JENKINS-9399 changed the Jenkins from using LaunchAgents to LaunchDaemons because, at the time, there were problems with running as an agent and using LaunchDaemons seems like the right approach.
Two years later, it's pretty clear that using LaunchDaemons creates a whole host of problems which (I argue) are worse than using LaunchAgents in the first place. LaunchDaemons cannot launch GUI applications which means you cannot unit test iOS applications or launch with XCode "instructions"... both of which are in high demand.
Anyway, I believe I discovered a way for us to have the best of both worlds: using LaunchAgents, having it auto-launch on boot, and preventing it from running under other users. I believe this will solve all outstanding problems.
- Configure Jenkins to use LaunchAgents (reverse
- Install the plist into ~/Library/LaunchAgents instead of /Library/LaunchAgents to prevent it from getting triggered by other users logging in.
- Configure the Jenkins user to auto-login on startup, but return to the login menu immediately: http://www.tuaw.com/2011/03/07/terminally-geeky-use-automatic-login-more-securely/