Hi guys
I have a user connecting to my company network via cisco vpn and the Bonjour service keeps causing problems. I know the command to disable it and re-enable it as root user.
The problem is Suitcase Fusion uses the Bonjour service to check if anyone else is using the product with the serial on the network before it launches. An the user insists they need this application.
Does anyone know of an applescript to turn off the bonjour service so the standard user (non admin and without root access) can open Suitcase Fusion double click a stop Bonjour script then connect to the vpn successfully.
Also i would like to know if is possible to make another clickable app to start the Bonjour service again.
Thanks
Model: Powerbookg4
Browser: Firefox 3.0.1
Operating System: Mac OS X (10.4)
You could use a script like this
set adminName to "the local admin short name"
set adminPass to "the local admin password"
if (do shell script "/bin/ps -ax") contains "/usr/sbin/mDNSResponder -launchd" then -- bonjour is running so kill it
do shell script "/bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist" user name adminName password adminPass with administrator privileges
else -- bonjour is not running so start it
do shell script "/bin/launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist" user name adminName password adminPass with administrator privileges
end if
Just put in the admin name and password. Then save the script as a run-only application so the end user can perform the task and not have direct access to the user name and password. If you allow them to run hex editors though the password can be accessible.
thanks this is great i have just added a couple of things to get a display message
set adminName to “the local admin short name”
set adminPass to “the local admin password”
if (do shell script “/bin/ps -ax”) contains “/usr/sbin/mDNSResponder -launchd” then – bonjour is running so kill it
do shell script “/bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist” user name “username goes here” password “password goes here” with administrator privileges
else – bonjour is not running so start it
do shell script “/bin/launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist” user name “username goes here” password “password goes here” with administrator privileges
end if
thanks for this!! This is exactly what I needed.
I added a couple of things:
Asks for an admin username & pw if the current user isn’t an admin
Returns dialog at the end with the result (Bonjour was enabled or disabled)
if (do shell script "id -Gn") does not contain " admin " then -- current user is not an admin
set adminName to text returned of (display dialog "Please enter the name of a user with administrator privileges" default answer "")
set adminPass to text returned of (display dialog "Please type the administrator password" default answer "" with hidden answer)
else
set adminName to (do shell script "id -un")
set adminPass to text returned of (display dialog "Please type your password" default answer "" with hidden answer)
end if
if (do shell script "/bin/ps -ax") contains "/usr/sbin/mDNSResponder -launchd" then -- bonjour is running so kill it
do shell script "/bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist" user name adminName password adminPass with administrator privileges
set resultText to "Bonjour is now disabled."
else -- bonjour is not running so start it
do shell script "/bin/launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist" user name adminName password adminPass with administrator privileges
set resultText to "Bonjour is now running."
end if
display dialog resultText
Unfortunately, this turns out to be the sledgehammer method of silencing Bonjour multicasts. Killing the mDNSResponder launchdaemon causes lots of problems, like breaking most of your network services. (Duh! It’s DNS - you don’t want to turn it off).
The proper way to do this is to add “-NoMulticastAdvertisements” to the ProgramArguments array in /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
like this:
sudo defaults write /System/Library/LaunchDaemons/com.apple.mDNSResponder ProgramArguments -array-add “-NoMulticastAdvertisements”
Now I’m trying to figure out how to wrap this in an Applescript app that will use this method to TOGGLE ‘NoMulticastAdvertisements’ - which means checking whether it’s on or off.
We can read the current state of mDNSResponder.plist:
sudo defaults read /System/Library/LaunchDaemons/com.apple.mDNSResponder ProgramArguments
the result:
(
“/usr/sbin/mDNSResponder”,
“-launchd”,
“-NoMulticastAdvertisements”
)
I need to coerce that last result to a list, either add or delete NoMulticastArguments, then do defaults write with the contents of the list. (Otherwise I’m concerned the .plist file will get munged - defaults write might keep appending the same argument over and over, and if there are other custom arguments in there I don’t want them to get deleted.
okay, this is clunky but it works. I had to resort to some ugly text processing to make the script parse the output of ‘defaults read’.
It also turns multicasts back on if you run it a second time.
