RHEL-09-611160 opensc-tool --set-conf-entry arg form bug #146
Description
Describe the Issue
In tasks/Cat2/RHEL-09-611xxx.yml (RHEL-09-611160) in 2.3.0 release, the role invokes:
opensc-tool --set-conf-entry app:default:card_driver cac
On current RHEL 9 OpenSC builds, --set-conf-entry expects a single argument in the form section:name:key:val (per opensc-tool usage). Passing the value as a second argument causes a non-zero return code and fatal failure:
opensc-tool --set-conf-entry app:default:card_driver:cac # works
opensc-tool --set-conf-entry app:default:card_driver cac # fails (rc=22)Expected Behavior
Task should successfully configure the CAC driver without failing
Actual Behavior
fatal: [default]: FAILED! => {"changed": true, "cmd": ["opensc-tool", "--set-conf-entry", "app:default:card_driver", "cac"], "delta": "0:00:00.008688", "end": "2025-12-30 15:30:18.632332", "msg": "non-zero return code", "rc": 22, "start": "2025-12-30 15:30:18.623644", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}
Control(s) Affected
RHEL-09-611160
Environment (please complete the following information):
- branch being used: 2.3.0
- Ansible Version: 2.17.5
- Host Python Version: 3.9.18
- Ansible Server Python Version: 3.12.7
- Additional Details:
Additional Notes
Anything additional goes here
Possible Solution
Update the task to pass the full section:name:key:val string as a single argument:
ansible.builtin.command: opensc-tool --set-conf-entry app:default:card_driver:cac