Re: Launchd scripts with root access
Re: Launchd scripts with root access
- Subject: Re: Launchd scripts with root access
- From: Chris Waldrip <email@hidden>
- Date: Wed, 27 Jun 2012 12:45:02 -0400
On Jun 27, 2012, at 10:28 AM, Harald Wagener wrote:
> LaunchAgents run in user context. Move your launchd job to
> /Library/LaunchDaemons to get it run as root.
I'd read and understood that /System/Library/Launch* allowed for processes to be run as root, regardless of the user context (hence why OS level processes are started from there), where /Library/Launch* would run based on the user context. But I tested your suggestion, and got my normal errors...
6/27/12 12:28:10.418 PM com.spupload: override rw-r--r-- root/wheel for /Library/LaunchAgents/com.spupload.plist? (y/n [n]) not overwritten
6/27/12 12:28:10.511 PM com.spupload: override rwxr-xr-x root/wheel for /usr/local/sbin/spupload.sh? (y/n [n]) not overwritten
On Jun 27, 2012, at 10:34 AM, Watchman Monitoring wrote:
> Seeing the script, or more importantly, how you're calling it, would be helpful.
>
> Also, how are you validating the contents of what you've downloaded?
Right now i'm not too worried about validating, but I intend to do a checksum. I'm just trying to get it installed right now. The portion of the script that is the upgrade function at the moment...
#Check spupload version number, and download and install the latest update if it's newer
remoteVersion=$(curl -s http://my.server.com/profiles/version.html)
if [ "$spuploadVersion" -lt "$remoteVersion" ]
then
cd /tmp/
curl -C - -O http://my.server.com/profiles/latest.zip
unzip -d latest latest.zip
mv -f latest/com.spupload.plist /System/Library/LaunchAgents/
chmod 644 /System/Library/LaunchAgents/com.cnn.spupload.plist
mv -f latest/spupload.sh /usr/local/sbin/
launchctl load /System/Library/LaunchAgents/com.cnn.spupload.plist
rm -rf latest*
exit
fi
Previously the script looked something like this which used installer, and returned similar permission issues since the installer requires root permissions.
#Check spupload version number, and download and install the latest update if it's newer
remoteVersion=$(curl -s http://my.server.com/profiles/version.html)
if [ "$spuploadVersion" -lt "$remoteVersion" ]
then
cd /tmp/
curl -C - -O http://my.server.com/profiles/latest.zip
unzip latest.zip
installer -pkg spupload.pkg -tgt /.
rm -rf latest*
exit
fi
Here is the plist loaded from /System/Library/LaunchAgent/. It's run every 7 hours, and runs the script in /usr/local/sbin/...
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd";>
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.spupload</string>
<key>Program</key>
<string>/usr/local/sbin/spupload.sh</string>
<key>ProgramArguments</key>
<array>
<string>/usr/local/sbin/spupload.sh</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>ServiceDescription</key>
<string>System Profiler upload tool</string>
<key>StartInterval</key>
<integer>25200</integer>
</dict>
</plist>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden