TweetFollow Us on Twitter

Mac In The Shell: Plumbing the Depths

Volume Number: 23 (2007)
Issue Number: 08
Column Tag: Mac In The Shell

Mac In The Shell: Plumbing the Depths

Finding hidden gems in application bundles

by Edward Marczak


With the advent of OS X, most Mac developers were introduced to the concept of bundles. More properly divided into bundles or packages, they both refer to a file-system directory that groups related resources together. This is true for frameworks (bundles: transparent structures that a user can easily access the contents of), applications (a package: an opaque bundle that requires work on the part of the user to open; contents are not easily modified), kernel extensions (another package), certain document types (check out Pages and Keynote, for example) and others. A bundle follows a very specific file layout, meaning, you'll know where to go find the goods. Follow along for a tour, and let's uncover some hidden apps.

Inside a Bundle

Those of us working with the Macintosh for a long enough period of time remember ResEdit, the resource format of OS 9, and all of the types we could store in the resource fork of a file. While OS X recognizes and respects the traditional dual-fork file, its format is deprecated, being replaced by the bundle. The purpose of a bundle is to keep the resources of an application, plug-in or framework in one place. This makes the contents easy to locate and easy to move without damage. What can go into a bundle? Well, technically anything, but you'll typically find the following types of data stored there:



Private libraries

String resources

Executable code

Naturally, it's the latter that interests us in this article.

Typically, to launch an application from a shell, you'd use the open command, like so:

open /Applications/

This will always run the application in the context of the user, even if launched from a root shell, as shown in figure 1:

Figure 1 – TextEdit running as a standard user.

Of course, there are times where you may want (or need) an app to be running with some elevated privileges. How can we achieve this? Time to go digging!

A Direct Launch

As mentioned, a bundle conforms to a specific layout. Listing 1 shows this hierarchy using TextEdit as an example.

Listing 1 – as bundle

The first item in all modern application bundles is the Contents folder. It is under this folder that all other objects reside. Within the Contents folder, you'll find an Info.plist file that tells the Finder many things about this bundle, including the bundle name, version, signature, applicable data types and more. You'll also find a Resources subdirectory, typically containing the images, sounds, movies and other resources used by the application. The application's executable itself resides in the MacOS subdirectory. If you are to look in there now, you'll find the TextEdit application. You can launch the application directly from here.

Gain a root shell using your preferred method, and launch the TextEdit application directly – not using open. Like this:

# /Applications/

Now let's have a look in Activity Monitor, and you'll see that it's running with root privileges.

Figure 2 – TextEdit running with root privileges

Of course, the real point of this is not so much running with root, but the fact that you can access these binaries from the shell in some meaningful way.

Where's the Plunger?

Well, launching TextEdit is nice and all, but, not extremely practical. I'd like to continue with two very real-world examples that have made a difference in my daily work. While every GUI application will have its "true" binary buried in the application package, it may also have any number of helper-apps or other binaries that the app relies on. These are typically found in the Resources directory of the bundle. The easiest way to find executables in a bundle would be, in a shell, to change into the bundle directory and use this handy find command:

find . -type f -perm -100

This will allow you to quickly scour Application and Framework bundles. For instance:

$ cd /System/Library/CoreServices/RemoteManagement/
$ find . -type f -perm -100
./Contents/Support/Remote Desktop Desktop Message

That's some wonderfully revealing information!

Secure Copy

The first really useful binary comes from the MacFUSE project. If you've installed MacFUSE core and the pre-compiled ssh filesystem, run our find command in the bundle. (If you haven't installed this, you should! It's an incredible resource. Find out more at Out of all the things we're returned, this turns out to be what we're looking for:


The sshfs-static binary lets us mount ssh file systems via a shell command rather than using the GUI app to do so. What's this good for? Automation, of course! In fact, you can use it to mount a remote ssh file system proactively, or in response to just about any event.

The easy thing to imagine is a nightly file copy. Mount the file system first, then, use ditto, rsync, or your preferred file moving method, and then unmount (using the standard umount command as, under OS X, there is no FUSE-specific unmounting needed). Better yet, though, think about a launchd job that watches a particular folder and perhaps copies files to a remote location as they show up in a source folder. Hmmmmmmm. So, how can we use this thing?

One way to make your life easier would be to symlink the sshfs-static binary to some appropriate location in your path. I'm going to run it straight from the application package, however, so for these examples, you'll need to change directly into the directory.

