[launchd-dev] UserName ignored on per-user LaunchAgents

Jeremy Reichman jaharmi at jaharmi.com
Wed Dec 5 06:59:29 PST 2007

I can understand the desire/need for privilege separation.

Not being skilled in IPC, though, is there a way that systems administrators
operating at a scripting level can set up what you've described?

The reality is that LoginHook/LogoutHook exist today and do what I want, but
I'd rather be doing the same thing with launchd because it gives me a little
more granularity in setup and control. Instead of editing loginwindow.plist
for root and having a hook script that does its work itself or calls other
scripts to do work during those system events, I would like to have the
benefit of setting up multiple compartmentalized, modularized launchd jobs.

This is especially true if you manage systems with Radmind, which works
really well at managing files. But moving to launchd jobs for what would
have been in Login/LogoutHook also seems to make sense for the more
installer-based management provided by ARD, LanDesk, LANrev, FileWave, etc.



More information about the launchd-dev mailing list