launchctl doesn't start cntlm daemon
I'm posting this as a separate answer since I did not have to fiddle with any plist
files to make this work.
Here's how I installed and started CNTLM today:
Install CNTLM with Homebrew
brew install cntlm
Edit CNTLM configuration
Edit the /usr/local/etc/cntlm.conf
file, update the following items:
-
Username
: The user name for authenticating with your NTLM proxy -
Domain
: Set the domain (if required) -
Password
: Your password in plain text - only required for testing, remove this later... -
Proxy
: Your proxy host name/IP and port (can use multiple lines) -
NoProxy
: Add any hosts that don't need to be proxied
Update Authentication
Run the following to let CNTLM figure out which authentication means work with your proxy:
cntlm -M https://www.google.com
This will spit out info like this, copy this into your cntlm.conf
file:
Auth NTLM
PassNT ...
PassLM ...
Next, have your password encrypted:
cntlm -H
Enter your account password when asked. This command will then print something like the following (some lines are the same as from the above command) - copy this into your cntlm.conf
file:
PassLM ...
PassNT ...
PassNTLMv2 ... # Only for user 'xxx', domain 'yyy'
Remove your plain text password from the file now and comment out the Password
line.
You will need to run cntlm -H
again if you change your password.
Run CNTLM as a macOS Service
Multiple options exist for this, pick the one you like best:
# Start CNTLM at boot time - requires `sudo`
sudo brew services start cntlm
# Start CNTLM at login time
brew services start cntlm
# Run CNTLM on demand, don't start at boot or login
brew services run cntlm
# Stop CNTLM (might have to use `sudo` if you started it with `sudo`)
(sudo) brew services stop cntlm
# List all services managed by Homebrew
brew services list
More info on brew services
can be found in the official documentation.
I went through the homebrew information and it states the following:
Edit
/usr/local/etc/cntlm.conf
to configure CntlmTo have launchd start cntlm now and restart at startup:
sudo brew services start cntln
If you haven't done this, that should be your first step.
Furthermore, I don't think /Library/LaunchDaemons
is an appropriate place for the plist file. A better location in my opinion would be ~/Library/LaunchAgents
as it runs at user login. This is a personal preference to determine when and for which system users you wish the software to run. This is important to know when attempting to debug your system if something were to fail or prevent other system operations from running properly.
I also don't think that plist file is going to run to begin with. Try my location suggestion with the following plist file code below. It has proper error output for logging so you can see what is going on located at $HOME/Library/Logs/cntlm-output.log
and $HOME/Library/Logs/cntlm-error.log
For more information on Launchd startup jobs, see apple's developer documentation here: Creating Launch Daemons and Agents
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>homebrew.mxcl.cntlm</string>
<key>ProgramArguments</key>
<array>
<string>/bin/sh</string>
<string>-c</string>
<string>/usr/local/opt/cntlm/bin/cntlm</string>
</array>
<key>KeepAlive</key>
<false/>
<key>RunAtLoad</key>
<true/>
<key> StandardOutPath </key>
<string> ~/Library/Logs/cntlm-output.log </string>
<key> StandardErrorPath </key>
<string> ~/Library/Logs/cntlm-error.log </string>
</dict>
</plist>