Creating a Launch Deamon for Portsentry

Discussion in 'Mac Programming' started by ACagliano, Jan 31, 2013.

  1. macrumors newbie

    Joined:
    May 10, 2012
    #1
    I have a program called portsentry that can be run under OS X using the following command line commands:

    /opt/local/libexec/portsentry.sh -tcp
    /opt/local/libexec/portsentry.sh -udp

    So, instead of doing this every time I log in, I decided to create a script. However, when I launch the deamon, then do "ps aux | grep portsentry", it shows nothing running. What am I doing wrong in this script? I'm assuming I'm making a mistake with the plist file.

    Code:
    #!/bin/bash
    # Mac OS X portsentry installation script
    #
    #
    echo
    echo This script will enable portsentry
    echo and create a plist file to start up
    echo the portsentry daemon at startup.
    echo 
    echo Press enter to continue...
    
    
    # Set permissions
    chown root:admin /opt/local/libexec/portsentry.sh
    chmod 544 /opt/local/libexec/portsentry.sh
    
    # Set up the plist file finally
    echo "Setting up plist file at Library/LaunchDaemons/com.apple.portsentry.plist"
    
    if ! touch /Library/LaunchDaemons/com.apple.portsentry.plist ; then
        echo Cannot touch the Library/LaunchDaemons/com.apple.portsentry.plist file.
        echo Exiting due to the previous error.
        exit
    fi
    
    echo -e "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" > /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0 //EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "<plist version=\"1.0\">" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "<dict>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "    <key>Label</key>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "    <string>com.apple.portsentry</string>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "    <key>ProgramArguments</key>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "    <array>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "        <string>/opt/local/libexec/portsentry.sh -tcp</string>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "        <string>/opt/local/libexec/portsentry.sh -udp</string>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "    </array>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "    <key>RunAtLoad</key>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "    <true/>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "</dict>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "</plist>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    
    chown root:admin /Library/LaunchDaemons/com.apple.portsentry.plist
    
    echo "Complete."
    echo
    echo "Starting portsentry..."
    launchctl load /Library/LaunchDaemons/com.apple.portsentry.plist
    echo "Portsentry now active and running:"
    ps aux | grep portsentry
    
    echo
    echo Done.
     
  2. LPZ
    macrumors 65816

    Joined:
    Jul 11, 2006
    #2
    As a test, try the modification below and see if portsentry runs:

    Code:
    #!/bin/bash
    # Mac OS X portsentry installation script
    #
    #
    echo
    echo This script will enable portsentry
    echo and create a plist file to start up
    echo the portsentry daemon at startup.
    echo 
    echo Press enter to continue...
    
    
    # Set permissions
    chown root:admin /opt/local/libexec/portsentry.sh
    chmod 544 /opt/local/libexec/portsentry.sh
    
    # Set up the plist file finally
    echo "Setting up plist file at Library/LaunchDaemons/com.apple.portsentry.plist"
    
    if ! touch /Library/LaunchDaemons/com.apple.portsentry.plist ; then
        echo Cannot touch the Library/LaunchDaemons/com.apple.portsentry.plist file.
        echo Exiting due to the previous error.
        exit
    fi
    
    echo -e "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" > /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0 //EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "<plist version=\"1.0\">" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "<dict>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "    <key>Label</key>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "    <string>com.apple.portsentry</string>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "    <key>ProgramArguments</key>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "    <array>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "        <string>/opt/local/libexec/portsentry.sh</string>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "        <string>-tcp</string>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "    </array>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "    <key>RunAtLoad</key>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "    <true/>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "</dict>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    echo -e "</plist>" >> /Library/LaunchDaemons/com.apple.portsentry.plist
    
    chown root:admin /Library/LaunchDaemons/com.apple.portsentry.plist
    
    echo "Complete."
    echo
    echo "Starting portsentry..."
    launchctl load /Library/LaunchDaemons/com.apple.portsentry.plist
    echo "Portsentry now active and running:"
    ps aux | grep portsentry
    
    echo
    echo Done.
    See https://developer.apple.com/library.../Reference/ManPages/man5/launchd.plist.5.html for more.
     
