Skip to content

The Eclectic Light Company

Macs, painting, and more
Main navigation
  • Downloads
  • M1 & M2 Macs
  • Mac Problems
  • Mac articles
  • Art
  • Macs
  • Painting
hoakley June 21, 2022 Macs, Technology

How helpers are changing in Ventura

Many apps can’t do their job without helpers. Some provide services that need to run in the background so that you don’t have to open the app manually whenever they need to run. Others need to perform privileged operations, which require a privileged helper. This article reviews briefly how those currently work, and how they’re changing in Ventura.

There are three different ways that helper apps are normally run: as Login Items, Launch Agents, and Launch Daemons. Although they overlap in how they work and what each does, Apple differentiates them as:

  • Launch Daemons are standalone background processes managed by launchd, running as root before the user logs in, and communicating indirectly with user processes, normally by XPC. They’re not allowed to connect to WindowServer.
  • Launch Agents are also managed by launchd, but normally run on the user’s behalf, communicating with other processes and daemons. Although they can have GUI interfaces, they’re normally minimal.
  • Login Items are usually small apps started when the user logs in, which continue to run until they log out or quit them. These are often used to launch other helpers automatically, but may simply provide convenient access to app features, such as through a menu bar tool.

LaunchDaemons and LaunchAgents

Before you have logged in, launchd runs services and other components which are specified in Property List files in the LaunchAgents and LaunchDaemons folders in /System/Library, and in /Library. Those in /System/Library are all part of macOS, owned by Apple, and locked away on the SSV, but those in /Library include many installed by third party products. As they’re run before the user logs in, those work for all users, so are global services.

Once you have logged in, launchd runs any services and other components specified in any LaunchAgents folder in ~/Library. Those are user-specific.

These Property List files contain keyed settings which determine what launchd does with what. Although they can contain many other key-value pairs, two most important ones are ProgramArguments (or Program), which tells launchd what to run, and RunAtLoad, which determines whether launchd should run the service or app whenever your Mac starts up and it loads those agents and services.

Other keys determine whether the agent/service should be kept running at all times; if that is set, if it crashes or is otherwise terminated, launchd will automatically start it up again. That’s important for background services which apps rely on to function.

LoginItems

As the name makes clear, Login Items are run later, after the user logs in. You can set any app, service, or other executable code to run by adding it to the list of Login Items in the Users & Groups pane in System Preferences.

Once added, LaunchServices puts them into its list of apps to launch at startup, which is also kept in a Property List file. In Sierra and earlier, that’s located in ~/Library/Preferences/com.apple.loginitems.plist, but High Sierra has moved that, changed its extension and its file structure, to ~/Library/Application Support/com.apple.backgroundtaskmanagementagent/backgrounditems.btm The older Property List isn’t intended to be maintained directly by the user. For each Login Item, it gives an ‘alias’ which isn’t a normal macOS Bookmark, and some CustomItemProperties, which are also Base-64 encoded opaque data. The new format in High Sierra and later is even more opaque: although a Property List, it’s now a keyed archive containing objects which are referenced by UUID, and unsuitable for manual editing.

There’s an easy way to add apps which are already in the Dock to the Login Items list: click and hold on their icon in the Dock until its menu pops up. In that, select Options, then the Open at Login command.

You can add and remove Login Items using a scripting language; for example, in AppleScript
tell application "System Events" to make login item at end with properties {path:"/Applications/MyApp.app", hidden:false}
adds MyApp.app as a Login Item,
tell application "System Events" to get the name of every login item
lists all Login Items, and
tell application "System Events" to delete login item "name"
removes the named Login Item from the current list.

Login Items are better suited to apps of any size which have significant user interfaces, and anything which a user wants to control easily. Many apps, such as menu bar or ‘Status Bar’ apps, offer the user the option of installing them as a Login Item. Unfortunately, particularly when this is done for an app provided through the App Store, this turns out to be a complex development task which requires a helper app.

Changes in Ventura

Helpers and services are a difficult area for users. It has been all too easy for apps to install annoyances which the user then has difficulty removing. Some apps have pushed their luck in abusing these powers, and unwanted or malicious software has also used them to persist. Rather than apps installing their own helpers and property lists, macOS 13 introduces a new scheme in which those are provided within the app, in the bundle’s Resources and Library folders, rather than having to be installed by the app elsewhere.

Users are then properly informed about these helpers, and given control over them in a single unified panel in System Settings, for Login Items. This controls all apps and other items that run at startup or login, except those in macOS itself. As this could get fiddly, Ventura applies rules to simplify this:

  • If an app includes one or more Launch Daemons, those must be authorised by the user first. If the user agrees, then all other helpers are approved, including any Launch Agents and Login Items.
  • If an app doesn’t include a Launch Daemon, individual Launch Agents and Login Items are notified to the user as they’re added by macOS.
  • The user then controls those helpers in System Settings.
  • Apps are provided with easy access to check whether their helpers are currently authorised, so can act accordingly in the services they use.

