[launchd-dev] launchd and hdiutils

Quinn eskimo1 at apple.com
Mon Dec 14 01:43:21 PST 2009


At 14:10 +0100 11/12/09, Thomas Fritz wrote:
>I want to use launchd to mount an encrypted dmg image which contains 
>my home directory (AES 256 - enterprise encryption guidelines ) and 
>other directories i want to encrypt like /tmp, etc ...

You're not going to be able to do this reliably via launchd.  The 
problem, regardless of the hdiutil issues, is that system startup is 
asynchronous, with implicit dependency tracking via service 
provision.  Thus, if you put your hdiutil stuff is a launchd daemon, 
there's no guarantee that daemon will run /before/ the user has 
logged in, because the login process does not use any of the services 
provided by your daemon.

The best solution to this problem IMO would be to structure your code 
as a login agent.  This has a couple of benefits:

o It runs synchronously with respect to login.

o You can access the password that the user provided for login.

o You can access the GUI, if necessary, to request a password.

For more details on this, see TN2228 "Running At Login".

<http://developer.apple.com/mac/library/technotes/tn2008/tn2228.html>

S+E
-- 
Quinn "The Eskimo!"                    <http://www.apple.com/developer/>
Apple Developer Relations, Developer Technical Support, Core OS/Hardware


More information about the launchd-dev mailing list