First, create a mount point for the file system. Then run the sshfs-static app and supply the following parameters:

-oreconnect,volname=name appearing in the Finder

The "reconnect" option, supplied with the -o switch isn't necessary, but does make things smoother if there's a network interruption and you're disconnected.

Since this all rides on top of ssh, ssh keys are respected. So, if you've generated some password-less keys, just like ssh, you won't be prompted for a password. Let's see this in action. First, I created /tmp/ssh as a mount point. Then, I used sshfs-static to mount a remote system:

$ ./sshfs-static /tmp/ssh -oreconnect,volname=wsweb
kextload: /System/Library/Filesystems/fusefs.fs/Support/fusefs.kext loaded successfully

...and let's take a look at it with mount:

$ mount
/dev/disk0s2 on / (local, journaled)
[snip] on /private/tmp/ssh (nodev, nosuid, synchronous, mounted by marczak)

Figure 3 shows the result of this in my Finder sidebar.

Figure 3: An ssh file system ("wsweb") as seen in the Finder

Very, very, very cool.

Network Probing

While 'black-hat' tools such as nmap sometimes get a bad rap, the fact is that tools like this are also perfect for system administrators when troubleshooting network issues. "Can I reach that port?" and "Is the target port open and responding?" are two of the most frequently asked questions when troubleshooting issues and planning network configurations. While I load nmap on my machine, I often find myself remotely accessing someone in need of assistance because his or her e-mail app "won't work" (residential ISPs typically block port 25) or iChat won't work in some manner (misconfigured/tightly restricted firewalls sometimes will block AIM or Google Talk/Jabber). It would, of course, be a chore and not very friendly to go load nmap and other tools onto someone else's system at that time. Is there a substitute built in to OS X?

Network to the rescue! Huh?!? You expected a shell utility, right? Well, there's one hidden in the very graphical Network that's found in your Utilities folder. Let's run our find command:

$ cd /Applications/Utilities/Network\
$ find . -type f -perm -100
./Contents/MacOS/Network Utility

Of course, we knew about MacOS/Network Utility, but Resources/stroke looks interesting! Nicely enough, the developer that wrote stroke was also kind enough to include a usage statement if you run it without parameters:

$ ./stroke 
2007-06-22 08:41:13.136 stroke[2113] stroke address startPort endPort
Let's see it in action:
./stroke 20 500
Port Scanning host:
         Open TCP Port:         22       pcanywherestat
         Open TCP Port:         25
         Open TCP Port:         53
         Open TCP Port:         80
         Open TCP Port:         106
         Open TCP Port:         110
         Open TCP Port:         119
         Open TCP Port:         139
         Open TCP Port:         143
         Open TCP Port:         311
         Open TCP Port:         389
         Open TCP Port:         427
         Open TCP Port:         443
         Open TCP Port:         445
         Open TCP Port:         465

Well, that's another useful tool that was buried, waiting for discovery. (Bonus points if you recognize the OS that I scanned).


The examples given here really only scratch the surface. There are plenty more hidden gems to be discovered. Take a look in your favorite applications. Dig in and see what you find! You will need to go hunt these utilities and helpers down yourself as they won't be in your shell's path.

Media of the month: Lost Season 1. OK, call me cheesy, but I really dig the show and am surprised at how many people have never given it a chance. Well, Summer is here and it's a great time to rent the DVDs and watch them at your own pace. If you're in the Southern Hemisphere, it's Winter....and what a great time to get under a blanket on the couch, sip some tea and watch a show...especially one that takes place on a tropical island! Enjoy.

WWDC 2007 has come and gone now, and got to reinforce the new concepts in Leopard. I hope everyone who went enjoyed the show, and will start practicing with the new tools and APIs...and have new tools, utilities and techniques ready for when Leopard ships. I've been plumbing the depths of the beta from the show, and have been pleasantly surprised.

Until next month, keep exploring!


Apple, Inc. "Bundle Programming Guide"

Ed Marczak gets dressed in the morning, drinks tea and enjoys breathing. All of this comes in handy in his role as Executive Editor of MacTech Magazine, or when running his consulting company Radiotope. They're also good features when around children. Why?


Community Search:
MacTech Search:

Software Updates via MacUpdate

VMware Fusion 8.5.1 - Run Windows apps a...
VMware Fusion 8 and Fusion 8 Pro--the latest versions of its virtualization software for running Windows on a Mac without rebooting--include full support for Windows 10, OS X El Capitan, and the... Read more
Apple Final Cut Pro X 10.3 - Professiona...
Apple Final Cut Pro X is a professional video editing solution.Completely redesigned from the ground up, Final Cut Pro adds extraordinary speed, quality, and flexibility to every part of the post-... Read more
Civilization VI 1.0.0 - Next iteration o...
Sid Meier’s Civilization VI is the next entry in the popular Civilization franchise. Originally created by legendary game designer Sid Meier, Civilization is a strategy game in which you attempt to... Read more
Paperless 2.3.7 - $49.95
Paperless is a digital documents manager. Remember when everyone talked about how we would soon be a paperless society? Now it seems like we use paper more than ever. Let's face it - we need and we... Read more
Apple iMovie 10.1.3 - Edit personal vide...
With an all-new design, Apple iMovie lets you enjoy your videos like never before. Browse your clips more easily, instantly share your favorite moments, and create beautiful HD movies and Hollywood-... Read more
Apple Numbers 4.0.5 - Apple's sprea...
With Apple Numbers, sophisticated spreadsheets are just the start. The whole sheet is your canvas. Just add dramatic interactive charts, tables, and images that paint a revealing picture of your data... Read more
Xcode 8.1 - Integrated development envir...
Xcode includes everything developers need to create great applications for Mac, iPhone, iPad, and Apple Watch. Xcode provides developers a unified workflow for user interface design, coding, testing... Read more
iShowU Instant 1.1.0 - Full-featured scr...
iShowU Instant gives you real-time screen recording like you've never seen before! It is the fastest, most feature-filled real-time screen capture tool from shinywhitebox yet. All of the features you... Read more
RestoreMeNot 2.0.4 - Disable window rest...
RestoreMeNot provides a simple way to disable the window restoration for individual applications so that you can fine-tune this behavior to suit your needs. Please note that RestoreMeNot is designed... Read more
DEVONthink Pro 2.9.6 - Knowledge base, i...
DEVONthink Pro is your essential assistant for today's world, where almost everything is digital. From shopping receipts to important research papers, your life often fills your hard drive in the... Read more

Latest Forum Discussions

See All

Roofbot: Puzzler On The Roof (Games)
Roofbot: Puzzler On The Roof 1.0.2 Device: iOS Universal Category: Games Price: $2.99, Version: 1.0.2 (iTunes) Description: Guide Roofie through gorgeous, meditative rooftops and try to get the right color energy balls into the... | Read more »
The 4 best food delivery apps
As the temperatures continue to drop, so does the motivation to venture outside. Sometimes you still want to eat a nice meal from that sushi place down the road though. Thankfully in these trying times, there are a number of fine food delivery... | Read more »
Toca Life: Farm (Education)
Toca Life: Farm 1.0 Device: iOS Universal Category: Education Price: $2.99, Version: 1.0 (iTunes) Description: Work and play the farmer's way! Milk your cow, gather eggs from your hens and raise your crops. Have a picnic, play the... | Read more »
The Lost Shield (Games)
The Lost Shield 1.0.0 Device: iOS Universal Category: Games Price: $1.99, Version: 1.0.0 (iTunes) Description: The Lost shield is a brick break/adventure game. You play as a hero who must return a powerful but dangerous magic shield... | Read more »
The Forgotten Room (Games)
The Forgotten Room 1.0.1 Device: iOS Universal Category: Games Price: $1.99, Version: 1.0.1 (iTunes) Description: Play as paranormal investigator John “Buster of Ghosts” Murr as he explores yet another mysteriously creepy house. This... | Read more »
5 Halloween mobile games for wimps
If you're anything like me, horror games are a great way to have nightly nightmares for the next decade or three. They're off limits, but perhaps you want to get in on the Halloween celebrations in some way. Fortunately not all Halloween themed... | Read more »
The 5 scariest mobile games
It's the most wonderful time of the year for people who enjoy scaring themselves silly with haunted houses, movies, video games, and what have you. Mobile might not be the first platform you'd turn to for quality scares, but rest assured there are... | Read more »
Lifeline: Flatline (Games)
Lifeline: Flatline 1.0.0 Device: iOS Universal Category: Games Price: $2.99, Version: 1.0.0 (iTunes) Description: The Lifeline series takes a terrifying turn in this interactive horror experience. Every decision you make could help... | Read more »
Game of Dice is now available on Faceboo...
After celebrating its anniversary in style with a brand new update, there’s even more excitement in store for Game of Dice has after just being launched on Facebook Gameroom. A relatively new platform, Facebook Gameroom has been designed for PC... | Read more »
4 addictive clicker games like Best Fien...
Clickers are passive games that take advantage of basic human psychology to suck you in, and they're totally unashamed of that. As long as you're aware that this game has been created to take hold of your brain and leave you perfectly content to... | Read more »

