Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > Apple Systems and Services > Programming > Mac Programming

Reply
 
Thread Tools Search this Thread Display Modes
Old Jan 31, 2013, 07:53 AM   #1
ACagliano
macrumors newbie
 
Join Date: May 2012
Creating a Launch Deamon for Portsentry

I have a program called portsentry that can be run under OS X using the following command line commands:

/opt/local/libexec/portsentry.sh -tcp
/opt/local/libexec/portsentry.sh -udp

So, instead of doing this every time I log in, I decided to create a script. However, when I launch the deamon, then do "ps aux | grep portsentry", it shows nothing running. What am I doing wrong in this script? I'm assuming I'm making a mistake with the plist file.

Code:
#!/bin/bash
# Mac OS X portsentry installation script
#
#
echo
echo This script will enable portsentry
echo and create a plist file to start up
echo the portsentry daemon at startup.
echo 
echo Press enter to continue...


# Set permissions
chown root:admin /opt/local/libexec/portsentry.sh
chmod 544 /opt/local/libexec/portsentry.sh

# Set up the plist file finally
echo "Setting up plist file at Library/LaunchDaemons/com.apple.portsentry.plist"

if ! touch /Library/LaunchDaemons/com.apple.portsentry.plist ; then
    echo Cannot touch the Library/LaunchDaemons/com.apple.portsentry.plist file.
    echo Exiting due to the previous error.
    exit
fi

echo -e "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" > /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0 //EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "<plist version=\"1.0\">" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "<dict>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "    <key>Label</key>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "    <string>com.apple.portsentry</string>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "    <key>ProgramArguments</key>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "    <array>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "        <string>/opt/local/libexec/portsentry.sh -tcp</string>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "        <string>/opt/local/libexec/portsentry.sh -udp</string>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "    </array>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "    <key>RunAtLoad</key>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "    <true/>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "</dict>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "</plist>" >> /Library/LaunchDaemons/com.apple.portsentry.plist

chown root:admin /Library/LaunchDaemons/com.apple.portsentry.plist

echo "Complete."
echo
echo "Starting portsentry..."
launchctl load /Library/LaunchDaemons/com.apple.portsentry.plist
echo "Portsentry now active and running:"
ps aux | grep portsentry

echo
echo Done.
ACagliano is offline   0 Reply With Quote
Old Jan 31, 2013, 09:28 AM   #2
LPZ
macrumors 65816
 
Join Date: Jul 2006
Quote:
Originally Posted by ACagliano View Post
I have a program called portsentry that can be run under OS X using the following command line commands:

/opt/local/libexec/portsentry.sh -tcp
/opt/local/libexec/portsentry.sh -udp

So, instead of doing this every time I log in, I decided to create a script. However, when I launch the deamon, then do "ps aux | grep portsentry", it shows nothing running. What am I doing wrong in this script? I'm assuming I'm making a mistake with the plist file.
As a test, try the modification below and see if portsentry runs:

Code:
#!/bin/bash
# Mac OS X portsentry installation script
#
#
echo
echo This script will enable portsentry
echo and create a plist file to start up
echo the portsentry daemon at startup.
echo 
echo Press enter to continue...


# Set permissions
chown root:admin /opt/local/libexec/portsentry.sh
chmod 544 /opt/local/libexec/portsentry.sh

# Set up the plist file finally
echo "Setting up plist file at Library/LaunchDaemons/com.apple.portsentry.plist"

if ! touch /Library/LaunchDaemons/com.apple.portsentry.plist ; then
    echo Cannot touch the Library/LaunchDaemons/com.apple.portsentry.plist file.
    echo Exiting due to the previous error.
    exit
fi

echo -e "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" > /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0 //EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "<plist version=\"1.0\">" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "<dict>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "    <key>Label</key>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "    <string>com.apple.portsentry</string>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "    <key>ProgramArguments</key>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "    <array>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "        <string>/opt/local/libexec/portsentry.sh</string>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "        <string>-tcp</string>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "    </array>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "    <key>RunAtLoad</key>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "    <true/>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "</dict>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
echo -e "</plist>" >> /Library/LaunchDaemons/com.apple.portsentry.plist

chown root:admin /Library/LaunchDaemons/com.apple.portsentry.plist

echo "Complete."
echo
echo "Starting portsentry..."
launchctl load /Library/LaunchDaemons/com.apple.portsentry.plist
echo "Portsentry now active and running:"
ps aux | grep portsentry

echo
echo Done.
See https://developer.apple.com/library/...d.plist.5.html for more.
LPZ is offline   0 Reply With Quote
Old Jan 31, 2013, 09:54 AM   #3
ACagliano
Thread Starter
macrumors newbie
 
