Help

Keychain ACL question

aburrow
Contributor

Posted on ‎02-26-2013 08:41 PM

I've added an application to the login items of all users. When they login they're prompted to "Allow" access to an Application password within the logon keychain.

If the user "Always Allow" then they don't get prompted again.

I'm wondering if there's some scripted or similar method I can use to automatically do this for the users?

I'm hoping there's a method of modifying the ACL of the Application password from a script.

0 Kudos
2 REPLIES 2

jarednichols
Honored Contributor

Posted on ‎02-27-2013 05:37 AM 

man security

and you'll find a few things in the add-generic-password verb. I'd start with the -T flag and see if that does the trick, otherwise you can use the -A flag (though that's fairly insecure). The authorize verb may also provide some utility.

0 Kudos

aburrow
Contributor

Posted on ‎02-27-2013 07:31 PM

Thanks for that. I've come up with.

security add-generic-password -a "" -s"<appname>" -T <applicationtoadd> -U

I'm prompted Deny or Allow the change to access permissions.

If I Allow the ACL is changed.

How can I stop the prompt as I'd like to deploy this silently.

0 Kudos