On 17/10/06, Shawn Willden <[EMAIL PROTECTED]> wrote:
On Tuesday 17 October 2006 01:13, Ludovic Rousseau wrote:
> How can you differentiate, at the system level, a local user from a remote
> user?
I don't think you need to distinguish a user at the console from the same user
account coming in over a remote connection. What Mr Engert wants to achieve
is to ensure that when a user logs into the console, only that user account
has access to the smart card. Since the display manager obviously knows who
is logged in at the console, that should be achievable.
What you could do is add a PAM module that changes the permission of
the /var/run/pcscd.* file.
You should also manage the case when two users are logged using two
local X servers or from two local virtual text consoles: only the
first user (uid) will have access to the smart card.
At the logout the same PAM module would change the permissions back to
their original states.
Such a solution would work even without modifying pcsc-lite.
Bye,
--
Dr. Ludovic Rousseau
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
