Here's a sequel to my non-award winning and critically unacclaimed write-up on command line tools unique to OS X: interesting new command line tools in Leopard. As with the previous incarnation the list is by no means complete, but it's a selection of the ones I found interesting or useful.

Note: some of these may require XCode to be installed.

afconvert

"Audio File Convert"
Converts audio files from one format to another. The man page is, to say the least, pretty inadequate, but when you run afconvert with the -h option, it'll tell you what you need to know. Handles the following filetypes: 3GP Audio, 3GPP2 Audio, AAC ADTS, AC3, AIFC, AIFF, AMR, Apple CAF, MPEG Layers 1-3, MPEG4 Audio, NeXT/Sun (.snd/.au), Sound Designer II and plain 'ole wave files. Pretty nifty.

afinfo

"Audio File Info"
Just prints information about any given audio file to stdout.

afplay

"Audio File Play"
Plays supported (see list in afconvert entry) audio files. You can specify a segment (in seconds) to play, specify a track in multi-track files and specify the audio output device you want to use.

codesign

"Create and manipulate code signatures"
Apple added executable signing in Leopard, and here's a command line tool for either signing code or verifying the signatures of programs or processes.

codesign_allocate

"Add code signing data to a Mach-O file"
I'll just take this straight from the man page: "sets  up a Mach-O file used by the dynamic linker so space for code signing data of the specified size for the specified architecture is embed in the Mach-O file."

csreq

"Expert tool for manipulating Code Signing Requirement data"
To be perfectly honest, I don't have a goddamn clue what this program does. Manipulates Code Signing Requirement data?

The DTrace framework.

Ok, I lied, these aren't all specific to OS X, but DTrace was too good to pass by. DTrace is a dynamic tracing framework originally created by Sun. It allows you to trace just about any aspect of a program you can think of, and then some. There are lots of different DTrace-based utilities in /usr/bin (most have the .d suffix in their filenames.)

notifyutil

"Notification command line utility"
This is actually pretty cool. It allows you to interact with notifyd to post or read notifications.

opensnoop

"Snoop file opens as they occur. Uses DTrace."
Want to see which applications are fooling around with your files? This DTrace-based utility can give you loads of information about file opens, like UID, PID, pathname or command arguments.

qlmanage

"Quick Look Server debug and management tool"
The man page is skimpy on most of the details, but this little utility allows you to poke the Quick Look server and get all sorts of responses out of it. You can even use it to open a Quick Look preview from the command line.

sandbox-exec

"Execute within a sandbox"
Allows you to execute programs in a sandbox with limited access to system resources. The trouble is, Apple has (so far) been pretty mum on policy file syntax, so you'll have to figure it out on your own. The policy files seem to live in /usr/share/sandbox. Here's an example, syslogd.sb

(version 1)
(debug deny)

(import "bsd.sb")

(deny default)
(allow process*)
(deny signal)
(allow sysctl-read)
(allow network*)

;;; Allow syslogd specific files

(allow file-write* file-read-data file-read-metadata
    (regex #"^(/private)?/var/run/syslog$"
           #"^(/private)?/var/run/syslog\.pid$"
           #"^(/private)?/var/run/asl_input$"))

(allow file-write* file-read-data file-read-metadata
    (regex #"^(/private)?/dev/console$"
           #"^(/private)?/var/log/.*\.log$"
           #"^(/private)?/var/log/asl\.db$"))

(allow file-read-data file-read-metadata
    (regex #"^(/private)?/dev/klog$"
           #"^(/private)?/etc/asl\.conf$"
           #"^(/private)?/etc/syslog\.conf$"
           #"^/usr/lib/asl/.*\.so$"))
(allow mach-lookup (global-name "com.apple.system.notification_center"))

For whatever reason, Apple didn't go the XML route on policy files ("XML is like violence: if it doesn't solve your problem, use more") and chose to use something eerily LISP-like. Thankfully the syntax isn't all that hairy, so rolling your own policy should be simple. After you have a policy file, you can use the sandbox-exec -f policyname command

systemsetup

"Configuration tool for certain machine settings in System Preferences."
Finally a command line tool (other than defaults...) you can use to change system preferences. You can modify settings like time, date, NTP settings, sleep idle times,
- time, date, time zone and NTP settings and so on. Some of the flags are positively hairy, like the not-so-succinct albeit descriptive -setdisablekeyboardwhenenclosurelockisengaged which (surprisingly) sets whether the keyboard will be disabled when the XServe enclosure lock is engaged.

Front page.