From: lemmi <lemmi@users.noreply.github.com>
To: ml@inbox.vuxu.org
Subject: [ISSUE] gnupg-2.3: scdaemon disables PC/SC fallback if CCID is enabled, breaks smartcards
Date: Wed, 13 Jul 2022 01:53:31 +0200 [thread overview]
Message-ID: <gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-38034@inbox.vuxu.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 1670 bytes --]
New issue by lemmi on void-packages repository
https://github.com/void-linux/void-packages/issues/38034
Description:
### Is this a new report?
Yes
### System Info
Void 5.15.52_1 x86_64 AuthenticAMD uptodate hold rrrmFFFFFFFFFFFFFFF
### Package(s) Affected
gnupg-2.3.7_1
### Does a report exist for this bug with the project's home (upstream) and/or another distro?
https://dev.gnupg.org/T5409#145581
### Expected behaviour
Current setups that (need) to use `pcscd` for smartcard access (like yubikeys) should work.
### Actual behaviour
`scdaemon` [disabled the fallback](https://dev.gnupg.org/T4673) to the `PC/SC` driver when the internal `CCID` driver is used.
Solutions I can see so far:
1. Users need to `echo disable-ccid >> ~/.gnupg/scdaemon.conf`
2. Build `gnupg` with `--disable-ccid-driver`
3. `gnupg` package ships `udev` rules that allow users to access the smartcard with the internal `CCID` and users disable `pcscd`
Apparently [debian ships udev rules](https://salsa.debian.org/debian/gnupg2/-/blob/debian/unstable/debian/scdaemon.udev), though I have not tested them.
> `\\` noted:
> just as a note those udev rules should probably target both the plugdev group and the uaccess tag (for elogind)
Tough I can confirm that manually changing the permissions on the usb device and disabling `pcscd` works.
I think we should prefer 3 over 2 over 1.
### Steps to reproduce
1. have `pcscd` running to access smartcards
2. updage gnupg
3. `gpgconf --kill all`
4. `gpg --card-status`
```
gpg: selecting card failed: No such device
gpg: OpenPGP card not available: No such device
```
@jcgruenhage
next reply other threads:[~2022-07-12 23:53 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-12 23:53 lemmi [this message]
2022-07-13 4:53 ` jcgruenhage
2022-07-13 5:04 ` 0x5c
2022-07-13 5:45 ` jcgruenhage
2022-07-13 5:59 ` lemmi
2022-07-13 6:10 ` 0x5c
2022-07-13 6:29 ` 0x5c
2022-07-13 6:54 ` 0x5c
2022-07-13 6:59 ` lemmi
2022-07-13 6:59 ` jcgruenhage
2022-07-13 17:15 ` [ISSUE] [CLOSED] " classabbyamp
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-38034@inbox.vuxu.org \
--to=lemmi@users.noreply.github.com \
--cc=ml@inbox.vuxu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).