orangekay wrote:
ijeffsc wrote:
Thanks,
Yes I've been reading about launchd. The swiss army knife of starty upy things. Very cool but...
I think you need to do more reading as it does a lot more than just schedule processes to run at startup.
<snip>
Again, I don't think you've paid more than a cursory glance to launchd's feature set, but assuming that I'm wrong: what language would you propose that launchd use to specify job options instead, and how would parsing this language be less complex (and less expensive) than XML? Better yet, how would you propose that jobs requiring elevated permissions be policed for unsafe behavior if the job specification itself contains executable code?
Well that's a decent question that deserves a more thoughtful response.
Launchd
is pretty interesting and for a toolset like Launch* I'd be hard pressed suggest a better alternative. That's the answer to Q1. I concede.
However, my badly articulated concern, uttered within my grumble, is that the priorities are kind of screwed up. So we have lost the ability to have simple visibility to one of the most basic and fundamental tools required in enterprise administration. The lowly scheduled job has been obscured somewhere in 80 odd .plist files sprinkled about the system.
The specific question you raise is security related. IMHO security models that work best tend to be very simple. So the traditional Unix solution (without ACL's) is you are very careful about what you choose to run as root. So that's my simple answer to Q2 it's not that important.
Said yet another way. If you did a pareto analysis (or hierarchy of needs) study on all the things that launchd can do, or needs to do, in any serious environment simple management of scheduled jobs would be high on the list. Much higher than the security question you pose. Yet this more important need is not fulfilled and worse the traditional tool has been deprecated.
Ok one more reflection on your last paragraph. You mentioned "expensive". Out of curiosity I start up accounting on most systems that I can on (he said suppressing a Windoze diatribe). You might be surprised to know that on my system LaunchCFMA was the #1 CPU user followed by Safari, Mail, Skype, and WindowServ. On my FreeBSD box (server only) it was Perl, bzip2 procmail and sshd (reflecting the amount of spam processing going on) you had to go back about 30 items to find an OS related gizmo (syslogd).
sa -b | sed -e "s/re//" | sort -n -k2
I was curious.
So in summary Launchd is good but it was created and used to the exclusion of more important simple basic and boring important things, did I mention boring?.
Of course I'm getting kind of old lately and really only favour simple tools like stone wheels, flint axes and fire.
And with that I'll be greping the Plist fantastic for StartInterval and StartCalendarInterfal and adding a zest of sed.
And that sadly is the answer to my question. (ok I admit I will be likely using perl with some xml lib instead but I was trying to keep to the stone axe theme)
IJ