Non-Blocking Review Concern: Headless keychain no-timeout config removed; may regress TimeMachine/WiFi credential access on idle targets
Source: pre-push whole-codebase review
Location: scripts/server/first-boot.sh (block deleted near former line 468)
Date: 2026-04-16
What was flagged
PR #30 added security set-keychain-settings -l -u to keep the login keychain unlocked across idle periods (motivated per the MEMORY note by OP_SERVICE_ACCOUNT_TOKEN needing keychain access on a headless Mac Mini that can't auto-login). This PR drops the whole block alongside removing the OP token keychain import. TimeMachine and WiFi credentials are still imported into the login keychain at first-boot.sh:441-467; any long-running per-user consumer of those items on an idle headless Mac Mini will now hit a locked keychain after the default timeout. Whether anything actually reads them post-setup is unclear from the diff — if they're only used at import time, removal is correct; if any LaunchAgent or helper re-reads them hours later, this is a latent regression. Worth a quick audit but not a blocker since the diff scope is "drop the target-keychain path," which this is consistent with.
Context
This issue was automatically created from a non-blocking concern identified
during pre-push whole-codebase review. It was flagged for tracking.
Created by lib-review-issues.sh
Non-Blocking Review Concern: Headless keychain no-timeout config removed; may regress TimeMachine/WiFi credential access on idle targets
Source: pre-push whole-codebase review
Location:
scripts/server/first-boot.sh (block deleted near former line 468)Date: 2026-04-16
What was flagged
PR #30 added
security set-keychain-settings -l -uto keep the login keychain unlocked across idle periods (motivated per the MEMORY note byOP_SERVICE_ACCOUNT_TOKENneeding keychain access on a headless Mac Mini that can't auto-login). This PR drops the whole block alongside removing the OP token keychain import. TimeMachine and WiFi credentials are still imported into the login keychain atfirst-boot.sh:441-467; any long-running per-user consumer of those items on an idle headless Mac Mini will now hit a locked keychain after the default timeout. Whether anything actually reads them post-setup is unclear from the diff — if they're only used at import time, removal is correct; if any LaunchAgent or helper re-reads them hours later, this is a latent regression. Worth a quick audit but not a blocker since the diff scope is "drop the target-keychain path," which this is consistent with.Context
This issue was automatically created from a non-blocking concern identified
during pre-push whole-codebase review. It was flagged for tracking.
Created by lib-review-issues.sh