As these are new features for Ventura, they will only be available to apps developed for macOS 13 and later, which will limit their usefulness at first until developers update their apps to use them.

References

Service Management in Apple’s developer documentation

Share this:

  • Twitter
  • Facebook
  • Reddit
  • Pinterest
  • Email
  • Print

Like this:

Like Loading...

Related

Posted in Macs, Technology and tagged helper, LaunchAgents, LaunchDaemons, Login Item, macOS 13, security, Ventura. Bookmark the permalink.

8Comments

Add yours
  1. 1
    EcleX on June 21, 2022 at 6:38 am

    Thanks for the information. Is there a place where all login items are stored or saved? I mean, a single site or file to control them all (including Login Items in the Users & Groups pane in System Preferences, ~/Library/Application Support/com.apple.backgroundtaskmanagementagent/backgrounditems.btm, etc)?

    On the other hand, I think that there is a missing full stop before “The older Property List isn’t intended to be maintained directly by the user”.

    LikeLiked by 1 person

    • 2
      hoakley on June 21, 2022 at 10:45 am

      Thank you.
      Yes, as I explain there is a single file which apparently does control them, but it’s not user-accessible. That’s something that Ventura looks set to change at last.
      I deliberately omitted that full stop, to avoid the ambiguity that it could be part of the file name. I knew I couldn’t win on that – if I had put it in, someone would have complained that the full stop wasn’t in the file name!
      Howard.

      LikeLike

  2. 3
    James on June 21, 2022 at 8:48 am

    I highly recommend Lingon (https://www.peterborgapps.com/lingon/) for managing the various daemons and background helper apps. Very well done UI. It lets you see everything running and allows you to disable anything you don’t need.

    LikeLiked by 1 person

    • 4
      hoakley on June 21, 2022 at 10:47 am

      Thank you.
      Yes, it’s an excellent tool which saves you managing them using the property list files. Its major drawback in this context is that it can’t manage all the Login Items, which is what this change to Ventura promises.
      Howard.

      LikeLike

    • 5
      mojo66 on June 21, 2022 at 12:57 pm

      I recommend KnockKnock, it also checks every login item with VirusTotal.

      LikeLiked by 1 person

      • 6
        hoakley on June 21, 2022 at 1:34 pm

        Thank you. Yes, for security KnockKnock from Object-See is excellent. However, it doesn’t give the fine controls that Lingon does. Personally, I use Hazel to keep a watch on LaunchItems and LaunchDaemons folders, which is even better.
        Howard.

        LikeLike

  3. 7
    bwillius on June 21, 2022 at 12:03 pm

    As it sounds now is that the new central management is only for the new style LaunchAgent and apps still can abuse LaunchAgents if they use the old style. Why not Sherlock Lingon and make a unified safe solution?

    LikeLiked by 1 person

    • 8
      hoakley on June 21, 2022 at 1:33 pm

      Well, you can only take advantage of its new scheme when building against macOS 13, but as far as I can see, it does pull all Login Items etc. into the same controls, even when they weren’t built for new macOS. I think that’s something we’ll see in the final release too, although how comprehensive it will be isn’t clear yet.
      Howard.

      LikeLike

·Comments are closed.

Quick Links

  • Downloads
  • Mac Troubleshooting Summary
  • M1 & M2 Macs
  • Mac problem-solving
  • Painting topics
  • Painting
  • Long Reads

Search

Monthly archives

  • February 2023 (10)
  • January 2023 (74)
  • December 2022 (74)
  • November 2022 (72)
  • October 2022 (76)
  • September 2022 (72)
  • August 2022 (75)
  • July 2022 (76)
  • June 2022 (73)
  • May 2022 (76)
  • April 2022 (71)
  • March 2022 (77)
  • February 2022 (68)
  • January 2022 (77)
  • December 2021 (75)
  • November 2021 (72)
  • October 2021 (75)
  • September 2021 (76)
  • August 2021 (75)
  • July 2021 (75)
  • June 2021 (71)
  • May 2021 (80)
  • April 2021 (79)
  • March 2021 (77)
  • February 2021 (75)
  • January 2021 (75)
  • December 2020 (77)
  • November 2020 (84)
  • October 2020 (81)
  • September 2020 (79)
  • August 2020 (103)
  • July 2020 (81)
  • June 2020 (78)
  • May 2020 (78)
  • April 2020 (81)
  • March 2020 (86)
  • February 2020 (77)
  • January 2020 (86)
  • December 2019 (82)
  • November 2019 (74)
  • October 2019 (89)
  • September 2019 (80)
  • August 2019 (91)
  • July 2019 (95)
  • June 2019 (88)
  • May 2019 (91)
  • April 2019 (79)
  • March 2019 (78)
  • February 2019 (71)
  • January 2019 (69)
  • December 2018 (79)
  • November 2018 (71)
  • October 2018 (78)
  • September 2018 (76)
  • August 2018 (78)
  • July 2018 (76)
  • June 2018 (77)
  • May 2018 (71)
  • April 2018 (67)
  • March 2018 (73)
  • February 2018 (67)
  • January 2018 (83)
  • December 2017 (94)
  • November 2017 (73)
  • October 2017 (86)
  • September 2017 (92)
  • August 2017 (69)
  • July 2017 (81)
  • June 2017 (76)
  • May 2017 (90)
  • April 2017 (76)
  • March 2017 (79)
  • February 2017 (65)
  • January 2017 (76)
  • December 2016 (75)
  • November 2016 (68)
  • October 2016 (76)
  • September 2016 (78)
  • August 2016 (70)
  • July 2016 (74)
  • June 2016 (66)
  • May 2016 (71)
  • April 2016 (67)
  • March 2016 (71)
  • February 2016 (68)
  • January 2016 (90)
  • December 2015 (96)
  • November 2015 (103)
  • October 2015 (119)
  • September 2015 (115)
  • August 2015 (117)
  • July 2015 (117)
  • June 2015 (105)
  • May 2015 (111)
  • April 2015 (119)
  • March 2015 (69)
  • February 2015 (54)
  • January 2015 (39)

Tags

APFS Apple AppleScript Apple silicon backup Big Sur Blake bug Catalina Consolation Console diagnosis Disk Utility Doré El Capitan extended attributes Finder firmware Gatekeeper Gérôme HFS+ High Sierra history of painting iCloud Impressionism iOS landscape LockRattler log logs M1 Mac Mac history macOS macOS 10.12 macOS 10.13 macOS 10.14 macOS 10.15 macOS 11 macOS 12 macOS 13 malware Mojave Monet Monterey Moreau MRT myth narrative OS X Ovid painting Pissarro Poussin privacy realism Renoir riddle Rubens Sargent scripting security Sierra SilentKnight SSD Swift symbolism Time Machine Turner update upgrade Ventura xattr Xcode XProtect

Statistics

  • 13,793,347 hits
Blog at WordPress.com.
Footer navigation
  • About & Contact
  • Macs
  • Painting
  • Language
  • Tech
  • Life
  • General
  • Downloads
  • Mac problem-solving
  • Extended attributes (xattrs)
  • Painting topics
  • Hieronymus Bosch
  • English language
  • LockRattler: 10.12 Sierra
  • LockRattler: 10.13 High Sierra
  • LockRattler: 10.11 El Capitan
  • Updates: El Capitan
  • Updates: Sierra, High Sierra, Mojave, Catalina, Big Sur
  • LockRattler: 10.14 Mojave
  • SilentKnight, silnite, LockRattler, SystHist & Scrub
  • DelightEd & Podofyllin
  • xattred, Metamer, Sandstrip & xattr tools
  • 32-bitCheck & ArchiChect
  • T2M2, Ulbow, Consolation and log utilities
  • Cirrus & Bailiff
  • Taccy, Signet, Precize, Alifix, UTIutility, Sparsity, alisma
  • Revisionist & DeepTools
  • Text Utilities: Nalaprop, Dystextia and others
  • PDF
  • Keychains & Permissions
  • LockRattler: 10.15 Catalina
  • Updates
  • Spundle, Cormorant, Stibium, Dintch, Fintch and cintch
  • Long Reads
  • Mac Troubleshooting Summary
  • LockRattler: 11.0 Big Sur
  • M1 & M2 Macs
  • Mints: a multifunction utility
  • LockRattler: 12.x Monterey
  • VisualLookUpTest
  • Virtualisation on Apple silicon
  • LockRattler: 13.x Ventura
Secondary navigation
  • Search

Post navigation

Paintings of William Shakespeare’s Plays 1: Romeo and Juliet
silnite version 7 supports Ventura, M2 Macs, XProtect Remediator and fixes bugs

Begin typing your search above and press return to search. Press Esc to cancel.

  • Follow Following
    • The Eclectic Light Company
    • Join 3,133 other followers
    • Already have a WordPress.com account? Log in now.
    • The Eclectic Light Company
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Copy shortlink
    • Report this content
    • View post in Reader
    • Manage subscriptions
    • Collapse this bar
%d bloggers like this: