Thanks, this worked.
Lior -----Original Message----- From: Mike Hommey [mailto:[email protected]] Sent: Monday, July 12, 2010 3:44 PM To: Lior Okman; [email protected] Subject: Re: Bug#588806: libnss3-1d: Impossible to enable FIPS mode On Mon, Jul 12, 2010 at 02:40:32PM +0200, Mike Hommey wrote: > On Mon, Jul 12, 2010 at 03:31:11PM +0300, Lior Okman wrote: > > > > Package: libnss3-1d > > Version: 3.12.6-2 > > Severity: normal > > > > > > It is impossible to enable FIPS mode using the libnss3-1d binaries available > > in Squeeze. > > > > The same functionality works both in the Lenny version and in upstream. > > > > squeeze:~# mkdir db > > squeeze:~# cd db > > squeeze:~/db# modutil -create -dbdir . > > squeeze:~/db# modutil -fips true -dbdir . > > > > security library: invalid arguments. > > ERROR: Unable to switch FIPS modes. > > > > This is caused by invalid .chk files packaged with the shared objects. > > More subtil: there is no chk for libnssdbm3.so, which appeared quite > recently. As a temporary workaround, you can run, as root: shlibsign -i /usr/lib/nss/libnssdbm3.so Mike -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
