Can't use /usr/bin/security to retrieve password from keychain via cron

4

I can't seem to be able to successfully retrieve passwords from keychain using /usr/bin/security when I run it from my users crontab. Works fine in my terminal.

I can also see via the cron mail output that my USER, HOME and PATH are all being set correctly inside cron.

I've been able to determine that when it runs in cron it only see's my system keychain and not my users keychain:

    "/Library/Keychains/System.keychain"
    "/Library/Keychains/System.keychain"

I then told /usr/bin/security to use my users keychain explicitly and now I get no output but the exit code is 36.

#security error 36
Error: 0x00000024 36 CSSM_ERRCODE_OBJECT_ACL_REQUIRED

I can't seem to figure out what this means.

I've specified my PATH in cron and tried running /usr/bin/security from inside a bash login shell via bash -l -c /usr/bin/security...

Here is the cron command I'm running:

bash -l -c '/usr/bin/security find-generic-password -g -a myusername -s test_vault /Users/myusername/Library/Keychains/login.keychain 2>&1 ; echo $?'

The mail I receive from cron shows that the PATH is being picked up successfully.

Any ideas? Thanks!

macos
cron
osx-yosemite
keychain
asked on Super User Mar 10, 2016 by rxvt • edited Mar 10, 2016 by rxvt

1 Answer

5

So it looks like even though I was attempting to run this in my crontab, because cron itself runs as root it still wasn't allowed to access my keychains.

I found this blog post which talks about using launchd instead to schedule jobs and my job now works fine via launchd! :)

answered on Super User Mar 10, 2016 by rxvt

User contributions licensed under CC BY-SA 3.0