Unrecoverable error. SecurityAgent was unable to create requested mechanism

Question

Created Jul ’22

Replies 1

Boosts 0

Views 1.2k

Participants 2

I'm writing an Authorization Plugin (herein called Othello) following the old and new documentation as best I can. It is meant to be run at Login after FileVault opens up as a mechanism in system.login.console but I am testing it by adding its own right in the Authorization database and a command line test app that attempts to obtain this temporary right. The error message that pops up is the same though:

Relevant console log entries are attached.

Auth Plugin Loading Unrecoverable Error Console.log

There are a few interesting hints in the log, but I can't find much toward resolving any of them:

Do Auth Plugins have to be signed by the same team as SecurityAgentHelper? (Can't be...)
How is the MechanismCreate function even being called if the bundle can't be loaded?
Why is MechanismCreate's AuthorizationPluginRef inPlugin parameter apparently some sort of String instead of an AuthorizationPluginRef?

Here is the temporary right definition I installed with security authorizationdb write othello.login:

Othello.login.txt

And here is what it looks like after I confirm its installation with security authorizationdb read othello.login:

Read Othello.login.txt

Thanks in advance,

Meir

Boost

Answer 1

DTS Engineer OP

Apple

Jul ’22

I'm writing an Authorization Plugin (herein called Othello) following the old and new documentation as best I can.

Oi vey! Writing a new authorisation plug-in from scratch using the existing documentation is going to be very challenging. I can help you with this but it’s far beyond what I have time for here on DevForums. Please open a DTS tech support incident and let’s talk one-on-one.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0