sysprefs_system_wide_preferences_configure shared key doesn't exist on some systems #224

New Issue

Closed

opened 2026-01-19 18:29:43 +00:00 by michael · 1 comment

michael commented 2026-01-19 18:29:43 +00:00

Owner

Copy Link

Originally created by @TSPARR on GitHub.

Summary

On some systems, the shared key does not exist in the output from /usr/bin/security authorizationdb read system.preferences > /tmp/system.preferences.plist

Steps to reproduce

I am unaware of how systems get into this state as it appears to be a non-standard configuration; however, I have seen multiple systems throughout our client base in this state. To emulate such a system, after outputting to /tmp/system.preferences.plist, you can pause and edit the file to remove the shared key manually. From there, attempting to run /usr/libexec/PlistBuddy -c "Set :shared false" /tmp/system.preferences.plist fails and the finding is not remediated.

Operating System version

12.6.0 (21G115)

What is the current bug behavior?

The finding is not remediated and the shared key is not created.

What is the expected correct behavior?

The finding should be remediated regardless including creating the key if it does not already exists.

Relevant logs and/or screenshots

YES (0)
Set: Entry, ":shared", Does Not Exist
YES (0)

Output of checks

Wed Oct  5 14:59:59 UTC 2022 sysprefs_system_wide_preferences_configure failed (Result: 0, Expected: {integer: 1})

Possible fixes

Doing a check for the existence of the key and created it if it doesn't exist should prevent this issue going forward for those systems which are in this state. There's likely a better way to check for its existence than mine; however, this code does work as expected.

/usr/bin/security authorizationdb read system.preferences >/tmp/system.preferences.plist
key_value=$(/usr/libexec/PlistBuddy -c "Print :shared" /tmp/system.preferences.plist)
if [[ "$key_value" == *"Does Not Exist"* ]]; then
    /usr/libexec/PlistBuddy -c "Add :shared bool false" /tmp/system.preferences.plist
fi
/usr/libexec/PlistBuddy -c "Set :shared false" /tmp/system.preferences.plist
/usr/bin/security authorizationdb write system.preferences </tmp/system.preferences.plist

Originally created by @TSPARR on GitHub. ### Summary On some systems, the `shared` key does not exist in the output from `/usr/bin/security authorizationdb read system.preferences > /tmp/system.preferences.plist` ### Steps to reproduce I am unaware of how systems get into this state as it appears to be a non-standard configuration; however, I have seen multiple systems throughout our client base in this state. To emulate such a system, after outputting to `/tmp/system.preferences.plist`, you can pause and edit the file to remove the `shared` key manually. From there, attempting to run `/usr/libexec/PlistBuddy -c "Set :shared false" /tmp/system.preferences.plist` fails and the finding is not remediated. ### Operating System version 12.6.0 (21G115) ### What is the current *bug* behavior? The finding is not remediated and the `shared` key is not created. ### What is the expected *correct* behavior? The finding should be remediated regardless including creating the key if it does not already exists. ### Relevant logs and/or screenshots ``` YES (0) Set: Entry, ":shared", Does Not Exist YES (0) ``` ### Output of checks ``` Wed Oct 5 14:59:59 UTC 2022 sysprefs_system_wide_preferences_configure failed (Result: 0, Expected: {integer: 1}) ``` ### Possible fixes Doing a check for the existence of the key and created it if it doesn't exist should prevent this issue going forward for those systems which are in this state. There's likely a better way to check for its existence than mine; however, this code does work as expected. ``` /usr/bin/security authorizationdb read system.preferences >/tmp/system.preferences.plist key_value=$(/usr/libexec/PlistBuddy -c "Print :shared" /tmp/system.preferences.plist) if [[ "$key_value" == *"Does Not Exist"* ]]; then /usr/libexec/PlistBuddy -c "Add :shared bool false" /tmp/system.preferences.plist fi /usr/libexec/PlistBuddy -c "Set :shared false" /tmp/system.preferences.plist /usr/bin/security authorizationdb write system.preferences </tmp/system.preferences.plist ```

michael closed this issue 2026-01-19 18:29:43 +00:00

michael commented 2026-01-19 18:29:43 +00:00

Author

Owner

Copy Link

@robertgendler commented on GitHub:

Solved by PR #178 and #179

@robertgendler commented on GitHub: Solved by PR #178 and #179

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

visionos_26

dev_2.0_generate_mapping

dev_2.0

sequoia

sonoma

nist-pages

nist-pages-docs

ios_18

ios_26

ios_26_cmmc

dev_2.0_compliance_script

tahoe

dev_ios_26_stig

dev_visionOS_26_stig

dev_tahoe_adjustments

ios_17

dev_sequoia_bio

tahoe_578-typo-in-os_sshd_fips_compliantyaml-fix-code

ventura

ios_16

visionos_2

505-create-python-scp-library

monterey

big_sur

catalina

tahoe_rev2

sequoia_rev4

visionos26_rev2

ios26_rev2

tahoe_rev1

visionos26_rev1

ios26_rev1

sonoma_rev5

sequoia_rev3

ios18_rev3

ios17_rev4

ventura_rev6

sonoma_rev4

sequoia_rev2

visionos_rev2

ios18_rev2.0

ios16_rev4

sequoia_rev1.1

ventura_rev5.1

ios18_rev1.1

sonoma_rev3.1

sequoia_rev1

visionos_rev1

ios18_rev1

ios17_rev3

ios16_rev3

ventura_rev5

sonoma_rev3

ventura_rev4

sonoma_rev2

ios17_rev2

ios16_rev2

monterey_rev6

sonoma_rev1

ventura_rev3

monterey_rev5

ios16_rev1

ios17_rev1

big_sur_rev7

monterey_rev4

ventura_rev2

ventura_rev1.1

monterey_rev3.1

big_sur_rev6.1

ventura_rev1

monterey_rev3

big_sur_rev6

monterey_rev2

catalina_rev6

big_sur_rev5

monterey_rev1

big_sur_rev4

catalina_rev5

big_sur_rev3

catalina_rev4

big_sur_rev2

catalina_rev3

big_sur_rev1

catalina_rev2

catalina_rev1

v0.9

Labels

No items

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

michael

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: usnistgov/macos_security#224