Hi, Linking works for listing tokens:
[root@ipaclient 0]# env|grep RUNTIME [root@ipaclient 0]# pwd /run/user/0 [root@ipaclient 0]# ls -l total 0 lrwxrwxrwx. 1 root root 22 Feb 14 14:28 p11-kit -> /run/user/<UID>/p11-kit [root@ipaclient 0]# p11tool --provider=/usr/lib64/pkcs11/p11-kit-client.so --list-tokens Token 0: URL: pkcs11:model=PKCS%2315%20emulated;manufacturer=piv_II;serial=<REDACTED>;token=PIV_II Label: PIV_II Type: Hardware token Flags: RNG, Requires login Manufacturer: piv_II Model: PKCS#15 emulated Serial: <REDACTED> Module: Unfortunately, sudo still prompts for PW: [user@ipaclient][~]$ p11tool --list-tokens Token 0: URL: pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=System%20Trust Label: System Trust Type: Trust module Flags: uPIN uninitialized Manufacturer: PKCS#11 Kit Model: p11-kit-trust Serial: 1 Module: p11-kit-trust.so Token 1: URL: pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=Default%20Trust Label: Default Trust Type: Trust module Flags: uPIN uninitialized Manufacturer: PKCS#11 Kit Model: p11-kit-trust Serial: 1 Module: p11-kit-trust.so Token 2: URL: pkcs11:model=PKCS%2315%20emulated;manufacturer=piv_II;serial=<REDACTED>;token=PIV_II Label: PIV_II Type: Hardware token Flags: RNG, Requires login Manufacturer: piv_II Model: PKCS#15 emulated Serial: <REDACTED> Module: /usr/lib64/pkcs11/p11-kit-client.so [14:32:09][user@ipaclient][~]$ sudo -i [sudo] password for user: Thanks for your time, -Leon _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org