tags:

views:

2840

answers:

6
+8  Q: 

Running xcodebuild from a forked terminal

Hi everyone,

I'm trying to setup an automated build server for an iPhone application. I'd like to be able to have nightly adhoc beta builds so that testers can follow the development.

I've setted up xcode successfully xcode to perform adhoc builds and I can also launch the build from the command line:

xcodebuild -configuration AdHoc -sdk iphoneos2.2 clean build

The problem I'm having is that the following line doesn't work from a forked terminal (using nohup or screen) and failed with the following

CodeSign error: Code Signing Identity 'iPhone Distribution: XXXXX' does not match any code-signing certificate in your keychain. Once added to the keychain, touch a file or clean the project to continue.

I've checked my environment variables in my shell and in nohup or screen and didn't found a clue. I guess my problem is that the forked terminal can't access to the keychain but I have no clue on how to allow it.

Thanks for your help

A: 

Could the problem be solved with sudo?

adam  2009-02-23 17:45:10
I've just tried running the command with various sudo combination always with the same CodeSign error
Yannooo  2009-02-23 19:01:02
A: 

I've looked at the security command an it appears that the keychains assigned to my terminal are not the same when forked. If I launched the security command in terminal I have:

$ security list-keychains
  "/Users/yannooo/Library/Keychains/login.keychain"
  "/Library/Keychains/System.keychain"

whereas when using screen I have the following output:

$ security list-keychains
    "/Library/Keychains/System.keychain"
    "/Library/Keychains/System.keychain"

Since my build certificates are stored in the login keychain, the code sign error I have looks normal.

Does anyone know how I could assign a keychain to a terminal? I've tried this without success

security login-keychain -s /Users/yannooo/Library/Keychains/login.keychain

Any ideas?

Yannooo  2009-02-23 20:18:44
+4  A: 

Could you use security list-keychains -s ${HOME}/Library/Keychains/login.keychain inside the build process to explicitly add your login keychain to the search list? It seems like from the forked Terminal, the build process doesn't see your user keychain. That could make sense if the keychain search list is based on your current security session - a forked terminal session would leave the login session just as if you ssh over the loopback connection.

Graham Lee  2009-02-23 22:28:47
Thanks a lot, this made it.
Yannooo  2009-02-23 22:44:53
Not for me. If I login interactively to the build account, I can add keychains to my search list. If I am logged in as someone else, I can't.
sehugg  2010-05-21 18:07:08
A: 

As another poster says, 

security list-keychains -s  "/Users/yannooo/Library/Keychains/login.keychain"

But I think you only have access to the login.keychain when you are logged in, in the GUI context (I just tested on a system via SSH and screen, but which I also happen to be logged into via VNC).

It is apparently possible to use launchctl to select the GUI context and run the program, but I suspect that only works for the "logged in user" too.

If you try 'security show-keychain-info keychain-file' then you'll get the error "User interaction is not allowed", and that's a phrase to search with for some more info.

The other solution is to put the certificate into your System keychain!

jrg  2009-02-23 23:35:23
+6  A: 

I had te error User interaction is not allowed and solved it by unlocking the keychain first

security unlock-keychain /Users/yannooo/Library/Keychains/login.keychain

I've also tried to put my certs in the System's keychain and it was working. My final solution was to put all my iPhone related certs in a dedicated keychain named iPhone.keychain using the Keychain Access application

security list-keychains -s /Users/yannooo/Library/Keychains/iPhone.keychain 
security unlock-keychain -p keychainpassword /Users/yannooo/Library/Keychains/iPhone.keychain
Yannooo  2009-02-24 08:59:49
You might want to copy these comments into your original question, rather than having them as "answers"
Mark Bessey  2009-02-24 16:56:07
This is what I intended to do, but it was too long to fit in a comment. And AFAIK comments can't be formatted.
Yannooo  2009-02-25 09:51:41
This solve my problem of "User interaction is not allowed". Nice trick.
Jirapong  2010-04-06 03:08:45
A: 

If you're executing xcodebuild as root (which you are when you sudo), you need to log in as root and put your signing certificates in root's keychain. Then unlock the keychain with security as above.

cdespinosa  2009-02-25 06:57:39

related questions

How do we get arround Apple's decission to skip sms templates for iPhone?
iPhone App Crashing - Error Question
Can I write native iPhone apps using Python
Does the Iphone 1/2 have a compass inside?
How do you beta test an iphone app?
Is it just the iPhone simulator that is restricted to intel only Mac's?
iPhone App Minus App Store?
Deleting messages from Exchange IMAP mailbox on iPhone
Is there a multiplatform framework for developing iPhone / Android applications?
How can I launch the Google Maps iPhone application from within my own native application?
Tips for a successful AppStore submission?
iPhone app that access the Core Location framework over web
Virtual Mac?
What's a good machine for iPhone development?
How can I develop for iPhone using a Windows development machine?
Recommended iPhone Development Resources
Best Wiki for Mobile Users
How to programmatically send SMS on the iPhone?
iPhone - Exchange Calendars in Public Folders
iPhone web applications, templates, frameworks?
Understanding reference counting with Cocoa / Objective C
How-to articles for iPhone development, Objective-C
What are the correct pixel dimensions for an apple-touch-icon?
How do I give my web sites an icon for iPhone?
iPhone app in landscape mode