Am 09.10.20 um 13:18 schrieb Nikos Mavrogiannopoulos: > LIBCCID_ifdLogLevel=0x000F pcscd --foreground --debug --apdu > --color | tee log.txt This the unchanged output:
[root@localhost-live liveuser]# LIBCCID_ifdLogLevel=0x000F pcscd --foreground --debug --apdu --color | tee log.txt 00000000 debuglog.c:299:DebugLogSetLevel() debug level=debug 00000040 debuglog.c:320:DebugLogSetCategory() Debug options: APDU 00000017 [140407890258048] pcscdaemon.c:353:main() Force colored logs 00000464 [140407890258048] utils.c:81:GetDaemonPid() Can't open /run/pcscd/pcscd.pid: No such file or directory 00000235 [140407890258048] configfile.l:293:DBGetReaderListDir() Parsing conf directory: /etc/reader.conf.d 00000043 [140407890258048] configfile.l:329:DBGetReaderListDir() Skipping non regular file: . 00000009 [140407890258048] configfile.l:369:DBGetReaderList() Parsing conf file: /etc/reader.conf.d/libccidtwin 00000271 [140407890258048] configfile.l:329:DBGetReaderListDir() Skipping non regular file: .. 00000035 [140407890258048] pcscdaemon.c:663:main() pcsc-lite 1.9.0 daemon ready. 00010542 [140407890258048] hotplug_libudev.c:299:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0002, path: /dev/bus/usb/001/001 00000277 [140407890258048] hotplug_libudev.c:299:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0002, path: /dev/bus/usb/001/001 00000282 [140407890258048] hotplug_libudev.c:299:get_driver() Looking for a driver for VID: 0x058F, PID: 0x6387, path: /dev/bus/usb/001/002 00000288 [140407890258048] hotplug_libudev.c:299:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0002, path: /dev/bus/usb/001/001 00000280 [140407890258048] hotplug_libudev.c:299:get_driver() Looking for a driver for VID: 0x1286, PID: 0x204C, path: /dev/bus/usb/001/004 00000267 [140407890258048] hotplug_libudev.c:299:get_driver() Looking for a driver for VID: 0x1286, PID: 0x204C, path: /dev/bus/usb/001/004 00000250 [140407890258048] hotplug_libudev.c:299:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0002, path: /dev/bus/usb/001/001 00000360 [140407890258048] hotplug_libudev.c:299:get_driver() Looking for a driver for VID: 0x045E, PID: 0x09C0, path: /dev/bus/usb/001/003 00000412 [140407890258048] hotplug_libudev.c:299:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0003, path: /dev/bus/usb/002/001 00000243 [140407890258048] hotplug_libudev.c:299:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0003, path: /dev/bus/usb/002/001 00000288 [140407890258048] hotplug_libudev.c:299:get_driver() Looking for a driver for VID: 0x045E, PID: 0x090C, path: /dev/bus/usb/002/002 95411976 [140407890258048] winscard_msg_srv.c:256:ProcessEventsServer() Common channel packet arrival 00000024 [140407890258048] winscard_msg_srv.c:267:ProcessEventsServer() ProcessCommonChannelRequest detects: 7 00000003 [140407890258048] pcscdaemon.c:133:SVCServiceRunLoop() A new context thread creation is requested: 7 00595098 [140407890258048] winscard_msg_srv.c:256:ProcessEventsServer() Common channel packet arrival 00000019 [140407890258048] winscard_msg_srv.c:267:ProcessEventsServer() ProcessCommonChannelRequest detects: 13 00000003 [140407890258048] pcscdaemon.c:133:SVCServiceRunLoop() A new context thread creation is requested: 13 00222759 [140407873467968] auth.c:137:IsClientAuthorized() Process 33327 (user: 1001) is NOT authorized for action: access_pcsc 00000125 [140407873467968] winscard_svc.c:335:ContextThread() Rejected unauthorized PC/SC client 00000065 [140407873467968] winscard_svc.c:1055:MSGCleanupClient() Thread is stopping: dwClientID=7, threadContext @0x555c31f5c610 00000027 [140407873467968] winscard_svc.c:1063:MSGCleanupClient() Freeing SCONTEXT @0x555c31f5c610 00000101 [140407890258048] winscard_msg_srv.c:256:ProcessEventsServer() Common channel packet arrival 00000014 [140407890258048] winscard_msg_srv.c:267:ProcessEventsServer() ProcessCommonChannelRequest detects: 7 00000011 [140407890258048] pcscdaemon.c:133:SVCServiceRunLoop() A new context thread creation is requested: 7 40774480 [140407774111296] winscard_svc.c:340:ContextThread() Authorized PC/SC client 00000013 [140407774111296] winscard_svc.c:343:ContextThread() Thread is started: