[Pkg-auth-maintainers] Bug#888892: No permission on U2F security key

Kurt Roeckx kurt at roeckx.be
Wed Jan 31 17:20:34 UTC 2018


On Wed, Jan 31, 2018 at 11:35:18AM +0100, Michael Biebl wrote:
> Am 31.01.2018 um 02:08 schrieb Michael Biebl:
> > Control: reassign -1 libu2f-udev
> > 
> > Am 31.01.2018 um 00:38 schrieb Kurt Roeckx:
> 
> >> That seems as good as the same as
> >> /lib/udev/rules.d/70-debian-uaccess.rules, which actually seems to
> >> cover more devices. So it was not installed, installing it didn't
> >> have any effect.
> > 
> > You should report your device to libu2f-udev then. Reassigning accordingly.
> > 
> > As announced, /lib/udev/rules.d/70-debian-uaccess.rules will go away.
> 
> Let me add, what my reasons for dropping
> /lib/udev/rules.d/70-debian-uaccess.rules are
> a/ I don't think it makes sense to maintain this whitelist twice (in
> libu2f and in udev as a downstream specific patch)
> 
> b/ If such a list has to maintained, it should preferably be done by
> maintainers who own such hardware and are knowledgeable in that area.
> 
> c/ I don't want to maintain this list as a downstream patch to udev.
> Adding this to udev upstream was rejected:
> https://github.com/systemd/systemd/issues/102
> 
> d/ The reasons why 70-debian-uaccess.rules was added in the first place,
> was a quick-fix to unbreak stretch, I don't plan to maintain that file
> in the future.
> 
> e/ I'm not aware about the state of the proper U2F driver that is
> mentioned in
> https://github.com/systemd/systemd/issues/102#issuecomment-110105805 but
> maybe a udev helper like fedora ships it
> https://admin.fedoraproject.org/pkgdb/package/rpms/u2f-hidraw-policy/
> which detects u2f devices automatically and so doesn't require a
> hardware list to be continuously updated is a better approach. I'll
> leave that up to the maintainer of libu2f to evaluate.

This is all not related to my issue, that while having udev rules
to set permissions I do not get them.


kurt



More information about the Pkg-auth-maintainers mailing list