Bringing cryptic command lines to Windows

The CMD.EXE batch language can be awfully cryptic, but for those who miss the richness of command lines like

kill -1 $(ps -ef | grep inetd | grep -v grep | tr -s " " | cut -f2 -d " ")

or bursts of line noise masquerading as a pipeline of "find", "sed", and "awk" processes, Microsoft Windows Services for Unix is available for free download.

Comments (46)
  1. Unix-Fan says:

    Why are such essential tools not on the Windows CD?

  2. Tim Smith says:


    There are so many jokes there I’m not even going to bother. I am sure people much smarter than me have made them already in the StFU team.

  3. Unix-fan: Because the free version of SFU(v3.5) was released after Windows XP, and most consumers won’t need it.

    But it’s an excellent download! Especially when you’re a student and need to run some UNIX tools but like Windows :) Check out for more SFU tools.

    AFAIK the difference between Cygwin and SFU/Interix is that Interix runs as a standalone NT subsystem, while Cygwin is an emulator on top of Win32 (Interix executables are marked as "7 subsystem (Posix CUI)" when you look at them with dumpbin).

  4. I can’t speak to the historical reasons, but currently, I suspect the reason is "security". Not because the SFU utilties are somehow less secure than the rest of the stuff shipped by Microsoft, but because it reduces the attack surface of the system.

    And the reality is that SFU isn’t an "essential tool" to the vast majority of Windows users. The percentage of Windows users who even KNOW that there’s a command prompt is probably in the single digits (at most its in the teens).

    The only people who would consider SFU to be "essential" are those that are developers – and those developers can get the tools easily and for free.

  5. Yaytay says:

    Last time I looked at SFU the cygwin tools beat them simply because they can handle files bigger than 2GB – SFU could not.

    There are a great many features of command line tools that Microsoft has been ignoring, more and more in recent times.

    Why did RegFind get removed from the Resource Kit?

    How does Microsoft recommend you monitor a steadily increasing log file (tail -f)?

    We don’t need a GUI that requires 3D processing just to look pretty, we need a system that works.


  6. Aaargh says:

    ‘kill -1 $(ps -ef | grep inetd | grep -v grep | tr -s " " | cut -f2 -d " ")’

    Wow, so that’s the microsoft way of doing ‘killall -1 inetd’

  7. Jason says:


    Who was talking about GUIs with 3D processing?

    What does not work?

  8. Mike says:

    Last time I used SFU it seemed very hacked together and slow. Maybe this is so Microsoft can show how slow unix code is, or maybe because they are crappy ports.

    Its easier to just have a linux box handy.

  9. David Candy says:

    When you show me how to write, spellcheck, format, then print a document using pipes then I’ll be impressed (and that someone, somewhere, is actually using it). This is what MS promised us years ago (despite the fact we were all using full screen editors by then).

    I’m still waiting.

    As a side note all the web sites about using Edlin as a nntp reader, email program, and web browser seem to have disappeared. While they existed it was impressive but not compelling enough to actually run.

  10. cola says:

    ‘killall -1 inetd’? What are you thinking? That’s not rich at all!

    How about a Perl one-liner to rename every file to lowercase?

    perl -e ‘for(<*>) {($x=lc)ne$x&& qx(mv -i Q$_E Q$xE);}’

  11. Cooney says:

    When you show me how to write, spellcheck, format, then print a document using pipes then I’ll be impressed

    Why would you even want to? Writing and formatting are fairly interactive, as is the feedback portion of spellchecking. Printing is different – I’ve done a bunch of stuff using printcap and pipes, most notably printing ps docs to a non-ps printer by way of ghostscript.

    ps. I hated unix printing back when I actually bothered to print anything.

  12. Aaargh:

    "Wow, so that’s the microsoft way of doing ‘killall -1 inetd’"

    You might be in for a surprise if you try that on a non-Linux Unix… Plus that pipeline can be shortened considerably with awk.

  13. Mike Weiss says:

    I hope Monad really helps in this area. IMOHO the example given (and the previous blogged "where" batch file) are perfect examples of the problems of current command-line processing.

  14. Chee Wee says:

    What’s this? Six Feet Under? ;o) I recently downloaded Windows Services for Unix and wondered why it wasn’t included in the Windows 2003 CD itself.

  15. Andrew says:

    Thanks for link! The system requirements say it requires either a server or XP pro. I’d love to use this at home but only have XP Home. Do you know if there a technical reason why WS for Unix won’t run on XP Home, or is this just an attempt to limit its distribution?


