将钥匙串添加到搜索列表? [英] Add a keychain to search list?

问题描述

我需要将.keychain文件添加到我的钥匙串搜索列表中，以使用某些自动生成工具.目前，我正在使用security list-keychains命令:

I need to add a .keychain file to my keychains search list for some automated build tools. Currently I'm using security list-keychains command:

list-keychains [-h] [-d user|system|common|dynamic] [-s [keychain...]]
        Display or manipulate the keychain search list.

此命令让您设置整个钥匙串搜索列表，但是它没有提供简单添加其他钥匙串的方法.因此，添加钥匙串成为一个两步过程.

This command let's you set the entire keychain search list, but it does not provide a way to simply add another keychain. So adding a keychain becomes a 2 step process.

1. 运行列表钥匙串并解析输出
2. 然后执行类似list-keychains -s ${existing_chains} ${new_keychain}
的操作

1. Run list-keychains and parse the output
2. Then do something like list-keychains -s ${existing_chains} ${new_keychain}

虽然可行，但似乎过于复杂，并引入了竞争条件.

While this works, it seems overly complicated and introduces a race condition.

另外，似乎open my.keychain会将其添加到搜索列表中，但我倾向于避免在脚本或无头环境中使用类似open的命令.

Also it seems like open my.keychain will add it to the search list, but I tend to avoid using commands like open in scripting or headless environments.

是否有更简单或更好的方法将钥匙串添加到搜索列表中?

Is there a simpler or better way to add a keychain to the search list?

推荐答案

是2017年，在macOS 10.12.4上，security create-keychain仍未向搜索列表中添加新的钥匙串.这是我的脚本，用于逐步添加和销毁临时钥匙串:

It's 2017 and on macos 10.12.4 security create-keychain still does not add a new keychain to the search list. Here's my script to add and destroy temporary keychains step by step:

#!/bin/bash -e

uuid="$(uuidgen)"

echo "New Keychain name: $uuid"

keychains=$(security list-keychains -d user)

keychainNames=();

for keychain in $keychains
do
  basename=$(basename "$keychain")
  keychainName=${basename::${#basename}-4}
  keychainNames+=("$keychainName")
done

echo "User keychains on this machine: ${keychainNames[@]}";




read -p "Enter to create keychain"
security -v create-keychain -p test123 $uuid

read -p "Enter to add keychain to searchlist"
security -v list-keychains -s "${keychainNames[@]}" $uuid

read -p "Enter to unlock keychain"
security -v unlock-keychain -p test123 $uuid

read -p "Enter to import certificate"
security -v import build-assets/certficate.p12 -k $uuid -P certificate_password

read -p "Enter to delete keychain"
security -v delete-keychain $uuid

这篇关于将钥匙串添加到搜索列表?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！