Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-104598

opencryptoki pkcsslotd user primary group should be pkcs11 (image mode)

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Major Major
    • rhel-10.1
    • rhel-10.1
    • opencryptoki
    • None
    • opencryptoki-3.25.0-3.el10
    • Yes
    • Important
    • rhel-base-utils-antfarm
    • 22
    • 23
    • 1
    • QE ack, Dev ack
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • None
    • Release Note Not Required
    • Unspecified
    • Unspecified
    • Unspecified
    • All
    • None

      What were you trying to do that didn't work?

      pkcsslotd user has primary group pkcsslotd, not pkcs11

      We should change /usr/lib/sysusers.d/opencryptoki.sysusers.conf like this:
      g pkcs11 - -
      u pkcsslotd -:pkcs11 "Opencryptoki pkcsslotd user" /run/opencryptoki /sbin/nologin

      What is the impact of this issue to you?

      wrong effective GID of pkcsslotd process

      Please provide the package NVR for which the bug is seen:

      opencryptoki-3.25.0-2.el10

      How reproducible is this bug?:

      always

      Steps to reproduce

      1. id pkcsslotd

      Expected results

      gid=pkcs11

      Actual results

      gid=pkcsslotd

              than@redhat.com Than Ngo
              ksrot@redhat.com Karel Srot
              Than Ngo Than Ngo
              Karel Srot Karel Srot
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: