pkcsslotd - shared memory manager for opencryptoki
daemon manages PKCS#11 objects between PKCS#11-enabled
applications. When 2 or more processes are accessing the same cryptographic
token, the daemon is notified and updates each application when the token's
Only one instance of the pkcsslotd daemon should be running on any given host.
If a prior instance of pkcsslotd did not shut down cleanly, then it may leave
an allocated shared memory segment on the system. The allocated memory segment
can be identified by its key and can be safely removed once the daemon is
stopped with the ipcrm command, such as:
ipcrm -M 0x6202AB38
The daemon creates the shared memory segment with group ownership by the
group. All non-root users that should be able to use
openCryptoki need to be members of the group. Only trusted users should be
assigned to the group, see the "SECURITY NOTE" in the
(7) manual page for details.