Guest User has keychain issues until I reboot

We have some systems used as general-purpose systems. We configured the systems to enable the Guest user; periodically, when trying to log into the system, a keychain notification pops up saying it can't access the local keychain. Once logged in, opening applications like Safari gives an error message about not being able to access a keychain ("Do you want to reset to defaults?!")

Reboot the system, it acts normal...no keychain errors.

I have logged in via ssh as an admin user and verified that when the guest user logs off, the home directory files...and presumably the keychain files...are gone for Guest. Logging in re-creates the Guest's home directory.

First thought is something is holding open keychain files even when deleted and not closing the file handle, but I didn't see anything showing up in lsof holding open Guests' files between logins.

OS is 10.10.1. My questions are, how can I find out what is caching keychain credentials for Guest? And is there a way to clear whatever is affecting the Guest login without having users "turn it off and back on again?"


When you customise Guest User account by copying /Users/Guest folder into the localised Guest User Template you should check that template folder has an empty ./Library/Keychains/ directory.

This will make the system to create keychain during new Guest User initialisation.