I have a launch daemon that will need to spawn a tray icon in a users session on OSX. My current problem is: is there a way to get an event whenever a user logs in or logs out? Similar to using logind or consolekit on linux.
The tool you want is a LaunchAgent. LaunchAgents are automatically launched when a user logs in, and shut down when the log out. If you also have a LaunchDaemon, you can use a LaunchAgent to communicate to it from the user context. See Creating Launch Daemons and Agents for full details and how to set it up. Make sure to look at XPC services as well (in the same doc) to understand one way to communicate between processes. You can also use loopback networking, but XPC is more powerful and preferred when appropriate.
If you're building this kind of thing, you definitely want to read the entire Daemons and Services Programming Guide and also TN2083: Daemons and Agents. That tech note is probably the most important document you'll read for this kind of problem. OS X is not like Linux (or BSD) in this regard.
Related
I am curious about how Timing is able to know the amount of time you spend in a particular file. I understand that it needs Accessibility permission, but after that, how is it able to detect what's currently on the screen, plus accessing the path to a given file. I find intriguing, for example, that it knows that I am on Xcode, but how does it know I am working on a specific file, inside Xcode?
I don't work on Timing, so I can only make an educated guess on how their app was implemented.
Timing claims to keep track of three main data points: the apps you use, the websites you visit, and the documents you edit.
For applications, Timing probably listens to the NSWorkspaceDidLaunchApplicationNotification notification, which contains information on the application that was just launched. To check the currently open applications when Timing is launched, it probably checks the non-background processes from System Events, possibly like this:
osascript -e 'tell application "System Events" to get name of (processes where background only is false)'
(Source Get list of running Apps on Mac OS X in Bash?)
For history, Timing might use the HTML5 History API with Safari (I don't know what browsers Timing claims to support with this feature), or take an approach like Charles Proxy and monitor any incoming and outgoing packets and requests. The implementation may vary depending on if Timing requires admin privileges.
For documents, Timing might use the lsof command as Droppy suggested in their comment, or it might use one of the Apple interfaces. Pre-El Capitan, Apple listed recent documents in a plist file at the path ~/Library/Preferences/com.apple.recentitems.plist. In macOS versions newer than El Capitan, you can use the mdfind command and specify the kMDItemContentModificationDate value to find files modified between two dates:
mdfind -onlyin $HOME '((kMDItemContentModificationDate > $time.now(-60m)) && (kMDItemContentModificationDate < $time.now()))' | grep -v /Library/
(Source Alfred)
My custom Cocoa-based setup.app on Mac OSX that I made in Objective C needs to install a LaunchDaemon for doing elevated privilege tasks such as an antivirus program that needs to scan the entire hard drive and therefore needs root privileges. How can I make my setup application prompt the customer for their admin login and then install that LaunchDaemon into /Library/LaunchDaemons (and note I don't mean ~/Library/LaunchDaemons)?
The way I'm currently handling it is by using AppleScript with the admin privilege. It prompts for this login and then the AppleScript does the copying into this folder without the OS complaining. However, I assume that's not the proper technique -- that I should be doing this entirely in Objective C somehow?
Note that I can't use SMBlessJob in this case because it is for this reason that I'm creating the Launch Daemon in the first place.
BACKGROUND INFORMATION
I have a special need to create a custom setup.app -- just like the fact that Norton's AV application uses a custom setup.app. This is because the Apple PKG and DMG installers do not permit downloading of very large files (like virus definitions) from a server during install with some kind of friendly feedback. I mean, I can make a PKG file download a file from the server when running a Perl script or Bash script, but then the installer just hangs the progress bar for the amount of minutes it takes to download, not giving any other feedback to the user except that hung progress bar, and so the user thinks the installer is broke, when it's not. That's why I had to make my own custom setup.app, just like Norton did for their AV application.
Normally, SMJobBless would be the technique to do this. It's the one Apple recommends now as of 2016. Here's the readme.txt for Apple's sample project:
https://developer.apple.com/library/mac/samplecode/SMJobBless/Listings/ReadMe_txt.html
However, that's not the only way to do it. Another route would be to have your installer use AppleScript to prompt and run a Bash or Perl script with elevated privileges to install the LaunchDaemon, as well. (That's actually easier than SMJobBless.)
Basically, either technique installs a LaunchDaemon (e.g., "service") into a special folder, and that daemon can be set with elevated privileges, which can then run anything you want -- even command line commands. A super fantastic explanation of LaunchDaemons and LaunchAgents is here:
http://launchd.info/
Now, the problem is how to communicate with it from your application, once installed. They leave that up to you, and there are various techniques. However, they also leave it up to you to secure this so that it's not an attack vector.
A fantastic article on how to do IPC (Inter Process Communication between your application and this service) is here:
http://nshipster.com/inter-process-communication/
One IPC protocol on OSX is Distributed Objects, which is quite smooth from an architecture perspective -- you'll feel more like it's "coding" instead of "sending messages back and forth" like other IPC protocols. I've written a Stack Overflow post on this because the docs are shoddy and the existing examples on the Apple site and others are stale (won't compile on XCode7.1 with OSX 10.10+).
On communication protocol between your application and daemon/service, you can probably get away with key/value, XML, or JSON messages that are encrypted with AES256 with a long password and converted to Base64 encoding, and then use one of the various IPC mechanisms. However, that's another topic entirely.
