launchd and git

Hello,

I have a script that I can run with launchd. I want it to be able to do some git operations. If I run my script manually (outside of launchd) things work great. If I run it within launchd, it seems to have issues with the sandboxing. git says:

error Unable to read current working directory: Operation not permitted

Here are the .plist and the .sh. Does anyone have any ideas what I can do? git seems to have many options about reading its configuration files; I assume that is what is going on here. Thanks!

com.bolsinga.gitcmd.plist (substitute paths as appropriate):

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<!--
  Copy this file to ~/Library/LaunchAgents
  cd ~/Library/LaunchAgents
  open Console.app and monitor syslog output.
  NOTE: in the following command, the plist extension is required.
  launchctl bootstrap gui/501 ~/Library/LaunchAgents/com.bolsinga.gitcmd.plist
  Look for related output in the syslog.
  Namely the executable this runs cannot be in ~/Documents, as it will get rejected. It works in ~/Applications
  launchctl list | grep bolsinga to see if it is running
  obviously, RunAtLoad below means it will run when loaded.
  launchctl bootout gui/501 ~/Library/LaunchAgents/com.bolsinga.gitcmd.plist to unload before re-loading when editing this file
-->
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>com.bolsinga.gitcmd</string>
	<key>ProgramArguments</key>
	<array>
		<string>/Users/bolsinga/Applications/gitcmd.sh</string>
		<string>/Users/bolsinga/Documents/code/git/bin_utils/</string>
	</array>
	<key>RunAtLoad</key>
	<true/>
	<key>StandardErrorPath</key>
	<string>/tmp/com.bolsinga.gitcmd.err</string>
	<key>StandardOutPath</key>
	<string>/tmp/com.bolsinga.gitcmd.out</string>
	<key>WorkingDirectory</key>
	<string>/Users/bolsinga/</string>
</dict>
</plist>

gitcmd.sh

#/bin/sh

# NOTE! This must be copied into ~/Applications.
#  So must any scripts it accesses! Otherwise it will not run from ~/bin/

DST_DIR="$1"
if [ -z "$DST_DIR" ] ; then
    echo "No destination directory" 1>&2
    exit 1
fi

tgit() {
  GIT_TRACE2=true GIT_TRACE_SETUP=true git $*
}

echo PWD: `pwd`
echo DST_DIR: $DST_DIR
echo GIT `which git`

tgit config --list

tgit -C $DST_DIR config --list

cd $DST_DIR
tgit config --list
Up vote post of Bolsinga Down vote post of Bolsinga
249 views
Posted by
Bolsinga
Reply

  • Aha. My shell script is sandboxed. Not sure if I can add permissions to a shell script. I am going to try to create a Swift command line tool that uses Process to invoke git. Updates to come.

    Bolsinga
Add a Comment

Replies

I think I have just about solved the problem. My shell script launched both my own binary and git. I have updated my binary to launch git via Process. Now my launchd plist launches my binary itself instead of using the shell. It has asked for UI permission to run each time (3 times now). I'm not sure why my answer hasn't been sticky yet...

Posted by
Bolsinga
Up vote reply of Bolsinga Down vote reply of Bolsinga
Add a Comment