Ubuntu
nss package

NSS Shared System Database non-functional

Bug #1651451 reported by dwmw2
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
nss (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Ubuntu 16.04 appears to ship with libnsssysinit.so configured in /etc/pki/nssdb as it should be, but the library isn't *present*. So when applications such as Evolution attempt to open it, they fail:

(evolution:20974): camel-WARNING **: Failed to initialize NSS SQL database in sql:/etc/pki/nssdb: NSS error -8126

For background, see https://wiki.mozilla.org/NSS_Shared_DB_And_LINUX and https://wiki.mozilla.org/NSS_Shared_DB

Revision history for this message
dwmw2 (dwmw2) wrote :

This of course means that even if I wanted to work around bug 1647285 (where apps using NSS don't honour the system SSL trust settings) by manually adding the company certs to /etc/pki/nssdb, applications can't even use *that*...

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in nss (Ubuntu):
status: New → Confirmed
Revision history for this message
Eero Aaltonen (ejn) wrote (last edit ):

NSS Shared DB provides multiple things:
* a list of CA certificates, for which bug #1647285 may provide an alternative solution
* a list of security modules.

We have a use case for registering the OpenSC module system wide in order to be able to use PKCS#11 smart cards for authentication. I think this would require the NSS Shared DB in /etc/pki/nssdb

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Thank you for this bug report.

It seems that it affects only Xenial installations, is that correct? Would you be able to confirm whether this still applies for Bionic/Focal/Jammy?

Thanks.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.