As part of a project to simplify running GemStone/S 64 Bit on the Macintosh, I need to be able to modify the OS kernel settings to allow for shared memory. The changes need to be made as root and the typical way to do it is using sudo from a command shell. This requires using the command line interface as well as making various calculations, all of which is somewhat familiar to an experienced GemStone DBA but is not very nice as an initial experience with GemStone, particularly for Mac users who have come to expect a better user experience.

The currently-approved way to do privileged operations on the Mac is to create a “helper tool” (a small C application) that does the minimal task. A client application (running as a regular user) then can install the tool and (with appropriate authorizations) “bless” it so that launchd can start it as root when it is needed. Apple provides an example of how to install a helper tool (SMJobBless), but the sample helper does not actually do anything in the way of providing a service to the sample application. It seems that there are a number of requests on the web for a more complete sample, and so rather than moving straight to my application I started by enhancing the sample app. You can find the result on github.

Communication is done using Unix domain sockets. That is, rather than listening on a port, the server listens on a file. This allows a safer naming scheme that avoids overlap better than port numbers. It also limits requests to clients on the same machine. Socket programming is reasonable straightforward, but somewhat tedious. Because it is stream-based, one can’t be sure that an entire message has been received so there needs to be code that figures out how many bytes to expect and then waits till they come. Of course, you shouldn’t wait forever, so there are timing issues as well.

If you are building a Mac application that needs a helper tool, then take a look and let us know what is missing…