This probably boils down to not being in the right launchd session. launchd(8) discusses this at a high level. You can see what is going on in your user session with "launchctl print user/$(id -u)".
I'm not sure what the right mechanics ought to be for Mesos. It used to be that you would use the "bsexec" subcommand to run something in a different session, but that is deprecated and I don't see an obvious replacement in the new subcommands. Maybe worth asking on the launchd-dev mailing list ... On 11 May 2016 at 12:10, DiGiorgio, Mr. Rinaldo S. <[email protected]> wrote: > > On May 5, 2016, at 13:28, haosdent <[email protected]> wrote: > >>There is no explicit statement about what Mesos means when it runs a task >> as some other user. > I think this is just ensure the running user of the task is the user you > given. In Mesos, it jus call the [setuid](http://linux.die.net/man/2/setuid) > to change the user, It would not execute something like the bashrc script of > user. > > > I have been unable to solve this problem for the last few days. I am > wondering if you have any ideas. > > > > When Mesos starts a task on an OSX machine, the task is run with setuid to > the user I have asked for. When that user runs I cannot get that user to > have a default login keychain. I want to initialize the environment so that > user has something that looks like this. > > existinguser$ security login-keychain > > > "/Users/rinaldo/Library/Keychains/login.keychain” > > > I have tried many options to create the above keychain for the other user > that is running in a process that was created by mesos and changed to that > user with setuid. > > I understand that is likely not a Mesos issue. I am hoping someone on this > alias has come across this issue or something similar. I have tried the > following and they have all failed. > > su -c .... as existinguser > > /bin/login as existinguser > > OSX is not Open Source so it is difficult to understand what it is they do > to create a user environment. The “security” application has many options > to create keychains but when I use those options the Keychains endup in > > > "/Library/Keychains/System.keychain" > > "/Library/Keychains/System.keychain” > > > I have no investigated how a user is able to create a keychain in the > System.keychain when running as a user in a Mesos created process. > > > Rinaldo > > > > > > On Thu, May 5, 2016 at 7:41 PM, DiGiorgio, Mr. Rinaldo S. > <[email protected]> wrote: >> >> Hi, >> >> Recently I noticed that the Mesos Jenkins plugin supports the >> setting of environment variables. Somewhere between 0.26 and 0.28.1, >> settings like >> >> USER= >> HOME= >> >> were required to get things to work the way they had worked. I >> have been able to set the environment this way but I have some concerns >> about it. >> >> There is no explicit statement about what Mesos means when it runs >> a task as some other user. Clearly it is not running some of the scripts >> normally run during login. This was a constant source of confusion with >> Jenkins. If one can state what exactly is done to create the user >> environment each platform and how it is different that others it will save >> countless hours of debugging IMO. I realize OSX is an odd system -- linux at >> times, Apple specific at times in areas that conflict with Linux but this >> will only get more complicated when Windows agents become available. >> >> >> >> Rinaldo > > > > > -- > Best Regards, > Haosdent Huang > > -- James Peach | [email protected]
