How do I run a launchd command as root

macos mac cron root launchd
58,133

Solution 1

What folder is the .plist stored in?

launchd runs Daemons (/Library/LaunchDaemons or /System/Library/LaunchDaemons) as root, and will run them regardless of whether users are logged in or not. Launch Agents (/Library/LaunchAgents/ or ~/Library/LaunchAgents/) are run when a user is logged in as that user. You can not use setuid to change the user running the script on daemons.

Because you will want to add it in /Library/LaunchDaemons you will want to make sure you load it into launchd with administrator privileges (eg. sudo launchctl load -w /Library/LaunchDaemons/com.apple.samplelaunchdscript.plist)

Check out man launchd for more information.

Solution 2

Have you tried using one of the launchd editors?

To make sure it is run as root, I'm pretty sure launchd will run the programs as root. Ever think of giving ownership of the script to root using chmod? This way, it won't run unless run as root. You need to then verify that it runs.

sudo chown root:admin script_to_run_by_launchd

Solution 3

For Googlers looking to specifically run a LaunchAgent with root privileges intead of a LaunchDaemon, it can be done by:

  • Create your LaunchAgent in ~/Library/LaunchAgents
  • Run your application with sudo via the ProgramArguments property in your plist
  • Set the NOPASSWD option for your application in /etc/sudoers.d

For more detail, see this and this answer.

Solution 4

Property lists in LaunchAgents also work, but you have to load both agents and daemons with sudo:

sudo chown root /Library/LaunchAgents/test.plist
sudo launchctl load /Library/LaunchAgents/test.plist

If the plist doesn't have a disabled key, it is loaded on the next login or restart by default, and -w is not necessary.

Technical Note TN2083: Daemons and Agents:

A daemon is a program that runs in the background as part of the overall system (that is, it is not tied to a particular user). A daemon cannot display any GUI; more specifically, it is not allowed to connect to the window server.

[...]

An agent is a process that runs in the background on behalf of a particular user. Agents are useful because they can do things that daemons can't, like reliably access the user's home directory or connect to the window server.

Solution 5

LaunchControl made it painless for me in Yosemite. It has a nice drag-n-drop GUI to help you create or edit services. It was surprising to see all the services running that I did not know about.

Steps

  1. Start LaunchControl
  2. Top-left change to GlobalDeamons and enter your admin password
  3. File->New
  4. Under label, give it a unique name. Convention is "com.company.appname"
  5. Under Program to run use the Unix Shell script or whatever command you prefer WITHOUT arguments
  6. If your app requires arguments the change the dropdown field from "Default argv" to "Custom argv"
    1. now provide the argument you would normal as you would run it from the actual command line.
  7. Run at Load is optional, you decide.
  8. From the right-side, drag and drop StartInterval and set the interval you want. The FAQ under Help menu is very good.
Share:
58,133

Related videos on Youtube

Emmanuel Mwangi
Author by

Emmanuel Mwangi

Updated on September 17, 2022

Comments

  • Emmanuel Mwangi
    Emmanuel Mwangi over 1 year

    I have the following launchctl command as a .plist file. It's loaded and set to run once a day but, it needs to run as root and I'm not sure how to verify this.

    Also, this cron job basically CDs into a directory and runs a command. I'm sure launchd has a better way of specifying the directory where it's supposed to run the command.

    How do I know it's run as root and is there a better way to write this?

    <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>dev.project.frontpage.feedparser</string>
    <key>ProgramArguments</key>
    <array>
        <string>cd</string>
        <string>/Users/eman/src/project/trunk/includes/;</string>
        <string>./feed-parser.php</string>
        <string>-c</string>
        <string>./feed-parser-config.xml</string>
    </array>
    <key>QueueDirectories</key>
    <array/>
    <key>StartCalendarInterval</key>
    <dict>
        <key>Hour</key>
        <integer>12</integer>
        <key>Minute</key>
        <integer>0</integer>
    </dict>
    <key>WatchPaths</key>
    <array/>
</dict>
</plist>
  • Emmanuel Mwangi
    Emmanuel Mwangi over 14 years
    I did use Lingon to write this script. And I can fonfirm it works well in Leopard.
  • Emmanuel Mwangi
    Emmanuel Mwangi over 14 years
    Thank you. This is exactly what I was looking for as far as answering the root issue. The script is in /Library/LaunchDaemons so it was already running as root.
  • Claudix
    Claudix about 10 years
    A newbie question: is running launchctl required for installing a daemon? I mean, isn't it enough to copy the plist file into the corresponding path?
  • Chealion
    Chealion about 10 years
    @Claudix: That's correct. Copying the launchd config in place isn't enough - you still have to "turn it on" (launchctl load)
  • Cfinley
    Cfinley about 9 years
    Can you please edit your post to include the steps the asker can take to solve their problem?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Setting environment variables in OS X /etc/launchd.conf
How to load system-wide daemon on Mac OS X
How do I setup a cron job on OS X to run a curl command at a specific time every day?
How can I get a script to run every day on Mac OS X?
Error adding cronjobs in Mac OS X Lion
Start Jenkins slave on Mac OS X as LaunchDaemon
inotifywait alternative command for Mac?
Stop a runaway launchd process on OS X Leopard
Common Mac OS folders/settings to check (when trying to get rid of a pesky self-launching app)
does grep regex work differently on mac?