Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-34856

[RFE] [RHEL9] Backport --disable-polkit option from 2.0.2 upstream version

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • rhel-9.6
    • rhel-9.4
    • pcsc-lite
    • None
    • Blocker
    • Rebase
    • 1
    • sst_security_crypto
    • ssg_security
    • 1
    • False
    • Hide

      None

      Show
      None
    • None
    • Red Hat Enterprise Linux
    • Crypto24Q4
    • None
    • None
    • None

      In order to provide a new feature for PKCS#11 unlocking in Clevis, we need to start pcscd without policy-kit at boot time. At this moment, RHEL9 version of pcsc-lite does not include this option.
      We need `--disable-polkit` option to have access to PKCS#11 device at boot time.

      The following needs to be verified in order for this epic to be considered complete:

      1 - Execute pcscd with --disable-polkit option
      2 - pcscd does not dump any error when using --disable-polkit option
      3 - Verify pcscd is indeed not using the Policy Kit when using --disable-polkit, and PKCS#11 device can be accessed correctly even though Policy Kit is not available.

            jjelen@redhat.com Jakub Jelen
            sarroutb@redhat.com Sergio Arroutbi
            Jakub Jelen Jakub Jelen
            George Pantelakis George Pantelakis
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: