macOS

セキュリティ警告

ClawDaddy がこのSkillに不審なパターンを検出しました。インストール前に慎重にご確認ください。

BSD vs GNU Commands

• sed -i requires extension argument: sed -i '' 's/a/b/' file — empty string for no backup, Linux doesn't need it

• find doesn't support -printf — use -exec stat or xargs with stat -f instead

• date uses different format flags: date -j -f '%Y-%m-%d' '2024-01-15' '+%s' — -j prevents setting time

• grep -P (Perl regex) doesn't exist — use grep -E (extended) or install ggrep via Homebrew

• xargs defaults to /usr/bin/echo not the command — always specify the command explicitly

• readlink -f doesn't exist — use realpath or python3 -c "import os; print(os.path.realpath('path'))"

Homebrew Paths

• Apple Silicon: /opt/homebrew/bin, /opt/homebrew/lib

• Intel: /usr/local/bin, /usr/local/lib

• Check architecture: uname -m returns arm64 or x86_64

• Homebrew doesn't add to PATH automatically — check ~/.zprofile for eval line

• Running x86 binaries: arch -x86_64 /bin/bash then install/run Intel-only tools

Keychain (Secrets)

• Store: security add-generic-password -a "$USER" -s "service_name" -w "secret_value" -U

• Retrieve: security find-generic-password -a "$USER" -s "service_name" -w

• -U flag updates if exists — without it, duplicate entries error

• Keychain prompts for access on first use — authorize permanently for automation

• Delete: security delete-generic-password -a "$USER" -s "service_name"

launchd (Services)

• User agents: ~/Library/LaunchAgents/ — runs as user when logged in

• System daemons: /Library/LaunchDaemons/ — runs at boot as root

• Load: launchctl load -w ~/Library/LaunchAgents/com.example.plist

• Unload before editing: launchctl unload — edits to loaded plists are ignored

• Check errors: launchctl list | grep service_name then launchctl error <exit_code>

• Logs: log show --predicate 'subsystem == "com.example"' --last 1h

Privacy Permissions (TCC)

• Automation scripts fail silently without Full Disk Access or Automation permissions

• Grant in System Settings → Privacy & Security → corresponding category

• Terminal and iTerm need separate permissions — granting to one doesn't grant to other

• tccutil reset clears permissions: tccutil reset AppleEvents for Automation

• Check granted permissions: sqlite3 ~/Library/Application\ Support/com.apple.TCC/TCC.db "SELECT * FROM access"

defaults (Preferences)

• Read: defaults read com.apple.finder AppleShowAllFiles

• Write: defaults write com.apple.finder AppleShowAllFiles -bool true

• Delete: defaults delete com.apple.finder AppleShowAllFiles

• Restart app after changing: killall Finder

• Find app bundle ID: osascript -e 'id of app "App Name"'

• Export all: defaults export com.apple.finder - outputs XML

File Operations

• ditto preserves resource forks and metadata — use instead of cp for app bundles

• Create DMG: hdiutil create -volname "Name" -srcfolder ./folder -format UDZO output.dmg

• Mount DMG: hdiutil attach image.dmg — returns mount point path

• Unmount: hdiutil detach /Volumes/Name

• Extended attributes: xattr -l file to list, xattr -c file to clear all

• Quarantine removal: xattr -d com.apple.quarantine app.app

Clipboard

• Copy to clipboard: echo "text" | pbcopy

• Paste from clipboard: pbpaste

• Copy file contents: pbcopy < file.txt

• Preserve RTF: pbpaste -Prefer rtf

• Clipboard works in SSH sessions to local machine — useful for remote file copying

Screenshots and Screen

• Screenshot region to file: screencapture -i output.png

• Screenshot window: screencapture -w output.png

• Screenshot to clipboard: screencapture -c

• Headless (no UI): screencapture -x — suppresses sound and cursor

• Screen recording requires Screen Recording permission in Privacy settings

Process Management

• Prevent sleep: caffeinate -i command — keeps system awake while command runs

• Prevent sleep with timeout: caffeinate -t 3600 — 1 hour

• Check why not sleeping: pmset -g assertions

• Power settings: pmset -g to view, sudo pmset -a sleep 0 to disable sleep

• Current app in focus: osascript -e 'tell application "System Events" to get name of first process whose frontmost is true'

Network

• List interfaces: networksetup -listallhardwareports

• Get IP: ipconfig getifaddr en0 (Wi-Fi usually en0 on laptops)

• DNS servers: scutil --dns | grep nameserver

• Flush DNS: sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder

• Proxy settings: networksetup -getwebproxy "Wi-Fi"

System Integrity Protection

• Check status: csrutil status

• Disable (Recovery Mode only): csrutil disable — not recommended for production

• Protected paths: /System, /usr (except /usr/local), /sbin, /bin

• Can't modify these even as root — design your automations around this

Logs

• Stream live: log stream --predicate 'process == "processname"'

• Search recent: log show --last 1h --predicate 'eventMessage contains "error"'

• Subsystem filter: log show --predicate 'subsystem == "com.apple.example"'

• Save to file: log collect --output ./logs.logarchive — opens in Console.app

Automation Tips

• Open URL: open "https://example.com" — uses default browser

• Open app: open -a "Safari" — by name, not path

• Open file with specific app: open -a "TextEdit" file.txt

• Run AppleScript: osascript -e 'tell application "Finder" to get name of home'

• Spotlight search: mdfind "kMDItemDisplayName == 'filename.txt'" — faster than find for indexed files