Every year I like to dig a little around some default paths to see what new binaries will be available to assist in deployment or troubleshooting. I use a simple easy script that generates a list of all the binaries in /bin, /sbin, /usr/bin, /usr/sbin, and /usr/libexec from one OS (usually 10.x.4) to a recent beta build of the upcoming OS (in this case Yosemite).
Nothing has changed inside the /bin folder
Nothing was added, what should not be surprising is what was removed, specifically ipfw and ip6fw. If you do a
man ipfw on your Mavericks machine Apple warned you that this was going away with:
This utility is DEPRECATED. Please use pfctl(8) instead ipfw man page
There are a lot of updated binaries that had endings of “.12” which were removed and “.18” were added. Don’t really know what those are. There are some new items with AVB (which was actually added in 10.9.5), but was is really interesting is all the “diagnose” items. If you think Apple has a QA problem, they are trying to fix it with all of these diagnose binaries such as:
A lot of new “*d” daemon processes that do not have man files or output help files when executed, but PlistBuddy is still there!
Here are new commands that I can see being used by macadmins:
discoveryutil - running sudo discoveryutil –help doesn’t give you much, but there it shows a –debug option that states “interact w/discoveryd”. Hmm.. what is discoveryd? The man page states:
The discoveryd daemon is responsible for unicast DNS resolution, multicast DNS resolution, and Service Discovery on the system. It performs queries, registrations, and provides answers on behalf of other clients through the DNS Service Discovery API as documented in dns_sd.h man discoveryd
We have DNS debugging! More info in man discoveryd such as logging level (None, Basic, Intermediate, Detailed, VeryDetailed, Everything, or a number) or the class (Events, Sockets, Bonjour, Network).
Some of the fun commands for discoveryutil are:
dnctl - this command forces your machine to work on a poor network for testing. The man page gives you a checklist (things to think about), variable flag options, and some examples.
firmwarepasswd - I’m guessing this will now be the default for setting your firmware password on devices and
setregproptool will no longer be used. Update your scripts!
sysadminctl - New command line tool to manipulate local users. You can add, delete, password update, reset passwords for local accounts. Unfortunately there is no man page. I haven’t tested this fully to see how it handles directory accounts (AD or OD).
unsetpassword - set password to blank, needing a new pass. From the help page:
Performs the following actions on the current user’s record and then shuts down the system:
- Sets the password to blank.
- Marks the record as requiring a new password. You must run this while logged in as an admin, non-root user and quit all running apps before running this tool.
Leave a Comment
Your email is used for Gravatar image and reply notifications only. Address will not be published. *