*.so files with wrong permission

[vissible]

dnscrypt-proxy is not able to run, because the "*.so" files have wrong owner.

$ ll /usr/local/Cellar/dnscrypt-proxy/1.9.4/lib/dnscrypt-proxy/
total 264
-r--r--r--  1 user  admin   8752  1 25 14:45 libdcplugin_example.so
-r--r--r--  1 user  admin  13976  1 25 14:45 libdcplugin_example_cache.so
-r--r--r--  1 user  admin  13236  1 25 14:45 libdcplugin_example_ldns_aaaa_blocking.so
-r--r--r--  1 user  admin  23968  1 25 14:45 libdcplugin_example_ldns_blocking.so
-r--r--r--  1 user  admin  14844  1 25 14:45 libdcplugin_example_ldns_forwarding.so
-r--r--r--  1 user  admin  13796  1 25 14:45 libdcplugin_example_ldns_opendns_deviceid.so
-r--r--r--  1 user  admin  13732  1 25 14:45 libdcplugin_example_ldns_opendns_set_client_ip.so
-r--r--r--  1 user  admin  13860  1 25 14:45 libdcplugin_example_logging.so 
$ sudo /usr/local/opt/dnscrypt-proxy/sbin/dnscrypt-proxy  dnscrypt-proxy.conf
Wed Jan 25 14:59:53 2017 [INFO] Loading plugin [/usr/local/Cellar/dnscrypt-proxy/1.9.4/lib/dnscrypt-proxy/libdcplugin_example_ldns_blocking.so]
Wed Jan 25 14:59:53 2017 [ERROR] Plugin [/usr/local/Cellar/dnscrypt-proxy/1.9.4/lib/dnscrypt-proxy/libdcplugin_example_ldns_blocking.so] can't be loaded: [Operation not permitted]
Wed Jan 25 14:59:53 2017 [INFO] Loading plugin [/usr/local/Cellar/dnscrypt-proxy/1.9.4/lib/dnscrypt-proxy/libdcplugin_example_logging.so]
Wed Jan 25 14:59:53 2017 [ERROR] Plugin [/usr/local/Cellar/dnscrypt-proxy/1.9.4/lib/dnscrypt-proxy/libdcplugin_example_logging.so] can't be loaded: [Operation not permitted]
Wed Jan 25 14:59:53 2017 [INFO] Loading plugin [/usr/local/Cellar/dnscrypt-proxy/1.9.4/lib/dnscrypt-proxy/libdcplugin_example_cache.so]
Wed Jan 25 14:59:53 2017 [ERROR] Plugin [/usr/local/Cellar/dnscrypt-proxy/1.9.4/lib/dnscrypt-proxy/libdcplugin_example_cache.so] can't be loaded: [Operation not permitted]
Wed Jan 25 14:59:53 2017 [ERROR] Unable to load plugins

the solution is to change the owner of "*.so" files.

$ sudo chown root: /usr/local/Cellar/dnscrypt-proxy/1.9.4/lib/dnscrypt-proxy/*.so
$ ll /usr/local/Cellar/dnscrypt-proxy/1.9.4/lib/dnscrypt-proxy/
total 264
-r--r--r--  1 root  admin   8752  1 25 14:45 libdcplugin_example.so
-r--r--r--  1 root  admin  13976  1 25 14:45 libdcplugin_example_cache.so
-r--r--r--  1 root  admin  13236  1 25 14:45 libdcplugin_example_ldns_aaaa_blocking.so
-r--r--r--  1 root  admin  23968  1 25 14:45 libdcplugin_example_ldns_blocking.so
-r--r--r--  1 root  admin  14844  1 25 14:45 libdcplugin_example_ldns_forwarding.so
-r--r--r--  1 root  admin  13796  1 25 14:45 libdcplugin_example_ldns_opendns_deviceid.so
-r--r--r--  1 root  admin  13732  1 25 14:45 libdcplugin_example_ldns_opendns_set_client_ip.so
-r--r--r--  1 root  admin  13860  1 25 14:45 libdcplugin_example_logging.so

[MikeMcQuaid]

Homebrew can't and doesn't chown things to root so we'll need to find another solution.

[DomT4]

You need to build --with-plugins, which passes a configure flag allowing a less strict check.

[MikeMcQuaid]

Thanks @DomT4

[ghost]

If users are not to search for this ticket, how can this be solved long term?

[MikeMcQuaid]

@MindTooth I don't understand the question.

[ghost]

@MikeMcQuaid: Just reinstalled OS X, and needed to search for this ticket before I managed to make it work. Hence, how do we solve this so people don't need to debug a fresh install. I can report it upstream?

My bad if I didn't make myself clear.

[DomT4]

Unless upstream or Homebrew have security concerns about plugins with relaxed permission checks being the default, IMO, it might as well be.

[MikeMcQuaid]

I'd trying to modify the formula to figure out if there's one of the plugins options that can be added/removed to improve this situation.