SecurityServer   [plain text]

#!/bin/sh

. /etc/rc.common

# we could make this optional, but the system depends on SecurityServer A LOT...

ConsoleMessage "Starting SecurityServer"

export DEBUGDEST=LOG_AUTHPRIV
#export DEBUGOPTIONS=thread,scope	# only useful with
#export DEBUGSCOPE=-mutex			#   debug-enabled SecurityServers
/System/Library/CoreServices/SecurityServer -X

if [ ! -f /Library/Keychains/System.keychain -a -x /usr/sbin/systemkeychain ]; then
  # no system keychain; make one
  ConsoleMessage "Creating System Keychain"
  if [ ! -d /Library/Keychains ]; then
	mkdir -p /Library/Keychains
	chown root.admin /Library/Keychains
	chmod 755 /Library/Keychains	# do NOT make this 775 -- Security!
  fi
  sleep 2	# give SecurityServer a chance to come up
  /usr/sbin/systemkeychain -C
  touch /Library/Keychains/.fixed
  
elif [ ! -f /Library/Keychains/.fixed -a -x /usr/sbin/systemkeychain ]; then
  # temporary fix: replace broken (early) system keychains (missing db schema)
  sleep 2
  rm -f /Library/Keychains/System.keychain
  /usr/sbin/systemkeychain -C
  touch /Library/Keychains/.fixed
fi