• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Why is Leopard annoying my users?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why is Leopard annoying my users?


  • Subject: Re: Why is Leopard annoying my users?
  • From: Andreas Fink <email@hidden>
  • Date: Mon, 26 Nov 2007 11:22:29 +0100

I guess your easiest way is to run it at startup as root and then change to the user you want in your daemon. Lots of system wide daemons do that like Apache who executes as "nobody" or "http" but get started as "root" initially.


On 21.11.2007, at 16:49, James Bucanek wrote:

Quinn <mailto:email@hidden> wrote (Wednesday, November 21, 2007 3:18 AM -0000):

At 11:30 -0700 20/11/07, James Bucanek wrote:
In the "if it were a snake it would have bitten me" department, the simplest solution might be to switch back to Mach ports.

Well, I'm a big fan of UNIX domain sockets, so you won't get any real opposition from me (-: OTOH, I'm also a big fan of "if it works, don't mess with it", which is why I asked the question in the first place.

My primary goal right now is to get it to work smoothly, so a little "messing" is in order. ;)


This problem originally came up because I had some background services that were being launched via cron. (If you're asking why this wasn't a launchd process, it's because this was a user-level process and I didn't want to have to ask for admin privileges to install it. I'm actually still annoyed that Apple doesn't provide for a "user daemon" class of processes in launchd ... but I can also imagine what some of the problems might be too.)

I think we're suffering from terminological confusion here. By
definition, a daemon is system wide and thus, by definition, you can't
install one without admin privileges. Background programs that act on
behalf of a specific user are called agents.

I'm using the generic definition of daemon <http://en.wikipedia.org/wiki/Daemon_(computer_software) >: "a computer program that runs in the background, rather than under the direct control of a user" In launchd terminology, a daemon is always system-wide, but for my purposes it's a user process that runs all the time. Agents only run when the user is logged in.


So let's just call it a "background process" ;)

In 10.5 launchd offers four different flavours of agents, depending on
the context that you need to run in. These are discussed in detail in
TN2083.

Been there. Read that. It's actually my favorite technote -- the only one I keep on my desktop. ;)


launchd daemons run in the global bootstrap namespace.

I'm appear to be a victim of bad advice. I confirmed last night that a child process of a launchd daemon runs in the same, global, namespace so Mach ports should work again.


Can you explain the process lifecycle that you're trying to achieve. Specifically:

o Does your background program want to run with privileges?

Absolutely not. It's is, and should alway be, a user process.

o Does it act on behalf of all users simultaneous, or just one specific user?

One user.

o When should it be launched? (for example, at startup, when someone tries to use its services, when the user on whose behalf it's operating logs in)

At startup.

o How long should it persist? (for example, until the user on whose
behalf it's operating logs out, or until system restart, or after some
idle timeout)

Forever; From startup to shutdown.

With this info I can probably suggest a launch mechanism that meets your needs.

The problem is this: This is a backup and document archiving solution.

- It provides a service for a particular user: initiate captures and other actions based on a schedule or in response to events.

- It's not a privileged process (and shouldn't be for security reasons).

- It runs in the background all of the time. It must run, and continue to run, whether the user is logged in or out. It provides, for instance, actions that can be trigged when the user logs in or out. Actions can be configured to run only when the user is logged out, etc.

- Since there are no privileged processes involved, these features should be available to all users (admin and non-admin). An administrator account should not be required to install the background process.

So you see, this is not an agent that runs only when the user is logged in and its not a system-level/root daemon with excessive privileges that requires administrative privileges to install. It is, in effect, a "user daemon" -- a class of processes that launchd does not provide.

In the past I was able to simulate this in the past using cron. Using the crontab tool, it's possible to install a user process that is run periodically. Up until 10.4.9 and Leopard, this was working just great. A non-admin user could install a cron job that would run independently of the user's logged in state. But recent versions of Tiger and Leopard have gotten down-right hostile about cron jobs, SIGKILLing them without warning whenever the user is logged out.

Right now, I'm simulating it by installing a /Library/LaunchDaemon for each user that's using the application (/Library/LaunchDaemon/ QRecallSchdduler501.plist, ./QRecallScheduler502.plist, ...). I'm setting the UserName launchd property so the process runs with the user's privileges. But this requires that the user have admin privileges just to run a non-privileged process. :/



--
James Bucanek

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden

_______________________________________________ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: This email sent to email@hidden
  • Follow-Ups:
    • Re: Why is Leopard annoying my users?
      • From: James Bucanek <email@hidden>
    • Re: Why is Leopard annoying my users?
      • From: Quinn <email@hidden>
References: 
 >Re: Why is Leopard annoying my users? (From: James Bucanek <email@hidden>)

  • Prev by Date: Re: Upgrading a kext
  • Next by Date: Re: Why is Leopard annoying my users?
  • Previous by thread: Re: Why is Leopard annoying my users?
  • Next by thread: Re: Why is Leopard annoying my users?
  • Index(es):
    • Date
    • Thread