Bug#978011: udev: uaccess is set before ID_SMARTCARD_READER
Michael Biebl
biebl at debian.org
Thu Dec 24 21:32:55 GMT 2020
Hello Vincent
Am 24.12.20 um 12:04 schrieb Vincent Pelletier:
> I have a smartcard reader which exposes the CCID class (0x0b) on its function.
> I see there are udev rules to grant uaccess based on this:
>
> $ rgrep SMARTCARD /lib/udev/rules.d
> 70-uaccess.rules:ENV{ID_SMARTCARD_READER}=="?*", TAG+="uaccess"
> 99-systemd.rules:SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ENV{ID_USB_INTERFACES}=="*:0b????:*", ENV{ID_SMARTCARD_READER}="1"
> 99-systemd.rules:ENV{ID_SMARTCARD_READER}=="?*", TAG+="systemd", ENV{SYSTEMD_WANTS}+="smartcard.target", ENV{SYSTEMD_USER_WANTS}+="smartcard.target"
>
> Which make me think that there is an intent to grant uaccess to these devices.
>
> but while the ones in 99-systemd.rules have an effect (see below for
> "udevadm info", note ID_SMARTCARD_READER=1 and
> SYSTEMD_*WANTS=smartcard.target being present), the TAG+="uaccess" does not.
>
> I suspect this is because of the file ordering: 70-uaccess vs. 99-systemd .
>
> Wouldn't it make more sense to apply the uaccess rules after setting the
> ID_SMARTCARD_READER flag ?
>
> I have no special knowledge of these files, and I suspect it is not as easy as
> reordering them. I guess a fix would rather be to set these flags much earlier,
> then setting the uaccess rules in 60-uaccess.rules, and finally setting the
> SYSTEMD_*WANTS in 99-sustemd.rules.
TBH, I can't answer that downstream, as I have no knowledge in that
specific area. What I did find is, that some packages, like gpg, do set
this variable prior to 70-uaccess.
I'm not sure if this specific rule you posted above is supposed to get
the uaccess tag or not.
At a cursory glance, this might indeed be an oversight, but I'm not
sure. Could you raise this upstream please at
https://github.com/systemd/systemd/issues
Regards,
Michael
[1] https://codesearch.debian.net/search?q=ID_SMARTCARD_READER&literal=1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20201224/8a61337d/attachment.sig>
More information about the Pkg-systemd-maintainers
mailing list