I've been trying to setup launchd to block several websites on OS X 10.11.6
The /etc/hosts list is changed on schedule but a browser can still access the blocked sites.
Another strange behavior is that launchd seems to execute the commands when I load the plist, but does not execute the commands during the scheduled time.
Some googling suggested that I might need to reset the DNS cache:
sudo dscacheutil -flushcache;sudo killall -HUP mDNSResponder
When I run that from the command line I can still access the sites that should be blocked. I don't know how to add this to the launchd plist program arguments either if it were to work.
$ cat /Library/LaunchDaemons/local.hosts.blockingAM.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>local.hosts.blockingAM</string>
<key>ProgramArguments</key>
<array>
<string>cp</string>
<string>/etc/hosts_BLOCKED_sites.txt</string>
<string>/etc/hosts</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>StartCalendarInterval</key>
<array>
<dict>
<key>Hour</key>
<integer>8</integer>
<key>Minute</key>
<integer>15</integer>
<key>Weekday</key>
<integer>1</integer>
</dict>
<dict>
<key>Hour</key>
<integer>8</integer>
<key>Minute</key>
<integer>15</integer>
<key>Weekday</key>
<integer>2</integer>
</dict>
<dict>
<key>Hour</key>
<integer>9</integer>
<key>Minute</key>
<integer>35</integer>
<key>Weekday</key>
<integer>3</integer>
</dict>
<dict>
<key>Hour</key>
<integer>8</integer>
<key>Minute</key>
<integer>15</integer>
<key>Weekday</key>
<integer>4</integer>
</dict>
<dict>
<key>Hour</key>
<integer>8</integer>
<key>Minute</key>
<integer>15</integer>
<key>Weekday</key>
<integer>5</integer>
</dict>
</array>
<key>StandardErrorPath</key>
<string>/tmp/local.hosts.blocking.err</string>
<key>StandardOutPath</key>
<string>/tmp/local.hosts.blocking.out</string>
</dict>
</plist>
Here are the permissions:
$ ls -la /Library/LaunchDaemons/local.hosts.blockingAM.plist
-rw-r--r--@ 1 root wheel 1474 Sep 8 09:33 /Library/LaunchDaemons/local.hosts.blockingAM.plist
I load up the plist with:
$ sudo launchctl load /Library/LaunchDaemons/local.hosts.blockingAM.plist
There are no errors recorded:
$ cat /tmp/local.hosts.blocking.err
Here is the file containing blocked sites:
$ cat /etc/hosts_BLOCKED_sites.txt
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
# Blocked sites redirected to 0.0.0.0
0.0.0.0 reddit.com www.reddit.com
0.0.0.0 facebook.com www.facebook.com
What am I doing wrong?
Best Answer
Have you actually checked your
/etc/hoststo be certain that it's being modified? As a test, I dropped127.0.0.1 foo.com www.foo.cominto my/etc/hostsand tried loading the site; it immediately went to localhost as expected. You might not be doing anything wrong with the/etc/hostscode at all; however, there's a good chance the changes you are requesting are never making their way into the file in the first place.I'd also try
mvinstead ofcp.mvwon't change file permissions, it just unlinks the target and renames the source: so you'll need to remember to swap first (e.g.mv /etc/hosts /etc/hosts_default && mv /etc/hosts_BLOCKED_sites.txt /etc/hosts, reverse the order when you want to unblock, remember to flush DNS cache after each change, and ensure that/etc/hosts_BLOCKED_sites.txthas the same permissions/ownership as/etc/hostsbefore starting)