sudo chown root:wheel /Users/acagliano/Desktop/portsentry.plist
ACMBP:~ acagliano$ sudo chown root:wheel /Users/acagliano/Desktop/portsentry.plist
ACMBP:~ acagliano$ sudo launchctl load /Users/acagliano/Desktop/portsentry.plist
ACMBP:~ acagliano$ sudo launchctl load /Users/acagliano/Desktop/portsentry.plist
PortSentryStart: Already loaded
ACMBP:~ acagliano$
ps aux | grep portsentry
acagliano 58497 0.3 0.0 2432768 452 s001 S+ 1:07PM 0:00.00 grep portsentry
root 401 0.0 0.0 2432776 112 ?? Ss 6:23PM 0:00.01 /opt/local/libexec/portsentry -udp
root 397 0.0 0.0 2432776 108 ?? Ss 6:23PM 0:00.01 /opt/local/libexec/portsentry -tcp
ACMBP:~ acagliano$ sudo launchctl load /Users/acagliano/Desktop/portsentry.plist
ACMBP:~ acagliano$ sudo launchctl load /Users/acagliano/Desktop/portsentry.plist
PortSentryStart: Already loaded
ACMBP:~ acagliano$
ps aux | grep portsentry
acagliano 58497 0.3 0.0 2432768 452 s001 S+ 1:07PM 0:00.00 grep portsentry
root 401 0.0 0.0 2432776 112 ?? Ss 6:23PM 0:00.01 /opt/local/libexec/portsentry -udp
root 397 0.0 0.0 2432776 108 ?? Ss 6:23PM 0:00.01 /opt/local/libexec/portsentry -tcp
looks like you're up and running. sudo mv /Users/acagliano/Desktop/portsentry.plist /Library/LaunchDaemons/portsentry.plist
Then restart and see if they're running.
Then restart and see if they're running.
11/16/12 1:35:01.144 PM com.apple.launchd[1]: (PortSentryStart[71]) Suspicious setup: User "ROOT" maps to user: root
11/16/12 1:35:01.402 PM com.apple.launchd[1]: (PortSentryStart[71]) Exited with code: 2
11/16/12 1:35:01.402 PM com.apple.launchd[1]: (PortSentryStart[71]) Exited with code: 2
Sorry about the double post but this might be confusing in one thread...
This is the only entry in the Console for the launch daemon:
Code:
This is what ps aux | grep portsentry says
ACMBP:~ acagliano$ ps aux | grep portsentry
Code:
Does this mean its running?
This is the only entry in the Console for the launch daemon:
Code:
Nov 16 14:00:28 localhost com.apple.launchd[1] (PortSentryStart[71]): Exited with code: 2This is what ps aux | grep portsentry says
ACMBP:~ acagliano$ ps aux | grep portsentry
Code:
acagliano 526 0.6 0.0 2432768 592 s000 S+ 2:02PM 0:00.00 grep portsentryDoes this mean its running?
Looks like it's not running. Not 100% sure what the problem is, but you should google some of those error messages from the Console.
I resolved the "Suspicious setup: User "ROOT" maps to user "root" " issue.
However, google doesn't seem to have any documents on what "Exited with code 2" means
http://www.google.com/#hl=en&tbo=d&output=search&sclient=psy-ab&q=com.apple.launchd+Exited+with+code:+2&oq=com.apple.launchd+Exited+with+code:+2&gs_l=hp.3...6374.11138.1.11821.19.17.0.1.1.3.1705.7837.6-6j1j1.8.0.les%3B..0.0...1c.1j2.M-s3TDEApqg&psj=1&bav=on.2,or.r_gc.r_pw.r_cp.r_qf.&fp=f0286612def9fb51&bpcl=38625945&biw=1024&bih=630
However, google doesn't seem to have any documents on what "Exited with code 2" means
http://www.google.com/#hl=en&tbo=d&output=search&sclient=psy-ab&q=com.apple.launchd+Exited+with+code:+2&oq=com.apple.launchd+Exited+with+code:+2&gs_l=hp.3...6374.11138.1.11821.19.17.0.1.1.3.1705.7837.6-6j1j1.8.0.les%3B..0.0...1c.1j2.M-s3TDEApqg&psj=1&bav=on.2,or.r_gc.r_pw.r_cp.r_qf.&fp=f0286612def9fb51&bpcl=38625945&biw=1024&bih=630
elfprince13 wrote:
Well you should look up what the status codes are for PortSentry.
I can't seem to find a "code 2" anywhere.
No
Edit: Ok, found it. Exit Code 2 means "no such file or directory". So, I made some modifications. Changed this excerpt of the plist file from:
Code:
to:
Code:
And, when I do
Code:
in Terminal, Console responds with the following:
Code:
Is that a fix?
Edit: Ok, found it. Exit Code 2 means "no such file or directory". So, I made some modifications. Changed this excerpt of the plist file from:
Code:
<key>ProgramArguments</key>
<array>
<string>/opt/local/libexec/portsentry.sh -tcp</string>
<string>/opt/local/libexec/portsentry.sh -udp</string>
</array>to:
Code:
<key>ProgramArguments</key>
<array>
<string>./opt/local/libexec/portsentry.sh -tcp</string>
<string>./opt/local/libexec/portsentry.sh -udp</string>
</array>And, when I do
Code:
sudo launchctl load /Library/LaunchDaemons/portsentry.plistin Terminal, Console responds with the following:
Code:
11/19/12 11:23:58.096 AM com.apple.launchd[1]: (PortSentryStart) Job should be able to exec(3) now.Is that a fix?
If you want to know what processes are running, execute ps aux.
If you want to know if port sentry specifically is running, execute ps aux | grep portsentry.
I don't think ./ is the right choice for that file, since a leading / is an absolute path, and a ./ is a relative one.
The problem I suspect is that you're feeding two separate programs to the "program arguments".
That means you're probably trying to run a command line that looks like
Code:
instead of like:
Code:
Add a level of indirection by wrapping the program execution in a shell script and point your plist file at the shell script, or split it into two separate plist files, one for tcp and one for udp. Or read the portsentry documentation and see if you can launch tcp and udp filtering in the same command line.
If you want to know if port sentry specifically is running, execute ps aux | grep portsentry.
I don't think ./ is the right choice for that file, since a leading / is an absolute path, and a ./ is a relative one.
The problem I suspect is that you're feeding two separate programs to the "program arguments".
That means you're probably trying to run a command line that looks like
Code:
/opt/local/libexec/portsentry.sh -tcp /opt/local/libexec/portsentry.sh -udpinstead of like:
Code:
/opt/local/libexec/portsentry.sh -tcp
/opt/local/libexec/portsentry.sh -udpAdd a level of indirection by wrapping the program execution in a shell script and point your plist file at the shell script, or split it into two separate plist files, one for tcp and one for udp. Or read the portsentry documentation and see if you can launch tcp and udp filtering in the same command line.
Ok, if I go with the creating of a shell script, is this the proper code?
Code:
Then, I need to do
Code:
Correct?
Code:
!/bin/bash
sudo /opt/local/libexec/portsentry.sh -tcp
sudo /opt/local/libexec/portsentry.sh -udpThen, I need to do
Code:
sudo sh [file.sh]
sudo chmod +x [file]Correct?
make the first line of your script
Code:
instead of
Code:
.
If you continue to use launchd, you shouldn't need all of those extra sudos (the chmod +x is important, but shouldn't need to be sudo'd).
Just make your program arguments point at the shell script instead of at port sentry.
Code:
#!/bin/bashinstead of
Code:
!/bin/bashIf you continue to use launchd, you shouldn't need all of those extra sudos (the chmod +x is important, but shouldn't need to be sudo'd).
Just make your program arguments point at the shell script instead of at port sentry.
Courtesy of chown33 and kryten2 from macrumors.com, I succeeded in getting the LaunchDaemon for PortSentry to actually work. Here is the plist file...
Code:
However, there is just one problem. This only starts PortSentry in TCP mode. I would like to also start it in UDP mode. In terminal, this requires me to actually run the portsentry file again, with another argument. Must I create a separate plist file, or can I do it in the same one?
Code:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0 //EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.apple.portsentry</string>
<key>ProgramArguments</key>
<array>
<string>/opt/local/libexec/portsentry</string>
<string>-tcp</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>However, there is just one problem. This only starts PortSentry in TCP mode. I would like to also start it in UDP mode. In terminal, this requires me to actually run the portsentry file again, with another argument. Must I create a separate plist file, or can I do it in the same one?
You should look at the help or manpage for portsentry and see if it can accept -tcp and -udp at the same time. If so, why can you not just do:
Code:
?
Code:
<string>/opt/local/libexec/portsentry</string>
<string>-tcp</string>
<string>-udp</string> 
I thought about that and tried it.... it does not. When I run
Code:
it yells at me about valid arguments.
When I do your suggestion in the plist file, it exits with code 255: no such file found.
Code:
/opt/local/libexec/portsentry -tcp -udpit yells at me about valid arguments.
When I do your suggestion in the plist file, it exits with code 255: no such file found.
ACagliano wrote:
Courtesy of chown33 and kryten2 from macrumors.com, I succeeded in getting the LaunchDaemon for PortSentry to actually work. Here is the plist file...
Code:
However, there is just one problem. This only starts PortSentry in TCP mode. I would like to also start it in UDP mode. In terminal, this requires me to actually run the portsentry file again, with another argument. Must I create a separate plist file, or can I do it in the same one?
Code:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0 //EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.apple.portsentry</string>
<key>ProgramArguments</key>
<array>
<string>/opt/local/libexec/portsentry</string>
<string>-tcp</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>However, there is just one problem. This only starts PortSentry in TCP mode. I would like to also start it in UDP mode. In terminal, this requires me to actually run the portsentry file again, with another argument. Must I create a separate plist file, or can I do it in the same one?
I would recommend making a separate plist file. I think I suggested that several posts back.
I assumed that would be suggested and already did it. So here are both:
com.apple.portsentrytcp.plist
Code:
com.apple.portsentryudp.plist
Code:
And now, only the TCP one runs. The UDP one starts, then stops.
Both run perfectly fine when invoked using launchctl.
Both have been chown'ed to root:admin.
com.apple.portsentrytcp.plist
Code:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0 //EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.apple.portsentrytcp</string>
<key>ProgramArguments</key>
<array>
<string>/opt/local/libexec/portsentry</string>
<string>-tcp</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>com.apple.portsentryudp.plist
Code:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0 //EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.apple.portsentryudp</string>
<key>ProgramArguments</key>
<array>
<string>/opt/local/libexec/portsentry</string>
<string>-udp</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>And now, only the TCP one runs. The UDP one starts, then stops.
Both run perfectly fine when invoked using launchctl.
Both have been chown'ed to root:admin.
Register to Join the Conversation
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Advertisement