Price Scanner via

Apple Unveils Redesigned MacBook Pro With Tou...
October 27, 2016 – Apple today introduced the thinnest and lightest MacBook Pro yet, along with a new interface innovation that replaces the traditional row of function keys with a Retina-quality... Read more
Apple Unveils New TV App for Apple TV, iPhone...
October 27, 2016 – Apple today introduced a new TV app, offering a unified experience for discovering and accessing TV shows and movies from multiple apps on Apple TV, iPhone and iPad. The TV app... Read more
Price drops on select refurbished 2015 13″ Re...
Apple dropped prices on select Certified Refurbished 2015 13″ Retina MacBook Pros by as much as $90. An Apple one-year warranty is included with each model, and shipping is free: - 13″ 2.7GHz/256GB... Read more
Apple reveals new next-generation 15″ and 13″...
Apple today revealed their next-generation 15″ and 13″ MacBook Pros. The new models are thinner and lighter than before with a new aluminum design featuring an enhanced keyboard with retina, multi-... Read more
Worldwide Smartphone Shipments Up 1.0% Year o...
According to preliminary results from the International Data Corporation (IDC) Worldwide Quarterly Mobile Phone Tracker, vendors shipped a total of 362.9 million smartphones worldwide in the third... Read more
TuneBand Arm Band For iPhone 7 and 7 Plus Rel...
Grantwood Technology has added the TuneBand for iPhone 7 and 7 Plus to its smartphone armband series. The TuneBand provides a lightweight and comfortable way to wear the iPhone while running,... Read more
1.4GHz Mac mini on sale for $449, save $50
Adorama has the 1.4GHz Mac mini on sale for $50 off MSRP including free shipping plus NY & NJ sales tax only: - 1.4GHz Mac mini (Apple sku# MGEM2LL/A): $449 $50 off MSRP To purchase a mini at... Read more
21-inch 1.6GHz iMac on sale for $999, save $1...
B&H has the 21″ 1.6GHz Apple iMac on sale for $999 including free shipping plus NY sales tax only. Their price is $100 off MSRP. Read more
Macs’ Superior Enterprise Deployment Cost Eco...
IBM’s debunking of conventional wisdom and popular mythology about the relative cost of using Apple Mac computers as opposed to PCs running Microsoft Windows at the sixth annual Jamf Nation User... Read more
12-inch WiFi Apple iPad Pros on sale for $50-...
B&H Photo has 12″ WiFi Apple iPad Pros on sale for $50-$70 off MSRP, each including free shipping. B&H charges sales tax in NY only: - 12″ Space Gray 32GB WiFi iPad Pro: $749 $50 off MSRP -... Read more

Jobs Board

*Apple* Retail - Multiple Positions - Apple,...
Job Description: Sales Specialist - Retail Customer Service and Sales Transform Apple Store visitors into loyal Apple customers. When customers enter the store, Read more
Software Engineering Intern: UI Applications...
Job Summary Apple is currently seeking enthusiastic interns who can work full-time for a minimum of 12-weeks between Fall 2015 and Summer 2016. Our software Read more
Security Data Analyst - *Apple* Information...
…data sources need to be collected to allow Information Security to better protect Apple employees and customers from a wide range of threats.Act as the subject Read more
*Apple* Retail - Multiple Positions - Apple,...
Job Description: Sales Specialist - Retail Customer Service and Sales Transform Apple Store visitors into loyal Apple customers. When customers enter the store, Read more
*Apple* Solutions Consultant - Apple (United...
# Apple Solutions Consultant Job Number: 52812872 Houston, Texas, United States Posted: Oct. 18, 2016 Weekly Hours: 40.00 **Job Summary** As an Apple Solutions Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.