MacOS – Running a command via SSH on the Mac causes exception; works fine when directly connected

code-signingmacossmbssh

I am trying to sign some code for an application. I can log into my Mac (Mountain Lion) and do this easily:

codesign -s "Developer ID Application: My Name" -f /path/to/appfile/mounted/elsewhere.app

'/path/to/appfile/mounted/elsewhere.app' is the path to the .app file which is actually hosted via Samba on another server.

However, if I ssh into the Mac and run the same command I get:

/path/to/appfile/mounted/elsewhere.app: replacing existing signature
libc++abi.dylib: terminate called without an active exception
Abort trap: 6

… and it fails. Here's the top of the crash report:

Process:         codesign [1353]
Path:            /usr/bin/codesign
Identifier:      codesign
Version:         0.3
Code Type:       X86-64 (Native)
Parent Process:  sshd [1352]
User ID:         501

Date/Time:       2012-08-01 11:06:50.092 +0100
OS Version:      Mac OS X 10.8 (12A269)
Report Version:  10

Crashed Thread:  0  Dispatch queue: com.apple.main-thread

Exception Type:  EXC_CRASH (SIGABRT)
Exception Codes: 0x0000000000000000, 0x0000000000000000

Application Specific Information:
terminate called without an active exception
abort() called

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   libsystem_kernel.dylib              0x00007fff9980f212 __pthread_kill + 10
1   libsystem_c.dylib                   0x00007fff96de1b34 pthread_kill + 90
2   libsystem_c.dylib                   0x00007fff96e25dfa abort + 143
3   libc++abi.dylib                     0x00007fff92619f87 abort_message + 257
4   libc++abi.dylib                     0x00007fff92617944 default_terminate() + 42
5   libstdc++.6.dylib                   0x00007fff9249e527 std::terminate() + 18
6   com.apple.security                  0x00007fff8d898dfb Security::CodeSigning::SecCodeSigner::Signer::signMachO(Security::Universal*, Security::CodeSigning::Requirement::Context const&) + 1047
7   com.apple.security                  0x00007fff8d897e67 Security::CodeSigning::SecCodeSigner::Signer::sign(unsigned int) + 129
8   com.apple.security                  0x00007fff8d8957b9 Security::CodeSigning::SecCodeSigner::sign(Security::CodeSigning::SecStaticCode*, unsigned int) + 393
9   com.apple.security                  0x00007fff8d894a23 SecCodeSignerAddSignatureWithErrors + 52
10  codesign                            0x00000001096d0cca 0x1096ce000 + 11466
...

… I can post the rest if required.

What's stopping this working over SSH?

Best Answer

I found that I needed to unlock the security keychain:

Mac-mini:~ gravelld$ security unlock-keychain
password to unlock default: 
Mac-mini:~ gravelld$ codesign -s "Developer ID Application: My Name" -f /path/to/appfile/mounted/elsewhere.app
/path/to/appfile/mounted/elsewhere.app: replacing existing signature
Mac-mini:~ gravelld$

Success! Hope this helps someone.

Related Question