I'm using a script to eject a small USB key I use as a “identity” drive, which contains some secure information. Of note, it has an OS X “keychain” file on it, which contains some of my more secure and important passwords (those I'm willing to commit to a password-management program at all, but which are too important to leave sitting on my computers or have synced to Dropbox.)
That Keychain file is symlinked from Apple's ~/Library/Keychains/ folder to this key of mine, let's say, /Volumes/Key/SECURE.keychain. When I eject the disk, this symlink disappears, and the keychain obviously ceases to be accessible within Keychain Access:
This is all well-and-good … except I cannot eject this disk, without quitting half of the programs on my Mac. For no good reason that I can tell, any application that accesses any Keychain for any reason, opens (and retains-as-open) every single .keychain file the system knows about. For example, as soon as I plug the disk in, when nothing at all has requested access to this secondary, secure, keychain of mine:
> lsof '/Volumes/Key/SECURE.keychain'
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
Spotify 2801 elliottcable txt REG 1,8 89096 319 /Volumes/Key/SECURE.keychain
syncdefau 4267 elliottcable txt REG 1,8 89096 319 /Volumes/Key/SECURE.keychain
How can I safely eject this drive, without killing every process that has that file open? Can I somehow eject the file from the processes, remotely, or something of that nature?
(Related: Here's my current, unacceptable, approach: https://github.com/elliottcable/System/blob/2a5917e/Dotfiles/profile#L73-L94)
