Thread: [opencryptoki-users] pkcsconf looking for token in wrong directory
Brought to you by:
ebarretto
Menu
▾
▴
opencryptoki-users
|
From: Mauro R. <mau...@li...> - 2012-05-23 22:12:47
|
Hello everyone!
I'm building opencryptoki from git's master branch as described below:
./configure --prefix=/usr --enable-debug --enable-testcases
make
make install
With CCA, TPM and Software tokens enabled successfully.
Then I ran 'pkcs11_startup' and 'pkcsslotd start' also successfully, but
when I tried to get token information for example with 'pkcsconf -t' it
returned me the follow message:
C_GetSlotList returned 0 slots. Check that your tokens are installed
correctly.
With Rajiv's help we figured out a build error: pkcsconf looks for the
token in the wrong directory, we saw that running:
strace pkcsconf -t 2>&1 | grep swtok
stat("/var/lib/opencryptoki/swtok", 0x7ffff05c5fe0) = -1 ENOENT (No such
file or directory)
The token exists in /usr/var/lib/opencryptoki/swtok instead of the
directory above.
For now I did a symbolic link as workarround, but Rajiv advised me to
report it as a bug in this list.
I didn't prepare a patch to solve this problem cause I have doubts what
is the right way to do it (by change pkcs_slot script or in another file
where it's defined, which I believe is
usr/lib/pkcs11/soft_stdll/tok_struct.h but I didn't have time to do a
deeper analysis).
Thanks!
Mauro S M Rodrigues
|
|
From: Kent Y. <shp...@gm...> - 2012-05-23 22:43:00
|
Hi Mauro,
On Wed, May 23, 2012 at 5:11 PM, Mauro Rodrigues
<mau...@li...> wrote:
> Hello everyone!
>
> I'm building opencryptoki from git's master branch as described below:
>
> ./configure --prefix=/usr --enable-debug --enable-testcases
> make
> make install
>
> With CCA, TPM and Software tokens enabled successfully.
> Then I ran 'pkcs11_startup' and 'pkcsslotd start' also successfully, but
> when I tried to get token information for example with 'pkcsconf -t' it
> returned me the follow message:
>
> C_GetSlotList returned 0 slots. Check that your tokens are installed
> correctly.
>
>
> With Rajiv's help we figured out a build error: pkcsconf looks for the
> token in the wrong directory, we saw that running:
>
> strace pkcsconf -t 2>&1 | grep swtok
> stat("/var/lib/opencryptoki/swtok", 0x7ffff05c5fe0) = -1 ENOENT (No such
> file or directory)
>
> The token exists in /usr/var/lib/opencryptoki/swtok instead of the
> directory above.
Ah yes, it looks like in pkcs11_startup.in, @localstatedir@ is used
instaed of @CONFIG_DIR@, which is used everywhere else. This only
bites us when $prefix has a value from configure.
> For now I did a symbolic link as workarround, but Rajiv advised me to
> report it as a bug in this list.
Yes, thanks for the report!
Kent
> I didn't prepare a patch to solve this problem cause I have doubts what
> is the right way to do it (by change pkcs_slot script or in another file
> where it's defined, which I believe is
> usr/lib/pkcs11/soft_stdll/tok_struct.h but I didn't have time to do a
> deeper analysis).
>
> Thanks!
>
> Mauro S M Rodrigues
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> opencryptoki-users mailing list
> ope...@li...
> https://lists.sourceforge.net/lists/listinfo/opencryptoki-users
--
IBM LTC Security
|
|
From: Mauro R. <mau...@li...> - 2012-05-24 15:28:13
|
Em 23-05-2012 19:42, Kent Yoder escreveu:
> Hi Mauro,
>
> On Wed, May 23, 2012 at 5:11 PM, Mauro Rodrigues
> <mau...@li...> wrote:
>> Hello everyone!
>>
>> I'm building opencryptoki from git's master branch as described below:
>>
>> ./configure --prefix=/usr --enable-debug --enable-testcases
>> make
>> make install
>>
>> With CCA, TPM and Software tokens enabled successfully.
>> Then I ran 'pkcs11_startup' and 'pkcsslotd start' also successfully, but
>> when I tried to get token information for example with 'pkcsconf -t' it
>> returned me the follow message:
>>
>> C_GetSlotList returned 0 slots. Check that your tokens are installed
>> correctly.
>>
>>
>> With Rajiv's help we figured out a build error: pkcsconf looks for the
>> token in the wrong directory, we saw that running:
>>
>> strace pkcsconf -t 2>&1 | grep swtok
>> stat("/var/lib/opencryptoki/swtok", 0x7ffff05c5fe0) = -1 ENOENT (No such
>> file or directory)
>>
>> The token exists in /usr/var/lib/opencryptoki/swtok instead of the
>> directory above.
