Comment 1 for bug 290874

Here is a debdiff which fixes this: http://launchpadlibrarian.net/19057074/opencryptoki_2.2.6%2Bdfsg-1ubuntu1.debdiff . The debdiff is attached to bug 262708, as it fixes that bug too.

The current init script fails to shut down the pkcsslotd daemon, because start-stop-daemon is passed the --make-pid and --pidfile options, and pkcsslotd fork()'s very early on meaning that the PID of the new process is different to the PID stored in the PID file. Although this doesn't have an immediate impact on users (other than being unable to shut down pkcsslotd), it causes the packages prerm script to fail when removing or upgrading the package. This may cause future Intrepid to Jaunty upgrades to fail.

This has been fixed in Debian, and so I have backported the patch for Ubuntu. The patch makes use of the fact that pkcsslotd creates it's own PID file in /var/lib/opencryptoki/.slotpid. To make this work, I specify this location as the PID file and remove the --make-pid option from start-stop-daemon. As the PID file created by pkcsslotd contains the correct PID, the init script now successfully shuts down pkcsslotd.

***TEST CASE***
Testing the old implementation is difficult, as the 2.2.6+dfsg-1 version of opencryptoki is uninstallable (bug 262708). However, to test version 2.2.6+dfsg-1ubuntu1:
1) Run "sudo /etc/init.d/opencryptoki start" and verify pkcsslotd process exists.
2) Run "sudo /etc/init.d/opencryptoki status" and make sure that it indicates the correct status (running).
3) Run "sudo /etc/init.d/opencryptoki stop" and verify that the pkcsslotd process has gone.
4) Run "sudo /etc/init.d/opencryptoki status" and make sure that it indicates the correct status (not running).