Join Date: May 2012
1/31/13 10:50:39.805 AM com.apple.launchd.peruser.502[474]: (com.apple.portsentry[1789]) Job failed to exec(3). Setting up event to tell us when to try again: 2: No such file or directory

So, it runs, but it seems that the file or directory doesn't exist. Yet it does...
ACagliano is offline   0 Reply With Quote
Old Jan 31, 2013, 12:15 PM   #4
chown33
macrumors 603
 
Join Date: Aug 2009
If you haven't read TN2083 "Daemons and Agents", you should:
http://developer.apple.com/library/m...83/_index.html


Where did portsentry.sh come from?

What testing of the script as a daemon have you done? Does it work when put in background by the shell? Does it work under 'nohup'? What are its needs for user-ids, permissions, ownership, working directory, login session?

Have you tested it as a per-user LaunchAgent instead of as a system-wide LaunchDaemon?

Have you made any other plists for any other agents or daemons? Even an agent as simple as waking up once a minute and writing a file.


This message:
1/31/13 10:50:39.805 AM com.apple.launchd.peruser.502[474]: (com.apple.portsentry[1789]) Job failed to exec(3). Setting up event to tell us when to try again: 2: No such file or directory
seems to be saying that it's launching a peruser job. However, the install script does this:
Code:
chown root:admin /opt/local/libexec/portsentry.sh
chmod 544 /opt/local/libexec/portsentry.sh
The result of the chown and chmod is that the script is only executable for the owner (root), not for any admin-group or other. This seems inconsistent with a peruser job.
chown33 is offline   0 Reply With Quote
Old Jan 31, 2013, 02:20 PM   #5
kryten2
macrumors 6502a
 
Join Date: Mar 2012
Location: Belgium
Ah Portsentry. Takes me back to them Linux days. So what happens when you run those commands in Terminal? Does ps aux | grep portsentry shows they're running? Also Portsentry is not standard on OS X. Did you compile it from source or did you install it through MacPorts or Homebrew or a precompiled binary for your system? Seems like you've been trying for some time to get this going as per this link : http://www.cemetech.net/forum/viewto...er=asc&start=0. You ask on that link to start the following Terminal commands on startup :

Code:
sudo /opt/local/libexec/portsentry -tcp 
sudo /opt/local/libexec/portsentry -udp
yet your first post here states this :

Code:
/opt/local/libexec/portsentry.sh -tcp 
/opt/local/libexec/portsentry.sh -udp
Like chown33 said the result of the chown and chmod is that the script is only executable for the owner (root).

Edit : I installed Portsentry via Macports and lo and behold it was installed in the /opt/local/libexec/ directory. As you can see in the screenshot it's a Unix Executable File and doesn't end in .sh.

The contents of com.apple.portsentry.plist file :

Code:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0 //EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.apple.portsentry</string>
    <key>ProgramArguments</key>
    <array>
        <string>/opt/local/libexec/portsentry</string>
        <string>-tcp</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
</dict>
</plist>
Attached Thumbnails
Click image for larger version

Name:	Picture 6.png
Views:	19
Size:	112.3 KB
ID:	393837   Click image for larger version

Name:	Picture 2.png
Views:	12
Size:	114.5 KB
ID:	393838  
Attached Images
 
__________________
Space Corps Directive 34124

Last edited by kryten2; Feb 1, 2013 at 08:25 AM.
kryten2 is offline   0 Reply With Quote
Old Feb 1, 2013, 10:07 AM   #6
ACagliano
Thread Starter
macrumors newbie
 
Join Date: May 2012
Yeah, I have been trying for a while to get it working. I installed it via MacPorts.

The strange thing is that doing both:

/opt/local/libexec/portsentry AND /opt/local/libexec/portsentry.sh with the correct arguments works.

I'll try out what you did.

Edit: So, your example works fine and PortSentry starts up in TCP mode. Now, I would also like it started in UDP mode too. On the command line, you have to actually run the command twice to start it in both modes. Must I create another plist file?

@kryten2: It works perfectly fine on OS X, but it doesn't support the stealth scan mode or advanced mode.

Last edited by ACagliano; Feb 1, 2013 at 11:04 AM.
ACagliano is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > Programming > Mac Programming

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 01:10 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC