Fleet logo
Menu An icon indicating that interacting with this button will open the navigation menu.
Fleet logo An 'X' icon indicating that this can be interacted with to close the navigation menu.
Device management + MDM Orchestration + monitoring Software management + CVEs, usage, app library Integrations
Get started Built-in checks Raw data App library Tutorials & guides API SUPPORT Chat Contribute Release notes "Why is Fleet on my computer?" Get your license
Stories
What people are saying News Ask around Take a tour COMPANY Origins   (Fleet & osquery) The handbook Logos/artwork Why open source?
Pricing Try it yourself
All platforms
Windows
Linux
macOS
ChromeOS
search

A menu icon Tables {{numberOfTablesDisplayed}}

right chevron down chevron

Tables{{numberOfTablesDisplayed}}

macOS logo Windows logo Linux logo macOS logo

keychain​_acls

Applications that have ACL entries in the keychain. NOTE: osquery limits frequent access to keychain files. This limit is controlled by keychain_access_interval flag.

Column Type Description
authorizations text A space delimited set of authorization attributes
description text The description included with the ACL entry
keychain_path text The path of the keychain
label text An optional label tag that may be included with the keychain entry
path text The path of the authorized application

Example

Identify keychain items with permissions granted to Applications at the system or user level.

SELECT * FROM keychain_acls WHERE path LIKE '/System/Applications/%%' OR path LIKE '/Users/%%/Applications/%%';
Edit page

Need more help?

Slack logo Ask the community on Slack