Creating a Launch Daemon to Open an Application

niacobelli
New Contributor III

Good afternoon,

Please let me know if this isn't the correct tool for what I want to acheive. We are a school and we use FortiClient Anti-Virus on our student and faculty machines.

Sometimes after a while FortiClient icon will disappear from the top tool bar and stop communicating with the EMS.

Is a launchdaemon the correct tool to periodically relaunch the program. Maybe once a day and or when the machine is restarted and logged back in? Would this just be a simple Login Window thing?

None of our machines are bound to AD. I'm not super comfortable creating deamons. Is there a tool or a guide that can help me with this?

Thank you,
Nick

5 REPLIES 5

thoule
Valued Contributor II

The thing you are checking - is it running as the user? or root? Pick a computer things are working on and open Activity Monitor. Find the process name and see the User. If it's the logged in user, then you need a LaunchAgent. If it is root, then you need a launchDaemon. And I wouldn't create a new LaunchD - there's likely already one so you just need to restart it.

Look in /Library/LaunchDaemons for one with the Forticlient name in it. Then issue this command from Jamf using 'File's and Processes' task.

launchctl unload /Library/LaunchDaemons/com.forticlient.plist; launchctl load /Library/LaunchDaemons/com.forticlient.plist

If it's running as the user, then things get a little more complicated. It's possible that the scanner part runs as root and a menu item (optional) runs as the user.

blackholemac
Valued Contributor III

A launchagent runs as the user, a launchdaemon runs as root. Most apps with a user interface that would run would be a launchagent. Processes may need to run as either.

rob_hernandez
New Contributor III

Here are some tools that might help you.

http://launched.zerowidth.com/

http://www.soma-zone.com/LaunchControl/

niacobelli
New Contributor III

In activity monitor FortiClient is running as the logged in user. There are FortiClient LaunchDaemons and LaunchAgents so its running as root and the logged in user.

So is it as simple as running at command in jamf to reload the daemon/agent?58d3a4319ec94debbeb4eff73ac59c9c

mm2270
Legendary Contributor III

It's likely the LaunchDaemon is running one part of the Forticlient process, and the LaunchAgent is running something user facing, like the icon at the top of the toolbar that you referenced in your first post.
So, if you need to relaunch the LaunchAgent, the above launchctl load code by itself isn't going to work when run from a policy, because policies run as root, and it would attempt to load the LaunchAgent in the root account space, which it can't do.

For this, I would use launchctl asuser, possibly first to see if the agent is running, and then to launch it if it's not already running and needs to be.

Here's a sample script, but you will need to determine the exact process name that shows up in the command line and plug that in, as well as the LaunchAgent file name. I don't use Forticlient so I don't know what either of those are. Is the FortiClientAgent name in your screenshot the actual user facing process? If so, you would use that in the ForticlientProcess section below.

#!/bin/bash

## Get logged in user and UID
loggedInUser=$(stat -f%Su /dev/console)
loggedInUID=$(id -u $loggedInUser)

## Put the name of the process you want to check on here. Do "ps axc" in Terminal to look for the name
ForticlientProcess="FortiClientProcess"
## Put the LaunchAgent plist path and name here
ForticlientAgentPlist="/Library/LaunchAgents/com.something.plist"

if [ "$loggedInUser" != "root" ]; then
    echo "A user is logged in. Checking for agent process..."
    ## Check for agent as user
    FCProcCheck=$(/bin/launchctl asuser $loggedInUID sudo -iu $loggedInUser ps axc | grep "$ForticlientProcess" 2>&1 >/dev/null; echo $?)
    if [ "$FCProcCheck" != 0 ]; then
        echo "Agent is not running. Reloading..."
        /bin/launchctl asuser $loggedInUID /bin/launchctl unload "$ForticlientAgentPlist"
        /bin/launchctl asuser $loggedInUID /bin/launchctl load "$ForticlientAgentPlist"
    else
        echo "Agent process is running. Nothing to do."
        exit 0
    fi
else
    echo "No-one logged in. Cannot check on agent process."
    exit 0
fi