2010/8/30 Ludovic Rousseau <[email protected]>: > Hello, > > As listed on the pcsc-lite TODO file [1] I would like to run pcscd as > a normal user instead of root. To do this I need to: > 1. select a normal user id or group id to use > 2. write a udev (or whatever hotplug mechanism is used) file to set > the access rights of the USB reader device when connected > > Point 2 should not be too hard. But after reading "OpenCT, Operating > Systems: General Notes" [2] I am not too sure :-) > > For point 1 I would like to reuse the "scard" group already used by OpenCT. > The idea is to: > a. set the smart card reader devices in the group "scard" and give > group read/write access. So a process in the group "scard" can use the > device. > b. run pcscd as a normal user in the group "scard". So pcscd can > access the devices configured in point a. > > My problem is that in OpenCT the "scard" group is used to give access > to _users_, not to a system daemon. So a user in group "scard" could > access the reader directly and bypass pcscd. > But since both OpenCT and pcsc-lite should not be installed at the > same time the problem is very limited. > > I would like to have comments from users of OpenCT and users of > pcsc-lite about my plans. Maybe I missed something and a better > solution is available. > > Thanks, > > [1] http://svn.debian.org/wsvn/pcsclite/trunk/PCSC/TODO > [2] http://www.opensc-project.org/openct/wiki/OperatingSystems
I decided to use a new group called "pcscd". I wrote an blog article [3] about this feature. pcsc-lite 1.6.5 is not yet released to allow anybody to comment on the idea and provide feedback before the release. You can get a snapshot of pcsc-lite and libccid from [4]. You have to install the udev rule file by hand for now. Bye [3] http://ludovicrousseau.blogspot.com/2010/09/pcscd-auto-start.html [4] http://ludovic.rousseau.free.fr/softwares/pcsc-lite/ -- Dr. Ludovic Rousseau _______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
