Issues Loading/Unloading LaunchAgent

jmb03012
New Contributor III

We have an in house application that runs via a LaunchAgent that we are looking to deploy.

I've successfully packaged up the app along with the plist for the agent, and ensure permissions are correct on everything.

The preinstall script is set to check if the service is running under either the current user (via a defined variable) or under root (which it shouldnt be so this is a safety check) and if either is found to unload the plist as the necessary user (sudo -u $CurrentUser launchctl unload or sudo launchctl unload).

The postinstall script is set to then reload the agent plist as the current user (sudo -u $CurrentUser launchctl load).

Similarly I have an uninstall script that is basically the same as the preinstall script but with the addition of a few rm lines to delete the installed payload.

Both the installer and the uninstaller work fine when run locally on the Mac. As soon as they are put into the Casper and run, the load/unload commands all seem to fail stating that the domain cant be found, despite the fact that the same command if executed as root via Terminal run fine. I've tested running just the separate scripts outside of the package via the JSS and Remote but the same thing happens, nothing works unless its run local.

Any help would be appreciated.

1 ACCEPTED SOLUTION

mm2270
Legendary Contributor III

What OS are we talking about here? Generally speaking, starting with about 10.9, but more with 10.10 and certainly under 10.11, the sudo -u $CurentUser type syntax doesn't work so well anymore. You should look at using /bin/launchctl asuser (10.10 & 10.11) or /bin/launchctl bsexec with 10.9 and earlier.

See this thread for more info. Be sure to read through it and especially pay attention to @Josh.Smith's post toward the end, as he has the answer to this for 10.11.

View solution in original post

12 REPLIES 12

mm2270
Legendary Contributor III

What OS are we talking about here? Generally speaking, starting with about 10.9, but more with 10.10 and certainly under 10.11, the sudo -u $CurentUser type syntax doesn't work so well anymore. You should look at using /bin/launchctl asuser (10.10 & 10.11) or /bin/launchctl bsexec with 10.9 and earlier.

See this thread for more info. Be sure to read through it and especially pay attention to @Josh.Smith's post toward the end, as he has the answer to this for 10.11.

jmb03012
New Contributor III

@mm2270 I actually wasnt aware of the shift towards asuser as preferred with 10.10+, let me do some testing with that as well as reading through that thread and I will get back with an update!

mm2270
Legendary Contributor III

Yeah. Truthfully, I didn't know about it either. As of 10.10, either bsexec or asuser could be used. The man page on 10.9 for launchctl doesn't list asuser as an option, so it only appeared as of 10.10. But with 10.11, its now the only reliable way to get it to work. Give it a try. I think it should work for you.

jmb03012
New Contributor III

@mm2270 still fails with the same error on the postinstall when it attempts to load the launchagent plist, "Could not find domain for".

Here is the postinstall script, maybe I still have some syntax wrong?

#!/bin/sh
## postinstall

###Variables###
LoggedInUser=$(/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }')
LoggedInUID=$(id -u $loggedInUser)

###Paths###
BNotifierLaunchAgent=/Library/LaunchAgents/com.bloomberg.BNotifier.plist

###Functions###
#This section intentionally left blank

###Script Contents - Do Not Modify Below This Line###

/bin/launchctl asuser "$LoggedInUID" /usr/bin/sudo -iu "$LoggedInUser" /bin/launchctl load "$BNotifierLaunchAgent" || echo "Error Loading "$BNotifierLaunchAgent""

mpermann
Valued Contributor II

@jmb03012 your line

LoggedInUID=$(id -u $loggedInUser)

probably should have a capital L in loggedInUser.

mm2270
Legendary Contributor III

Ok, I see a few things that are likely causing the problem. First, enclose the entire command from /bin/launchctl through the end $BNotifierLaunchAgent in double quotes. And within the command, you have to escape any double quotes so launchctl doesn't think its the end of the command. Here's how I would try rewriting it.

/bin/launchctl asuser "$LoggedInUID" /usr/bin/sudo -iu "$LoggedInUser" "/bin/launchctl load "$BNotifierLaunchAgent" || echo "Error Loading "$BNotifierLaunchAgent""

Try that and see.

And @mpermann is correct. I didn't catch it, but the $LoggedInUID variable likely isn't being used since the case is wrong on how it was set earlier in the script.

jmb03012
New Contributor III

@mm2270 oh geez, totally didn't see that on the first pass.

Just fixed the scripts in the package and tested again, sure enough it all works now!

Just shared all of this with my colleagues so they are aware.

I will re-write the pre and postinstall scripts now to include an OS check because we still have some 10.9 in the environment so the script will have to be able to handle both ways of loading and unloading the launchagent.

Thanks so much for the help.

mm2270
Legendary Contributor III

Great! Glad you got it working. And I'm in the same boat, since we still have some 10.9 and a dwindling number of 10.8 systems in our environment. I needed to do OS detection and place each 'launchctl' command into a separate function that gets called per the OS it sees when I've needed this.

jmb03012
New Contributor III

yeah thats what I did, I just used a case statement for 10.6 through 10.11 with 10.6-10.9 using the same function and 10.10-10.11 using the same, little tedious to set up but works like a charm.

jmb03012
New Contributor III

@mm2270

I looked through some past post and found a few examples of bsexec.

I have the syntax correct as far as I can tell but when I run the command I get:
sudo: unable to execute /bin/bash: Bad address
launchctl bsexec failed: No such file or directory

Have you encountered this before?

UPDATE:
So I do have the syntax correct, I've noticed that if I run the command several times it eventually works, usually on the second or third run so I think sytax is good, but I cant explain why it doesnt consistently work (when it does fail it gets the same error as above).

sdagley
Esteemed Contributor II

@jmb03012 Could you post the script you ended up with to have launchctl run a command as the logged in user? I need to kill a LaunchAgent in /Library/LaunchAgents and I've been beating my head against the wall trying to figure out a syntax that doesn't generate a posix_spawn(): 2: No such file or directory error.

dcousino
New Contributor

Old thread but I think new info for the error

posix_spawn(): 2: No such file or directory

Don't use asuser to load and unload but rather bootstrap and bootout with gui/UID_you_got by the same old methods from above.