[Pki-devel] [PATCH] add pkiuser to nfast group

Please review the attached patch that resolves the following issue: * PKI TRAC Ticket #1415 - nCipher HSM: Add 'pkiuser' to 'nfast' group <https://fedorahosted.org/pki/ticket/1415> The patch was applied and successfully tested on a VM containing an nCipher nethsm: # cat /etc/group | grep nfast nfast:x:995: # pkispawn -s CA -f /root/mlh/pki-master-mlh.inf -vvv # cat /etc/group | grep nfast nfast:x:995:pkiuser # cd /var/lib/pki/pki-master-mlh/alias # modutil -dbdir . -list Listing of PKCS #11 Modules ----------------------------------------------------------- 1. NSS Internal PKCS #11 Module slots: 2 slots attached status: loaded slot: NSS Internal Cryptographic Services token: NSS Generic Crypto Services slot: NSS User Private Key and Certificate Services token: NSS Certificate DB 2. nfast library name: /opt/nfast/toolkits/pkcs11/libcknfast.so slots: 2 slots attached status: loaded slot: 061C-37A2-3CB3 Rt1 token: accelerator slot: 061C-37A2-3CB3 Rt1 slot 0 token: NHSM6000 ----------------------------------------------------------- # certutil -d . -L Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI casigningcert-MLH CT,C,C caauditsigningcert-MLH ,,P # certutil -d . -h NHSM6000 -f /root/mlh/hsm_password -L Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI NHSM6000:casigningcert-MLH CTu,Cu,Cu NHSM6000:caocspsigningcert-MLH u,u,u NHSM6000:Server-Cert cert-pki-RootCA-MLH u,u,u NHSM6000:casubsystemcert-MLH u,u,u NHSM6000:caauditsigningcert-MLH u,u,Pu