Accessing keychain in a launchd process
I have a ruby script that shells out a call similar to the following: `security find-generic-password -ga test /Users/brad/Library/Keychains/login.keychain` When run from the command line I was prompted to give access to the keychain item for the 'security' command (this security of this concerns me but is out of scope for the question). After granting access via Keychain Access I can run the script and it no longer prompts for the retrieval of the password. When invoked from launchctl I see the following in Console: "security: SecKeychainFindGenericPassword: User interaction is not allowed." I tried adding launchd and launchctl to the list of programs that have access to this password but I get the same error. Any ideas on what the program might be when run from launchctl? -bradr
At 20:55 -0700 10/8/08, Brad Reynolds wrote:
Any ideas on what the program might be when run from launchctl?
What context is your "launchd process" running in? Is it a daemon or an agent? If it's an agent, what type of agent (see Table 1 in TN2083 for the list of options)? <http://developer.apple.com/technotes/tn2005/tn2083.html> I would only expect this to work from a GUI launchd agent. Daemons and other agents run outside of the GUI login context, and thus can't safely display UI. S+E -- Quinn "The Eskimo!" <http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware
participants (2)
-
Brad Reynolds
-
Quinn