intermittent authorization denied on addPersistentStoreWithType from background

Originator:ericcj
Number:rdar://13007664 Date Originated:1/14/2013
Status:Closed Resolved:2/14/2013
Product:iphone sdk Product Version:6.0.2
Classification:other bug Reproducible:rarely
 
Summary:

Sometimes when calling addPersistentStoreWithType immediately after didFinishLaunchingWithOptions from a location event starting the app it fails with:

Managed object store failed to create persistent store coordinator: Error Domain=NSCocoaErrorDomain Code=256 "The operation couldn’t be completed. (Cocoa error 256.)" UserInfo=0x1f5cd8b0 {NSUnderlyingException=authorization denied, NSSQLiteErrorDomain=23}

See others reporting in https://devforums.apple.com/message/766460

Steps to Reproduce:

Create an app that creates core data objects from significant location change launches and give it to 10 users, this error happens roughly once a month for each user.  

Expected Results:

Actual Results:

Regression:

Notes:

We also have the following logging just before the addPersistentStoreWithType call but it never logs this so it thinks the file is there and readable.

        storeURL = [[self applicationDocumentsDirectory] URLByAppendingPathComponent:@"Timelord.sqlite"];
        if (![[NSFileManager defaultManager] isReadableFileAtPath:[storeURL path]]) {
            DLog(@"Datastore is not a readable file at %@", storeURL);
        }

Comments

This is a follow-up to Bug ID# 13007664.

Engineering has determined that this issue behaves as intended based on the following information:

This happens if geo-fencing or VOIP launches your app before the customer has unlocked their phone for the first time after a reboot. For better security, you should handle this gracefully (e.g., wait until the customer uses the app after first unlock). If that's impossible, you can set the NSPersistentStoreFileProtectionKey to NSFileProtectionNone in your persistent store's options dictionary when you add it to the coordinator.

For more information, see NSPersistentStoreFileProtectionKey and NSFileProtectionCompleteUntilFirstUserAuthentication

By ericcj at March 14, 2013, 2:35 p.m. (reply...)

Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!