Launch Agent service not starting post login

We have a test scenario where we install our app package on a Mac setup using MDM (Jamf). Below are the test steps and observation:

  • This installation is done on this Mac with no user logged in.
  • Installation is completed successfully.
  • Now when an user log in on this mac machine, the expectation is that the app bundle will be started by the launchd (RunAtLoad). But the app is not started. When I check console logs I could see few logs around the app but from those logs I couldn't figure out why the app didn't start.
  • I rebooted my test machine but that also didnt start my app. My app is not listed in 'launchctl list' command.
  • My App bundle contains container app and a packet tunnel extension.
  • Below is how my plist file looks like in '/Library/LaunchAgents/com.****.***ui.plist':
{
    KeepAlive = 1;
    Label = "com.*****.client.****ui";
    LimitLoadToSessionType =     (
        Aqua
    );
    ProgramArguments =     (
        "/Applications/*********.app/Contents/MacOS/****Module"
    );
    RunAtLoad = 1;
    SuccessfulExit = 1;
    Version = "110.200.0.100";
}
  • In Console below are the last set of log which I could find related to my app:

support_log.txt

In above logs below statement mentions the extn which is related to my app bundle:

2024-03-19 15:48:55.256020+0530 0x462      Default     0x0                  206    0    symptomsd: (SymptomEvaluator) [com.apple.symptomsd:analytics] [Skipping first 85 of 95 entries]
2024-03-19 15:48:55.256051+0530 0x462      Default     0x0                  206    0    symptomsd: (SymptomEvaluator) [com.apple.symptomsd:analytics] entry: Thu Feb  8 20:48:26 2024 NetworkExtension.com.*****.client.*****-Client.*****ui.*****pkttunnel.104.2.12.191.104.2.12 (bundle)             0            0            0            0   0   0

Can someone please help me in understanding what could be wrong here, why would 'RunAtLoad' key word wont work here to start my app on user login or reboot?

Note: Everything work fine when my app is installed with an user logged in to the test machine. Also App starts successfully if I run command 'lauchctl bootstrap gui/<userid> /Library/LaunchAgents/com.****.****ui.plist' in the above mentioned test scenario where app didnt auto start by launchd: 'RunAtLoad'.

Up vote post of macnd Down vote post of macnd
400 views
Posted by
macnd
Reply
Add a Comment

Replies

Why do you need to install your app as a Launch Agent? If you install a Network System Extension Packet Tunnel provider and have something like OnDemandRules enabled for your provider, does it not get launched by the system when the rules for your provider are triggered?

Posted by
meaton
Up vote reply of meaton Down vote reply of meaton
Add a Comment

Thanks for your response @meaton Matt. Sorry if my original question was not clear. In my case, the UI service which installs and configure the packet tunnel, that itself is not starting. I need this service (Launch Agent) up and running as it does many things including configuring and starting the packet tunnel.

So need your help in debugging what could be wrong where that launchd couldnt start the ui service in above mentioned test scenario.

Posted by
macnd
Up vote reply of macnd Down vote reply of macnd
Add a Comment

we install our app package on a Mac setup using MDM (Jamf)

I need this service (Launch Agent) up and running as it does many things including configuring and starting the packet tunnel.

If your app takes the form of a container app with the full presence of a UI then do you have an issue here?

Otherwise, what does launchctl tell you is going on with the status of your agent? For example, if you print out the status from launchctl with the name of your service does it tell you why it possibly ran and exited? Or maybe it never ran at all?

Posted by
meaton
Up vote reply of meaton Down vote reply of meaton
Add a Comment

If your app takes the form of a container app with the full presence of a UI then do you have an issue here?

yes my app is an UI container app which installs and configures the packet tunnel.

if you print out the status from launchctl

'launchctl list' doesn't list my service, there is no entry for my service. Even a system restart didnt start or list the service. I have mentioned the test scenario in my original 1st post. Please refer the test steps to understand the test scenario where it is not working. Also I have attached few logs in the 1st post, please let me know if you see any thing obvious there. Otherwise let me know which service logs I can share from the console which can help in identifying the issue.

Posted by
macnd
Up vote reply of macnd Down vote reply of macnd
Add a Comment

Lets decouple things from launchd for a moment;

  1. If you try to run your container app and Packet Tunnel Provider without MDM or launchd, and just as a normal container app and provider, does everything install correctly?
  2. If you take a plain app that is not launching a packet tunnel provider and setup your service through launchd does it get run correctly?
Posted by
meaton
Up vote reply of meaton Down vote reply of meaton
Add a Comment

If you try to run your container app and Packet Tunnel Provider without MDM or launchd, and just as a normal container app and provider, does everything install correctly?

Yes everything works fine in your mentioned scenario. To share more data, my app works as expected (launchd starts the agent) when I install my package on mac machine without MDM and a user logged in. In case of MDM usecase also, things works fine if an user is logged in to the test mac machine.

In above case, since an user is logged in 'laucnhctl bootstrap gui/<userid> /Library/LaunchAgents/com.****.****ui.plist' is triggered by the postinstall script.

Posted by
macnd
Up vote reply of macnd Down vote reply of macnd
Add a Comment

In case of MDM usecase also, things works fine if an user is logged in to the test mac machine.

Okay, this makes sense to me then because both the mechanism of a launch agent and a managed device are focused on a user account for the machine.

Posted by
meaton
Up vote reply of meaton Down vote reply of meaton
Add a Comment

But my problem is why the 'RunAtLoad' function of plist is not working to start my service when an user log in on my test machine? In console logs I could see 'backgroundtaskmanagementd' working on my agent but eventually my service is not started.

2024-03-19 15:48:42.797870+0530 0xaf9      Default     0xa78                164    0    backgroundtaskmanagementd: [com.apple.backgroundtaskmanagement:main] effectiveItemDisposition: appURL=(null), type=legacy agent, url=file:///Library/LaunchAgents/com.*****.****ui.plist, config={
    BTMConfigArguments =     (
        "/Applications/**** **** ***** Module.app/Contents/MacOS/**** ***** ***** Module"
    );
    BTMConfigBundleIdentifiers =     (
    );
    BTMConfigExecutablePath = "/Applications/***** ***** ****** Module.app/Contents/MacOS/***** ***** ****** Module";
    BTMConfigLabel = "com.*****.client.****ui";     
}

More logs are available in my 1st post.

Posted by
macnd
Up vote reply of macnd Down vote reply of macnd
Add a Comment