Categories


Archives


Recent Posts


Categories


Modern Macs, Cron, and the Balkanization of Unix

astorm

Frustrated by Magento? Then you’ll love Commerce Bug, the must have debugging extension for anyone using Magento. Whether you’re just starting out or you’re a seasoned pro, Commerce Bug will save you and your team hours everyday. Grab a copy and start working with Magento instead of against it.

Updated for Magento 2! No Frills Magento Layout is the only Magento front end book you'll ever need. Get your copy today!

This isn’t new news but it was new to me. “Modern” macs have a security feature called “Full Disk Access” which sits on top of your computer’s normal security systems and prevents programs from accessing certain files/resources.

This is good — but apparently something about the protections of Full Disk Access prevent cron from working on your Mac out of the box.

There are solutions — but neither one is great. Option 1 is to add the /usr/sbni/cron binary to the Full Disk Access allowlist — i.e. to opt it out of the protections offered by Full Disk Access. This works — but at the cost of some security and leaving you with a nagging hope/worry that Apple engineers are considering this use case when making decisions related to overall system security.

The other solution might be just dropping your use of cron entirely and using Apple’s launchd system instead. Launchd has been around for a long time and is probably better than cron, but it’s also more complicated and the time you spend learning launchd won’t really apply to other areas of your computing life. While it’s open source I’ve never seen it used outside of Apple’s own computers.

Speaking of cron — I recently embraced certbot and Let’s Encrypt for my SSL/HTTPS needs and noticed that after setup certbot wasn’t using cron to check for and update its certificates. Instead it was using systemd-timers. Again, a system that’s probably better than cron, but also more complicated.

Copyright © Alan Storm 1975 – 2021 All Rights Reserved

Originally Posted: 1st January 2021