[opensuse-security] pcsc-lite and polkit rules in openSUSE 13.2
HI! After upgrading to openSUSE 13.2 accessing my USB CCID card reader though pcscd does not work anymore. Seems that polkit rules are needed for this new pcscd version (access as root does work). After doing some reading I've tried to create file /usr/share/polkit-1/rules.d/org.debian.pcsc-lite.packagekit.rules (see below) but it does not work. Any clue? Ciao, Michael. ----------------- snip ----------------- polkit.addRule(function(action, subject) { if ( action.id == "org.debian.pcsc-lite.access_pcsc" && subject.active == true && subject.local == true && subject.isInGroup("scard") ) { return polkit.Result.YES; } }); polkit.addRule(function(action, subject) { if ( action.id == "org.debian.pcsc-lite.access_card" && subject.active == true && subject.local == true && subject.isInGroup("scard") ) { return polkit.Result.YES; } });
Hi, we have a request on relaxing the policykit rules already, so this is probably not nceessary. Ciao, Marcus On Wed, Nov 05, 2014 at 05:16:56PM +0100, Michael Ströder wrote:
HI!
After upgrading to openSUSE 13.2 accessing my USB CCID card reader though pcscd does not work anymore. Seems that polkit rules are needed for this new pcscd version (access as root does work).
After doing some reading I've tried to create file /usr/share/polkit-1/rules.d/org.debian.pcsc-lite.packagekit.rules (see below) but it does not work.
Any clue?
Ciao, Michael.
----------------- snip ----------------- polkit.addRule(function(action, subject) { if ( action.id == "org.debian.pcsc-lite.access_pcsc" && subject.active == true && subject.local == true && subject.isInGroup("scard") ) { return polkit.Result.YES; } });
polkit.addRule(function(action, subject) { if ( action.id == "org.debian.pcsc-lite.access_card" && subject.active == true && subject.local == true && subject.isInGroup("scard") ) { return polkit.Result.YES; } });
-- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
Marcus Meissner wrote:
we have a request on relaxing the policykit rules already, so this is probably not nceessary.
Are you talking about this issue? http://bugzilla.opensuse.org/show_bug.cgi?id=900115 Unfortunately I cannot read it. Could you please elaborate on how it is going to be relaxed? I need it now. Ciao, Michael.
On Wed, Nov 05, 2014 at 05:16:56PM +0100, Michael Ströder wrote:
HI!
After upgrading to openSUSE 13.2 accessing my USB CCID card reader though pcscd does not work anymore. Seems that polkit rules are needed for this new pcscd version (access as root does work).
After doing some reading I've tried to create file /usr/share/polkit-1/rules.d/org.debian.pcsc-lite.packagekit.rules (see below) but it does not work.
Any clue?
Ciao, Michael.
----------------- snip ----------------- polkit.addRule(function(action, subject) { if ( action.id == "org.debian.pcsc-lite.access_pcsc" && subject.active == true && subject.local == true && subject.isInGroup("scard") ) { return polkit.Result.YES; } });
polkit.addRule(function(action, subject) { if ( action.id == "org.debian.pcsc-lite.access_card" && subject.active == true && subject.local == true && subject.isInGroup("scard") ) { return polkit.Result.YES; } });
Hi, the polkit-default-privs update that relaxes the pcsc permissions was released yesterday. Ciao, Marcus On Wed, Nov 05, 2014 at 05:49:31PM +0100, Michael Ströder wrote:
Marcus Meissner wrote:
we have a request on relaxing the policykit rules already, so this is probably not nceessary.
Are you talking about this issue?
http://bugzilla.opensuse.org/show_bug.cgi?id=900115
Unfortunately I cannot read it. Could you please elaborate on how it is going to be relaxed? I need it now.
Ciao, Michael.
On Wed, Nov 05, 2014 at 05:16:56PM +0100, Michael Ströder wrote:
HI!
After upgrading to openSUSE 13.2 accessing my USB CCID card reader though pcscd does not work anymore. Seems that polkit rules are needed for this new pcscd version (access as root does work).
After doing some reading I've tried to create file /usr/share/polkit-1/rules.d/org.debian.pcsc-lite.packagekit.rules (see below) but it does not work.
Any clue?
Ciao, Michael.
----------------- snip ----------------- polkit.addRule(function(action, subject) { if ( action.id == "org.debian.pcsc-lite.access_pcsc" && subject.active == true && subject.local == true && subject.isInGroup("scard") ) { return polkit.Result.YES; } });
polkit.addRule(function(action, subject) { if ( action.id == "org.debian.pcsc-lite.access_card" && subject.active == true && subject.local == true && subject.isInGroup("scard") ) { return polkit.Result.YES; } });
-- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
participants (2)
-
Marcus Meissner -
Michael Ströder