- Jamf Nation Community
- Products
- Jamf Pro
- system.keychain is renamed and all contents delete...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
system.keychain is renamed and all contents deleted after reboot
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-09-2016 10:56 AM
I just encountered a major problem and I can't find any info about this anywhere. Out of the blue I discovered that if I restart my Mac running 10.11.6 the system.keychain is renamed to System.keychain.2016-12-09.13/44/34. (date and time stamp) and a completely empty System.keychain is put in its place!! I've restarted 10 times and I have 10 System.keychain files with the timestamp of each restart. When I try to restore one of the what I presume to be backups from a timestamped file that I know all the System keychain info was in, I then try to connect to our 802.1x network and then the connection fails. The system keychain contains all our company certs, the computer cert and key to get on 802.1x, all the push certs from apple and JSS. I cannot figure out why this is happening and how to fix it!! Has anyone else experienced anything like this before? I'm in a bad way right now since this is my admin Mac and what scares me is if this starts happening to user Macs I'm majorly screwed.
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-09-2016 11:10 AM
oh crap.... I just realized that this started after I made an OS image in Composer 9.96! I connected a 2016 MBP to my iMac via target mode. I selected the mounted HD and Recovery HD in Composer and I remember the box for "Delete system keychain" was checked - as I've done many times before without incident because I understand it deletes the keychain from the drive I'm making an image of. After I finished making the image, I noticed my Mac was acting funky (programs taking a long time to launch and extremely slow web surfing) so I restarted and that's when the problem first happened. Oh crap oh crap oh crap...... if this was caused by Composer, why does it KEEP deleting my system.keychain contents after every restart? And why does it still not work even after I put the backups back in place?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-09-2016 11:16 AM
more info: I looked in System.log and found the following:
Recreating System.keychain because it cannot unlock; see /usr/libexec/security-checksystem
I took a look at that file, but it's just a script and it has a note saying it will not tell you why it won't unlock. I haven't made any changes to the system. I don't know why this would suddenly start happening.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-09-2016 11:23 AM
Whatever happened to Keychain first-aid?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-07-2018 07:17 AM
Did you ever find a fix for this as it's happening to all my Macbook recently?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-07-2018 07:23 AM
Unfortunately not. I ended up re-imaging the mac in question. Luckily I knew what broke it and it was the only computer affected. If this happened out of the blue and to more than one computer, I would have been screwed.
