In https://bugzilla.mozilla.org/show_bug.cgi?id=490238#c37 David Woodhouse asks how well-behaved applications, which may or may not be running on a system with "System NSS", are supposed to determine the value of the directory name string they pass to NSS_Init.
He observes that the value may differ based on such details as: - the presence or absence of the file pkcs11.txt in the NSS_SYSTEM_DB directory - the presence or absence of a line in that file that names the libnsssysinit.so library among those to be loaded. (As an aside, I'd guess that the relative position of that line is relevant, too, and of course that name is likely to change from Linux distro to distro.) - the presence or absence of a "HOME" environment variable He provides his own suggested sample code for handling all that, and he opines that NSS should relieve the application of needing to do all that. I don't have much (if any) operational experience with "System NSS" and libnsssysinit.so, so it may be that there is something being overlooked here that obviates this issue. But if not, then I'm inclined to agree with David Woodhouse that NSS should not effectively require every well-behaved application to do all that work itself. Bob, What say you? -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto