How can I make unbound's accepting of incoming network connections in application firewall in Catalina 'stick'?

Gerben Wierda gerben.wierda at rna.nl
Mon Mar 15 01:05:44 UTC 2021


It seems to be a code signing issue for /opt/local/sbin/unbound, but I haven’t found out how to get rid of it and MacPorts doesn’t handle it itself (i.e. forces the app to end into a good state or warn why it can’t do it).

Gerben Wierda (LinkedIn <https://www.linkedin.com/in/gerbenwierda>)
R&A Enterprise Architecture <https://ea.rna.nl/> (main site)
Book: Chess and the Art of Enterprise Architecture <https://ea.rna.nl/the-book/>
Book: Mastering ArchiMate <https://ea.rna.nl/the-book-edition-iii/>

> On 15 Mar 2021, at 01:55, Gerben Wierda via macports-users <macports-users at lists.macports.org> wrote:
> 
> I am running an extensive MacPorts (with postfix, dovecot, nginx, minion, etc.) on my macOS Server, which is still running macOS Mojave.
> 
> On one of the other Macs, running macOS Catalina, I run a backup unbound caching nameserver. This also offers me a way to do some minimal testing of the MacPorts setup on a more recent version of macOS (as a preparation for upgrading the Mojave system when Apple stops supporting it)
> 
> The unbound on macOS Catalina runs fine, except for one thing. After a reboot, unbound will not accept incoming connections until I have logged in an answer the application firewalls’ question:
> 
> Do you want the application “unbound” to accept incoming network connections?
> Clicking Deny may limit the application’s behaviour. This setting can be changed in the Firewall pane of Security & Privacy preferences.
> 
> I can answer yes, check the entry in the application firewall (set to yes, accept, even before I allow it through the panel). But even if it is set to accept incoming connections, after a reboot I need to log in and answer again via the GUI before it accepts. Setting this in the Application firewall doesn’t ’stick’ for some reason.
> 
> This is not acceptable behaviour if I ever upgrade my Mojave Server, as that one must be able to do unsupervised reboots/running without any login.
> 
> Is there something special in Catalina I must do? Or is this expected behaviour?
> 
> Thanks,
> 
> Gerben Wierda (LinkedIn <https://www.linkedin.com/in/gerbenwierda>)
> R&A Enterprise Architecture <https://ea.rna.nl/> (main site)
> Book: Chess and the Art of Enterprise Architecture <https://ea.rna.nl/the-book/>
> Book: Mastering ArchiMate <https://ea.rna.nl/the-book-edition-iii/>
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macports.org/pipermail/macports-users/attachments/20210315/1b46523f/attachment.htm>


More information about the macports-users mailing list