Hello, After the the GnuTLS revamp it loooks like PKCS#11 modules are suddenly (unnecessarily) autoloaded and fail due to SUID:
ametzler@argenau:~$ mailq ametzler@argenau:~$ gnome-keyring-daemon --start --components=pkcs11 GNOME_KEYRING_CONTROL=/home/ametzler/.cache/keyring-Blme9u GNOME_KEYRING_PID=1274 ametzler@argenau:~$ export GNOME_KEYRING_CONTROL=/home/ametzler/.cache/keyring-Blme9u GNOME_KEYRING_PID=1274 ametzler@argenau:~$ mailq WARNING: gnome-keyring:: couldn't connect to: /home/ametzler/.cache/keyring-Blme9u/pkcs11: Permission denied ametzler@argenau:~$ The same behavior can also be reproduced with a SUID gnutls-cli[1]. Any idea on how to properly fix this? cu andreas [1] argenau:~# cp /usr/bin/gnutls-cli /tmp/ argenau:~# chown nobody:nogroup /tmp/gnutls-cli argenau:~# chmod ug+s /tmp/gnutls-cli argenau:~# ls -l /tmp/gnutls-cli -rwsr-sr-x 1 nobody nogroup 82156 Jun 23 08:58 /tmp/gnutls-cli ametzler@argenau:~$ /tmp/gnutls-cli db.debian.org < /dev/null WARNING: gnome-keyring:: couldn't connect to: /home/ametzler/.cache/keyring-Blme9u/pkcs11: Permission denied [...] -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
