Dear Mr Stein,
On 08/06/12 12:56, benste wrote:
Hi,
i've just purchased a crad reader - and used ubuntu
successful with different cards,
isntalled the BEID GUI i can also get the information written
onto the card.
When you write "used ubuntu successful with different cards" what do
you mean, exactly?
Your distro is Ubuntu, but did you use eID cards successfully, in
SSL sessions?, reading Identity data?
using the official Middleware, or other software? Or was it other
cards you used?
Could you please elaborate so we could get a better idea of your
situation.
Using inbuild packages i was trying to follow your
Did you build your own packages? Just wondering because most Ubuntu
users today use the official
FedICT .deb packages and we get very few complaints, so if you have
problems with the official package
causing you to have to build your own: we'd sure like to hear about
it.. but this aside..
which seems to have messed up my DB now ? - What am I doing
wrong and what's the right step to move forward without
installing the tarbal ?
btw. if it's important my card reader is a reinersct rifd
standard - class 3 device.
I don't think one could structurally mess up the nss db using the
modutil command, however, during
modutil -dbdir sql:.pki/nssdb/ -list
it will attempt to load the pkcs11 modules in the list, and if that
fails behind the scenes I'm not sure whether it will give the type
of output you're seeing (we don't support nss,directly). I propose
we try and find out whether your nss db is structurally corrupt,
or it's OK but the commands are attempting to use libbeidpkcs11 and
that fails (and the command doesn't handle that gracefully).
1) Could you check out (and paste) the contents of your
.pki/nssdb/pkcs11.txt
file, in your home directory, please?
also,
could you run the modutil command through an strace and send us the
log, please? The command to run would be
strace -f modutil -dbdir sql:.pki/nssdb/ -list 2>
modutil.txt
(and send us modutil.txt - if you don't have
strace yet, the
package is also named strace:
apt-get install strace)
Here some output - btw- searched the directorys also the
commented one and both don't have the file mentionied as libfile
at least the following packages are isntalled
apt-get install fxcyberjack libifd-cyberjack6 pcsc-tools
libnss3-tools libbeidlibopensc2
I don't know the specific Cyberjack tools or libraries, but I know
libbeidlibopensc2:
It's part of an ancient beid version
that's long deprecated: It's presense could most certainly be
causing you the troubles you're seeing. Please uninstall it.
Also, why not try the official Debian release at:
http://eid.belgium.be/nl/je_eid_gebruiken/de_eid-middleware_installeren/linux/
?
benste@benste-VAIO:/usr$ modutil -dbdir sql:.pki/nssdb/
-add "Belgium eID" -libfile /usr/lib/libbeidpkcs11.so
WARNING: Performing this operation while the browser is
running could cause
corruption of your security databases. If the browser is
currently running,
you should exit browser before continuing this operation.
Type
'q <enter>' to abort, or <enter> to continue:
modutil: function failed: security library: bad database.
benste@benste-VAIO:/usr$ modutil -dbdir sql:.pki/nssdb/
-list
modutil: function failed: security library: bad database.
I tried these commands (appartently, standard on my Arch Linux - or
installed with chromium, not sure), and I get the
same warning until I close FireFox, but not the "bad database" error
(that would be too easy..) What I do see in the strace on my machine
is that
the list operation loads our pkcs11 module, so I definitely think
the strace is the way to check this out.
WKR
Frank.
--
Je hebt dit bericht ontvangen, omdat je je hebt aangemeld bij de
groep 'eID Middleware' van Google Discussiegroepen.
Ga naar https://groups.google.com/d/msg/eid-mw/-/B69Io_1YH9gJ
om deze discussie op het internet te bekijken.
Als je een bericht in deze groep wilt plaatsen, stuur je een
e-mail naar eid...@googlegroups.com.
Als je je wilt afmelden voor deze groep, stuur je een e-mail naar
eid-mw+...@googlegroups.com.
Bezoek deze groep op http://groups.google.com/group/eid-mw?hl=nl
voor meer opties.