Results 1 to 2 of 2

Thread: pam_pkcs11: NSS_Initiate failed

  1. #1
    Join Date
    Aug 2009
    Location
    Prague
    Posts
    3

    Default pam_pkcs11: NSS_Initiate failed

    Hi,

    I would like login with smartcard to my notebook.

    I started configuration based on manual from Gooze.

    Here is few lines of my pam_pkcs11.conf:

    pam_pkcs11 {
    nullok = true;
    debug = true;
    use_first_pass = false;
    try_first_pass = false;
    use_authtok = false;
    use_pkcs11_module = opensc;

    pkcs11_module opensc {
    module = /usr/lib/opensc-pkcs11.so;
    description = "OpenSC PKCS#11 module";
    slot_description = "none";
    ca_dir = /etc/pam_pkcs11/cacerts;
    crl_dir = /etc/pam_pkcs11/crls;
    support_threads = false;
    cert_policy = ca;
    token_type = "Smart card";
    }
    ......


    and when I check configuration "pkcs11_inspect" i get the following error:
    pkcs11_inspect debug
    DEBUG:pam_config.c:245: Using config file /etc/pam_pkcs11/pam_pkcs11.conf
    DEBUG:pkcs11_lib.c:187: Initializing NSS ...
    DEBUG:pkcs11_lib.c:197: Initializing NSS ... database=/etc/ssl/nssdb
    DEBUG:pkcs11_lib.c:206: NSS_Initialize failed: security library: bad database.
    DEBUG:pkcs11_inspect.c:64: crypto_init() failed:

    I don't understand, why I need nssdb for login. Required information are defined in their directories cacerts and crls.
    It is not discuss in any manual (maybe I can't googling ) .

    Please, can somebody explain the idea?

    Thanks Jan

  2. #2

    Default Re: pam_pkcs11: NSS_Initiate failed

    Hello Jan,

    I'm having the same problem, did you solve it?

    Regards,

    Pablo

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •