I am trying to load a single user's LaunchAgent plist. All existing plist files in the directory have the permissions of the user and the user's default group,
If I use those permissions for my plist file and try to load, I get
$ sudo launchctl load -w -F $HOME/Library/LaunchAgents/com.ionic.python.ionic-fs-watcher.startup.plist
/Users/timothy/Library/LaunchAgents/com.ionic.python.ionic-fs-watcher.startup.plist: Path had bad ownership/permissions
If I set the permissions to root:wheel
the same command works.
I figured I was going about loading the wrong way, so I tried this:
sudo launchctl load -D user ~/Library/LaunchAgents/com.ionic.python.ionic-fs-watcher.startup.plist
# Similar result, just lots of `Operation not permitted` instead of `service already loaded`
launchctl load -D user com.ionic.python.ionic-fs-watcher.startup.plist
But from the 100s of lines of output it looks like that is trying to load every plist file that exists.
The docs from the tool seem to indicate that this would ONLY scan for plist files in ~/Libraries
(see below),
How do I load a LaunchAgent for the current user?
$ launchctl help load
Usage: launchctl load <service-path, service-path2, ...>
-w If the service is disabled, it will be enabled. In previous
versions of launchd, being disabled meant that a service was
not loaded. Now, services are always loaded. If a service is
disabled, launchd does not advertise its service endpoints
(sockets, Mach ports, etc.).
-F Forcibly load the service. This flag will ignore the service's
disabled state. In previous versions of launchd, this flag
would also ignore the ownership and permissions of the
specified launchd.plist. This is no longer the case. Note that,
unlike the -w flag, this flag will not modify the service's
disabled state; it will instead only ignore it for the load
operation.
-S <session>
This flag takes a single argument which is the name of a
session and may only be used when loading agents. All daemons
exist within the same session, which is the system session.
Agents may designate which sessions they can be loaded in with
the LimitLoadToSessionType key.
-D <domain>
Loads launchd.plist(5) files from the specified domain.
Depending on the current execution context, launchctl will look
in a LaunchDaemons or LaunchAgents directory for
launchd.plists. When running in the system's execution context
(i.e. when run as root via a root shell or with sudo), the
LaunchDaemons directory is searched. When running in a user's
context (i.e. run normally from a shell), the LaunchAgents
directory is searched. Valid domains are:
system
Searches /System/Library for either daemons or agents.
local
Searches /Library for either daemons or agents.
network
Searches /Network. This session type is no longer valid.
user
Searches the home directory of the calling user for agents
only. Daemons may not be loaded from this
domain.