opensc/README@b696a44762ea
opensc/README
Thu, 15 Mar 2012 21:52:52 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 15 Mar 2012 21:52:52 +0100
- changeset 4
- b696a44762ea
- permissions
- -rw-r--r--
Import custom package specs to build for undistributed platforms.
1 NOTE
3 It seems there are problems with opensc(5) and pcscd(8) coexistence.
5 It has been observed that pcscd(8) performs correctly in the absence
6 of /usr/lib/opensc-pkcs11.so. Namely, pcscd(8) does not run until a
7 end user accesses the smart card harware using a client application.
8 Once this happens, pcscd(8) starts with user and group permissions
9 of the end user and the client application procedes normally.
11 Should /usr/lib/opensc-pkcs11.so be present, pcscd(8) starts at
12 system boot with root privileges. Once a end user accesses the smart
13 card hardware, a second instance of pcscd(8) is launched, the script
14 /etc/init.d/pcscd is executed with the end user's user and group
15 permissions. The script causes deletion of /var/run/pcscd where
16 important connection information is stored by the first pcscd(8)
17 instance running with root privileges. It may be this deletion
18 which causes all client applications to fail to access the smart
19 card hardware.
21 The workaround is to manually edit the script /etc/init.d/pcscd
22 so that /var/run/pcscd is not removed, but this appears to be
23 a short lived hack. Adequate testing has not proven this approach
24 to be correct.
26 # FIXME: Fat bug, don't overwrite important
27 # FIXME: preexisting pcscd(8) connection data!
28 [ -e $IPCDIR/$NAME.comm ] && exit 0
30 SCDAEMON BLOCKED
32 Problems exist when using applications calling scdaemon(8) which
33 locks access to the card reader. No solution exists, rather a
34 workaround is to forcefully kill the scdaemon(8) server. This
35 is a problem for those users of gpg(1) because of its indirect
36 usage of scdaemon(8) and inability to call opensc(5) for any
37 PKCS functions.