If anyone has brilliant suggestions to improve it, please fire away!
set tid to AppleScript's text item delimiters
set AppleScript's text item delimiters to " "
set myGroups to text items of (do shell script "id -Gn") -- get current user's groups as a list
set AppleScript's text item delimiters to tid
set origPlist to {}
if "admin" is not in myGroups then -- current user is not an admin
set adminName to text returned of (display dialog "Please enter the name of a user with administrator privileges" default answer "")
set adminPass to text returned of (display dialog "Please type the administrator password" default answer "" with hidden answer)
else
set adminName to (do shell script "id -un") -- use current user's name
set adminPass to text returned of (display dialog "Please type your password" default answer "" with hidden answer)
end if
set rawResult to (paragraphs 2 thru -2 of (do shell script "sudo defaults read /System/Library/LaunchDaemons/com.apple.mDNSResponder ProgramArguments" user name adminName password adminPass with administrator privileges)) as list -- get current state of mDNSResponder plist
-- clean up text and put it in a list
repeat with c in rawResult
set end of origPlist to (characters 6 thru -3 of c) as text
end repeat
if "-NoMulticastAdvertisement" is not in origPlist then -- multicasts are on, add NoMulticastAdvertisements to turn them off
do shell script "sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist" user name adminName password adminPass with administrator privileges -- kill mDNSResponder while we change the defaults
do shell script " sudo cp /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist-prev" user name adminName password adminPass with administrator privileges -- make a backup copy of the plist file
do shell script "sudo defaults write /System/Library/LaunchDaemons/com.apple.mDNSResponder ProgramArguments -array-add -NoMulticastAdvertisements" user name adminName password adminPass with administrator privileges -- disable multicasts
do shell script "sudo /bin/launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist" user name adminName password adminPass with administrator privileges -- reload mDNSResponder
display dialog "Bonjour multicasts are now disabled."
else -- multicasts already off, leave them off or enable them?
set {keepOff, turnOn} to {"Keep them off", "Turn them on"}
set buttonResult to button returned of (display dialog "Bonjour multicasts are already disabled. What would you like to do?" buttons {keepOff, turnOn} default button 1)
if buttonResult is turnOn then
do shell script "sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist" user name adminName password adminPass with administrator privileges -- kill mDNSResponder while we change the defaults
do shell script "sudo mv /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist ~/.Trash/" user name adminName password adminPass with administrator privileges
do shell script " sudo cp /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist-prev /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist" user name adminName password adminPass with administrator privileges -- restore from backup
do shell script "sudo /bin/launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist" user name adminName password adminPass with administrator privileges -- reload mDNSResponder
display dialog "Bonjour multicasts are now enabled."
else
display dialog "Bonjour multicasts are still disabled."
end if
end if
slightly less clunky: put the commands into a list, also added permissions fix for the .plist file
set tid to AppleScript's text item delimiters
set AppleScript's text item delimiters to " "
set myGroups to text items of (do shell script "id -Gn") -- get current user's groups as a list
set AppleScript's text item delimiters to tid
set {unloadIt, copyIt, writeIt, chmodIt, loadIt, trashIt, restoreIt} to {"sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist", "sudo cp /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist-prev", "sudo defaults write /System/Library/LaunchDaemons/com.apple.mDNSResponder ProgramArguments -array-add -NoMulticastAdvertisements", "sudo chmod 644 /System/Library/LaunchDaemons/com.apple.mDNSResponder*", "sudo /bin/launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist", "sudo mv /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist ~/.Trash/", "sudo cp /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist-prev /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist"}
set origPlist to {}
if "admin" is not in myGroups then -- current user is not an admin
set adminName to text returned of (display dialog "Please enter the name of a user with administrator privileges" default answer "")
set adminPass to text returned of (display dialog "Please type the administrator password" default answer "" with hidden answer)
else
set adminName to (do shell script "id -un") -- use current user's name
set adminPass to text returned of (display dialog "Please type your password" default answer "" with hidden answer)
end if
set rawResult to (paragraphs 2 thru -2 of (do shell script "sudo defaults read /System/Library/LaunchDaemons/com.apple.mDNSResponder ProgramArguments" user name adminName password adminPass with administrator privileges)) as list -- get current state of mDNSResponder plist
-- clean up text and put it in a list
repeat with c in rawResult
set end of origPlist to (characters 6 thru -3 of c) as text
end repeat
if "-NoMulticastAdvertisement" is not in origPlist then -- multicasts are on, add NoMulticastAdvertisements to turn them off
repeat with theShell in {unloadIt, copyIt, writeIt, chmodIt, loadIt}
do shell script theShell user name adminName password adminPass with administrator privileges
end repeat
display dialog "Bonjour multicasts are now disabled."
else -- multicasts already off, leave them off or enable them?
set {keepOff, turnOn} to {"Keep them off", "Turn them on"}
set buttonResult to button returned of (display dialog "Bonjour multicasts are already disabled. What would you like to do?" buttons {keepOff, turnOn} default button 1)
if buttonResult is turnOn then
repeat with theShell in {unloadIt, trashIt, restoreIt, loadIt}
do shell script theShell user name adminName password adminPass with administrator privileges
end repeat
display dialog "Bonjour multicasts are now enabled."
else
display dialog "Bonjour multicasts are still disabled."
end if
end if