  16. PM says:

    Batch files are actually pretty powerful – I’ve recently worked with them a bit:

    Sorry for being a bit off-topic.

  17. David Candy says:

    Because this is what MS promised us with MSDos 2 (and pipes). That one day we would pipe our whole work structure. I’m just still waiting for this promised dream of pipe driven computing. I don’t know how such a inefficient model involving mice took over.

    taskkill /im inetd

    is the windows way. Raymond showed you the unix way. But if the windows way is too long

    tskill inetd

    This is terminal server way (and in 2000 the only way). It doesn’t need TS to work.

  18. David Candy says:

    Great, an assembler VM written in batch. Make pipe driven computing look woozie. Plants must go strong and tall where you live.

  19. Random Person says:

    Last time I used SFU it seemed very hacked together and slow. Maybe this is so Microsoft can show how slow unix code is, or maybe because they are crappy ports.

    Microsoft wasn’t the original developer on this project. They bought Interix (now SFU) back in 2001-2002. The only reason I know about that is I had a developer back then who wanted a copy, but was waiting for MS to release their version of it and kept hounding me to find out… but hardly anyone I contacted at MS knew what it was at the time.

  20. lf says:

    cola: you mean

    perl -e ‘rename $_, lc for <*>’

  21. Hmmmm, <code>kill -1 $(ps -ef | grep inetd | grep -v grep | tr -s " " | cut -f2 -d " ")</code>, don’t you mean, <code>killall inetd</code>?

  22. On certain UNIX systems, "killall" does not take any parameters and without warning kills all the processes in the system.

    I had the displeasure of doing that many years ago on a Solaris system. It was in the middle of the night on a system I had no root password (I was su’ed by someone else for the session), and the machine was in a datacenter in some other state (I didn’t know which one). So no, it’s not the same as "killall inetd".

    All that said, "ps -ef" sounds to me like an IRIX command?

  23. Dan says:

    Ilya, "ps -ef" is implemented on most (if not all) *nix. From the (cygwin) man pages:

    ps – Report process status

    -e, –everyone

    show processes of all users

    -f, –full

    show process uids, ppids

    I’ve been using cygwin so I can get my familiar bash shell running on WinXP, and am glad to hear about SFU. Anyone know if MS is planning on added SFU natively to Longhorn?

  24. Yaytay: Never used RegFind, but I guess reg.exe replaces it. It’s preinstalled on Windows XP…

    AC: "Monad" will be released in Exchange 12. See Monad/MSH chat transcript at Quote: "MSFT James Truher (Expert):

    Q: Will MSH V1.0 be done before Longhorn?

    A: Monad will ship as a feature of Exchange 12 in 2H06 (target).Monad will ship in Windows after that. Release vehicle is undefined. Monad will support WS03 SP1, XP SP2, Longhorn."

    Note that the trend has been to remove subsystems like POSIX and OS/2 from Windows and not add new ones, so I assume SFU will continue to be a nice download for people who need it. As Larry Osterman wrote above the reason is attack surface (see where the POSIX subsystem is used as an example).

  25. AC says:

    If I remember correctly, Windows Services for Unix, or whatever the product’s name before was, was something that was not possible to have on the same system where Terminal Services (or was it something else?) was running. I thought that it was "either you use Unix-like command line tools on the computer *OR* you can access the computer remotely through Remote Desktop (or however the Remote Desktop was named then)".

    Does anybody know if there are now any limiting factors to installing Windows Services for Unix?

  26. Somebody says:

    Looks like this blog entry brought out the Unix peanut gallery. How are the twinkies fellows?

    I think the shell in Windows is mostly superfluous. User interfaces have advanced beyond ‘printf’. The whole toolkit approach, which is done very crudely by text-only interfaces, has been shown to be very error-prone and time-consuming when it comes getting actual work done. Whenever you see yet another scripting language masquerading as an application, such as TeX, the developers are saying “I’m too stupid to figure out how actual end users are going to use the program and I am not willing to take the time to find out. So I am going to pass the buck and write some half-assed ‘tools’ to make it look like I did something. I’ll let the users waste their time on how to actually get these tools to do anything useful.” Hell, why don’t we take the toolkit approach to its logical conclusion and just hand the users a C compiler. It will take them a long time to actually get something done but look at all the flexibility and ‘power’.

  27. Somebody says:

    Does SFU’s ln support symbolic links? Cygwin does some magic using .lnk files to make it work. But its what I can’t live with out.

  28. Stefan Kanthak says:

    Once again: AARGHHHH!

    On REAL (say: SVR4) Unix this is

    # /sbin/sacadm -p inetd

    "ps -ef" is SVR4 too (and has gone to SUSv[123]).

    Besides the fact that the given pipe might output more than one pid when the "pattern" inetd matches more than one process; this can be rinetd for example, or an inetd under a different path you’re just testing. Hint: using the last field of the ps output cures the first problem, but not the second.

  29. Ramsey says:

    AC, you can download a nice beta of MSH from Microsoft now. Go to Channel9 and search for the two Monad videos. (Sorry, can’t remember the URL.) Watch Jeffrey Snover talk about Monad (MSH) in the videos. He mentions how you can download the beta. I used to use 4NT on Windows until I got my hands on MSH. Now I just use MSH.

  30. AC says:

    I cannot believe that people still buy the "Longhorn will fix it" marketing blurb. Who knows, Monad may turn out to be The Crazy Shit. It will revolutionize command line scripting and make script kiddies 4x as productive, yada yada. However, Longhorn won’t be available for almost another 2 years from now (or is it 3 now? I keep forgetting). Think about it: TWO YEARS IN SOFTWARE! It’s like saying that the flying cars in 2035 will be totally great.

    In the meantime, cmd.exe is an abandoned and slowly rotting piece of code that doesn’t solve any real problem for anyone besides being backwards compatible with 1980’s — del *.* deletes files without a dot? Come on.

    cmd is not even more beginner friendly than bash. As for the argument that we don’t get a real shell because it would increase the attack surface — yeah sure, I bet that’s the reason. I also guess nobody would be stupid enough to install a Media Player on a server OS. Oh wait…

    Between now and 2007, I would recommend any serious programmer to install one of the "richer" shells as a cmd replacement that come from companies like JPSoft, Cygnus and… Microsoft.

  31. Aaargh! says:

    "You might be in for a surprise if you try that on a non-Linux Unix… "

    I used to have a Solaris box a few years ago, first thing I did after installing Sol. was installing the GNU tools, problem solved.

  32. Barry Kelly says:

    My homegrown Cygwin version of killall is something like:

    ps -W | grep -i "$1" | cut -b -10 | xargs kill -f

    It doesn’t really matter that you kill the grep process too, does it?



    The above kills Windows processes too. Stick it into cron to kill known spyware / malware / odious software on shared computers. Hm.

  33. Mike says:


    >Because this is what MS promised us with MSDos 2 (and pipes). That one day we would pipe our whole work structure. I’m just still waiting for this promised dream of pipe driven computing. I don’t know how such a inefficient model involving mice took over.

    Stop waiting. It’s just a pipe dream.


  34. Alex Blekhman says:

    I noticed recently that my CMD.EXE skills fade away constantly. Not because CMD.EXE became less powerful, but thanks to much superior WSH. When you have such potent thing as VBScript/JScript in your shell, then there isn’t any place for indecision. Each time I wanted to “save” some time by using CMD.EXE for interesting things, I end up with painful surplus hours being deciphering cryptic commands and batch contexts. All this tediousness just to understand at the end that ten lines of JScript could do it hours ago. It took time to break mental barrier that JScript is “programming”, hence requires intellectual efforts, while batch script is “just typing some commands”. At the bottom line, batch files were always much difficult to program and debug than equivalent JScript scripts.

  35. David Kitchen says:

    "I think the shell in Windows is mostly superfluous."

    Not true.

    I cannot count the number of times I’ve needed to give family and friends support, sometimes for things as quirky as the fact that they’ve got some spyware that is making the control panel, windows explorer and internet explorer all crash. Sometimes it’s as them wanting to move some files, burn it onto a CD and not know whether they have a CD burner!

    The command line gives me ways out (deleting IE objects in the first example, FTP’ing the files to my server from which I download and burn a CD for them in the second).

    It’s the only guaranteed way of doing something when the user knows nothing and you know the commands.

    Sure it’s not nice sitting on the phone spelling out FTP commands, but hours of being frustrated as you walk through explaining to your mother how to open windows explorer (i said "right click"!!!!)… well, so long as your relatives are dumb terminals in themselves you can finish up and go get a beer.

  36. kinkie says:

    ps -<flags> is the SVR4 way

    ps <flags> is the BSD way

    GNU ps handles both, it uses the dash to determine which flavour to use (the same flags may have different meanings in the two cases).

    init q

    is the simplest way to have init reread /etc/inittab and reinitialize itself.

    Also, init has on all Unices PID 1 (I think it’s a POSIX requirement), so

    kill -1 1

    doesn’t require all the cruft – but this is because init is special.

