Hello,
On Sep 5, 2010, at 9:20 PM, Peter Stuge wrote:
> Ludovic Rousseau wrote:
>>> maybe:
>>>
>>> chown pcscd:smartcard /usr/sbin/pcscd
>>> chmod 4750 /usr/sbin/pcscd # rwsr-x---
>>
>> You should argument/document the change.
>
> Really? Even in this forum?
>
>
>> With your change only use
Ludovic Rousseau wrote:
> > maybe:
> >
> > chown pcscd:smartcard /usr/sbin/pcscd
> > chmod 4750 /usr/sbin/pcscd # rwsr-x---
>
> You should argument/document the change.
Really? Even in this forum?
> With your change only users in group smartcard will be able to run
> pcscd. I guess that is the
2010/9/5 Martin Paljak :
> Hello,
>
> On Sat, Sep 4, 2010 at 22:36, Ludovic Rousseau
> wrote:
>> 2010/9/4 Martin Paljak :
>>> Why not make the udev rule start pcscd, running as a system user
>>> (nobody?), when a reader is connected?
>>
>> I could. But why do this?
>> That would start a process th
2010/9/5 Peter Stuge :
> Martin Paljak wrote:
>> addgroup --system pcscd
>> adduser --system --ingroup pcscd --home /var/run/pcscd
>> --no-create-home --disallowed-login --disallowed-password pcscd
>
> ..ok, but instead of:
>
>> chown pcscd /usr/sbin/pcscd
>> chmod +s /usr/sbin/pcscd
>
> maybe:
>
>
Martin Paljak wrote:
> addgroup --system pcscd
> adduser --system --ingroup pcscd --home /var/run/pcscd
> --no-create-home --disallowed-login --disallowed-password pcscd
..ok, but instead of:
> chown pcscd /usr/sbin/pcscd
> chmod +s /usr/sbin/pcscd
maybe:
chown pcscd:smartcard /usr/sbin/pcscd
c
Martin Paljak wrote:
> If pcscd has built-in restart and exit handling (and policy), the
> whole distro voodoo can be forgotten, no?
I think so, yep.
//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.
On Sat, Sep 4, 2010 at 22:43, Ludovic Rousseau
wrote:
> 2010/9/4 Peter Stuge :
>> Martin Paljak wrote:
>>> Nothing bad will happen if pcscd is not gracefully shut down when
>>> the computer is rebooting,
>>
>> Not the problem. But if pcscd crashes it should be restarted, as long
>> as the card is
Hello,
On Sat, Sep 4, 2010 at 22:36, Ludovic Rousseau
wrote:
> 2010/9/4 Martin Paljak :
>> Why not make the udev rule start pcscd, running as a system user
>> (nobody?), when a reader is connected?
>
> I could. But why do this?
> That would start a process that may not be used.
For me, this work
2010/9/4 Peter Stuge :
> Martin Paljak wrote:
>> Nothing bad will happen if pcscd is not gracefully shut down when
>> the computer is rebooting,
>
> Not the problem. But if pcscd crashes it should be restarted, as long
> as the card is still inserted. So pcscd needs to be supervised. Many
> distrib
2010/9/4 Martin Paljak :
> Hello,
>
>
>> I decided to use a new group called "pcscd".
>> I wrote an blog article [3] about this feature.
>>
>> pcsc-lite 1.6.5 is not yet released to allow anybody to comment on the
>> idea and provide feedback before the release.
>> You can get a snapshot of pcsc-li
Martin Paljak wrote:
> >> >> Why not make the udev rule start pcscd,
..
> The same way patching the udev file is done by the package
> (creator), as needed.
Mh, maybe. But I don't think this is something packagers are really
used to being a task for them.. Or maybe I'm wrong?
> > System pcscd wo
Hello,
On Sat, Sep 4, 2010 at 21:29, Peter Stuge wrote:
> Martin Paljak wrote:
>> >> Why not make the udev rule start pcscd,
>> >
>> > One reason is that it needs highly distribution dependent udev rules,
>>
>> Existence of pcscd group is also distribution dependent, to some
>> extent (meaning, i
Martin Paljak wrote:
> >> Why not make the udev rule start pcscd,
> >
> > One reason is that it needs highly distribution dependent udev rules,
>
> Existence of pcscd group is also distribution dependent, to some
> extent (meaning, it has to exist and maybe needs to be created)
True. This is typ
On Sep 4, 2010, at 8:33 PM, Peter Stuge wrote:
> Martin Paljak wrote:
>> Why not make the udev rule start pcscd, running as a system user
>> (nobody?), when a reader is connected?
>
> One reason is that it needs highly distribution dependent udev rules,
> while setting owner/permissions on a dev
Martin Paljak wrote:
> Why not make the udev rule start pcscd, running as a system user
> (nobody?), when a reader is connected?
One reason is that it needs highly distribution dependent udev rules,
while setting owner/permissions on a device is distribution agnostic.
//Peter
___
Hello,
> I decided to use a new group called "pcscd".
> I wrote an blog article [3] about this feature.
>
> pcsc-lite 1.6.5 is not yet released to allow anybody to comment on the
> idea and provide feedback before the release.
> You can get a snapshot of pcsc-lite and libccid from [4]. You have t
2010/8/30 Ludovic Rousseau :
> Hello,
>
> As listed on the pcsc-lite TODO file [1] I would like to run pcscd as
> a normal user instead of root. To do this I need to:
> 1. select a normal user id or group id to use
> 2. write a udev (or whatever hotplug mechanism is used) file to set
> the access r
On Aug 30, 2010, at 4:20 PM, Ludovic Rousseau wrote:
> 2010/8/30 Martin Paljak :
>> Hello,
>>
>> On Aug 30, 2010, at 12:19 PM, Ludovic Rousseau wrote:
>>> As listed on the pcsc-lite TODO file [1] I would like to run pcscd as
>>> a normal user instead of root. To do this I need to:
>> Good idea.
2010/8/30 Martin Paljak :
> Hello,
>
> On Aug 30, 2010, at 12:19 PM, Ludovic Rousseau wrote:
>> As listed on the pcsc-lite TODO file [1] I would like to run pcscd as
>> a normal user instead of root. To do this I need to:
> Good idea.
>
>> But since both OpenCT and pcsc-lite should not be installed
Hello,
On Aug 30, 2010, at 12:19 PM, Ludovic Rousseau wrote:
> As listed on the pcsc-lite TODO file [1] I would like to run pcscd as
> a normal user instead of root. To do this I need to:
Good idea.
> But since both OpenCT and pcsc-lite should not be installed at the
> same time the problem is ve
Hello,
As listed on the pcsc-lite TODO file [1] I would like to run pcscd as
a normal user instead of root. To do this I need to:
1. select a normal user id or group id to use
2. write a udev (or whatever hotplug mechanism is used) file to set
the access rights of the USB reader device when connec
21 matches
Mail list logo
