Post

Replies

Boosts

Views

Activity

Reply to I need to restrict macOS keychain operations to a single keychain
Hi Quinn, Since I'm in a daemon and I need my own keychain file separated from the rest of the world I'm targeting a traditional file-based keychain. I tried adding items to my keychain using the dictionary key that you specified elsewhere to set the target keychain and that worked. The keychain item is actually where I want it when I open up the keychain file in Keychain Access. However, when I search for it using the SecItem APIs I don't get it returned to me. I would ALSO like the ability to have a memory based keychain eventually, but that is secondary. Thanks for any help. Jim
Aug ’20
Reply to Kerberos SSO
Solved the problem with no users showing up. Solved the problem with the policy. Thanks to the tech support at SimpleMDM for that. I'm unfamiliar with what sort of URL to initialize the ASAuthorizationSingleSignOnProvider with, though. [authProvider canPerformAuthorization] returns false and I'm pretty sure it is because I don't have the policy right yet OR the URL is wrong.
Jul ’20
Reply to Kerberos SSO
I'm enrolling a Parallels VM into SimpleMDM and trying to push down the Single Sign-On configuration to it as a custom configuration. So far I haven't seen the policy come down, though I've pushed down System Update successfully.
Jul ’20
Reply to signal handlers and dispatch_main
Thanks for the responses. I am looking at making glib use dispatch for event handling as potentially a performance enhancement. I've downloaded the dispatch source and looked through it a good bit and that has been somewhat helpful. Some really gnarly macros live in there. You've given me an idea for a path around the immediate problem. I THOUGHT I'd tried it when I ran into the problem initially, but I'll need to verify.
Jul ’20
Reply to use of daemon call in ported code
On unix the process parses the command line utils and then based on them it daemonizes so that the command line util can terminate and the daemon hangs around indefinitely. What I'm doing for macOS is have the command line util parse the params and then XPC them to a mach service registered with launchd. XPC and dispatch are conflicting with the shared unix glib code for event loops and signal handling. I'm working on making glib use dispatch and dispatch_io with the side benefit of hopefully being more efficient, but I'm wondering if all of this is necessary since the immediate reason to do this is to avoid the daemon call. Exactly how this will work in the finished product is unknown.
Jul ’20
Reply to Catalina madness
Perhaps as a workaround you could use Parallels?Catalina has been okay. Issues I've had are:my video card rebooting seemingly randomly a few times a dayI have a once a month hard lock up that I didn't have on my older hardware and OSI usually stay on 10.x.6 until 10.x+1.5 comes out, but new hardware didn't allow me that luxury this cycle, so I feel your pain.
Jun ’20