site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com == Situation: == The Problems: == The Solution that would work: To describe that in more detail, the login process looks like that: The logout process looks like that: == The Question: -- Kindest regards, Markus _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... We have a user agent, that is started by launchd as soon as a user logs in. It then reads a preference file (~/Library/Preferences) and keeps the data cached in memory. While running, it constantly updates information in that file. The file is asynchronously written back to disk every now and then. When the user logs out, it receives a SIGTERM, updates the plist one last time, makes sure it's written to disk immediately and quits. So the preferences are read as soon as the process starts and they might change up to the very last second, till the process quits. This file should be kept in sync across multiple Macs. 1) To make sure the latest state of these preferences are backed-up, the back up must happen after this process has quit. Only then the pref file will really contain the latest changes. However every other user space process will be quit if the user logs out, first with a SIGTERM, then with a SIGKILL if it refuses to quit. 2) If this is a UI process, it can prevent the log out from taking place by refusing to quit, but then the agent process might never get killed in the first place and the pref file may not be up-to-date. 3) A root process running constantly in the background can notice if a user logs out, but it cannot necessarily access the file after log out. The user may have a FileVault, so access to the file after logout is impossible unless the process knows the mount password of the FileVault (insecure!). The user also may have a network home. Root processes cannot access data over networks in the first place. 4) The user may actually not log out, he may select to shutdown/ restart the system, in that case the root process also only would have a very limited time to sync the file. Since a sync can take arbitrarily long, it may get killed before it had a chance to really syn anything. 5) How can the pref file, that may have been back-up'ed (assuming problems 1 to 4 can be solved) to an external storage (e.g. an USB stick) be synced back to disk before the user logs in on the other Mac? If it is synced "after" the user logged in, the agent is already running, it has already read the pref file. Overwriting this file with new data will fail, as the changes won't be noticed by the already running agent. Issues 1 to 4 could be solved if there was a way to run a program similar like the compacting FileVault process. This process can run after the user has already logged out and it can delay a shutdown/ reboot till its operation completes... of course if the FileVault/ Network Home has already been unmounted, this won't work. Issue 5 could be solved if a process could be run after the user has logged in, but before any other user processes have been started. 1) The user logs in 2) If this is a FileVault or Network Home user, the home directory is mounted (either from the local FileVault DMG or via the network) 3) launchd starts the login agents for this user 4) Login Items of the user are started 5) The user gains control Here we'd need a step between 2 and 3. The user home is ready to be accessed by processes belonging to the user and a process is started that can delay step 3 till it is done with whatever operation it needs to perform. 1) The user logs out (or issues a shutdown/reboot) 2) All applications of the users are quit 3) All launchd agents of the user are quit/killed 4) If this is a FileVault or Network Home user, the home directory is unmounted 5) Either the login screen is started again or the system shuts down (possibly reboots after shutdown) Here we'd need a step between 3 and 4, so all processes (maybe except launchd) are already quit, the user has no control anymore, but we can still start a process belonging to this user to perform operations before step 4 and we can delay step 4 and 5 till it is done with whatever operation it needs to perform. Does anything like this exist? Can it be done without hacking the system to shrimps? And if this is not the right mailing list for asking such a question, what is the right mailing list? This email sent to site_archiver@lists.apple.com