Since the older ACL APIs are deprecated, I'm switching to using keychain sharing.
I've seen this post: https://developer.apple.com/forums/thread/123824
My app has an embedded login item helper app as well as a commandline program. I need the main app and commandline program to share keychain items.
My app is not sandboxed/MAS; it is Developer ID.
I first tried setting up an app group. I created an app group on the dev portal, tied to the app IDs, and tied those to provisioning profiles.
When the main app stores a keychain password (via SecItemAdd), it fails citing lack of entitlements. Note that I fetch the app group dynamically from the bundle's entitlements and setting the kSecUseDataProtectionKeychain flag in the query.
If I switch to keychain groups, it works. Problem is that the commandline program crashes on launch. If I provide a separate entitlement file for the commandline program omitting the keychain group entry, it launches but fails to find the keychain item.
Is there a way to get this all working? I'm seriously tempted to go back to the ACL code and suppress the deprecation warnings.