dwClientID=13, threadContext @0x555c31f6fe40 00000009 [140407774111296] winscard_svc.c:361:ContextThread() Received command: CMD_VERSION from client 13 00000004 [140407774111296] winscard_svc.c:373:ContextThread() Client is protocol version 4:4 00000002 [140407774111296] winscard_svc.c:396:ContextThread() CMD_VERSION rv=0x0 for client 13 00000045 [140407774111296] winscard_svc.c:361:ContextThread() Received command: ESTABLISH_CONTEXT from client 13 00000007 [140407774111296] winscard.c:215:SCardEstablishContext() Establishing Context: 0x1A91F22B 00000003 [140407774111296] winscard_svc.c:461:ContextThread() ESTABLISH_CONTEXT rv=0x0 for client 13 00000045 [140407774111296] winscard_svc.c:361:ContextThread() Received command: CMD_GET_READERS_STATE from client 13 00000093 [140407774111296] winscard_svc.c:361:ContextThread() Received command: CMD_GET_READERS_STATE from client 13 00000079 [140407774111296] winscard_svc.c:361:ContextThread() Received command: CMD_GET_READERS_STATE from client 13 00000034 [140407774111296] winscard_svc.c:361:ContextThread() Received command: CMD_GET_READERS_STATE from client 13 00000305 [140407774111296] winscard_svc.c:361:ContextThread() Received command: RELEASE_CONTEXT from client 13 00000008 [140407774111296] winscard.c:229:SCardReleaseContext() Releasing Context: 0x1A91F22B 00000003 [140407774111296] winscard_svc.c:476:ContextThread() RELEASE_CONTEXT rv=0x0 for client 13 00000028 [140407774111296] winscard_svc.c:354:ContextThread() Client die: 13 00000012 [140407774111296] winscard_svc.c:1055:MSGCleanupClient() Thread is stopping: dwClientID=13, threadContext @0x555c31f6fe40 00000002 [140407774111296] winscard_svc.c:1063:MSGCleanupClient() Freeing SCONTEXT @0x555c31f6fe40 00032436 [140407890258048] winscard_msg_srv.c:256:ProcessEventsServer() Common channel packet arrival 00000024 [140407890258048] winscard_msg_srv.c:267:ProcessEventsServer() ProcessCommonChannelRequest detects: 13 00000002 [140407890258048] pcscdaemon.c:133:SVCServiceRunLoop() A new context thread creation is requested: 13 02193775 [140407765718592] auth.c:137:IsClientAuthorized() Process 33327 (user: 1001) is NOT authorized for action: access_pcsc 00000894 [140407765718592] winscard_svc.c:335:ContextThread() Rejected unauthorized PC/SC client 00000053 [140407765718592] winscard_svc.c:1055:MSGCleanupClient() Thread is stopping: dwClientID=7, threadContext @0x555c31f5bf50 00000010 [140407765718592] winscard_svc.c:1063:MSGCleanupClient() Freeing SCONTEXT @0x555c31f5bf50 00000520 [140407890258048] winscard_msg_srv.c:256:ProcessEventsServer() Common channel packet arrival 00000049 [140407890258048] winscard_msg_srv.c:267:ProcessEventsServer() ProcessCommonChannelRequest detects: 7 00000009 [140407890258048] pcscdaemon.c:133:SVCServiceRunLoop() A new context thread creation is requested: 7 01026171 [140407774111296] auth.c:137:IsClientAuthorized() Process 33529 (user: 1001) is NOT authorized for action: access_pcsc 00000046 [140407774111296] winscard_svc.c:335:ContextThread() Rejected unauthorized PC/SC client 00000053 [140407774111296] winscard_svc.c:1055:MSGCleanupClient() Thread is stopping: dwClientID=13, threadContext @0x555c31f6fe40 00000010 [140407774111296] winscard_svc.c:1063:MSGCleanupClient() Freeing SCONTEXT @0x555c31f6fe40 00000381 [140407890258048] winscard_msg_srv.c:256:ProcessEventsServer() Common channel packet arrival 00000043 [140407890258048] winscard_msg_srv.c:267:ProcessEventsServer() ProcessCommonChannelRequest detects: 13 00000009 [140407890258048] pcscdaemon.c:133:SVCServiceRunLoop() A new context thread creation is requested: 13 00527231 [140407765718592] auth.c:137:IsClientAuthorized() Process 33327 (user: 1001) is NOT authorized for action: access_pcsc 00000037 [140407765718592] winscard_svc.c:335:ContextThread() Rejected unauthorized PC/SC client 00000042 [140407765718592] winscard_svc.c:1055:MSGCleanupClient() Thread is stopping: dwClientID=7, threadContext @0x555c31f5bf50 00000009 [140407765718592] winscard_svc.c:1063:MSGCleanupClient() Freeing SCONTEXT @0x555c31f5bf50 00000495 [140407890258048] winscard_msg_srv.c:256:ProcessEventsServer() Common channel packet arrival 00000053 [140407890258048] winscard_msg_srv.c:267:ProcessEventsServer() ProcessCommonChannelRequest detects: 7 00000010 [140407890258048] pcscdaemon.c:133:SVCServiceRunLoop() A new context thread creation is requested: 7 00492770 [140407774111296] auth.c:137:IsClientAuthorized() Process 33529 (user: 1001) is NOT authorized for action: access_pcsc 00000011 [140407774111296] winscard_svc.c:335:ContextThread() Rejected unauthorized PC/SC client 00000018 [140407774111296] winscard_svc.c:1055:MSGCleanupClient() Thread is stopping: dwClientID=13, threadContext @0x555c31f6fe40 00000003 [140407774111296] winscard_svc.c:1063:MSGCleanupClient() Freeing SCONTEXT @0x555c31f6fe40 00000127 [140407890258048] winscard_msg_srv.c:256:ProcessEventsServer() Common channel packet arrival 00000012 [140407890258048] winscard_msg_srv.c:267:ProcessEventsServer() ProcessCommonChannelRequest detects: 13 00000002 [140407890258048] pcscdaemon.c:133:SVCServiceRunLoop() A new context thread creation is requested: 13 00615458 [140407765718592] auth.c:137:IsClientAuthorized() Process 33327 (user: 1001) is NOT authorized for action: access_pcsc 00000033 [140407765718592] winscard_svc.c:335:ContextThread() Rejected unauthorized PC/SC client 00000037 [140407765718592] winscard_svc.c:1055:MSGCleanupClient() Thread is stopping: dwClientID=7, threadContext @0x555c31f5bf50 00000008 [140407765718592] winscard_svc.c:1063:MSGCleanupClient() Freeing SCONTEXT @0x555c31f5bf50 00409330 [140407890258048] winscard_msg_srv.c:256:ProcessEventsServer() Common channel packet arrival 00000019 [140407890258048] winscard_msg_srv.c:267:ProcessEventsServer() ProcessCommonChannelRequest detects: 7 00000002 [140407890258048] pcscdaemon.c:133:SVCServiceRunLoop() A new context thread creation is requested: 7 02333423 [140407774111296] auth.c:137:IsClientAuthorized() Process 33529 (user: 1001) is NOT authorized for action: access_pcsc 00000016 [140407774111296] winscard_svc.c:335:ContextThread() Rejected unauthorized PC/SC client 00000031 [140407774111296] winscard_svc.c:1055:MSGCleanupClient() Thread is stopping: dwClientID=13, threadContext @0x555c31f6fe40 00000003 [140407774111296] winscard_svc.c:1063:MSGCleanupClient() Freeing SCONTEXT @0x555c31f6fe40 00000083 [140407890258048] winscard_msg_srv.c:256:ProcessEventsServer() Common channel packet arrival 00000013 [140407890258048] winscard_msg_srv.c:267:ProcessEventsServer() ProcessCommonChannelRequest detects: 13 00000002 [140407890258048] pcscdaemon.c:133:SVCServiceRunLoop() A new context thread creation is requested: 13 Main-problem with it: ABORT just loops to the same requester again and again, resulting in an endless loop. First thing to change to pcscd, accept an abort for what it is and don't ask again. That would solve the major problem, still anoying, but at least it doesn't stop the session login. Second thing to chance: just ask, if a usable hw is found. Asking permission for an impossible task is the definition of madness. Back to your request to change the policy: I don't see any restrictions for remote access. ( F33 has same as https://pastebin.com/Mn8mzjVp ) <allow any>auth_admin <allow_inactive>auth_admin <allow_active>yes and I have no clue, *besides setting those above to "no", which had the hoped result(tested)*, how to change the file to ignore or skip the request it generates via polkit when gnome starts.But I'm pretty sure, changing the policy file, just makes thing unusable in case a smartcardread is really available in the system. As all the opensc tools supplied just return "No smart card readers found.", an invoke of the accessrequest should only be made, if a smartcard is really accessed and not everytime someone logs in. And from what i can see on the net, you're the man who knows the answeres ;) To test it, just start the xrdp on your local machine and rdp to 127.0.0.1 OR run it in boxen and connect to the virtual ip of the started vm. It doesn't matter if it's a real hw or not. You will instantly see the problem yourself. Here is a screenshot : https://marius.bloggt-in-braunschweig.de/files/2020/10/remmina_Fedora-33_192.168.122.19_2020108-9353733515-1536x864.png best regards, Marius
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
