asfener.blogg.se - Box sync was unable to access your keychain

Box sync was unable to access your keychain how to#

If I manually switch to "Allow all applications to access this item" in Keychain Access, it works.

I can see the daemon binary in the "Always allow access by these applications" list in the "Access Control" tab of the password item in Keychain Access.app.

The daemon binary contains an embedded ist section with a bundle ID and version.

The daemon binary is signed with a Developer Id certificate.

Unfortunately, this has started returning errSecAuthFailed for reasons that are unclear to us.Ī few additional details we've checked and things we've tried, to no avail: Retrieving it on subsequent runs of our daemon is done with this line: status = SecKeychainFindInternetPassword( Success is reported, and I can see the item in the "system" keychain in Keychain Access.app. KSecProtocolTypeAny, kSecAuthenticationTypeAny, When saving a new password to the keychain, we use OSStatus status = SecKeychainAddInternetPassword( SecKeychainSetUserInteractionAllowed(false)

We also disable user interaction for good measure, although we'd expect it to already be off in the context of a daemon.

Regardless of whether we're saving a new password or retrieving an old one, we obtain a reference to the system keychain using this: SecKeychainCopyDomainDefault(kSecPreferencesDomainSystem, &system_keychain)

Box sync was unable to access your keychain how to#

This has been working fine, but on macOS 10.12 the existing code stopped working, and we've been entirely stumped on how to fix this.

On subsequent launches, the idea is to retrieve the password from the keychain and use it to authenticate with the network service. It needs to authenticate with the service, so when it first obtains the password, we save it to the system keychain. We have a Launch Daemon which (necessarily, for various reasons) runs as root, and which communicates with a server component via the network.