To correct
Mar 24 21:23:34 registry1.1.quietfountain.com pcscd[639]: 99999999 auth.c:137:IsClientAuthorized() Process 21266 (user: 971) is NOT authorized for action: access_pcsc
and related with dirsrv and pkisuer
create
/etc/polkit-1/rules.d/00-rss_allowpkiuser.rules
with
polkit.addRule(function(action, subject) { if (action.id == "org.debian.pcsc-lite.access_pcsc" || action.id == "org.debian.pcsc-lite.access_card") { if ((subject.user == "pkiuser") || (subject.user == "dirsrv") || (subject.user == "ipaapi")) { return polkit.Result.YES; } polkit.log("action=" + action); polkit.log("subject=" + subject); } });
Metadata Update from @pcech: - Issue set to the milestone: DNSSEC
Hi @hcoin Can you give more information regarding this issue? I assume the message is seen in the journal but when does it happen?
I found an old email thread on freeipa-users with the same error, and it happened because inconsistent packages pki-* were installed, and resulted in a failure to start pki-tomcatd server.
Is it the same issue? Please provide the freeipa/pki versions installed and the OS.
Login to comment on this ticket.