery HD volume is hidden but useable via the command line, inside there is a BaseSystem.dmg file that is invisible to Finder which can be tackled by either mounting it in a terminal or unhiding it.

Credit