I am currently trying to create a root account from Single User Mode on OSX Yosemite
/sbin/mount -uw /
launchctl load /System/Library/LaunchDaemons/com.apple.opendirectoryd.plist
passwd
The first 2 lines appear to work fine, but after I type 'passwd' nothing comes up. Not even a propmpt to keep typing commands. I don't believe it is setting the password because anything I type is visible and even if I type the same text twice nothing happens.
When I try to run this command after the computer boots and I have logged into my account 'passwd' works as expected, it prompts me for the old password and for the new password twice.
I had exactly the same issue, earlier today. However, there is another way:
Reboot your Mac then press & hold Command + R when it's booting up until you see a loading bar. You'll then be taken into recovery mode.
Recovery mode has a UI, so use your mouse and select Terminal from the Utilities section of the menu bar.
Type resetpassword in the terminal and hit Enter. This will load the password reset utility, where you can pick a user and give them a new password.
I have a cert in a key chain that contains a private key. I'd like to add an application to the access control "white list" for that key. I know how to do this using the graphical key chain tool, but I'd like to do it via the command line as part of an Xcode build script.
From what I can tell the "security" command is the way to manipulate key chains at the command line, but I can't figure out from the man page how I'd go about accomplishing this task.
For completeness, here's exactly what I do in the key chain tool that I'd like to do via the command line:
Click the cert to show its private key.
Right-click the private key and select the "Get Info" menu item.
Click the "Access Control" tab.
Click the "+" button to add an application to the white list.
Select the application (in my case Xcode) and click "Add".
I might also be interested in how to allow access to all applications.
I don't think there is any way from security to do this after the key was imported. However, if you're importing the key for the first time, you can use the -T flag:
-T Specify an application which may access the imported key
(multiple -T options are allowed)
So in my case I was able to do this:
security import my.key -P mypassword -T /usr/bin/pkgbuild
And everything worked!
Disclaimer
I'm honest this is probably not the best place to post this... but I stumbled onto this (and several other) entries with more or less the same problem. See also https://stackoverflow.com/a/34388302/359100. But since I found a solution which could help other people who try to change access control for private key in Keychain via remote session my solution could help...
B/c for me importing via CLI did not work (using -T or -A). I always got that pop regarding access from Keychain.
BTW: If you know a better SO answer where this belongs... please let me know or move it there...
Solution
Create a Keychain on your local machine. E.g. name it apple-development[.keychain]. Add there your private keys and assign necessary access control (best: "Allow all ..."). Now copy that keychain to your remote Mac and add it there via Keychain application (File / Add Keychain...). For CI you maybe do something like this:
security unlock-keychain -p YOUR-KEYCHAIN-PASSWORD "${HOME}/apple-development.keychain"
I got puttyCm, I need to log in to my devices for once and let the putty store it..later i can come and enter automatically with out entering the passwords again?
can u show me the way pls?
in addition,
if one device can be reached thru other devices..how to implement it?
You can follow below procedure (I assume that you have already engaged your puttycm with corresponding putty.exe or equivalent):
Just open any of your desired putty window by telnet or ssh (no need to login)
Right click on that window and click 'Configuration'; a window should pop up for same
In its 'Connection' tab on left side you can see check box called 'Enable Login macro mode'; select that
Now click on the tab 'Login Macro' again on left side; you can see Login / Password etc. fill them correctly (if you want to see the password which you type, you can click an EYE symbol next to it; that makes it visible until clicked again)
Once you login, if you want to enable some 'Post-login command' then check that box too; now you can write commands like 'bash' or 'myscript' etc in those command rows
Click 'OK' and verify by opening new windows (ctrl + u) of same ip addresses
I have not worked with puttycm, but my Putty experience tells me that puttyagent that comes with putty is an answer for your question.
Putty-agent stores any private keys you provide to it and uses them for automated authorization. Private-key can be added by means of standard ssh-agent tools like ssh-add or can be browsed to with GUI.
I use a standard user account for my daily tasks on Mac OS. Since upgrading to Snow Leopard I am asked to do the following when a program is run from within Xcode:
"Type the name and password of a user in the 'Developer Tools' group to allow Developer Tools Access to make changes"
While I know the admin username/password, this is annoying (though only required once per login).
The developer tools access is asking for rights to "system.privilege.taskport.debug" from application gdb-i386-apple-darwin.
What is the best way around this?
You need to add your macOS user name to the _developer group. See the posts in this thread for more information. The following command should do the trick:
sudo dscl . append /Groups/_developer GroupMembership <username>
Finally, I was able to get rid of it using DevToolsSecurity -enable on Terminal.
Thanks to #joar_at_work!
