Skip to main content
Question

security add-internet-password - script-generated entries simply ignored


Forum|alt.badge.img+6

Hi mates.

I have this script running that is supposed to generate internet password entries to the current user's login keychain for specified (internal) websites, after prompting for the user's password:

#!/bin/sh
## postinstall

pathToScript=$0
pathToPackage=$1
targetLocation=$2
targetVolume=$3

# Your company's logo, in ICNS format. (For use in AppleScript messages.)
# Use standard UNIX path format:  /path/to/file.icns
logoIcns="/usr/local/jamf/bin/app.icns"

# The title of the message that will be displayed to the user.
# Not too long, or it'll get clipped.
promptTitle="App Setup"

# Convert POSIX path of logo icon to Mac path for AppleScript
logoIcns="$(osascript -e 'tell application "System Events" to return POSIX file "'"$logoIcns"'" as text')"

userName=$(stat -f%Su /dev/console)

# Check the OS version.
osMajor=$(sw_vers -productVersion | awk -F . '{print $1}')
osMinor=$(sw_vers -productVersion | awk -F . '{print $2}')
if [[ "$osMajor" -ne 10 || "$osMinor" -lt 9 ]]; then
    echo "[ERROR] OS version not 10.9+ or OS version unrecognized."
    sw_vers -productVersion
    BAIL=true
fi

# Get information necessary to display messages in the current user's context.
userId=$(id -u "$userName")
if [[ "$osMajor" -eq 10 && "$osMinor" -le 9 ]]; then
    lId=$(pgrep -x -u "$userId" loginwindow)
    lMethod="bsexec"
elif [[ "$osMajor" -eq 10 && "$osMinor" -gt 9 ]]; then
    lId=$userId
    lMethod="asuser"
fi

sleep 10

userPassword="$(launchctl "$lMethod" "$lId" osascript -e 'display dialog "App needs your user password for adding necessary entries to your login keychain. Please enter your user password:" default answer "" with title "'"${promptTitle//"/\\"}"'" giving up after 86400 with text buttons {"OK"} default button 1 with hidden answer with icon file "'"${logoIcns//"/\\"}"'"' -e 'return text returned of result')"

security unlock-keychain -p $userPassword /Users/$userName/Library/Keychains/login.keychain

security add-internet-password -l site1.ourserver.com -a $userName -w $userPassword -r "htps" -s site1.ourserver.com -A
security add-internet-password -l site2.ourserver.com -a $userName -w $userPassword -r "http" -s site2.ourserver.com -A
security add-internet-password -l site3.ourserver.com -a $userName -w $userPassword -r "htps" -s site3.ourserver.com -A

exit 0      ## Success
exit 1      ## Failure

The script obviously does what it is supposed to do. It generates internet password entries for the specified websites.

However, when I try to access the sites afterwards, it is still prompting for the credentials, just ignoring the already existing entries. When I enter the credentials and tick "remember my password"; it generates new entries in the keychain that look like exact duplicates of the ones previously generated via script. Does anyone have a clue why this might be happening? Anything else I need to do?

Any ideas?

Thank you, and take care.
Chris

0 replies

Be the first to reply!

Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings