Fix to start pcscd appropriately

Signed-off-by: Sergio Arroutbi <[email protected]>

src/luks/dracut/clevis-pin-pkcs11/clevis-pkcs11-hook.sh

@@ -16,9 +16,11 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #
+. /usr/bin/clevis-pkcs11-common
+
 if [ ! -f /run/systemd/clevis-pkcs11.run ] && [ -d /run/systemd ];
 then
-  pcscd --disable-polkit
-  echo "" > /run/systemd/clevis-pkcs11.run
-  /usr/libexec/clevis-luks-pkcs11-askpin -d -r
+    clevis_start_pcscd_server
+    echo "" > /run/systemd/clevis-pkcs11.run
+    /usr/libexec/clevis-luks-pkcs11-askpin -d -r
 fi

src/luks/systemd/clevis-luks-pkcs11-askpin.in

@@ -52,21 +52,7 @@ get_pkcs11_error() {
     return 0
 }
 
-if command -v pcscd; then
-    echo "clevis-pkcs11: starting pcscd if not available ..."
-    PCSCD_PID=$(ps auxf | grep "[p]cscd")
-    echo -e "clevis-pkcs11: pcscd running?:[${PCSCD_PID}]\n"
-    if ! ps auxf | grep "[p]cscd";
-    then
-        if pcscd pcscd --help | grep disable-polkit 1>/dev/null 2>/dev/null; then
-            echo "clevis-pkcs11: starting pcscd with --disable-polkit option ..."
-            pcscd --disable-polkit
-        else
-            echo "clevis-pkcs11: starting pcscd ..."
-            pcscd
-        fi
-    fi
-fi
+clevis_start_pcscd_server
 
 if [ "${dracut_mode}" != true ]; then
     pkcs11-tool -L

src/pins/pkcs11/clevis-pkcs11-common

@@ -27,6 +27,24 @@ serial_devices_array=""
 URI_EXPECTED_FORMAT="pkcs11:"
 DEFAULT_CRYPTTAB_FILE="/etc/crypttab"
 
+clevis_start_pcscd_server() {
+    if command -v pcscd; then
+        echo "clevis-pkcs11: starting pcscd if not available ..."
+        PCSCD_PID=$(ps auxf | grep "[p]cscd")
+        echo -e "clevis-pkcs11: pcscd running?:[${PCSCD_PID}]\n"
+        if ! ps auxf | grep "[p]cscd";
+        then
+            if pcscd --help | grep disable-polkit 1>/dev/null 2>/dev/null; then
+                echo "clevis-pkcs11: starting pcscd with --disable-polkit option ..."
+                pcscd --disable-polkit
+            else
+                echo "clevis-pkcs11: starting pcscd ..."
+                pcscd
+            fi
+        fi
+    fi
+}
+
 clevis_parse_devices_array() {
     INPUT_ARRAY=$(pkcs11-tool -L | grep Slot)
     counter=0
@@ -64,12 +82,10 @@ clevis_get_module_path_from_pkcs11_config() {
     while read -r line; do
         uuid=$(echo "${line}" | awk '{print $2}')
         if ! mapped_device=$(clevis_map_device "${uuid}"); then
-            echo "Could not check mapped device for UID:${uuid}"
             continue
         fi
         # If no PKCS#11 configuration, advance to next device
         if ! clevis luks list -d "${mapped_device}" | grep pkcs11 >/dev/null 2>&1; then
-            echo "Device:${mapped_device} does not contain PKCS#11 configuration"
             continue
         fi
         # Get configuration PKCS#11 URI

src/pins/pkcs11/tests/pin-pkcs11

@@ -20,6 +20,7 @@
 . pkcs11-common-tests
 . tests-common-functions
 . clevis-luks-common-functions
+. clevis-pkcs11-common
 
 on_exit() {
     exit_status=$?
@@ -150,5 +151,16 @@ then
 (${WRONGCFG})"
 fi
 
+if command -v ps && command -v killall; then
+    if ! clevis_start_pcscd_server;
+    then
+        error "${TEST}: Could not start pcscd server"
+    fi
+    if ! killall -9 pcscd;
+    then
+        error "${TEST}: Could not kill pcscd server"
+    fi
+fi
+
 softhsm_lib_cleanup
 test "$?" == 0