From: SourceForge.net <no...@so...> - 2008-06-27 22:38:29
|
Feature Requests item #1618362, was opened at 2006-12-18 21:15 Message generated for change (Comment added) made by etiennes You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=361118&aid=1618362&group_id=11118 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Other platform integration Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: Use launchd instead of a StartupItem on OSX Initial Comment: StartupItems are deprecated as the launch method for daemons on OSX versions 10.4 and above, and don't integrate into the system's standard method of managing daemons using launchd and the launchctl(1) & service(8) commands. The installer package should contain a /Library/LaunchDaemons/org.privoxy.ijbswa.plist file, and the /Library/StartupItems/Privoxy directory should be removed. Failing this, at least use the more manageable and not entirely deprecated xinetd instead of a StartupItem ---------------------------------------------------------------------- Comment By: Etienne Samson (etiennes) Date: 2008-06-28 00:38 Message: Logged In: YES user_id=735276 Originator: NO Please apply at least the first patch and the Socket dictionary in the .plist file to allow launching privoxy on demand. Also, where are those Apple guidelines, I can't find them using Google. I'll update the patch once I know all this stuff ;-) ---------------------------------------------------------------------- Comment By: mark miller (markm68k) Date: 2008-06-27 23:00 Message: Logged In: YES user_id=1998998 Originator: NO hmm, i think i now understand what you are trying to do. my solution attempts to be friendly to both Mac OS X 10.4 (Tiger) and Mac OS X 10.5 (Leopard). unfortunately, the way that apple has changed the way service accounts are created in Leopard (with the leading underscore), it challenges the ability to have one script for both versions of the operating system. i will leave this feature request open until a working solution has been implemented. ---------------------------------------------------------------------- Comment By: mark miller (markm68k) Date: 2008-06-27 22:39 Message: Logged In: YES user_id=1998998 Originator: NO your script first creates the "privoxy" user, then creates the "_privoxy" RecordName. this (reverse) approach does not follow apple's recommendation, which is to create the "_privoxy" user, then create the "privoxy" RecordName. by creating the "_privoxy" user and then the "privoxy" RecordName, mac os x appropriately hides the user account from the Account System Preferences. as an example, apple has created: _clamav, _lp, _mysql, _postfix, _www, etc. based on some investigation, the warning message that is being display is spurious and somewhat common. ---------------------------------------------------------------------- Comment By: Etienne Samson (etiennes) Date: 2008-06-27 20:26 Message: Logged In: YES user_id=735276 Originator: NO Second part of the patch is because I got launchd complaining (org.ijbswa.privoxy[51734]): Suspicious setup: User "privoxy" maps to user: _privoxy. I just looked at how apple does its stuff, and it actually add 2 RecordName entries, so I updated privoxy-create-dscl.sh and reverted my changes where appropriate. Updated patch : Index: privoxy-create-dscl.sh =================================================================== RCS file: /cvsroot/ijbswa/macsetup/privoxy-create-dscl.sh,v retrieving revision 1.2 diff -r1.2 privoxy-create-dscl.sh 22,26c22,27 < /usr/bin/dscl /Local/Default -create /Groups/_privoxy < /usr/bin/dscl /Local/Default -append /Groups/_privoxy RecordName privoxy < /usr/bin/dscl /Local/Default -create /Groups/_privoxy Password * < /usr/bin/dscl /Local/Default -create /Groups/_privoxy PrimaryGroupID ${gid} < /usr/bin/dscl /Local/Default -create /Groups/_privoxy RealName "privoxy users" --- > /usr/bin/dscl /Local/Default -create /Groups/privoxy > /usr/bin/dscl /Local/Default -append /Groups/privoxy RecordName _privoxy > /usr/bin/dscl /Local/Default -append /Groups/privoxy RecordName privoxy > /usr/bin/dscl /Local/Default -create /Groups/privoxy Password '*' > /usr/bin/dscl /Local/Default -create /Groups/privoxy PrimaryGroupID ${gid} > /usr/bin/dscl /Local/Default -create /Groups/privoxy RealName "privoxy users" 39,46c40,48 < /usr/bin/dscl /Local/Default -create /Users/_privoxy < /usr/bin/dscl /Local/Default -append /Users/_privoxy RecordName privoxy < /usr/bin/dscl /Local/Default -create /Users/_privoxy NFSHomeDirectory /var/empty < /usr/bin/dscl /Local/Default -create /Users/_privoxy Password * < /usr/bin/dscl /Local/Default -create /Users/_privoxy PrimaryGroupID ${gid} < /usr/bin/dscl /Local/Default -create /Users/_privoxy RealName "privoxy server" < /usr/bin/dscl /Local/Default -create /Users/_privoxy UniqueID ${uid} < /usr/bin/dscl /Local/Default -create /Users/_privoxy UserShell /usr/bin/false --- > /usr/bin/dscl /Local/Default -create /Users/privoxy > /usr/bin/dscl /Local/Default -append /Users/privoxy RecordName _privoxy > /usr/bin/dscl /Local/Default -append /Users/privoxy RecordName privoxy > /usr/bin/dscl /Local/Default -create /Users/privoxy NFSHomeDirectory /var/empty > /usr/bin/dscl /Local/Default -create /Users/privoxy Password '*' > /usr/bin/dscl /Local/Default -create /Users/privoxy PrimaryGroupID ${gid} > /usr/bin/dscl /Local/Default -create /Users/privoxy RealName "privoxy server" > /usr/bin/dscl /Local/Default -create /Users/privoxy UniqueID ${uid} > /usr/bin/dscl /Local/Default -create /Users/privoxy UserShell /usr/bin/false Index: LaunchDaemon/org.ijbswa.privoxy.plist =================================================================== RCS file: /cvsroot/ijbswa/macsetup/LaunchDaemon/org.ijbswa.privoxy.plist,v retrieving revision 1.1 diff -r1.1 org.ijbswa.privoxy.plist 4a5,6 > <key>GroupName</key> > <string>privoxy</string> 6a9,10 > <key>Program</key> > <string>/usr/local/sbin/privoxy</string> 9c13 < <string>/usr/local/sbin/privoxy</string> --- > <string>privoxy</string> 13,18c17,30 < <key>UserName</key> < <string>privoxy</string> < <key>GroupName</key> < <string>privoxy</string> < <key>StandardOutPath</key> < <string>/var/log/privoxy/logfile.log</string> --- > <key>Sockets</key> > <dict> > <key>localSocket</key> > <dict> > <key>SockNodeName</key> > <string>127.0.0.1</string> > <key>SockPassive</key> > <true/> > <key>SockServiceName</key> > <string>8118</string> > <key>SockType</key> > <string>stream</string> > </dict> > </dict> 21,22c33,36 < <key>RunAtLoad</key> < <true/> --- > <key>StandardOutPath</key> > <string>/var/log/privoxy/logfile.log</string> > <key>UserName</key> > <string>privoxy</string> ---------------------------------------------------------------------- Comment By: mark miller (markm68k) Date: 2008-06-27 19:55 Message: Logged In: YES user_id=1998998 Originator: NO > Here are two patches. > The first to privoxy itself to make it work in non-at-load mode, by > getting the opened-by-launchd file descriptor instead of reopening a > connection. We do this using the launch.h API on OS X, and we look for a > key named "localSocket" in the plist "Socket" dictionary. thanks. this patch will certainly need to be reviewed before being accepted. > The second is intended to fix some macsetup quirks (launchd complained > about an user named privoxy under a _privoxy entry), and to update the > .plist file (with the now required localSocket key). i have some questions about the second set of patches, noted below. > Hope this helps ! thanks again for your contributions. ------------ Second patch ---------------- Index: install.sh =================================================================== RCS file: /cvsroot/ijbswa/macsetup/install.sh,v retrieving revision 1.5 diff -r1.5 install.sh 158c158 < /usr/bin/find /usr/local/etc/privoxy -depth 1 -type f -print0 | /usr/bin/xargs -0 /usr/sbin/chown privoxy:privoxy --- > /usr/bin/find /usr/local/etc/privoxy -depth 1 -type f -print0 | /usr/bin/xargs -0 /usr/sbin/chown _privoxy:_privoxy 177c177 < /usr/sbin/chown privoxy:privoxy ${logdir}/* --- > /usr/sbin/chown _privoxy:_privoxy ${logdir}/* why are you changing "privoxy" to "_privoxy"? it works either way since they are aliases. Index: privoxy-create-dscl.sh =================================================================== RCS file: /cvsroot/ijbswa/macsetup/privoxy-create-dscl.sh,v retrieving revision 1.2 diff -r1.2 privoxy-create-dscl.sh 23,24c23,24 < /usr/bin/dscl /Local/Default -append /Groups/_privoxy RecordName privoxy < /usr/bin/dscl /Local/Default -create /Groups/_privoxy Password * --- > /usr/bin/dscl /Local/Default -append /Groups/_privoxy RecordName _privoxy > /usr/bin/dscl /Local/Default -create /Groups/_privoxy Password '*' in the first change you are aliasing "_privoxy" back to itself? that seems wrong. the intent of this script is to create a "_privoxy" service group, and then create a "privoxy" RecordName (alias) which follows apple's standard mechanism of creating service groups and users. the changes you are suggesting would not create the "privoxy" group. 40c40 < /usr/bin/dscl /Local/Default -append /Users/_privoxy RecordName privoxy --- > /usr/bin/dscl /Local/Default -append /Users/_privoxy RecordName _privoxy 42c42 < /usr/bin/dscl /Local/Default -create /Users/_privoxy Password * --- > /usr/bin/dscl /Local/Default -create /Users/_privoxy Password '*' my comments above apply to creating a "_privoxy" service user, too. Index: LaunchDaemon/org.ijbswa.privoxy.plist =================================================================== RCS file: /cvsroot/ijbswa/macsetup/LaunchDaemon/org.ijbswa.privoxy.plist,v retrieving revision 1.1 diff -r1.1 org.ijbswa.privoxy.plist 6a7,8 > <key>Program</key> > <string>/usr/local/sbin/privoxy</string> 9c11 < <string>/usr/local/sbin/privoxy</string> --- > <string>privoxy</string> 14c16 < <string>privoxy</string> --- > <string>_privoxy</string> 16c18 < <string>privoxy</string> --- > <string>_privoxy</string> the above changes to the "privoxy" user are not necessary, as explained above. 21,22c23,36 < <key>RunAtLoad</key> < <true/> --- > <key>Sockets</key> > <dict> > <key>localSocket</key> > <dict> > <key>SockNodeName</key> > <string>127.0.0.1</string> > <key>SockPassive</key> > <true/> > <key>SockServiceName</key> > <string>8118</string> > <key>SockType</key> > <string>stream</string> > </dict> > </dict> this will require further discussion regarding what options to include in the plist file, pending approval of the first patch. ---------------------------------------------------------------------- Comment By: Etienne Samson (etiennes) Date: 2008-06-27 18:10 Message: Logged In: YES user_id=735276 Originator: NO Here are two patches. The first to privoxy itself to make it work in non-at-load mode, by getting the opened-by-launchd file descriptor instead of reopening a connection. We do this using the launch.h API on OS X, and we look for a key named "localSocket" in the plist "Socket" dictionary. The second is intended to fix some macsetup quirks (launchd complained about an user named privoxy under a _privoxy entry), and to update the .plist file (with the now required localSocket key). Hope this helps ! ---------- First patch --------- Index: jbsockets.c =================================================================== RCS file: /cvsroot/ijbswa/current/jbsockets.c,v retrieving revision 1.47 diff -r1.47 jbsockets.c 305a308,312 > > #ifdef __APPLE__ > #include <launch.h> > #endif > 628,641c635,646 < struct sockaddr_in inaddr; < jb_socket fd; < #ifndef _WIN32 < int one = 1; < #endif /* ndef _WIN32 */ < < *pfd = JB_INVALID_SOCKET; < < memset((char *)&inaddr, '\0', sizeof inaddr); < < inaddr.sin_family = AF_INET; < inaddr.sin_addr.s_addr = resolve_hostname_to_ip(hostnam); < < if (inaddr.sin_addr.s_addr == INADDR_NONE) --- > *pfd = JB_INVALID_SOCKET; > #ifdef __APPLE__ > launch_data_t sockets_dict, checkin_response; > launch_data_t checkin_request; > launch_data_t listening_fd_array; > > /* If we're on Apple, check if we are running under launchd, and get > * the socket it has opened for us from the job info. If we aren't > * running under launchd, or the user didn't specify a default, > * fallthrough. > */ > if ((checkin_request = launch_data_new_string(LAUNCH_KEY_CHECKIN)) == NULL) 643c648 < return(-2); --- > log_error(LOG_LEVEL_FATAL, "launchd check-in: unable to create launchd string."); 645,648c650,651 < < #ifndef _WIN32 < if (sizeof(inaddr.sin_port) == sizeof(short)) < #endif /* ndef _WIN32 */ --- > > if ((checkin_response = launch_msg(checkin_request)) == NULL) 650c653 < inaddr.sin_port = htons((unsigned short) portnum); --- > log_error(LOG_LEVEL_FATAL, "launchd check-in: failed with error %d", errno); 652,653c655,656 < #ifndef _WIN32 < else --- > > if (LAUNCH_DATA_ERRNO != launch_data_get_type(checkin_response)) 655c658,700 < inaddr.sin_port = htonl((unsigned long) portnum); --- > launch_data_t the_label = launch_data_dict_lookup(checkin_response, LAUNCH_JOBKEY_LABEL); > if (NULL == the_label) > { > log_error(LOG_LEVEL_FATAL, "launchd check-in: successful: but no job label found"); > } > log_error(LOG_LEVEL_INFO, "launchd check-in: success: Running under job label: %s", launch_data_get_string(the_label)); > > /* > * Retrieve the dictionary of Socket entries from job's plist file > */ > sockets_dict = launch_data_dict_lookup(checkin_response, LAUNCH_JOBKEY_SOCKETS); > if (NULL != sockets_dict) { > if (launch_data_dict_get_count(sockets_dict) > 1) > { > log_error(LOG_LEVEL_INFO, "launchd check-in: too many sockets in job, using first"); > } > > /* > * Get the dictionary value from the key "localSocket", defined arbitrarly. > * It should match the top-level key used in the Socket section of > * the job's .plist file. > */ > listening_fd_array = launch_data_dict_lookup(sockets_dict, "localSocket"); > if (NULL == listening_fd_array) > { > log_error(LOG_LEVEL_ERROR, "launchd check-in: no localSocket socket found."); > } > else > { > int i; > for (i = 0; i < launch_data_array_get_count(listening_fd_array); i++) > { > log_error(LOG_LEVEL_INFO, "launchd check-in: found a socket, using this."); > *pfd = (jb_socket)launch_data_array_get_index(listening_fd_array, i); > return 0; > } > } > } > else > { > log_error(LOG_LEVEL_INFO, "launchd check-in: no defined socket in job, use default"); > goto fallthrough; > } 657,665c702 < #endif /* ndef _WIN32 */ < < fd = socket(AF_INET, SOCK_STREAM, 0); < < #ifdef _WIN32 < if (fd == JB_INVALID_SOCKET) < #else < if (fd < 0) < #endif --- > else 667,669c704,710 < return(-1); < } < --- > log_error(LOG_LEVEL_INFO, "launchd check-in: failed: %d.", errno); > log_error(LOG_LEVEL_INFO, "We might not be running under launchd."); > > fallthrough: ;// Sorry about this one, but I can't compile without. > #endif /* __APPLE__ */ > struct sockaddr_in inaddr; > jb_socket fd; 671,683c712 < /* < * This is not needed for Win32 - in fact, it stops < * duplicate instances of Privoxy from being caught. < * < * On UNIX, we assume the user is sensible enough not < * to start Privoxy multiple times on the same IP. < * Without this, stopping and restarting Privoxy < * from a script fails. < * Note: SO_REUSEADDR is meant to only take over < * sockets which are *not* in listen state in Linux, < * e.g. sockets in TIME_WAIT. YMMV. < */ < setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (char *)&one, sizeof(one)); --- > int one = 1; 685,693c714,720 < < if (bind(fd, (struct sockaddr *)&inaddr, sizeof(inaddr)) < 0) < { < #ifdef _WIN32 < errno = WSAGetLastError(); < if (errno == WSAEADDRINUSE) < #else < if (errno == EADDRINUSE) < #endif --- > > memset((char *)&inaddr, '\0', sizeof inaddr); > > inaddr.sin_family = AF_INET; > inaddr.sin_addr.s_addr = resolve_hostname_to_ip(hostnam); > > if (inaddr.sin_addr.s_addr == INADDR_NONE) 695,696c722 < close_socket(fd); < return(-3); --- > return(-2); 697a724,731 > > #ifndef _WIN32 > if (sizeof(inaddr.sin_port) == sizeof(short)) > #endif /* ndef _WIN32 */ > { > inaddr.sin_port = htons((unsigned short) portnum); > } > #ifndef _WIN32 700,701c734 < close_socket(fd); < return(-1); --- > inaddr.sin_port = htonl((unsigned long) portnum); 703,707c736,765 < } < < while (listen(fd, MAX_LISTEN_BACKLOG) == -1) < { < if (errno != EINTR) --- > #endif /* ndef _WIN32 */ > > fd = socket(AF_INET, SOCK_STREAM, 0); > > #ifdef _WIN32 > if (fd == JB_INVALID_SOCKET) > #else > if (fd < 0) > #endif > { > return(-1); > } > > #ifndef _WIN32 > /* > * This is not needed for Win32 - in fact, it stops > * duplicate instances of Privoxy from being caught. > * > * On UNIX, we assume the user is sensible enough not > * to start Privoxy multiple times on the same IP. > * Without this, stopping and restarting Privoxy > * from a script fails. > * Note: SO_REUSEADDR is meant to only take over > * sockets which are *not* in listen state in Linux, > * e.g. sockets in TIME_WAIT. YMMV. > */ > setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (char *)&one, sizeof(one)); > #endif /* ndef _WIN32 */ > > if (bind(fd, (struct sockaddr *)&inaddr, sizeof(inaddr)) < 0) 709c767,789 < return(-1); --- > #ifdef _WIN32 > errno = WSAGetLastError(); > if (errno == WSAEADDRINUSE) > #else > if (errno == EADDRINUSE) > #endif > { > close_socket(fd); > return(-3); > } > else > { > close_socket(fd); > return(-1); > } > } > > while (listen(fd, MAX_LISTEN_BACKLOG) == -1) > { > if (errno != EINTR) > { > return(-1); > } 710a791,792 > > *pfd = fd; 712,713d793 < < *pfd = fd; ------------ Second patch ---------------- Index: install.sh =================================================================== RCS file: /cvsroot/ijbswa/macsetup/install.sh,v retrieving revision 1.5 diff -r1.5 install.sh 158c158 < /usr/bin/find /usr/local/etc/privoxy -depth 1 -type f -print0 | /usr/bin/xargs -0 /usr/sbin/chown privoxy:privoxy --- > /usr/bin/find /usr/local/etc/privoxy -depth 1 -type f -print0 | /usr/bin/xargs -0 /usr/sbin/chown _privoxy:_privoxy 177c177 < /usr/sbin/chown privoxy:privoxy ${logdir}/* --- > /usr/sbin/chown _privoxy:_privoxy ${logdir}/* Index: privoxy-create-dscl.sh =================================================================== RCS file: /cvsroot/ijbswa/macsetup/privoxy-create-dscl.sh,v retrieving revision 1.2 diff -r1.2 privoxy-create-dscl.sh 23,24c23,24 < /usr/bin/dscl /Local/Default -append /Groups/_privoxy RecordName privoxy < /usr/bin/dscl /Local/Default -create /Groups/_privoxy Password * --- > /usr/bin/dscl /Local/Default -append /Groups/_privoxy RecordName _privoxy > /usr/bin/dscl /Local/Default -create /Groups/_privoxy Password '*' 40c40 < /usr/bin/dscl /Local/Default -append /Users/_privoxy RecordName privoxy --- > /usr/bin/dscl /Local/Default -append /Users/_privoxy RecordName _privoxy 42c42 < /usr/bin/dscl /Local/Default -create /Users/_privoxy Password * --- > /usr/bin/dscl /Local/Default -create /Users/_privoxy Password '*' Index: LaunchDaemon/org.ijbswa.privoxy.plist =================================================================== RCS file: /cvsroot/ijbswa/macsetup/LaunchDaemon/org.ijbswa.privoxy.plist,v retrieving revision 1.1 diff -r1.1 org.ijbswa.privoxy.plist 6a7,8 > <key>Program</key> > <string>/usr/local/sbin/privoxy</string> 9c11 < <string>/usr/local/sbin/privoxy</string> --- > <string>privoxy</string> 14c16 < <string>privoxy</string> --- > <string>_privoxy</string> 16c18 < <string>privoxy</string> --- > <string>_privoxy</string> 21,22c23,36 < <key>RunAtLoad</key> < <true/> --- > <key>Sockets</key> > <dict> > <key>localSocket</key> > <dict> > <key>SockNodeName</key> > <string>127.0.0.1</string> > <key>SockPassive</key> > <true/> > <key>SockServiceName</key> > <string>8118</string> > <key>SockType</key> > <string>stream</string> > </dict> > </dict> ---------------------------------------------------------------------- Comment