Re: Why is Leopard annoying my users?
Re: Why is Leopard annoying my users?
- Subject: Re: Why is Leopard annoying my users?
- From: Andreas Fink <email@hidden>
- Date: Mon, 26 Nov 2007 11:22:29 +0100
I guess your easiest way is to run it at startup as root and then
change to the user you want in your daemon. Lots of system wide
daemons do that like Apache who executes as "nobody" or "http" but
get started as "root" initially.
On 21.11.2007, at 16:49, James Bucanek wrote:
Quinn <mailto:email@hidden> wrote (Wednesday, November 21, 2007
3:18 AM -0000):
At 11:30 -0700 20/11/07, James Bucanek wrote:
In the "if it were a snake it would have bitten me" department,
the simplest solution might be to switch back to Mach ports.
Well, I'm a big fan of UNIX domain sockets, so you won't get any real
opposition from me (-: OTOH, I'm also a big fan of "if it works,
don't mess with it", which is why I asked the question in the first
place.
My primary goal right now is to get it to work smoothly, so a little
"messing" is in order. ;)
This problem originally came up because I had some background
services that were being launched via cron. (If you're asking why
this wasn't a launchd process, it's because this was a user-level
process and I didn't want to have to ask for admin privileges to
install it. I'm actually still annoyed that Apple doesn't provide
for a "user daemon" class of processes in launchd ... but I can
also imagine what some of the problems might be too.)
I think we're suffering from terminological confusion here. By
definition, a daemon is system wide and thus, by definition, you
can't
install one without admin privileges. Background programs that act
on
behalf of a specific user are called agents.
I'm using the generic definition of daemon <http://en.wikipedia.org/wiki/Daemon_(computer_software)
>: "a computer program that runs in the background, rather than
under the direct control of a user" In launchd terminology, a daemon
is always system-wide, but for my purposes it's a user process that
runs all the time. Agents only run when the user is logged in.
So let's just call it a "background process" ;)
In 10.5 launchd offers four different flavours of agents, depending
on
the context that you need to run in. These are discussed in detail
in
TN2083.
Been there. Read that. It's actually my favorite technote -- the
only one I keep on my desktop. ;)
launchd daemons run in the global bootstrap namespace.
I'm appear to be a victim of bad advice. I confirmed last night that
a child process of a launchd daemon runs in the same, global,
namespace so Mach ports should work again.
Can you explain the process lifecycle that you're trying to
achieve. Specifically:
o Does your background program want to run with privileges?
Absolutely not. It's is, and should alway be, a user process.
o Does it act on behalf of all users simultaneous, or just one
specific user?
One user.
o When should it be launched? (for example, at startup, when
someone tries to use its services, when the user on whose behalf
it's operating logs in)
At startup.
o How long should it persist? (for example, until the user on whose
behalf it's operating logs out, or until system restart, or after
some
idle timeout)
Forever; From startup to shutdown.
With this info I can probably suggest a launch mechanism that meets
your needs.
The problem is this: This is a backup and document archiving solution.
- It provides a service for a particular user: initiate captures and
other actions based on a schedule or in response to events.
- It's not a privileged process (and shouldn't be for security
reasons).
- It runs in the background all of the time. It must run, and
continue to run, whether the user is logged in or out. It provides,
for instance, actions that can be trigged when the user logs in or
out. Actions can be configured to run only when the user is logged
out, etc.
- Since there are no privileged processes involved, these features
should be available to all users (admin and non-admin). An
administrator account should not be required to install the
background process.
So you see, this is not an agent that runs only when the user is
logged in and its not a system-level/root daemon with excessive
privileges that requires administrative privileges to install. It
is, in effect, a "user daemon" -- a class of processes that launchd
does not provide.
In the past I was able to simulate this in the past using cron.
Using the crontab tool, it's possible to install a user process that
is run periodically. Up until 10.4.9 and Leopard, this was working
just great. A non-admin user could install a cron job that would run
independently of the user's logged in state. But recent versions of
Tiger and Leopard have gotten down-right hostile about cron jobs,
SIGKILLing them without warning whenever the user is logged out.
Right now, I'm simulating it by installing a /Library/LaunchDaemon
for each user that's using the application (/Library/LaunchDaemon/
QRecallSchdduler501.plist, ./QRecallScheduler502.plist, ...). I'm
setting the UserName launchd property so the process runs with the
user's privileges. But this requires that the user have admin
privileges just to run a non-privileged process. :/
--
James Bucanek
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden