Public bug reported:
Prompted by the fact that after upgrade to Ubuntu 22.04, smart card
authentication in the firefox snap is no longer working.
I have an already configured Network Security Services database in
${HOME}/.pki/nssdb with OpenSC
( https://github.com/OpenSC/OpenSC ) library
/usr/lib/x86_64-linux-gnu/opensc-pkcs11.so registered as a PKCS#11 module.
Listing certificates from my token with `certutil -d
sql:${HOME}/.pki/nssdb -L -h TOKEN_LABEL` works normally.
It seems that the firefox snap is unable to access the .pki directory;
attempting to access file:///home/USER/.pki/ results in "Access to the
file was denied" message.
I also did not spot any interfaces in
https://snapcraft.io/docs/network-interfaces
or
https://snapcraft.io/docs/security-interfaces
related to Network Security Services
My impression is that this would require either:
A) adding an interface to access the users current NSSDB
B) adding a new isolated but persistent nssdb to the firefox snap.
I'll note that Evolution is a second application using nssdb, and it
works normally.
** Affects: snapd (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2060294
Title:
No interface to access Network Security Service database (nssdb)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/2060294/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
