[Bug 221212] security/softhsm2 uses hard-coded data-directories

Fri Aug 4 01:13:14 UTC 2017

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221212

            Bug ID: 221212
           Summary: security/softhsm2 uses hard-coded data-directories
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: freebsd-ports-bugs at FreeBSD.org
          Reporter: dewayne at heuristicsystems.com.au
                CC: jaap at NLnetLabs.nl
             Flags: maintainer-feedback?(jaap at NLnetLabs.nl)
                CC: jaap at NLnetLabs.nl

Thank-you for upgrading softhsm2.  Without changing anything, the software
functions on FreeBSD 11.1Stable for both i386 and amd64.
However if the directories.tokendir changes from the default in softhsm2.conf,
this results on both platforms:

# softhsm2-util --init-token --free --label "Cute label" --so-pin abcdef --pin
123456
ERROR: Could not initialize the PKCS#11 library/module:
/usr/local/lib/softhsm/libsofthsm2.so
ERROR: Please check log files for additional information.

(Aside: there was no logging information)

In our case we prefer
directories.tokendir = /var/lib/softhsm/tokens/

We tried changes in the Makefile around
STATE_DIR?=     /var                            # Previously /usr/local/var
TOKEN_DIR?=     ${STATE_DIR}/lib/softhsm/tokens # Used in pkg-plist

CONFIGURE_ARGS+=        --datarootdir=${TOKEN_DIR} --localstatedir=${STATE_DIR}
but were unsuccessful.

Why it matters? Once built and functional /usr is mounted read-only.

-- 
You are receiving this mail because:
You are the assignee for the bug.