Re: [launchd-dev] Mysterious problem with [NSURL getResourceValue:forKey:error:]

Thu, 25 Aug 2016 10:48:12 -0700 

Quinn "The Eskimo!" <mailto:eski...@apple.com>
August 24, 2016 at 12:38 AM
On 23 Aug 2016, at 17:53, James Bucanek<subscri...@gloaming.com>  wrote:


P.S. I would be nice if the UserName launchd property would also accept a number and interpret it as a 
UID:<key>UserName</key><integer>501</integer>.


Yeah, that’s not really how launchd is architected.


That's OK. I sometimes find that launchd doesn't fit my needs. ;)


Each daemon is named after its user: com.qrecall.switchboard.501, 
com.qrecall.switchboard.502, and so on. Each user connects only with its 
switchboard, and that switchboard only manages endpoints belonging to that user.


Hmmm, that’s weird.  How do you stop code running as user 502 connecting to the 
`com.qrecall.switchboard.501` service?  Presumable the daemon has a user ID 
check on its IPC.

Correct.

uid_t uid = (uid_t)connection.effectiveUserIdentifier;
if (uid==switchboard.userID || uid==0)
    return switchboard;
// Otherwise, block any attempts to connect with a switchboard belonging to another user 
return nil;


If you’re doing that anyway, you could just have one daemon that handles all 
users.

That was my original plan!
But it eventually got way too complicated, from an installation standpoint. The problem is that this process is only installed as a system daemon if the user has administrative privileges. If it's a non-admin account, or the user can't provide admin credentials, this process gets installed as per-user (background) agent. When switching back and forth between these two scenarios (privileged and non-privileged), the agent gets uninstalled and the daemon gets installed, or vice versa. But if there are multiple users, and I'm uninstalling the daemon, do I remove it or not (as there may be other users that still need the system daemon)? And what if different users are running different versions of the app? Which version of the system daemon should get installed? Etc., etc.
I might tackle these, and other problems, in the future. But for now, installing multiple system daemons, one for each user, was—by far—the most manageable solution. 

James

_______________________________________________
launchd-dev mailing list
launchd-dev@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/launchd-dev

Reply via email to