> Ah yes, it looks like in pkcs11_startup.in, @localstatedir@ is used
> instaed of @CONFIG_DIR@, which is used everywhere else. This only
> bites us when $prefix has a value from configure.
I understand that, but earlier I ran configure without set prefix, then
make and make install.
The installation base directory in this case was /usr/local/, then I ran
pkcs11_startup and pkcsslotd start, finally I tried pkcsconf -t and got
the error below:
# sudo /usr/local/sbin/pkcsconf -t
Error initializing the PKCS11 library: 0x2 (CKR_HOST_MEMORY)
Rajiv helped me in this point too, and we found running strace pkcsconf
-t the follow problem:
stat("/usr/sbin/pkcsslotd", 0x7fffc4d53e90) = -1 ENOENT (No such file or
directory)
Looking into /var/log/messages we also can see:
May 24 12:08:31 oc8155576145 pkcsconf: api_interface.c C_Initialize:
Module failed to attach to shared memory. Verify that the slot
management daemon is running, errno=2
Of course I checked pkcsslotd and it was running.
Through the messages we can notice that pkcsconf is looking for
pkcsslotd in the wrong directory (since the installation base directory
is /usr/local and not /usr/)
Am I doing something wrong?
Should I start a new thread to relate this issue?
Thanks!
>> For now I did a symbolic link as workarround, but Rajiv advised me to
>> report it as a bug in this list.
> Yes, thanks for the report!
>
> Kent
>
>> I didn't prepare a patch to solve this problem cause I have doubts what
>> is the right way to do it (by change pkcs_slot script or in another file
>> where it's defined, which I believe is
>> usr/lib/pkcs11/soft_stdll/tok_struct.h but I didn't have time to do a
>> deeper analysis).
>>
>> Thanks!
>>
>> Mauro S M Rodrigues
>>
>>
>> ------------------------------------------------------------------------------
>> Live Security Virtual Conference
>> Exclusive live event will cover all the ways today's security and
>> threat landscape has changed and how IT managers can respond. Discussions
>> will include endpoint security, mobile security and the latest in malware
>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>> _______________________________________________
>> opencryptoki-users mailing list
>> ope...@li...
>> https://lists.sourceforge.net/lists/listinfo/opencryptoki-users
>
>
|
|
From: Joy L. <la...@us...> - 2012-05-23 22:46:55
|
Hi Mauro,
Thanks! I will take a look at this first thing tomorrow and see what is
happening.
regards,
Joy
Mauro Rodrigues <mau...@li...> wrote on 05/23/2012 05:11:26
PM:
> Mauro Rodrigues <mau...@li...>
> 05/23/2012 05:11 PM
>
> To
>
> ope...@li...,
>
> cc
>
> Subject
>
> [opencryptoki-users] pkcsconf looking for token in wrong directory
>
> Hello everyone!
>
> I'm building opencryptoki from git's master branch as described below:
>
> ./configure --prefix=/usr --enable-debug --enable-testcases
> make
> make install
>
> With CCA, TPM and Software tokens enabled successfully.
> Then I ran 'pkcs11_startup' and 'pkcsslotd start' also successfully, but
> when I tried to get token information for example with 'pkcsconf -t' it
> returned me the follow message:
>
> C_GetSlotList returned 0 slots. Check that your tokens are installed
> correctly.
>
>
> With Rajiv's help we figured out a build error: pkcsconf looks for the
> token in the wrong directory, we saw that running:
>
> strace pkcsconf -t 2>&1 | grep swtok
> stat("/var/lib/opencryptoki/swtok", 0x7ffff05c5fe0) = -1 ENOENT (No such
> file or directory)
>
> The token exists in /usr/var/lib/opencryptoki/swtok instead of the
> directory above.
>
> For now I did a symbolic link as workarround, but Rajiv advised me to
> report it as a bug in this list.
>
> I didn't prepare a patch to solve this problem cause I have doubts what
> is the right way to do it (by change pkcs_slot script or in another file
> where it's defined, which I believe is
> usr/lib/pkcs11/soft_stdll/tok_struct.h but I didn't have time to do a
> deeper analysis).
>
> Thanks!
>
> Mauro S M Rodrigues
>
>
>
------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> opencryptoki-users mailing list
> ope...@li...
> https://lists.sourceforge.net/lists/listinfo/opencryptoki-users
> |
|
From: Joy L. <la...@us...> - 2012-05-24 20:21:44
|
Mauro,
hmm.... did you run ldconfig to ensure you are picking up the shared
objects from the correct place?
Also, check your PATH and see if you go to /usr/sbin or /usr/local/sbin
first...
regards,
Joy
Mauro Rodrigues <mau...@li...> wrote on 05/24/2012 10:27:56
AM:
> Mauro Rodrigues <mau...@li...>
> 05/24/2012 10:27 AM
>
> To
>
> Kent Yoder <shp...@gm...>,
>
> cc
>
> ope...@li...
>
> Subject
>
> Re: [opencryptoki-users] pkcsconf looking for token in wrong directory
>
> Em 23-05-2012 19:42, Kent Yoder escreveu:
> > Hi Mauro,
> >
> > On Wed, May 23, 2012 at 5:11 PM, Mauro Rodrigues
> > <mau...@li...> wrote:
> >> Hello everyone!
> >>
> >> I'm building opencryptoki from git's master branch as described below:
> >>
> >> ./configure --prefix=/usr --enable-debug --enable-testcases
> >> make
> >> make install
> >>
> >> With CCA, TPM and Software tokens enabled successfully.
> >> Then I ran 'pkcs11_startup' and 'pkcsslotd start' also successfully,
but
> >> when I tried to get token information for example with 'pkcsconf -t'
it
> >> returned me the follow message:
> >>
> >> C_GetSlotList returned 0 slots. Check that your tokens are installed
> >> correctly.
> >>
> >>
> >> With Rajiv's help we figured out a build error: pkcsconf looks for the
> >> token in the wrong directory, we saw that running:
> >>
> >> strace pkcsconf -t 2>&1 | grep swtok
> >> stat("/var/lib/opencryptoki/swtok", 0x7ffff05c5fe0) = -1 ENOENT (No
such
> >> file or directory)
> >>
> >> The token exists in /usr/var/lib/opencryptoki/swtok instead of the
> >> directory above.
> > Ah yes, it looks like in pkcs11_startup.in, @localstatedir@ is used
> > instaed of @CONFIG_DIR@, which is used everywhere else. This only
> > bites us when $prefix has a value from configure.
> I understand that, but earlier I ran configure without set prefix, then
> make and make install.
> The installation base directory in this case was /usr/local/, then I ran
> pkcs11_startup and pkcsslotd start, finally I tried pkcsconf -t and got
> the error below:
>
> # sudo /usr/local/sbin/pkcsconf -t
> Error initializing the PKCS11 library: 0x2 (CKR_HOST_MEMORY)
>
> Rajiv helped me in this point too, and we found running strace pkcsconf
> -t the follow problem:
>
> stat("/usr/sbin/pkcsslotd", 0x7fffc4d53e90) = -1 ENOENT (No such file or
> directory)
>
> Looking into /var/log/messages we also can see:
>
> May 24 12:08:31 oc8155576145 pkcsconf: api_interface.c C_Initialize:
> Module failed to attach to shared memory. Verify that the slot
> management daemon is running, errno=2
>
> Of course I checked pkcsslotd and it was running.
>
> Through the messages we can notice that pkcsconf is looking for
> pkcsslotd in the wrong directory (since the installation base directory
> is /usr/local and not /usr/)
>
> Am I doing something wrong?
>
> Should I start a new thread to relate this issue?
>
> Thanks!
>
> >> For now I did a symbolic link as workarround, but Rajiv advised me to
> >> report it as a bug in this list.
> > Yes, thanks for the report!
> >
> > Kent
> >
> >> I didn't prepare a patch to solve this problem cause I have doubts
what
> >> is the right way to do it (by change pkcs_slot script or in another
file
> >> where it's defined, which I believe is
> >> usr/lib/pkcs11/soft_stdll/tok_struct.h but I didn't have time to do a
> >> deeper analysis).
> >>
> >> Thanks!
> >>
> >> Mauro S M Rodrigues
> >>
> >>
> >>
>
------------------------------------------------------------------------------
> >> Live Security Virtual Conference
> >> Exclusive live event will cover all the ways today's security and
> >> threat landscape has changed and how IT managers can respond.
Discussions
> >> will include endpoint security, mobile security and the latest in
malware
> >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> >> _______________________________________________
> >> opencryptoki-users mailing list
> >> ope...@li...
> >> https://lists.sourceforge.net/lists/listinfo/opencryptoki-users
> >
> >
>
>
>
------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> opencryptoki-users mailing list
> ope...@li...
> https://lists.sourceforge.net/lists/listinfo/opencryptoki-users
> |
|
From: Mauro R. <mau...@li...> - 2012-05-28 17:55:20
|
Em 24-05-2012 17:21, Joy Latten escreveu:
>
> Mauro,
> hmm.... did you run ldconfig to ensure you are picking up the shared
> objects from the correct place?
> Also, check your PATH and see if you go to /usr/sbin or
> /usr/local/sbin first...
>
Hi Joy!
You are totally right, I forgot to run ldconfig after the installation.
It works fine now.
Sorry for the trouble.
Thanks,
Mauro Rodrigues
>
> regards,
> Joy
>
>
> Mauro Rodrigues <mau...@li...> wrote on 05/24/2012
> 10:27:56 AM:
>
> > Mauro Rodrigues <mau...@li...>
> > 05/24/2012 10:27 AM
> >
> > To
> >
> > Kent Yoder <shp...@gm...>,
> >
> > cc
> >
> > ope...@li...
> >
> > Subject
> >
> > Re: [opencryptoki-users] pkcsconf looking for token in wrong directory
> >
> > Em 23-05-2012 19:42, Kent Yoder escreveu:
> > > Hi Mauro,
> > >
> > > On Wed, May 23, 2012 at 5:11 PM, Mauro Rodrigues
> > > <mau...@li...> wrote:
> > >> Hello everyone!
> > >>
> > >> I'm building opencryptoki from git's master branch as described
> below:
> > >>
> > >> ./configure --prefix=/usr --enable-debug --enable-testcases
> > >> make
> > >> make install
> > >>
> > >> With CCA, TPM and Software tokens enabled successfully.
> > >> Then I ran 'pkcs11_startup' and 'pkcsslotd start' also
> successfully, but
> > >> when I tried to get token information for example with 'pkcsconf
> -t' it
> > >> returned me the follow message:
> > >>
> > >> C_GetSlotList returned 0 slots. Check that your tokens are installed
> > >> correctly.
> > >>
> > >>
> > >> With Rajiv's help we figured out a build error: pkcsconf looks
> for the
> > >> token in the wrong directory, we saw that running:
> > >>
> > >> strace pkcsconf -t 2>&1 | grep swtok
> > >> stat("/var/lib/opencryptoki/swtok", 0x7ffff05c5fe0) = -1 ENOENT
> (No such
> > >> file or directory)
> > >>
> > >> The token exists in /usr/var/lib/opencryptoki/swtok instead of the
> > >> directory above.
> > > Ah yes, it looks like in pkcs11_startup.in, @localstatedir@ is used
> > > instaed of @CONFIG_DIR@, which is used everywhere else. This only
> > > bites us when $prefix has a value from configure.
> > I understand that, but earlier I ran configure without set prefix, then
> > make and make install.
> > The installation base directory in this case was /usr/local/, then I
> ran
> > pkcs11_startup and pkcsslotd start, finally I tried pkcsconf -t and got
> > the error below:
> >
> > # sudo /usr/local/sbin/pkcsconf -t
> > Error initializing the PKCS11 library: 0x2 (CKR_HOST_MEMORY)
> >
> > Rajiv helped me in this point too, and we found running strace pkcsconf
> > -t the follow problem:
> >
> > stat("/usr/sbin/pkcsslotd", 0x7fffc4d53e90) = -1 ENOENT (No such
> file or
> > directory)
> >
> > Looking into /var/log/messages we also can see:
> >
> > May 24 12:08:31 oc8155576145 pkcsconf: api_interface.c C_Initialize:
> > Module failed to attach to shared memory. Verify that the slot
> > management daemon is running, errno=2
> >
> > Of course I checked pkcsslotd and it was running.
> >
> > Through the messages we can notice that pkcsconf is looking for
> > pkcsslotd in the wrong directory (since the installation base directory
> > is /usr/local and not /usr/)
> >
> > Am I doing something wrong?
> >
> > Should I start a new thread to relate this issue?
> >
> > Thanks!
> >
> > >> For now I did a symbolic link as workarround, but Rajiv advised me to
> > >> report it as a bug in this list.
> > > Yes, thanks for the report!
> > >
> > > Kent
> > >
> > >> I didn't prepare a patch to solve this problem cause I have
> doubts what
> > >> is the right way to do it (by change pkcs_slot script or in
> another file
> > >> where it's defined, which I believe is
> > >> usr/lib/pkcs11/soft_stdll/tok_struct.h but I didn't have time to do a
> > >> deeper analysis).
> > >>
> > >> Thanks!
> > >>
> > >> Mauro S M Rodrigues
> > >>
> > >>
> > >>
> >
> ------------------------------------------------------------------------------
> > >> Live Security Virtual Conference
> > >> Exclusive live event will cover all the ways today's security and
> > >> threat landscape has changed and how IT managers can respond.
> Discussions
> > >> will include endpoint security, mobile security and the latest in
> malware
> > >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> > >> _______________________________________________
> > >> opencryptoki-users mailing list
> > >> ope...@li...
> > >> https://lists.sourceforge.net/lists/listinfo/opencryptoki-users
> > >
> > >
> >
> >
> >
> ------------------------------------------------------------------------------
> > Live Security Virtual Conference
> > Exclusive live event will cover all the ways today's security and
> > threat landscape has changed and how IT managers can respond.
> Discussions
> > will include endpoint security, mobile security and the latest in
> malware
> > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> > _______________________________________________
> > opencryptoki-users mailing list
> > ope...@li...
> > https://lists.sourceforge.net/lists/listinfo/opencryptoki-users
> >
>
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X