in keyper/__init__.py [0:0]
def add_to_user_search_list(self) -> None:
"""Add the keychain to the user domain keychain search list."""
log.debug("Adding keychain to user search list: %s", self.path)
# There is no "add" operation, only a "set" one, so we need to get the
# existing ones so that we can set those along with our new one.
previous_keychains = Keychain.list_keychains(domain="user")
if self.path in previous_keychains:
return
command = ["security", "list-keychains", "-d", "user", "-s", self.path]
# Our new keychain needs to be at the start of the list so that it is
# searched before the others are (otherwise they'll prompt for
# passwords)
for path in previous_keychains:
command.append(path)
try:
subprocess.run(
command,
universal_newlines=True,
check=True,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
).stdout
except subprocess.CalledProcessError as ex:
log.error("Failed to get keychains: %s", ex)
raise
# Validate that the new keychain is there
new_keychains = Keychain.list_keychains(domain="user")
for path in previous_keychains:
if path not in new_keychains:
raise Exception("Previous keychain missing when checking keychains: " + path)
new_path_exists = False
# /var and /private/var are the same, but we don't know which macOS is
# going to send back, so we have to normalize out the symlinks to do
# the comparisons
for new_path in new_keychains:
if os.path.realpath(new_path) == os.path.realpath(self.path):
new_path_exists = True
break
if not new_path_exists:
raise Exception("New keychain missing when checking keychains: " + self.path)