1

Connected via ssh and executing:

xcrun altool --notarize-app --primary-bundle-id com.example.app --username exam@ple.com --password @keychain:AC_PASSWORD --file app.dmg

results in:

2019-04-17 16:06:53.146 altool[4331:55219] *** Error: User interaction is not allowed.

The password has been stored in a temporary keychain with:

security add-generic-password -a "exam@ple.com" -s "AC_PASSWORD" -p "myPassword" -A "temp.keychain"

codesigning works with the temporary keychain trick: https://apple.stackexchange.com/questions/255872.
During creation of the temporary keychain, the AC_PASSWORD password item is added with the above command.

Executing the same command locally on the machine works.

Macintron
  • 97
  • 1
  • 10

2 Answers2

2

I also tripped on this exact same issue. I think the solution can be found in this answer.

Specifically:

The first time you run altool, you get a security confirmation dialog asking you whether to allow altool to read the password. Enter your keychain password and click on Always allow.

You will need to login interactively and run the altool command as you would over ssh. When the confirmation pops, enter the keychain password and click "Always allow". You only have to go through this once after adding the password to the keychain.

Nuno G
  • 21
  • 3
0

I had a similar issue, getting the same error when using SSH to run security import for a cert. I'm working on scripts that should be able to run over Ansible without user interaction, so I want to avoid one-time manual steps for each script.

You don't know which information the tool is trying to prompt for (password, passphrase, etc.) because the error is generic, so by connecting over VNC for an interactive session and then running the command manually in Terminal, you can see see the prompt and learn what the problem is. (For me, a missing certificate passphrase.)

Related post: Xcode, Codesign Error from Jenkins / SSH - "User Interaction is not allowed"

Carl Walsh
  • 6,100
  • 2
  • 46
  • 50