Looks like this issue here is already fixed since (and with) p11-kit v0.23.7,
that had landed in Ubuntu somewhere between xenial and bionic.
Hence closing this bug as Fix Released.
If you think this bug is still present please open a new bug in
Launchpad, based on an Ubuntu version that is in service.
** Changed in: p11-kit (Ubuntu)
Status: Confirmed => Fix Released
** Changed in: opencryptoki (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to p11-kit in Ubuntu.
https://bugs.launchpad.net/bugs/1648634
Title:
opencryptoki breaks p11-kit
Status in opencryptoki package in Ubuntu:
Fix Released
Status in p11-kit package in Ubuntu:
Fix Released
Bug description:
When opencryptoki is installed, it creates a symlink from /etc/pkcs11
to /var/lib/opencryptoki, which is readable only by root.
This means that anything using p11-kit to find the PKCS#11 modules
which are configured to be available in the system (which is basically
any well-behaved application) now breaks:
$ openconnect -c 'pkcs11:token=eToken;id=%01' server.example.com
POST https://server.example.com/
Attempting to connect to server [fec0::1]:443
p11-kit: couldn't open config file: /etc/pkcs11/pkcs11.conf: Permission denied
Error loading certificate from PKCS#11: PKCS #11 initialization error.
Loading certificate failed. Aborting.
$ p11tool --list-tokens
p11-kit: couldn't open config file: /etc/pkcs11/pkcs11.conf: Permission denied
pkcs11_init: PKCS #11 initialization error.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/opencryptoki/+bug/1648634/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
