On Wed, Nov 14, 2007 at 02:55:48PM +0100, Micha Lenk wrote: > > The GNUmed package cannot delete KVK files from the KVKd spool directory > > after processing them. This is legally required if certification of the > > KVK reading system is sought after. > > Could you please document the process of what you did, what you expected > to happen, what really happened? This will help me to reproduce the > problem. At the moment I'm a little lost with understanding it.
apt-get install libchipcard3-tools mkdir /var/spool/kvkd/ chown chipcard.chipcard /var/spool/kvkd/ edit /etc/chipcard/server/chipcardd3.conf to point to /var/spool/kvkd/ in the kvkd section at the bottom /etc/init.d/libchipcard3-tools restart insert KVK in reader data is written to /var/spool/kvkd/KVK-*.dat file is "rw-r--r-- chipcard.chipcard KVK-*.dat" start GNUmed as any user press F2 to load patients from external sources (such as kvkd provided KVKs in /var/spool/kvkd/) select KVK patient is imported and activated *** at this point deletion of the KVK-*.dat from /var/spool/kvkd/ is required if the system is to be certified for use in German doctor's offices, since we don't have a way to signal kvkd that we don't need the file anymore we would like to delete it ourselves However, since the user doesn't have permissions to delete the file that isn't possible. *** If the file was created as "rw-rw-r--" we could set /var/spool/kvkd/ to SGID "chipcard.gnumed" such that newly created files are then writeable by group gnumed. Both the GNUmed users and chipcard would be added to group gnumed. Thus, any GNUmed user could delete the KVK files. > > Creating the KVK files with group write permissions on would allow to > > fix the problem. This should be a one-line change in kvkd. > Could you provide a patch? I'll have to look into that. It should, however, amount to changing the write mode of a file in one place in the code. Thanks, Karsten -- GPG key ID E4071346 @ wwwkeys.pgp.net E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]