Hi,

I'm writing a Tiger agent in Python and C which must run as root (it enforces policies on the user). The agent should, however, know which user it is enforcing (this is due to DiskArbitration's inability to create a 'global' Approval session affecting all users).

I've seen references on the list to the fact that an Agent in Tiger absolutely must run as the user, no workarounds. This is pretty bad for me, and would force me to do something crazy like running a daemon as root and installing a tiny agent notifying the daemon a user came into existence (I'd rather not link with Cocoa notifications).

Is there any way around that? Something saner than what I was suggesting?

Also, there's the issue of having launchd tell my agent which user it's running for, either on the command line, as an environment variable, or otherwise. And if I'm not asking for too much (I know I am...) - also redirect stdout to a user-specific locations (/var/log/my-app/log.$USERNAME).

How should I go about doing that? I couldn't find something relevant in launchd.plist's manpage nor on the list's archive.

Many thanks,
 - Yaniv