I've got a keychain that no longer allows me to view the passwords of stored
keys. This was working for me under Mac OS X 10.6.1 but after an update to
10.6.2, I now get "Access to this item is restricted" warnings on every
keychain item whose password I've tried to view (clicking on the "Show
password" checkbox).
I'd welcome any thoughts on resolving this issue, which I'll describe
further below.
I see there are threads about the restricted access warning on Apple
Discussions and elsewhere. There don't seem to be any good solutions other
than deleting all of the keys and re-adding, or troubleshooting MobileMe
sync (which I don't use). I'd rather avoid nuke and pave because the
keychain dates back to early Mac OS X. I do have backups but due to new
items added since the last backup, I'd prefer to recover the existing
keychain. Plus, it's a challenge! :)
>From my logs ('All Messages') I've pulled out two lines of possible
interest.
11/13/2009 xx:yy PM com.apple.systemkeychain[23] dyld: shared cached
file was build against a different libSystem.dylib, ignoring cache
11/13/2009 xx:yy PM loginwindow[30] ERROR | -[LWKeychainSupport
unlockLoginKeychain] | Unable to unlock the keychain, SecKeychainLogin
returned -25293
I don't see any other errors. I've already run 'update_dyld_shared_cache'
and rebooted, just for good measure.
$ sudo update_dyld_shared_cache
After the 10.6.2 upgrade, my default keychain was reset from the one I'd
previously had defined (the old-style one named with the short username) to
the 'login' keychain. I've set the prior default keychain up as the default
again, also rebooting and logging back in.
Another data point: I am apparently unable to change the Access Control
settings for keychain items. I change them, save the changes (sometimes
multiple times), and when that keychain item is reopened, I see the previous
access controls.
The access controls themselves show the apps and settings I'd expect based
on the keychain item I'm looking at.
The keychain items themselves seem to work even though I can't show the
associated password. I can still log in with credentials stored in the
keychain after I answer the relevant prompts.
A wrinkle is that the 10.6.2 upgrade was done through a client management
tool that without running the package installer. Therefore, none of the
package scripts would have run. (An obvious next step to me is to run the
10.6.2 package installer to see if that makes a difference.) The upgrade to
10.6.2 may or may not have been related, but it did happen between the time
the keychain worked and when it stopped allowing me to show passwords.
Any thoughts on what may have gone wrong and whether it is fixable? Thanks
in advance!
--
Jeremy
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
