p11-kit error on unreadable /etc/pkcs11/pkcs11.conf

Daiki Ueno dueno at redhat.com
Thu May 25 13:53:47 UTC 2017

Andreas Metzler <ametzler at bebt.de> writes:

> p11-kit fails on unreadable /etc/pkcs11/pkcs11.conf while no error is
> generated when the file simply does not exist. Is there a very good
> reason for this? It would be easily fixable:

I do not know the actual reason, but to me the current behavior is
reasonable as long as we assume /etc/pkcs11 is owned by p11-kit.

If the file does not exist, that means there is no system wide
configuration.  On the other hand, if the file or the parent directory
is unreadable, that means there is a configuration error, such as the
case where the directory is used by a different program and the
configuration file does not make sense to p11-kit even if it exists.

> this was reported in http://bugs.debian.org/860903 by Marga Manterola.

Does the current upstream release of opencryptoki still utilize

Daiki Ueno

More information about the p11-glue mailing list