An Absolute Beginner's Guide to the Terminal
Ric Getter February 12, 2007 Tutorials Mac Apps
Sitting discreetly in Utilities folder (nestled nearly unnoticed amid your applications) is one of the most powerful tools ever created for the Mac. It is simple and elegant, yet can be intimidating (if not terrifying) and has the power to cure some of your computer’s most puzzling ills. It also possesses the fearsome ability to wreak unimaginable havoc on your system. We are talking, of course, about the Terminal, that magnificent gateway to the hidden underpinnings of the Mac OS. Comprised of text “prompts” (the computer’s way of indicating that it is waiting for you to type something) and commands (the precisely-worded incantations you need to issue to get the computer to do your bidding), it looks a bit antiquated in today’s point-and-click world. (The system does actually go back more than a couple of decades, but at the time it was a vast improvement over stacks of punch cards.)
The command line is something that power users dreamed of through the years of the single-digit Classic Mac OS versions. The sometimes-complex command-line incantations offer far more flexibility than your computer’s more graphical outerwear. If you know how to cast the right spells, you can get the computer to do things that are either difficult or impossible when locked into the beautiful graphical interface. Because it was built as an overlay of the original command line system (called DOS for “Disk Operating System”), Microsoft Windows has had this ability since its inception. However, its capabilities are arguably far more limited compared to the Mac.
In OS X on the Mac, the command line lets you speak directly with Unix, the venerable operating system that lies at the core of every post-Classic Macintosh. Some of the more advanced tutorials and columns in Macinstruct will be showing you some tips and tricks for using the command line interface on OS X. Here, we’re just going to show you a few ways to get there and give you a chance to try a few safe (look-but-don’t-touch) commands.
Going Through the Front Door: The Terminal
Double-clicking on the Terminal application in your Utilities folder is the easiest way to gain access to the OS X command line. It opens as a rather stark-looking window floating on the colorful expanse of your Desktop. By default, the prompt is set as your computer name, followed by a colon. To the right of that, the cursor blinks, impatiently waiting for your command.
Because we’re mostly interested in ways to get to the command line right now, we’re not going to get very deep into the specific commands. But here are a couple of things you can try if you’re curious:
Type “ls” and press Return. A list of the files and folders in your home directory will scroll by.
Type “man ls” to peruse the help (“man” or manual) files about the ls (list file) command. Pressing the space bar will let you page through this fairly long entry. If it fails to hold your interest, pressing ctrl-Q bring you right back to the command prompt. You can type “man” followed by any command to see the associated man help file. You can even type “man man” to find information on the help program itself.
At this point, you can simply quit the Terminal program and go on with your life.
Single User Mode (and why to avoid it)
OS X offers a way to totally bypass the graphical user interface (GUI) and boot straight into Unix. If you’re a knowledgeable Mac troubleshooter, this can be a great help, giving you a way to work on problematic parts of your system you couldn’t otherwise access. The bad news is that this logs you in as the “root” or “superuser” in Unix parlance, who has godlike power over all the files on the computer.
Holding down cmd-S while your computer is starting up will boot up directly into Apple’s version of Unix, called “Darwin.” It’s a command-line environment like the terminal but, as we mentioned, far more powerful because it eliminates the need for passwords and overrides any access permissions either your or OS X has established.
Just above the line with the command prompt, you’ll see some text instructions for running a utility called “fsck.” There is a good chance that you can live a long and happy life as a Mac user without ever being concerned with this disk repair utility. A less-than-obvious feature of OS X 10.4 called journaling makes fsck far less important than it was. If you’re just visiting and don’t really know what you’re doing here, it’s best to just type “reboot” and press Return. Your Mac will restart normally.
Doesn’t this make your Mac just a bit vulnerable to intruders? you may ask. Quite so. But there are a couple of ways that you’re protected. First, you need to be physically at your computer to boot up in single user mode. It can’t be done over a network. (See below, under the “First Rule of Computer Security”). Secondly, there’s a way to add a password that will take charge before any part of the operating system (either Unix or OS X) starts loading from the hard drive. When it’s enabled, the Open Firmware password as it’s called will block the ability to boot up into single user mode and even prevent it from booting from a CD. It’s probably not necessary (or even a good idea) unless the computer is in an extremely insecure and threat-intensive environment (like a middle school). And, you’ll need to know what you’re doing and how to undo it. Apple’s KnowledgeBase article #106482 will get you started.
And a couple of side doors…
One little-known trick is using the “console” login. For this to work, auto-login needs to be disabled so the login screen prompts for both the username and password. (You can set this up in the Accounts preference pane in System Settings). When the login screen appears, type “console” as the username and the GUI will disappear and you’ll be prompted for a username and password. You’ll find yourself in an environment that looks about the same as the single-user login, but as a regular user, rather than the all-powerful “root.”
A new (since Tiger) and equally obscure gateway to the Terminal is your Tiger install DVD. You’ll find it under the Utilities menu (near the equally useful Disk Utility application) when you reach the first installation screen. From a security standpoint, this is a mixed blessing because that same install DVD will give you the ability to reset your administrator password.
The friendly Mac OS X interface protects you from much of the damage that can be wrought from the command line. So, be a little careful if you’re just learning your way around. You’ll find a growing number of articles in Macinstruct, and there are some great books available about using Unix in OS X. As intimidating as it may look, you may find yourself having a lot of fun learning about a new and very powerful side of your Mac.
The First Rule of Computer Security
“If you have physical access to a computer, you own it.”
Some of the tips you’ll be seeing here and elsewhere in Macinstruct will highlight some “features” that prove just how vulnerable computers are to malfeasance. Encryption (especially the kind provided by OS X) will protect data, even to the satisfaction of the Department of Defense (DOD). On a network (even in the lawless and unruly wilds of the Internet), the Mac is fairly secure. Part of the reason is the inherent security of the Unix-based operating system and part is simply its lack of popularity: there still aren’t enough of them to attract a lot of malicious attention.
But if somebody has physical access to a computer, they have access to everything that’s not encrypted as well as the ability to use some brute-force tools to try to guess badly chosen passwords protecting your encrypted files.
If you do some research, it’s possible to find a way around nearly all the security safeguards built into OS X (or any other popular operating system for that matter). But your last line of defense is always controlling physical access to the computer. This is why your company’s server room probably has better security than the CEO’s office (at least it should have) and your laptop needs to be treated as if it was public property (it easily could become that if you’re not careful).
Subscribe to our email newsletter
Sign up and get Macinstruct's tutorials delivered to your inbox. No spam, promise!