  3. thread starter macrumors newbie

    Joined:
    May 10, 2012
    #3
    1/31/13 10:50:39.805 AM com.apple.launchd.peruser.502[474]: (com.apple.portsentry[1789]) Job failed to exec(3). Setting up event to tell us when to try again: 2: No such file or directory

    So, it runs, but it seems that the file or directory doesn't exist. Yet it does...
     
  4. macrumors 603

    Joined:
    Aug 9, 2009
    #4
    If you haven't read TN2083 "Daemons and Agents", you should:
    http://developer.apple.com/library/mac/#technotes/tn2083/_index.html


    Where did portsentry.sh come from?

    What testing of the script as a daemon have you done? Does it work when put in background by the shell? Does it work under 'nohup'? What are its needs for user-ids, permissions, ownership, working directory, login session?

    Have you tested it as a per-user LaunchAgent instead of as a system-wide LaunchDaemon?

    Have you made any other plists for any other agents or daemons? Even an agent as simple as waking up once a minute and writing a file.


    This message:
    1/31/13 10:50:39.805 AM com.apple.launchd.peruser.502[474]: (com.apple.portsentry[1789]) Job failed to exec(3). Setting up event to tell us when to try again: 2: No such file or directory
    seems to be saying that it's launching a peruser job. However, the install script does this:
    Code:
    chown root:admin /opt/local/libexec/portsentry.sh
    chmod 544 /opt/local/libexec/portsentry.sh
    
    The result of the chown and chmod is that the script is only executable for the owner (root), not for any admin-group or other. This seems inconsistent with a peruser job.
     
  5. kryten2, Jan 31, 2013
    Last edited: Feb 1, 2013

    macrumors 6502a

    Joined:
    Mar 17, 2012
    Location:
    Belgium
    #5
    Ah Portsentry. Takes me back to them Linux days. So what happens when you run those commands in Terminal? Does ps aux | grep portsentry shows they're running? Also Portsentry is not standard on OS X. Did you compile it from source or did you install it through MacPorts or Homebrew or a precompiled binary for your system? Seems like you've been trying for some time to get this going as per this link : http://www.cemetech.net/forum/viewtopic.php?t=8474&postdays=0&postorder=asc&start=0. You ask on that link to start the following Terminal commands on startup :

    Code:
    sudo /opt/local/libexec/portsentry -tcp 
    sudo /opt/local/libexec/portsentry -udp
    yet your first post here states this :

    Code:
    /opt/local/libexec/portsentry.sh -tcp 
    /opt/local/libexec/portsentry.sh -udp
    Like chown33 said the result of the chown and chmod is that the script is only executable for the owner (root).

    Edit : I installed Portsentry via Macports and lo and behold it was installed in the /opt/local/libexec/ directory. As you can see in the screenshot it's a Unix Executable File and doesn't end in .sh.

    The contents of com.apple.portsentry.plist file :

    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0 //EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    <plist version="1.0">
    <dict>
        <key>Label</key>
        <string>com.apple.portsentry</string>
        <key>ProgramArguments</key>
        <array>
            <string>/opt/local/libexec/portsentry</string>
            <string>-tcp</string>
        </array>
        <key>RunAtLoad</key>
        <true/>
    </dict>
    </plist>
    
     

    Attached Files:

  6. ACagliano, Feb 1, 2013
    Last edited: Feb 1, 2013

    thread starter macrumors newbie

    Joined:
    May 10, 2012
    #6
    Yeah, I have been trying for a while to get it working. I installed it via MacPorts.

    The strange thing is that doing both:

    /opt/local/libexec/portsentry AND /opt/local/libexec/portsentry.sh with the correct arguments works.

    I'll try out what you did.

    Edit: So, your example works fine and PortSentry starts up in TCP mode. Now, I would also like it started in UDP mode too. On the command line, you have to actually run the command twice to start it in both modes. Must I create another plist file?

    @kryten2: It works perfectly fine on OS X, but it doesn't support the stealth scan mode or advanced mode.
     

Share This Page