By: mark miller (markm68k) Date: 2008-06-27 17:13 Message: Logged In: YES user_id=1998998 Originator: NO since the original post, there is a new and improved StartupItem and LaunchDaemon in the "macsetup" in cvs. it requires a privoxy user and group to be created on your mac. please try it out and let us know if it works for you. ---------------------------------------------------------------------- Comment By: Etienne Samson (etiennes) Date: 2008-06-27 11:50 Message: Logged In: YES user_id=735276 Originator: NO I'll try taking a look at it. I have a working on-demand config file, but it requires some source-tweaking to privoxy, because the launchd.plist(5) man states that "The job must check-in to get a copy of the file descriptors using APIs outlined in launch(3).". More info on this later (if you could comment on where I should look to make those changes, it will make my task easier ;-)). ---------------------------------------------------------------------- Comment By: guardian34 (guardian34) Date: 2007-12-13 00:06 Message: Logged In: YES user_id=1056433 Originator: NO > I'm sure how well those .commands would work if I meant to say "I'm not sure ..." > In any event, launchd is not the hold-up - getting a 10.5-friendly installer is. I was looking to that, but I was unsure about how to check for or make a privoxy user. (Unsure on 10.5, let alone 10.4 or whatever else is supported.) ---------------------------------------------------------------------- Comment By: guardian34 (guardian34) Date: 2007-12-12 23:58 Message: Logged In: YES user_id=1056433 Originator: NO > It seems like the "--no-daemon" flag is a requirement. Agreed. > <string>--pidfile /var/run/privoxy.pid</string> This gave me usage errors. After separating the arguments, I had permission error on the /var location, so I wrote the file to Privoxy's log folder instead. This seems to work on Mac OS X 10.5.1... /Library/LaunchDaemons/org.privoxy.ijbswa.plist ~~ <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>org.privoxy.ijbswa</string> <key>OnDemand</key> <true/> <key>ProgramArguments</key> <array> <string>/Library/Privoxy/privoxy</string> <string>--no-daemon</string> <string>--pidfile</string> <string>/Library/Privoxy/Logs/privoxy.pid</string> <string>config</string> </array> <key>RunAtLoad</key> <false/> <key>UserName</key> <string>_privoxy</string> <key>WorkingDirectory</key> <string>/Library/Privoxy</string> </dict> </plist> ~~ Start Privoxy.command ~~ #!/bin/sh PID=`ps -axc | grep 'privoxy$' | grep -v grep | awk '{ print $1 }'` if [[ $PID != '' ]]; then echo "Privoxy is already running. ($PID)" exit 0 fi RUNATLOAD=`defaults read /Library/LaunchDaemons/org.privoxy.ijbswa RunAtLoad` if [[ $RUNATLOAD = '1' ]]; then sudo launchctl load /Library/LaunchDaemons/org.privoxy.ijbswa.plist else sudo launchctl start org.privoxy.ijbswa fi echo 'Privoxy started.' ~~ Stop Privoxy.command ~~ #!/bin/sh PID=`ps -axc | grep 'privoxy$' | grep -v grep | awk '{ print $1 }'` if [[ $PID = '' ]]; then echo 'Privoxy was not running.' exit 0 fi RUNATLOAD=`defaults read /Library/LaunchDaemons/org.privoxy.ijbswa RunAtLoad` if [[ $RUNATLOAD = '1' ]]; then sudo launchctl unload /Library/LaunchDaemons/org.privoxy.ijbswa.plist else sudo launchctl stop org.privoxy.ijbswa fi echo 'Privoxy was stopped.' ~~ I'm sure how well those .commands would work if "OnDemand" was set to false... ---------------------------------------------------------------------- Comment By: John Daniel (etresoft) Date: 2007-12-12 13:39 Message: Logged In: YES user_id=382372 Originator: NO OK. Yet another new 10.5 feature to learn. The Apple docs continue to say: "You should use the new property unless you need to support Mac OS X 10.4.x". I would like to enable launchd under Tiger as well, but it isn't a requirement. I'm still working on getting a new installer built that supports 10.4 and 10.5. The changes between 10.4 and 10.5 are larger than those between 10.3 and 10.4, so the installer package needs a bit of work. Here is what I have for a launchd config file: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>org.ijbswa.privoxy</string> <key>ProgramArguments</key> <array> <string>/Library/Privoxy/privoxy</string> <string>--no-daemon</string> <string>--pidfile /var/run/privoxy.pid</string> <string>config</string> </array> <key>WorkingDirectory</key> <string>/Library/Privoxy</string> <key>UserName</key> <string>privoxy</string> <key>RunAtLoad</key> <true/> </dict> </plist> I don't know if it works or not. It seems like the "--no-daemon" flag is a requirement. Apples says "Keep in mind that, regardless of how it interacts with launchd, a launchd daemon must not daemonize itself; doing so would undermine launchd's ability to monitor the daemon." In any event, launchd is not the hold-up - getting a 10.5-friendly installer is. But when all is ready, I would really like it if Privoxy could "play nice" and only run when the user needs it. I would also like to have a Preference Pane to control it and a real uninstaller, but those last two are "nice-to-have"s. ---------------------------------------------------------------------- Comment By: Nobody/Anonymous (nobody) Date: 2007-12-12 05:15 Message: Logged In: NO I believe "OnDemand" is actually related to "KeepAlive". > OnDemand <boolean> > This key was used in Mac OS X 10.4 to control whether a job was kept > alive or not. The default was true. This key has been deprecated and > replaced in Mac OS X 10.5 with the more powerful KeepAlive option. I haven't tried it, but I think you could remove (or set to false) the "RunAtLoad" key and then use `launchctl` to start and stop it: sudo launchctl start org.privoxy.ijbswa sudo launchctl stop org.privoxy.ijbswa I'm still trying to figure out all this stuff myself, so let me know how that works for you. ---------------------------------------------------------------------- Comment By: John Daniel (etresoft) Date: 2007-12-12 04:10 Message: Logged In: YES user_id=382372 Originator: NO guardian34, Thanks for the file! If you could figure out how to run Privoxy using "OnDemand" instead of "RunAtLoad", I would be eternally grateful! ---------------------------------------------------------------------- Comment By: guardian34 (guardian34) Date: 2007-12-11 08:04 Message: Logged In: YES user_id=1056433 Originator: NO /Library/LaunchDaemons/org.privoxy.ijbswa.plist <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>KeepAlive</key> <true/> <key>Label</key> <string>org.privoxy.ijbswa</string> <key>ProgramArguments</key> <array> <string>/Library/Privoxy/sbin/privoxy</string> <string>/Library/Privoxy/etc/config</string> </array> <key>RunAtLoad</key> <true/> <key>UserName</key> <string>_privoxy</string> <key>WorkingDirectory</key> <string>/Library/Privoxy</string> </dict> </plist> ---------------------------------------------------------------------- Comment By: John Daniel (etresoft) Date: 2007-10-14 00:29 Message: Logged In: YES user_id=382372 Originator: NO Using launchd is quite a bit more complicated than this. I've tried twice now to get Privoxy running with launchd and failed both times. I supposed if I tried a third time, modified the default config file, ran as root, and used RunAtStart (thereby negating any advantage of launchd over StartupItems), I might be able to get it to run. But that wouldn't be any better than using StartupItem. I'm tired of messing with it for now and I shan't spend any more time on it. If anyone else wants to submit a working launchd config file, I'll be more than happy to integrate it. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=361118&aid=1618362&group_id=11118 |