[launchd-dev] LaunchAgent best practice for turning "off" sockets

Quinn "The Eskimo!" eskimo1 at apple.com
Tue Mar 29 00:34:25 PDT 2016


On 25 Mar 2016, at 21:24, Mitchell Laurren-Ring <lists at rynosoft.com> wrote:

> I have a LaunchAgent that is configured via Sockets in the plist to listen on several IP+port number endpoints. I would like to make it possible to turn "off" some listening endpoints while the LaunchAgent is running.

There isn't a good way to do this.  launchd jobs are atomic; their services are either all on or all off.  You could separate each of your services into a separate launchd job, but even that's a bit tricky.

If you're an /agent/ then the job exists in two places:

A. it's statically defined by the property list in /Library/LaunchAgents

B. each per-user launchd [1] has an in-memory representation of the job

Modifying A requires privileges.  Modifying B requires privileges for other user's launchd's, but does not require privileges for your launchd.  So, if you split your services into separate jobs then you can load and unload those jobs into the current user's launchd context [2] at will.  The gotcha being that this only take effect in memory.  The next time the user logs out and then logs back in, the settings from A apply.

Share and Enjoy
--
Quinn "The Eskimo!"                    <http://www.apple.com/developer/>
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

[1] Prior to 10.10 these were separate instances of launchd running.  Since 10.10 there's only one launchd process but I still find it helpful to think in the older terms.

[2] Keep in mind that "current user" means "the user in whose context your launchd agent is running" not "currently logged in user".



More information about the launchd-dev mailing list