2010/8/31 Peter Stuge <pe...@stuge.se>: > Johannes Findeisen wrote: >> > I think it is important to pay attention to the original goal: to >> > run pcscd as a normal user instead of root. >> >> Yep, that's what I want too. But, when running pcscd as normal >> user, this normal user need access to the device. Ok, you could >> make it usable for all users. Then you are right. No need for an >> extra group. > > I sense a miscommunication. > > Is the desire to: > > 1. run pcscd as the particular logged-in user > or > 2. always run pcscd as one *particular* user, which can not log in > > > I believe 2 is what was proposed.
More precisely pcscd would be run as the user staring it but in the group "pcscd" using the sgid-bit mechanism. So the smart card reader devices need to be accessible to the group "pcscd". I think that using a special group is more flexible than using a special user. I am not sure it is possible to drop the user privileges and become nobody or something similar (without being root). Bye -- Dr. Ludovic Rousseau _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
