Announcement: We are excited to announce the newest addition to the community: macOS Catalina

If you have a question or know a thing or two about macOS Catalina, we want to hear from you.

Announcement: Upgrade to macOS Catalina

Experience dedicated apps for music, TV, and podcasts, plus smart new features like Sidecar. Learn how to upgrade >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.


Question: How to fix corrupt keychain permissions?

My keychain permissions have been corrupted. Anyone know how to fix this? Keychain First Aid as well as repairing disk permissions didn't help. What I have also tried, though without success, is starting up from the recovery partition and repair both, home folder & ACL permissions from there. Nothing worked. Any help welcome as I am getting more & more worried.

User uploaded file

iMac, OS X Mountain Lion (10.8.5)

Posted on


Sep 14, 2013 4:02 PM in response to schnuck In response to schnuck

Back up all data. Don't continue unless you're sure you can restore from a backup, even if you're unable to log in.

This procedure will unlock all your user files (not system files) and reset their ownership and access-control lists to the default. If you've set special values for those attributes on any of your files, they will be reverted. In that case, either stop here, or be prepared to recreate the settings if necessary. Do so only after verifying that those settings didn't cause the problem. If none of this is meaningful to you, you don't need to worry about it.

If you have more than one user account, and the one in question is not an administrator account, then temporarily promote it to administrator status in the Users & Groups preference pane. To do that, unlock the preference pane using the credentials of an administrator, check the box marked Allow user to administer this computer, then reboot. You can demote the problem account back to standard status when this step has been completed.

Triple-click the following line on this page to select it. Copy the selected text to the Clipboard (command-C):

{ sudo chflags -R nouchg,nouappnd ~ $TMPDIR.. ; sudo chown -R $UID:staff ~ $_ ; sudo chmod -R u+rwX ~ $_ ; chmod -R -N ~ $_ ; } 2> /dev/null

Launch the Terminal application in any of the following ways:

☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)

☞ In the Finder, select Go Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.

☞ Open LaunchPad. Click Utilities, then Terminal in the icon grid.

Paste into the Terminal window (command-V). You'll be prompted for your login password. Nothing will be displayed when you type it. You may get a one-time warning to be careful. If you don’t have a login password, you’ll need to set one before you can run the command. If you see a message that your username "is not in the sudoers file," then you're not logged in as an administrator.

The command will take a noticeable amount of time to run. Wait for a new line ending in a dollar sign (“$”) to appear, then quit Terminal.

Sep 14, 2013 4:02 PM

Reply Helpful

Sep 14, 2013 4:44 PM in response to Linc Davis In response to Linc Davis

Hi Linc,

Really appreciate your help - I followed your instructions. Everything was as you described. However, the problem prevails.

What else could I try?

Here is the Keychain First Aid output after the process:

Repair started

Checking keychain configuration for schnuck

Home directory is /Users/schnuck

Checked login keychain

Unable to open ~/Library/Keychains/login.keychain (-25312)

Failed to rename /Users/schnuck/Library/Keychains/login.keychain to /Users/schnuck/Library/Keychains/login_renamed.keychain, reason: The operation couldn’t be completed. Permission denied

Checked default keychain

Checked keychain search list

Unable to open ~/Library/Keychains/login.keychain (-25312)

Removed reference to keychain ~/Library/Keychains/login.keychain

Unable to open ~/Library/Application Support/Adobe/AIR/ELS/com.adobe.WidgetBrowser/PrivateEncryptedDatak (-25312)

Removed reference to keychain ~/Library/Application Support/Adobe/AIR/ELS/com.adobe.WidgetBrowser/PrivateEncryptedDatak

Unable to open ~/Library/Keychains/Microsoft_Intermediate_Certificates (-25312)

Removed reference to keychain ~/Library/Keychains/Microsoft_Intermediate_Certificates

Unable to open ~/Library/Application Support/Adobe/AIR/ELS/ (-25312)

Removed reference to keychain ~/Library/Application Support/Adobe/AIR/ELS/

Unable to update /Users/schnuck/Library/Preferences/

Checked contents of ~/Library/Keychains/login.keychain

Unable to open ~/Library/Keychains/login.keychain (-25312)

Checked contents of ~/Library/Application Support/Adobe/AIR/ELS/com.adobe.WidgetBrowser/PrivateEncryptedDatak

Unable to open ~/Library/Application Support/Adobe/AIR/ELS/com.adobe.WidgetBrowser/PrivateEncryptedDatak (-25312)

Checked contents of ~/Library/Keychains/Microsoft_Intermediate_Certificates

Unable to open ~/Library/Keychains/Microsoft_Intermediate_Certificates (-25312)

Checked contents of ~/Library/Application Support/Adobe/AIR/ELS/

Unable to open ~/Library/Application Support/Adobe/AIR/ELS/ (-25312)

Warning: some problems were not fixed

Repair failed

Sep 14, 2013 4:44 PM

Reply Helpful
Question marked as Solved

Sep 14, 2013 5:16 PM in response to schnuck In response to schnuck

Please read this whole message before doing anything.

This procedure is a diagnostic test. It’s unlikely to solve your problem. Don’t be disappointed when you find that nothing has changed after you complete it.
The purpose of the test is to determine whether the problem is caused by third-party software that loads automatically at startup or login, by a peripheral device, or by corruption of certain system caches.

Disconnect all wired peripherals except those needed for the test, and remove all aftermarket expansion cards. Boot in safe mode and log in to the account with the problem. Note: If FileVault is enabled on some models, or if a firmware password is set, or if the boot volume is a software RAID, you can’t do this. Ask for further instructions.

Safe mode is much slower to boot and run than normal, and some things won’t work at all, including sound output and Wi-Fi on certain iMacs. The next normal boot may also be somewhat slow.
The login screen appears even if you usually log in automatically. You must know your login password in order to log in. If you’ve forgotten the password, you will need to reset it before you begin.

Test while in safe mode. Same problem?

After testing, reboot as usual (i.e., not in safe mode) and verify that you still have the problem. Post the results of the test.

Sep 14, 2013 5:16 PM

Reply Helpful

Sep 20, 2013 2:09 PM in response to Linc Davis In response to Linc Davis

Wow - this solved my problem!

I've booted in safe mode. Noticed immediately that the problem was gone. Double-checked with Keychain First Aid even though I could already see all my keychains in the Keychain Access. Did a repair anyway and here's the result:

Repair started

Checking keychain configuration for schnuck (user ID=501)

Home directory is /Users/schnuck

Checked login keychain

Checked default keychain

Checked keychain search list

Checked contents of ~/Library/Keychains/login.keychain

Checked contents of ~/Library/Application Support/Adobe/AIR/ELS/com.adobe.WidgetBrowser/PrivateEncryptedDatak

Checked contents of ~/Library/Keychains/Microsoft_Intermediate_Certificates

Checked contents of ~/Library/Application Support/Adobe/AIR/ELS/

No problems found

Repair completed

I've done a regular restart and all seems to be ok again. I can run apps that had stopped working again just fine.

Thank you very much for your help indeed!


Sep 20, 2013 2:09 PM

Reply Helpful (1)

Apr 22, 2014 2:56 AM in response to Linc Davis In response to Linc Davis

HI Linc,

I came across this post having sort of had the same problem as schnuck.

I used your test and whilst in safe mode I did not have the same problem with the keychain verification and after restarting it temporarily fixed the problem with my main admin user. However, after a while the keychain problem just returns.

Let me give you a little background info on how I came to discover this issue.

On my 13" mid 2009 MBP I've started getting an issue recently where Chrome & Safari stop connecting to any https sites. In addition Spotlight would not bring up any of the Apple apps (i.e. Keychain Access, Disk Utility, Terminal etc etc) and if I manually attempt to open any of these apps they do not launch. Additionally, sometimes I just get a constant beach ball and end up having to force a restart.

After searching possible causes to why Sarafi would not connect to any secure sites I was lead to verifying the login keychain which highlighted the subsequent problem with it.

If I look at the login keychain whilst I'm having these problems it appears completely empty.

Addtional Info

I recently bought an SSD upgrade for this MBP (before this issue started) and have subsequently installed it to see if this might help matters but the issue persists.

I have tried two fresh installs of Mavericks and have now rolled it back to Mountain Lion just in case there was an issue with Mavericks.

Could you possibly suggest any further tests that I can try to establish what my MBPs issue might be?

Is there any further info that you require?

Thanks in advance for any help!


Apr 22, 2014 2:56 AM

Reply Helpful
User profile for user: schnuck

Question: How to fix corrupt keychain permissions?