LaunchD Plist不工作

Question

编辑:似乎我在控制台com.apple.launchd：(com.xxxx.adbind57)中遇到错误，退出时代码为:1

这到底是什么意思？

另外，如果我使用launchctl命令加载登录的launchd plist文件，它工作得很好！

我想弄清楚为什么我的发射器不能工作，我快把自己逼疯了。我在Mountain Lion 10.8.2中使用了它，当我使用launchctl手动启动它时，它会显示它已加载，但脚本并未运行。该脚本在手动运行时也能正常工作。也许它只是需要一双更好的眼睛来看我在做什么。

首先，我将解释我试图实现的目标。我有大约400台电脑在异地进行了镜像。我需要这些电脑绑定到AD，这不能离开我们的网络。我想，通过在启动时运行启动脚本来调用脚本，然后让脚本在运行之前检查它是否在网络中，我可以在AD用户登录之前在我们的网络中第一次启动时绑定这些计算机。

这是我的启动程序，我将它放在/Library/launchDaemons中

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.xxxx.adbind</string>
    <key>ProgramArguments</key>
    <array>
        <string>/usr/local/bin/adbind.bash</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
    <key>WorkingDirectory</key>
    <string>/usr/local/bin</string>
</dict>
</plist>

我试过在使用和不使用WorkingDirectory密钥的情况下使用它。

这是我的脚本，我将我的脚本放在/usr/local/bin中

#!/bin/bash

computerid=`/usr/sbin/scutil --get LocalHostName`

# Standard parameters
domain="xxx.xxxx.edu"           # fully qualified DNS name of Active Directory Domain
udn="xxxxxx"            # username of a privileged network user
password="xxxxx"                    # password of a privileged network user
ou="OU=xxx,DC=xxx,DC=xxxx,DC=edu"       # Distinguished name of container for the computer

# Advanced options
alldomains="enable"         # 'enable' or 'disable' automatic multi-domain authentication
localhome="enable"          # 'enable' or 'disable' force home directory to local drive
protocol="smb"              # 'afp' or 'smb' change how home is mounted from server
mobile="enable"         # 'enable' or 'disable' mobile account support for offline logon
mobileconfirm="disable"     # 'enable' or 'disable' warn the user that a mobile acct will be created
useuncpath="enable"         # 'enable' or 'disable' use AD SMBHome attribute to determine the home dir
user_shell="/bin/bash"      # e.g., /bin/bash or "none"
preferred="-preferred xxx.xxxxx.edu"    # Use the specified server for all Directory lookups and authentication
                            # (e.g. "-nopreferred" or "-preferred ad.server.edu")
admingroups="xxx\admins,xxx\teachers,xxx\ADManagement - Computers,xxx\employees"    # These comma-separated AD groups may administer the machine (e.g. "" or "APPLE\mac admins")

# Login hook setting -- specify the path to a login hook that you want to run instead of this script

### End of configuration

## Wait until all network services are up.
ipconfig waitall

# Check to see if we're in the district
if ping -c 1 xxx.xxx.x.x
then

# Activate the AD plugin
defaults write /Library/Preferences/DirectoryService/DirectoryService "Active Directory" "Active"
plutil -convert xml1 /Library/Preferences/DirectoryService/DirectoryService.plist
sleep 5

# Remove computer from OU
dsconfigad -f -r -u xxxxxxx -p xxxxxx
sleep 5

# Bind to AD
dsconfigad -f -a $computerid -domain $domain -u $udn -p "$password" -ou "$ou"

# Configure advanced AD plugin options
if [ "$admingroups" = "" ]; then
    dsconfigad -nogroups
else
    dsconfigad -groups "$admingroups"
fi

dsconfigad -alldomains $alldomains -localhome $localhome -protocol $protocol \
    -mobile $mobile -mobileconfirm $mobileconfirm -useuncpath $useuncpath \
    -shell $user_shell $preferred

# Restart DirectoryService (necessary to reload AD plugin activation settings)
killall DirectoryService

# Add the AD node to the search path
if [ "$alldomains" = "enable" ]; then
    csp="/Active Directory/All Domains"
else
    csp="/Active Directory/$domain"
fi


# This works in a pinch if the above code does not
defaults write /Library/Preferences/DirectoryService/SearchNodeConfig "Search Node Custom Path Array" -array "/Active Directory/All Domains"
defaults write /Library/Preferences/DirectoryService/SearchNodeConfig "Search Policy" -int 4
defaults write /Library/Preferences/DirectoryService/ContactsNodeConfig "Search Node Custom Path Array" -array "/Active Directory/All Domains"
defaults write /Library/Preferences/DirectoryService/ContactsNodeConfig "Search Policy" -int 4

plutil -convert xml1 /Library/Preferences/DirectoryService/SearchNodeConfig.plist

## Remove the script and launchd job. Be sure to delete the script.
launchctl unload -w /Library/LaunchDaemons/com.xxxx.adbind.plist 
rm /Library/LaunchDaemons/com.xxxx.adbind.plist
rm /usr/local/bin/adbind.bash

exit 0
else
echo "District not Available. Quitting"
exit 1
fi

谢谢你的帮助！

Answer 1

好吧，我终于解决了我的问题，并找到了解决方案！我打算把答案贴在这里，希望有一天能帮助其他人！看起来启动文件运行的时间不够长，无法运行我的整个脚本。因此，我将KeepAlive密钥添加到plist中。现在看起来是这样的。

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.xxxx.adbind</string>
    <key>KeepAlive</key>
    <dict>
        <key>SuccessfulExit</key>
        <false/>
    </dict>
    <key>ProgramArguments</key>
    <array>
        <string>/usr/local/bin/adbind.bash</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
</dict>
</plist>

我还遇到了权限问题，发现我创建并放置脚本的"bin“文件夹不属于root用户。所以我在我的文件和文件夹上运行了chown和chmod。就像这样。

sudo chown root:wheel bin
sudo chown root:wheel adbind.bash
sudo chmod 755 adbind.bash
sudo chown root:wheel com.xxxx.adbind.plist
sudo chmod 755 com.xxxx.adbind.plist

Answer 2

退出代码1表示脚本退出时出现错误。如果它以0退出，则表示没有错误。