10 Replies Latest reply: Jun 12, 2006 1:30 PM by baltwo
Chris D Searle Level 1 Level 1 (0 points)
Been having a lot of problems with having to unlock the login keychain all the time (see loads of posts on these forums, google et al).

So - following a lot of the advice out there - I reset my login keychain.

Now - I'm trying to understand the following:

1) In preferences - login keychain is set to not to lock
2) In the keychain settings - the login keychain is set to not lock on sleep or inactivity.

(yes yes - I know this is insecure - when I get it to stop autolocking all the time we'll take another look at this).

So - all three places I have found is set to not lock (and there's nothing in the chain either - completely new chain).

So . why does first aid give me the following:


Verification started
Checking keychain configuration for Chris Searle (user ID=501)
Home directory is /Users/chris
Checked login keychain
Checked password for ~/Library/Keychains/login.keychain
Checked settings for ~/Library/Keychains/login.keychain
Settings for ~/Library/Keychains/login.keychain may cause the keychain to be locked
Current values: lockOnSleep=no, autoLock=never
Checked default keychain
Checked contents of ~/Library/Keychains/login.keychain
Verification completed

Repair gives

Repair started
Checking keychain configuration for Chris Searle (user ID=501)
Home directory is /Users/chris
Checked login keychain
Checked password for ~/Library/Keychains/login.keychain
Checked settings for ~/Library/Keychains/login.keychain
Settings for ~/Library/Keychains/login.keychain may cause the keychain to be locked
Current values: lockOnSleep=no, autoLock=never
Settings corrected on ~/Library/Keychains/login.keychain
Checked default keychain
Checked contents of ~/Library/Keychains/login.keychain
Problems successfully repaired
Repair completed

But the next verify shows the same thing. What setting where is causing the "may cause the keychain to be locked"? 'cos it keeps locking.

Macbook pro 17"   Mac OS X (10.4.6)  
  • baltwo Level 9 Level 9 (62,195 points)
    What are your settings in Keychain Access->Preferences->First Aid?

    I have the first unchecked and the last three checked. Keychain First Aid verify reports:

    Verification started
    Checking keychain configuration for "me" (user ID=501)
    Home directory is /Users/"me"
    Checked login keychain
    Checked password for ~/Library/Keychains/login.keychain
    Checked settings for ~/Library/Keychains/login.keychain
    Checked default keychain
    Checked keychain search list
    Checked contents of ~/Library/Keychains/login.keychain
    Checked contents of ~/Library/Keychains/MicrosoftIntermediateCertificates
    No problems found
    Verification completed

    All options in settings for Keychain "login" are unchecked.
  • Chris D Searle Level 1 Level 1 (0 points)
    All four checked.

    Edit > Change settings for keychain "login" - all three unchecked.

    Just re-run first aid:

    Verification started
    Checking keychain configuration for Chris Searle (user ID=501)
    Home directory is /Users/chris
    Checked login keychain
    Checked password for ~/Library/Keychains/login.keychain
    Checked settings for ~/Library/Keychains/login.keychain
    Settings for ~/Library/Keychains/login.keychain may cause the keychain to be locked
    Current values: lockOnSleep=no, autoLock=99999 mins
    Checked default keychain
    Checked contents of ~/Library/Keychains/login.keychain
    Verification completed

    Note the autolock. I did set it to that to see if it was triggering. Now it's back to unchecked and 5 mins - yet first aid still reports this.
  • baltwo Level 9 Level 9 (62,195 points)
    Don't know what to tell you. The only differences I see is that you have "clear log before scan" checked (I don't) and I'm running 10.4.6 (you're at 10.4.5). Turn off the clear log option and rerun verify.
  • Chris D Searle Level 1 Level 1 (0 points)
    Re OS version - forgot to change it - got a mini at .5 and the pro at .6 - it's .6 I'm working on.

    Really irritating this one - been adding passwords/keys in the mean time - **** thing just locked again. I simply don't understand it.
  • Chris D Searle Level 1 Level 1 (0 points)
    OK - turned off the clear log. Here's a run. It fixed the 99999 business - but not the "may cause the keychain to be locked"

    Verification started
    Checking keychain configuration for Chris Searle (user ID=501)
    Home directory is /Users/chris
    Checked login keychain
    Checked password for ~/Library/Keychains/login.keychain
    Checked settings for ~/Library/Keychains/login.keychain
    Settings for ~/Library/Keychains/login.keychain may cause the keychain to be locked
    Current values: lockOnSleep=no, autoLock=999999 mins
    Checked default keychain
    Checked contents of ~/Library/Keychains/login.keychain
    Verification completed

    Repair started
    Checking keychain configuration for Chris Searle (user ID=501)
    Home directory is /Users/chris
    Checked login keychain
    Checked password for ~/Library/Keychains/login.keychain
    Checked settings for ~/Library/Keychains/login.keychain
    Settings for ~/Library/Keychains/login.keychain may cause the keychain to be locked
    Current values: lockOnSleep=no, autoLock=999999 mins
    Settings corrected on ~/Library/Keychains/login.keychain
    Checked default keychain
    Checked contents of ~/Library/Keychains/login.keychain
    Problems successfully repaired
    Repair completed

    Verification started
    Checking keychain configuration for Chris Searle (user ID=501)
    Home directory is /Users/chris
    Checked login keychain
    Checked password for ~/Library/Keychains/login.keychain
    Checked settings for ~/Library/Keychains/login.keychain
    Settings for ~/Library/Keychains/login.keychain may cause the keychain to be locked
    Current values: lockOnSleep=no, autoLock=never
    Checked default keychain
    Checked contents of ~/Library/Keychains/login.keychain
    Verification completed
  • baltwo Level 9 Level 9 (62,195 points)
    Did you log out and back in? Did you restart? Do you have more than one user account? Did you create a new admin user account, log into it, and see if you get the same messages? Try all of those. I can't duplicate the behavior and am out of ideas.
  • Chris D Searle Level 1 Level 1 (0 points)
    Now - I'm not sure if I'm imagining it. But - I spotted that the SSHKeychain app (1.7.1) has a menu item for locking the "Apple" keychain. So (and I'll admit this was a flying leap at a "well it can't hurt to try") I quit that app. The login keychain has not locked since that point (although the "may be caused to lock" message still turns up in First Aid).

    I have no idea if this is relevant or if it is a complete red herring - but I will be testing further over time.
  • baltwo Level 9 Level 9 (62,195 points)
    Ah! The proverbial "Oh! BTW, I forgot to tell you that I'm using a 3rd-party application that, supposedly integrates with the Apple Keychain, and that I'm on a network, etc., etc., etc." RME (rolling my eyes), in wonderment.

    Remove the application and its associated preferences file, restart, and see if the behavior disappears. Thanks for the feedback. Seems like you found the problem. Good computing.
  • Chris D Searle Level 1 Level 1 (0 points)
    If I'd known it integrated in that way I'd have mentioned it earlier. Only just spotted it. Note that even removed the original question still remains - why does first aid claim that some setting or other "may cause it to be locked"
  • baltwo Level 9 Level 9 (62,195 points)
    I don't know. Are you sure you removed all of its pieces? You might try moving com.apple.keychainaccess.plist out of ~/Library/Preferences/, log out and back in, and see if the problem persists.