On 08/28/2011 07:08 PM, Ludovic Rousseau wrote: > Hello Kalev, > > I am revewing your systemd patches.
Hello Ludovic, > Is this patch functionally needed or is it just to remove dead code > (when systemd is used)? I wanted to make sure that when using Fedora packages, the code for autostarting pcscd by forking from user space library was completely disabled. It just doesn't work properly with SELinux. See e.g. https://bugzilla.redhat.com/show_bug.cgi?id=639373 - "SELinux is preventing /usr/lib/nspluginwrapper/npviewer.bin "execute" access on /usr/sbin/pcscd." Even though the Fedora package enables systemd socket activation by default, a system administrator could possibly disable the pcscd service / socket. When the service is disabled, I would expect it to stay disabled. However, without this patch, libpcsclite would fall back to executing pcscd, filling the system system logs with SELinux denials. > If I am correct systemd will create the socket itself (before pcscd > is started). So the function SCardCheckDaemonAvailability() will > return SCARD_S_SUCCESS and the client library should not fork and > exec the daemon. Am I right? Yes, the patch shouldn't have any effect when systemd has created the socket and passed it to pcscd. The patch makes sure that when systemd socket activation is _disabled_, pcscd wouldn't fall back to the old startup code. I can imagine some other distributions, e.g. Debian that don't use SELinux by default and don't use systemd by default either, would probably want to keep the old autostart code enabled, but also compile in (optional) systemd autostart support. The compile time option makes it possible to support both use cases. Thanks, Kalev _______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