    On a related issue, is there a simple way to have Windows (any version) Server reinitialize its services short of restarting the system? I realize it might be a non-issue due to the different way services’ configuration is handled on Windows and on Unices..

  37. Matt says:

    "GNU ps handles both, it uses the dash to determine which flavour to use (the same flags may have different meanings in the two cases). "

    Well call me disillusioned! I’d started to believe our Linux vistors when they told us we shouldn’t use nasty hacks for the sake of app compatibility. The apps should be fixed (or the user should have the source so they could fix them) was the common cry. They break apps to avoid dirty hacks, they said, and that’s why their OS is so unquestionably more stable.

    Now kinkie’s exposed them. They use the same dirty methods to ensure app compatibility. And worse, they use it for scripts – executables where the user is guaranteed to have the source and most certainly could have fixed the problem.

  38. Stefan Kanthak says:

    @kinkie: there’s quite a difference between "init" (pid 1) and "inetd" (pid not not in advance), not just the spelling. The first use /etc/inittab, the second /etc/inetd.conf for it’s configuration.

    @Matt: remember that GNU is not Unix?

    And Linux is not GNU (although it uses the GNU toolchain)?

    Unix comes in oh so many flavors from so many different vendors, the most popular flavors beeing SVR and *BSD. There are more janus-like "commands" that both accept their options with or without the dash: tar, dd, …

    That’s UNIX’ tradition.

    For other systems it’s just illogical incompatibility;-)

  39. MJB says:

    Considering MS is dropping the Posix subsystem for 64 bit Windows, kinda waste of time to learn much about SFU in my opinion

  40. cola says:

    …um, as a Linux visitor, in my opinion there’s a big difference between writing ‘ps’ so it’s compatible with two different flavours of interface, and fixing bugs in important programs by introducing anti-bugs into the operating system.

    Rewriting those ten billion shell scripts would have been much more painful than discriminating based on the presence or absence of a dash.

    And sure, in closed-source land it’s actually easier to add antibugs than to force the original publisher to fix the bug in the ancient program. But in open-source land, projects have maintainers, even ancient games from ten years ago; God knows why, but they do it.

    When you’re used to that, hacking the operating system to fix a bug in Lotus seems like the height of insanity — however elegant the solution.

    But that doesn’t apply to interface compatibility!

  41. Yaytay says:

    Apologies for not responding to the people that responded to my comments previously.

    reg.exe does not appear to be a complete replacement for regfind – regfind can do a simple global search (and replace) for any string in the registry, I can’t work out how to get reg.exe to do that.

    The comment about 3D GUIs is simply referring to the future of Windows, I would rather MS developers spent time fixing what they’ve released rather than adding pretty features to drain hardware.

    What is broken on SFU is the file size limit.

    The main thing that I want SFU for is text file processing.

    I work with massive text data files, and with a simple pipeline involving cut, sort, head, tail, etc I can do almost anything with this data without having to get it into a DBMS.

    But using SFU I can’t tar/gzip these files simply because SFU is restricted.

    The shell in Windows is anything but superfluous for one simple reason – it is the only way to get the output from a command visibly on the screen.

    Yes you can do everything in WSH that you can do at the command prompt, but without that little window we’d be hamstrung.

    Systems administrators, developers, people working with multiple files, there are lots of people that work in batch and need the command prompt (even if they don’t know it).

    This is just a whinge.

    I have a free choice between Windows and Linux on my home machine and I choose Windows because I do find it nicer to work with.

    But SFU fails to deliver, and if MJB’s comment is correct then SFU should be avoided.

  42. mjb says:


    or if the link breaks, search for "64 bit posix"

    I suppose the SFU team could build their own, but SFU hasn’t been a particularly strategic product in the past.

  43. Yaytay says:

    My understanding is that SFU effectively replaces the posix subsystem that is/was provided with Windows (though it’s still a subsystem, unlike cygwin).

    So the lack of a posix subsystem with XP 64 bit isn’t that much a problem if SFU can work on 64 bit.

    And there are indications that there will be a 64 bit SFU, but there certainly isn’t one yet (google it, if there was anything more substantial than indications I’d post a link:-).

  44. Ben Cooke says:

    Hmm. SFU is huge! I’m interested to see what amazing things it’s going to install to warrant it being so big. I could get an entire OS smaller that’s than that!

  45. - says:

    And who the hell invented that "register to download" page? Do you REALLY think I’ll put my true info in there???

Comments are closed.