I am looking for a way to monitor the state of one of my applications on OS X. There's a number of components that I need to monitor such as the status of various communication channels. If they go down, the monitoring process should be able to warn the user both on screen and via a push notification.
XPC services look promising, but if the app crashes, I presume this will take out the service as well, or am I mistaken?
My preferred solution is something which would also monitor for unexpected termination, and restart the app if it happens.
What is the best way to do this?
I think monitoring communication channels, etc. must be done by the each specific components (processes). And if the unexpected error occur that component should exit immediately to ensure proper cleanup.
For processe monitoring, below Apple Technical Q&A document will be really helpful:
Technical Note TN2050: Observing Process Lifetimes Without Polling
You could write an app which starts your main application as a child process, and waits for it to exit. It could check the exit code, and then react according to your needs.
This approach is explained here: https://stackoverflow.com/a/78095/785411
To fork() some monitoring process to run your main application as a child process, this is explained here: https://stackoverflow.com/a/4327062/785411
I think you could possibly make use of the built in facilities Launchd and CrashReporter to achieve your requirements.
Launchd is the OS X system supervisor intended for launching and monitoring background processes, and would be typically used to run XPC services. Launchd agents can react to various system events, and can be configured to restart processes in the event of them crashing ( specified via the KeepAlive/SuccessfulExit key in the property list)
Launchd can be set to react to various system events as launch event, including monitoring files and directories, scheduled times, or listening to network connections.
CrashReporter is the OS X system facility that catches and logs all process crashes. It logs through the AppleSystemLogger facility and can be accessed with the syslog tools as documented in the linked TechNote. On Mountain Lion, user process crash reports end up in ~/Library/DiagnosticReports/ , with a crashlog and plist file pair created per crash event.
I think you could use these features in a couple of ways to achieve your requirement, if launchd is responsible for running the xpc services, it can take reponsibility for restarting them on crash events, and they can be dissociated from any app crashes.
You could write a launchd agent that responds to for crash events by montioring the crash report directory (e.g. using the QueueDirectories property) for new logs and re-launches your applicaton, or presents notifications.
If each process runs in its own thread you could run a watchdog program that monitors whether the threads are alive. A script that runs ps in a loop and parses the output could do it.
You can see the various options here. See for example -C to select by command name, and -m to show all threads.
I'm trying to write automated test, to ensure that the installer for my program works okay.
The program can be installed for all users (requires admin privs), or for current user (does not require admin privs). The program can also autoupdate itself, which in some cases requires admin privileges, and in some cases doesn't.
I'm looking for a way where I can have an automated test click "Yes, Allow" on the UAC dialogs, so I can write tests for all different scenarios, on many different operating systems, so that I can be confident when I make changes to the installer that I didn't break anything.
Obviously, the installer process itself cannot do this. However, I control the complete machine, and could easily start some sort of daemon process with administrative rights, that the testprogram could make a socket connection to, to request it to "please click ok on the UAC now".
I actually figured out how to do this while looking to answer a similar question about UAC. Here is what you can do:
Write a service that runs as SYSTEM.
Open the process token of the winlogon.exe instance running in your logon session.
Use that token to launch a helper process on the Winlogon desktop via CreateProcessAsUser.
At this point, you have a helper process running as SYSTEM in your logon session on the Winlogon (secure) desktop. From here you can use some kind of IPC mechanism to communicate from your automated test program to the helper process. In the helper process you can EnumDesktopWindows to find the UAC prompt. This is as far as I took it; I didn't actually try to simulate clicking Yes or No, but I don't see any reason why it wouldn't work. Also, I only tested on Windows 7 32-bit; I believe the UAC architecture is identical to Vista, but I didn't test on it.
It took me a while to figure all this out; I can provide some code if you want.
EDIT: Just as a follow up I added code to use FindWindow() to find the "Yes" button and I was able to successfully send it a BM_CLICK message; the UAC prompt went away and the application was allowed to run.
An alternative solution might be to turn UAC off
The least bad solution I've found so far is to run the tests in a VMWare session, and control the mouse/keyboard trough the vmware sdk. Would love to hear about other solutions
Remote Desktop to it or run it as a guest VM (using Virtual PC or whatever, just don't boot to it.) This is also the best way to take a screenshot or video of the UAC prompt.
I want to pop a browser with a given url from within a windows service. Like so:
System.Diagnostics.Process.Start("http://www.venganza.org/");
Works fine when running in a console but not from within the service. No error messages, no exceptions, the Process.Start() command just seem to do nothing. It smells of some security issue, maybe something with the service properties and/or logon options? Annoying stuff this... Anybody? (Oh, and on windows 7/.NET framework 3.5.)
A service should never pop up anything to the user. Don't do this with a service.
You will problably need elevated rights to do this aswell. You will have to sign in as the user.
Even if you manage to do this, don't. This is not what services is ment for and it is really bad practise. If you really want someting to pop up, have a seperate process instead.
It is popping up, but on the Window Station associated with the service.
I would suggest that you tweak your design such that your service doesn't need to interact in this manner. There are ways to get it to appear on an interactive desktop (you'd have to cope with issues such as impersonating the relevant user, targeting the correct desktop if nobody is logged on or if more than one person is logged on, etc.)
Just on a side note Windows services aren't built for interactivity. They are used to process behind-the-scenes type stuff. However, have you tried enabling the Interact with Desktop option on the service itself?