Not working on macOS 10.15.5 #5
Comments
|
I'm seeing the same thing. I wonder if it's some permissions / access control change? I've also tried using @JayBrown's https://github.com/JayBrown/DNSCrypt-Menu and it appears to be having the same problem. |
|
Both of them use the same mechanism for actually doing the DNS server update: if [ "$#" -gt 0 ]; then
wanted_resolvers="$*"
# shellcheck disable=2086
networksetup -setdnsservers "$service" $wanted_resolvers
flush_dns_cache 2>/dev/null
exit 0
fi |
|
I haven't visited the DNSCrypt-Menu for a very long time, and I don't know when I'll get around to it… if at all… because I'm thinking about running a local DNS with unbound eventually, and dnscrypt only integrated as a forward resolver. |
|
Looks like
https://mrmacintosh.com/whats-new-in-the-macos-catalina-10-15-5-update-19f96/ |
|
Got it, thanks @JayBrown. |
|
"Require an admin pw to access system-wide prefs" should imho be enabled for security reasons. It is on my system. So it seems that switchers for dnscrypt-proxy would need a privileged helper, just to be on the safe side. But afaik you can't have a privileged helper for shell scripts. The only workaround I can think of is that the non-privileged script writes a file with instructions to a specific directory, and that directory is constantly being watched by a privileged LaunchDaemon (with the WatchPaths key), which then reads the newly created file & runs its own privileged script according to the instructions coming from the non-privileged script, e.g. changing DNS settings etc. |
|
Oh, no :( |
|
Okay, I got mine working, but it's not an ideal solution. I prepended And added an entry like this to my (More info on the latter in this SO answer.) I'm not sure how to fix this in a more general way, or without requiring |
|
maybe we can run networksetup with admin rights prompt like this in a commandline
|
|
Yeah, that seems to work, albeit with a requirement to enter your password every time, which is suboptimal. Put: osascript -e "do shell script \"networksetup -setdnsservers $service $wanted_resolvers\" with administrator privileges"In place of: |
|
Instead of installing a LaunchDeamon (nobody likes these), maybe requesting administrator privileges can be used to spawn the script that watches for changes, as suggested by @JayBrown The password would be asked only once |
|
I just learned from another source that you can apparently run "do shell script" plus "with administrator privileges" with an in-AppleScript |
|
First, I would like to thank everbody contributing to DNSCrypt and it's surrounding ecosystem. Is there a plan to update bitbar-dnscrypt-proxy-switcher? |
|
I copied
to line 166. And since I have a touchbar macbook, when I activate bitbar, it asks for my "Touch ID" instead of typing in the password all the time. This isn't as inconvenient as I thought. It does ask for the Touch ID after changing from "Use DNScrypt-proxy" to any other item but still works fine. Thanks |
|
Thank you for the explanation. I will try to implement it in my system. |
Worked for me. |
|
Hi - thanks for this. One bug I found. If your network service name has a space in it, then this fails. You need to put quotes around $service in order to get it to work, I believe. My work around (which is probably suboptimal), is:
|
|
Thanks @quadari ! Another way to address this is to replace |
Updated to 10.15.5 today. Since then, the bitbar plugin (latest version) only shows the exclamation mark and is not able to switch to dnscrypt. The dnscrypt-proxy service is up to date and running. I'm not sure how to debug this, would appreciate help :)
When changing the DNS manually to 127.0.0.1, everything works as expected and the bitbar plugin also shows the lock emoji. So the issue seems to be switching the DNS settings.
The text was updated successfully, but these errors were encountered: