2011/8/28 Kalev Lember <[email protected]>: > On 08/28/2011 07:08 PM, Ludovic Rousseau wrote: >> Hello Kalev, >> >> I am revewing your systemd patches. > > Hello Ludovic, > > >> Is this patch functionally needed or is it just to remove dead code >> (when systemd is used)? > > I wanted to make sure that when using Fedora packages, the code for > autostarting pcscd by forking from user space library was completely > disabled. It just doesn't work properly with SELinux. > > See e.g. https://bugzilla.redhat.com/show_bug.cgi?id=639373 - "SELinux > is preventing /usr/lib/nspluginwrapper/npviewer.bin "execute" access on > /usr/sbin/pcscd." > > Even though the Fedora package enables systemd socket activation by > default, a system administrator could possibly disable the pcscd service > / socket. When the service is disabled, I would expect it to stay > disabled. However, without this patch, libpcsclite would fall back to > executing pcscd, filling the system system logs with SELinux denials.
I do not like to have to make the choice (with or without autostart) at compilation time using --disable-autostart. For Debian I would like to provide the same binary package for systems with or without systemd. Debian has many different init-like systems. sd-daemon.c provides the helper function sd_booted(): /* Returns > 0 if the system was booted with systemd. Returns < 0 on error. Returns 0 if the system was not booted with systemd. Note that all of the functions above handle non-systemd boots just fine. You should NOT protect them with a call to this function. Also note that this function checks whether the system, not the user session is controlled by systemd. However the functions above work for both user and system services. See sd_booted(3) for more information. */ int sd_booted(void); Do you think it would work if the libpcsclite client do call sd_booted() and try to fork/exec pcscd only if sd_booted() indicates the system is _not_ using systemd? The choice would then be made at runtime and no more at compilation time. I do not know yet if I will remove or not the --disable-autostart option. Maybe I will keep it. Comments? Bye -- Dr. Ludovic Rousseau _______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
