[Bug 512954] New: Review Request: openCryptoki - Implementation of the PKCS#11 (Cryptoki) specification v2.11
bugzilla at redhat.com
bugzilla at redhat.com
Tue Jul 21 13:34:32 UTC 2009
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: Review Request: openCryptoki - Implementation of the PKCS#11 (Cryptoki) specification v2.11
https://bugzilla.redhat.com/show_bug.cgi?id=512954
Summary: Review Request: openCryptoki - Implementation of the
PKCS#11 (Cryptoki) specification v2.11
Product: Fedora
Version: rawhide
Platform: All
OS/Version: Linux
Status: NEW
Severity: medium
Priority: medium
Component: Package Review
AssignedTo: nobody at fedoraproject.org
ReportedBy: mschmidt at redhat.com
QAContact: extras-qa at fedoraproject.org
CC: notting at redhat.com, fedora-package-review at redhat.com
Estimated Hours: 0.0
Classification: Fedora
Target Release: ---
Spec URL: http://michich.fedorapeople.org/openCryptoki/openCryptoki.spec
SRPM URL:
http://michich.fedorapeople.org/openCryptoki/openCryptoki-2.2.8-2.fc11.src.rpm
Description:
openCryptoki implements the PKCS#11 specification v2.11. It includes support
for cryptographic hardware such as the Trusted Platform Module (TPM) as well as
a software token for testing.
Scratch build in Koji:
http://koji.fedoraproject.org/koji/taskinfo?taskID=1489377
rpmlint output:
openCryptoki.src: W: strange-permission pkcs_slot.sh 0755
openCryptoki.src: W: strange-permission pkcs11_startup.sh 0755
-- 0755 is reasonable permission for executable scripts.
openCryptoki-devel.x86_64: W: no-documentation
-- True, but I don't think it's necessary to include the PKCS#11 specification
in the package.
openCryptoki.x86_64: W: devel-file-in-non-devel-package
/usr/lib64/opencryptoki/stdll/libpkcs11_sw.so
openCryptoki.x86_64: W: devel-file-in-non-devel-package
/usr/lib64/opencryptoki/libopencryptoki.so
openCryptoki.x86_64: W: devel-file-in-non-devel-package
/usr/lib64/opencryptoki/stdll/libpkcs11_tpm.so
-- The *.so files are needed for openCryptoki to work as expected. The
pkcs11_startup script must find /usr/lib64/opencryptoki/stdll/*.so , otherwise
the daemon won't run. And the documentation suggests that applications should
dlopen PKCS11_API.so (which is a symlink to libopencryptoki.so).
openCryptoki.x86_64: W: non-standard-gid /var/lib/opencryptoki pkcs11
openCryptoki.x86_64: E: non-standard-dir-perm /var/lib/opencryptoki 0770
-- /var/lib/opencryptoki is owned by root:pkcs11. The pkcs11 group is created
in %pre scriptlet.
openCryptoki.x86_64: W: dangling-relative-symlink
/usr/lib64/opencryptoki/methods ../../sbin
openCryptoki.x86_64: W: dangling-relative-symlink /usr/lib64/pkcs11/methods
../../sbin
-- The symlinks point to /usr/sbin, which is always present (owned by the
"filesystem" package).
openCryptoki.x86_64: W: non-conffile-in-etc
/etc/ld.so.conf.d/opencryptoki-x86_64.conf
openCryptoki.x86_64: W: incoherent-init-script-name pkcsslotd ('opencryptoki',
'opencryptokid')
-- This is intentional, pkcsslotd is the name of the daemon.
There was a review request for openCryptoki some time ago, but it was abandoned
(bug 426152).
BTW, openCryptoki can provide access to interesting cryptographic hardware on
s390, but it's not what I'm focusing on for now.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the Fedora-package-review
mailing list