FYI: I'm on Xcode 4.3, and pressed the disable button when it launched for the first time, don't ask why, just assume my dog made me do it :)
$ dseditgroup -o edit -u <adminusername> -t user -a <developerusername> _developer
You should add yourself to the Developer Tools group. The general syntax for adding a user to a group in OS X is as follows:
sudo dscl . append /Groups/<group> GroupMembership <username>
I believe the name for the DevTools group is _developer.
Ned Deily's solution works perfectly fine, provided your user is allowed to sudo.
If he's not, you can su to an admin account, then use his dscl . append /Groups/_developer GroupMembership $user, where $user is the username.
However, I mistakenly thought it did not because I wrongly typed in the user's name in the command and it silently fails.
Therefore, after entering this command, you should proof-check it.
This will check if $user is in $group, where the variables represent respectively the user name and the group name.
dsmemberutil checkmembership -U $user -G $group
This command will either print the message user is not a member of the group or user is a member of the group.
Answer suggested by #Stacy Simpson:
We are struggling with the issue described in these threads and none of the resolutions seem to work:
Stop "developer tools access needs to take control of another process for debugging to continue" alert
Authorize a non-admin developer in Xcode / Mac OS
As I'm new to SO, I cannot post in either thread. (The first one is actually closed and I disagree with the localization reasoning...)
Anyway, we created a work-around using AppleScript that folks may be interested in. The script below should be executed asynchronously prior to launching your automated test:
osascript <script name> <password> &
Here is the script:
on run argv
# Delay for 10 seconds as this script runs asynchronously to the automation process and is kicked off first.
delay 10
# Inspect all running processes
tell application "System Events"
set ProcessList to name of every process
# Determine if authentication is being requested
if "SecurityAgent" is in ProcessList then
# Bring this dialogue to the front
tell application "SecurityAgent" to activate
# Enter provided password
keystroke item 1 of argv
keystroke return
end if
end tell
end run
Probably not very secure, but it's the best work-around we've come up with to allow tests to run without requiring user intervention.
Hopefully, I can get enough points to post the answer; or, someone can unprotect this question. Regards.
For me, I found the suggestion in the following thread helped:
Stop "developer tools access needs to take control of another process for debugging to continue" alert
It suggested running the following command in the Terminal application:
sudo /usr/sbin/DevToolsSecurity --enable
Here is a better solution from
Mac OS X wants to use system keychain when compiling the project
Open Keychain Access.
In the top-left corner, unlock the keychain (if it is locked).
Choose the System keychain from the top-left corner.
Find your distribution certificate and click the disclosure triangle.
Double-click ‘Private key’ under your distribution certificate.
In the popup, go to the Access Control tab.
Select ‘Allow all applications to access this item’.
Save the changes.
Close all windows.
Run the application.
I am on Snow Leopard and this one didn't quite work for me. But the following procedure worked:
First added another account with admin privileges by ticking "Allow user to administer this computer" under Accounts, for example an account with username test
Logged into the test account
Launched Xcode, compiled and ran my iPhone project. All ok, no errors were thrown related to permissions
Logged out of the test account
Logged in with the another account having admin privileges
Took away the admin priviliges from the test account by removing the tick from "Allow user to administer this computer" under Accounts
Logged back into the test account
Deleted the iPhone project directory and again checked out from the repository (in my case svn)
Launched Xcode, compiled and ran the project. I didn't get any errors and the App ran well in the iPhone Simulator.
After you run:
sudo dscl . append /Groups/_developer GroupMembership <username>
per the answer above, you may still get prompted to enter in your own password:
We need authorization from an admin user to run the debugger.
This will only happen once per login session.
What it really means is any _developer groupmember user so just your non-admin user/password will work here but to get rid of it completely (no prompts after a reboot) you'll also need to run:
sudo DevToolsSecurity -enable
(running it with sudo as an admin user/as root will make it so you can do it remotely without a gui password prompt)
I am creating a login usercontrol. I have added the following buttons: Recover Password, Change Password & Edit Profile.
I am using DevExpress's ASPxPopupControl to host the functions associated with those three buttons.
There are two problems
When the popup is opened I need to be able to close/hide it using a command button
When a user starts using one of the login controls and chooses to close the dialog the next time the dialog is opened it does not start at the beginning.
(e.g. Start the change password dialog, enter some information, close the popup; the information you started with is not cleared)
Any ideas?
Here is a link to help you with closing the popup on a keypress. You can use the Escape key as in this example or code your own.
http://www.devexpress.com/Support/Center/p/Q209168.aspx
For resetting the values, it appears this is manual.
http://www.devexpress.com/Support/Center/p/Q252942.aspx