-
The smartcard plugin of g-c-c has been based on the usage of NSS API, unfortunately this means that, in order to be able to fetch the PKCS #11 devices, the system must provide a shared certificate NSS database that is not standard in most distributions outside the Fedora / RH world. Also, this database has to be pre-filled with PKCS #11 libraries to get the available one, not fully respecting the p11-kit modules standard (even though by default it now relies on a p11-kit-proxy library that de facto follows this). As per this, it's currently quite hard to get GDM to use smartcard authentication working both using pam-sss or pam-pkcs11 in most distros. This also was introducing another level of abstraction, while using the p11-kit libs is nowadays preferred. Said that, it made sense to finally use some standard libraries so that smartcard devices supported by p11-kit can be handled without any further action. While we could support multiple backend...
b7121e38